campaign.gratus.com.hk Open in urlscan Pro
152.101.179.151 Public Scan

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

06aff049744757f18c36d338dc2a0e724f23d4ffa84dde9173206c845b65af9a

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; preload"
X-Content-Type-Options	nosniff
X-Xss-Protection	"1; mode=block"

Request headers

Referer: https://t.rimanggis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 5421
Content-Type: text/html
Date: Tue, 27 Sep 2022 09:23:38 GMT
ETag: "aa89d9ca7fd1d81:0"
Last-Modified: Mon, 26 Sep 2022 08:13:00 GMT
Server: Microsoft-IIS/8.5
Strict-Transport-Security: "max-age=31536000; preload"
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK form_01.jpg
campaign.gratus.com.hk/edm/202209/GGST40922CA04B/images/ 380 KB
380 KB 103ms
102ms Image
image/jpeg 152.101.179.151
CITICTEL-CPC-AS40...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/images/form_01.jpg

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

152.101.179.151 , Hong Kong, ASN4058 (CITICTEL-CPC-AS4058 CITIC Telecom International CPC Limited, HK),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

214031de204e22ca627ad83f23ee2a03ba015719627d5e48239e4247fd5cc766

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; preload"
X-Content-Type-Options	nosniff
X-Xss-Protection	"1; mode=block"

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: "max-age=31536000; preload"
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Sep 2022 08:13:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Date: Tue, 27 Sep 2022 09:23:38 GMT
ETag: "c1dbd7ca7fd1d81:0"
Accept-Ranges: bytes
Content-Length: 388942
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK form_02.jpg
campaign.gratus.com.hk/edm/202209/GGST40922CA04B/images/ 279 KB
280 KB 113ms
112ms Image
image/jpeg 152.101.179.151
CITICTEL-CPC-AS40...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/images/form_02.jpg

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

152.101.179.151 , Hong Kong, ASN4058 (CITICTEL-CPC-AS4058 CITIC Telecom International CPC Limited, HK),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

cb7a1adc8de66d5f7b4c52dfb4fcd46fd426775d7b844d61d8f9418f4a1cc3dc

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; preload"
X-Content-Type-Options	nosniff
X-Xss-Protection	"1; mode=block"

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: "max-age=31536000; preload"
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Sep 2022 10:54:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Date: Tue, 27 Sep 2022 09:23:38 GMT
ETag: "dd92b15a96d1d81:0"
Accept-Ranges: bytes
Content-Length: 286036
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK form_03.jpg
campaign.gratus.com.hk/edm/202209/GGST40922CA04B/images/ 330 KB
330 KB 205ms
104ms Image
image/jpeg 152.101.179.151
CITICTEL-CPC-AS40...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/images/form_03.jpg

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

152.101.179.151 , Hong Kong, ASN4058 (CITICTEL-CPC-AS4058 CITIC Telecom International CPC Limited, HK),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

4f991f5565bd0034053f780c47964100e0b9c3b89c0f3f177e679f9cf9458f24

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; preload"
X-Content-Type-Options	nosniff
X-Xss-Protection	"1; mode=block"

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: "max-age=31536000; preload"
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Sep 2022 08:13:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Date: Tue, 27 Sep 2022 09:23:38 GMT
ETag: "9fc6d8ca7fd1d81:0"
Accept-Ranges: bytes
Content-Length: 337643
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK form_04.jpg
campaign.gratus.com.hk/edm/202209/GGST40922CA04B/images/ 355 KB
355 KB 236ms
115ms Image
image/jpeg 152.101.179.151
CITICTEL-CPC-AS40...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/images/form_04.jpg

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

152.101.179.151 , Hong Kong, ASN4058 (CITICTEL-CPC-AS4058 CITIC Telecom International CPC Limited, HK),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

1853afd8815992923247e480efc3fc51584841d80f5da49e0a272c833771c2b6

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; preload"
X-Content-Type-Options	nosniff
X-Xss-Protection	"1; mode=block"

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: "max-age=31536000; preload"
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Sep 2022 08:13:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Date: Tue, 27 Sep 2022 09:23:38 GMT
ETag: "6561d9ca7fd1d81:0"
Accept-Ranges: bytes
Content-Length: 363155
X-XSS-Protection: "1; mode=block"

GET
H2 200 EDMCounter.aspx
edm.neoderm.com.hk/ 0
0 183ms
57ms Image
text/html 202.88.99.201
CITICTEL-CPC-AS40...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edm.neoderm.com.hk/EDMCounter.aspx?key=QN%2fhAOWjHPHcGZ3NEZwH%2bgOiBHVj%2fuHYvfU1erpVFfo%3d&assigned_campaign_code=GGGT10821PA02B&key2=
Requested by: Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.88.99.201 , Hong Kong, ASN4058 (CITICTEL-CPC-AS4058 CITIC Telecom International CPC Limited, HK),
Reverse DNS: 202-88-99-201.static.hk.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 336ms
110ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:23:39 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
x-hw: 1664270619.dop206.la3.t,1664270619.cds267.la3.hn,1664270619.cds035.la3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 vue@2 Show response
cdn.jsdelivr.net/npm/ 104 KB
39 KB 26ms
15ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae3a6652227a83244f676ac9929deca065409d70b4c68b70eeceb59dfec1a8c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7462
x-jsd-version: 2.7.10
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19163-FRA, cache-iad-kiad7000176-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1a122-JpGjfc26sfHNt8HGLy/F6n5O+68"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ew95pK07ecX5M6DPU%2BnbwgvJfKRZMU3uAZaxl4YOCu%2FXgNLr7L7SiZj64TEiQ%2BADWteQCkePZOrUJ1I%2FFV6c6FA117c6NwWNIWaDn6kqEnj%2FrivXakEvjyG89tbuDyK%2F4%2B%2BB66Jb%2FvPR3CA%2Fp60%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 75132e88e948f8d7-NRT
access-control-expose-headers: *

GET
H/1.1 200
OK axios.min.js Show response
cdn.staticfile.org/axios/0.18.0/ 13 KB
6 KB 460ms
42ms Script
application/javascript 47.89.66.204
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/axios/0.18.0/axios.min.js
Requested by: Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.89.66.204 , Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 9a99eb2790e9119664c24135660904410256ff8e8248487f493ad928e07faa83

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Log: X-Log
Date: Tue, 27 Sep 2022 07:46:35 GMT
Via: cache20.l2hk3[0,0,304-0,H], cache24.l2hk3[1,0], cache8.jp2[0,0,200-0,H], cache7.jp2[28,0]
Vary: Accept-Encoding
X-Svr: IO
Content-Md5: /Fqwb+757rokxvGeVY559Q==
Age: 5823
X-Cache: HIT TCP_MEM_HIT dirn:11:25024261
Content-Transfer-Encoding: binary
X-Swift-CacheTime: 85804
Content-Disposition: inline; filename="axios.min.js"; filename*=utf-8''axios.min.js
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4688
X-Qiniu-Zone: 0
Last-Modified: Fri, 18 May 2018 13:50:29 GMT
Server: Tengine
Etag: "FizdJAEica0Ir03FqF1AWRQ8MkOR.gz"
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1664264796
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 2f59420716642706194478632e
X-Reqid: ddYAAADMbaUDqBgX
X-Swift-SaveTime: Tue, 27 Sep 2022 07:56:32 GMT

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1 KB 16ms
8ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 384880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 591
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiKvNwfdbzHAnTulLwavfaVmTvvkzDco39craPcaEVFJhS%2BYdDMTTz%2FCm%2FoRENPjF4kU0RtUcCIpKvfbnIJmfwaNImx5zxfsjCcfB%2FhKD5r0FC72k5BfzZzUNK0F9AkDfJcRdZxQhXJkXcEC%2Fpamcs6D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 75132e88edf9f6b5-NRT
expires: Sun, 17 Sep 2023 09:23:39 GMT

GET
H2

200

IntersectionObserver.min.js Show response
www.gratus.com.hk/edm/js/
Redirect Chain

https://gratus.com.hk/edm/js/IntersectionObserver.min.js
https://www.gratus.com.hk/edm/js/IntersectionObserver.min.js

7 KB
3 KB

240ms
91ms

Script
application/javascript

163.181.23.212
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gratus.com.hk/edm/js/IntersectionObserver.min.js

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Server

163.181.23.212 Tokyo, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

82bff1f1d3302c1a310650e421f38cee2c1dae3bcdb925ff1144d51ba56ee678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=utf-8
last-modified: Mon, 09 Sep 2019 10:23:23 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: W/"eecfe29bf866d51:0"
vary: Accept-Encoding
p3p: CP="NOI DEV PSAi COM NAV OUR STP IND DEM"
via: cache26.l2hk2[20,0], ens-cache11.jp7[78,0]
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
eagleid: a3b5179f16642706193952207e
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 27 Sep 2022 09:23:39 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://www.gratus.com.hk/edm/js/IntersectionObserver.min.js
strict-transport-security: max-age=31536000; preload
content-length: 162
x-xss-protection: 1; mode=block

GET
H2

200

na.min.js Show response
www.gratus.com.hk/edm/js/
Redirect Chain

https://gratus.com.hk/edm/js/na.min.js
https://www.gratus.com.hk/edm/js/na.min.js

12 KB
4 KB

258ms
110ms

Script
application/javascript

163.181.23.212
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gratus.com.hk/edm/js/na.min.js

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Server

163.181.23.212 Tokyo, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

d87ecb68e4c2e403f3de47824536fc8a76b5da48760c60ef63e8accc0d01b053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Oct 2019 08:33:07 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: W/"41e2ac2ec579d51:0"
vary: Accept-Encoding
p3p: CP="NOI DEV PSAi COM NAV OUR STP IND DEM"
via: cache11.l2hk2[18,0], ens-cache11.jp7[90,0]
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
eagleid: a3b5179f16642706194022231e
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 27 Sep 2022 09:23:39 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://www.gratus.com.hk/edm/js/na.min.js
strict-transport-security: max-age=31536000; preload
content-length: 162
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK footprint.js Show response
campaign.gratus.com.hk/edm/202209/GGST40922CA04B/js/ 6 KB
6 KB 144ms
48ms Script
application/javascript 152.101.179.151
CITICTEL-CPC-AS40...

General

Check archive.org

Show headers Download Go to

Full URL

https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/js/footprint.js

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

152.101.179.151 , Hong Kong, ASN4058 (CITICTEL-CPC-AS4058 CITIC Telecom International CPC Limited, HK),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e52465428d7cfeeb75f16dc58e814d384a0612b5717ca23e1f93fc9436739027

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; preload"
X-Content-Type-Options	nosniff
X-Xss-Protection	"1; mode=block"

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: "max-age=31536000; preload"
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Sep 2022 08:13:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: application/javascript
Date: Tue, 27 Sep 2022 09:23:38 GMT
ETag: "3dd6d9ca7fd1d81:0"
Accept-Ranges: bytes
Content-Length: 5770
X-XSS-Protection: "1; mode=block"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 487 KB
73 KB 138ms
78ms Script
application/javascript 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5WQBLF

Requested by

Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/track/click?msgid=89ee44a0-e2bd-4d94-8f36-4dcd3f60de46&linkid=633251aec16f4b77286e9eff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd7d0ba65bb083031383f0fb3d398207f2bc1b1ee6b3453ba08053b9b6345c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:23:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74822
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Sep 2022 09:23:39 GMT

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame A53B 795 B
765 B 99ms
42ms Document
text/html 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-N5WQBLF

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b566d09df5e27002c5f052167327a942a446b8658910a3c4ed16ba68b7ade895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://campaign.gratus.com.hk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 352
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 395 KB
75 KB 104ms
47ms Script
application/javascript 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TM33JK5

Requested by

Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/track/click?msgid=89ee44a0-e2bd-4d94-8f36-4dcd3f60de46&linkid=633251aec16f4b77286e9eff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

709b4c5f9de65cf4b12ae0282144422eaa1bf9180d7520d96aa1425a8de0c45b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:23:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76361
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Sep 2022 09:23:39 GMT

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 5C12 771 B
425 B 100ms
44ms Document
text/html 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-TM33JK5

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c91fb6967feea377e0bfbf453bfdcf60f4cc45b2d08edd5abc279da8155816a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://campaign.gratus.com.hk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
60 KB 112ms
56ms Script
application/javascript 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W3QGS84

Requested by

Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/track/click?msgid=89ee44a0-e2bd-4d94-8f36-4dcd3f60de46&linkid=633251aec16f4b77286e9eff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e131d2f86e77672aa7fe32087abe07ee99de1223b41f4da364a47ac7b3a8cf09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:23:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61154
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Sep 2022 09:23:39 GMT

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 1ADD 266 B
161 B 132ms
77ms Document
text/html 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-W3QGS84

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://campaign.gratus.com.hk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

OPTIONS
H2 200 SaveUtmTrackingForAccess
www.neoderm.asia/website_plugin/website_plugin.asmx/ Frame 0
0 486ms
65ms Preflight 152.101.179.159
CITICTEL-CPC-AS40...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neoderm.asia/website_plugin/website_plugin.asmx/SaveUtmTrackingForAccess
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 152.101.179.159 , Hong Kong, ASN4058 (CITICTEL-CPC-AS4058 CITIC Telecom International CPC Limited, HK),
Reverse DNS: 152-101-179-159.static.hk.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://campaign.gratus.com.hk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
allow: OPTIONS, TRACE, GET, HEAD, POST
content-length: 0
date: Tue, 27 Sep 2022 09:23:40 GMT
public: OPTIONS, TRACE, GET, HEAD, POST
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 EDMCounter.aspx
edm.neoderm.com.hk/ 0
0 58ms
57ms Image
text/html 202.88.99.201
CITICTEL-CPC-AS40...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edm.neoderm.com.hk/EDMCounter.aspx?key=QN%2fhAOWjHPHcGZ3NEZwH%2bgOiBHVj%2fuHYvfU1erpVFfo%3d&assigned_campaign_code=GGGT10821PA02B&key2=
Requested by: Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.88.99.201 , Hong Kong, ASN4058 (CITICTEL-CPC-AS4058 CITIC Telecom International CPC Limited, HK),
Reverse DNS: 202-88-99-201.static.hk.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

POST
H2 200 SaveUtmTrackingForAccess Show response
www.neoderm.asia/website_plugin/website_plugin.asmx/ 149 B
249 B 726ms
725ms XHR
application/json 152.101.179.159
CITICTEL-CPC-AS40...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neoderm.asia/website_plugin/website_plugin.asmx/SaveUtmTrackingForAccess
Requested by: Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/axios/0.18.0/axios.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 152.101.179.159 , Hong Kong, ASN4058 (CITICTEL-CPC-AS4058 CITIC Telecom International CPC Limited, HK),
Reverse DNS: 152-101-179-159.static.hk.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a110b4463c73a0a050e8bba4cfecf803bebf11b3aa5bae7739b2975dc6c742e

Request headers

Accept: application/json, text/plain, */*
Referer: https://campaign.gratus.com.hk/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 27 Sep 2022 09:23:40 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-headers: Content-Type
content-length: 149

POST
H2 200 SaveTrackingLogForUserAction Show response
www.gratus.com.hk/servicesv2/api/v2/Edm/ 50 B
204 B 90ms
89ms XHR
application/json 163.181.23.212
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gratus.com.hk/servicesv2/api/v2/Edm/SaveTrackingLogForUserAction

Requested by

Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/axios/0.18.0/axios.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.23.212 Tokyo, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

ec63ac5a1bd1bc100100b6b52a4161441e4b20283ba2144f28889c15db1ed30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://campaign.gratus.com.hk/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 27 Sep 2022 09:23:39 GMT
via: cache22.l2hk2[17,0], ens-cache15.jp7[77,0]
x-content-type-options: nosniff
server: Tengine
etag: W/"32-cFr9oOFESQvxL71ErE4cJRUAtaI"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 50
eagleid: a3b517a316642706196494908e

OPTIONS
H2 204 SaveTrackingLogForUserAction
www.gratus.com.hk/servicesv2/api/v2/Edm/ Frame 0
0 124ms
87ms Preflight 163.181.23.212
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gratus.com.hk/servicesv2/api/v2/Edm/SaveTrackingLogForUserAction

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.23.212 Tokyo, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://campaign.gratus.com.hk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 27 Sep 2022 09:23:39 GMT
eagleid: a3b517a316642706195594423e
server: Tengine
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
vary: Access-Control-Request-Headers
via: cache18.l2hk2[12,0], ens-cache15.jp7[73,0]
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3

200

/
www.google.co.jp/pagead/1p-conversion/793352288/ Frame A53B
Redirect Chain

https://www.googleadservices.com/pagead/conversion/793352288/?url=https%3A%2F%2Fcampaign.gratus.com.hk%2F&guid=ON&script=0&data=
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/793352288/?url=https%3A%2F%2Fcampaign.gratus.com.hk%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id...
https://www.google.com/pagead/1p-conversion/793352288/?url=https%3A%2F%2Fcampaign.gratus.com.hk%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=79751226&sscte=1&crd...
https://www.google.co.jp/pagead/1p-conversion/793352288/?url=https%3A%2F%2Fcampaign.gratus.com.hk%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=79751226&sscte=1&c...

42 B
64 B

53ms
51ms

Image
image/gif

2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-conversion/793352288/?url=https%3A%2F%2Fcampaign.gratus.com.hk%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=79751226&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=G8EyY62KLpXY9QWNt7jwCg&random=3161506022&ipr=y&prhg=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-N5WQBLF

Protocol

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.googletagmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.co.jp/pagead/1p-conversion/793352288/?url=https%3A%2F%2Fcampaign.gratus.com.hk%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=79751226&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=G8EyY62KLpXY9QWNt7jwCg&random=3161506022&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.co.jp/pagead/1p-conversion/756828600/ Frame 5C12
Redirect Chain

https://www.googleadservices.com/pagead/conversion/756828600/?url=https%3A%2F%2Fcampaign.gratus.com.hk%2F&guid=ON&script=0&data=itemtypeid%3Dundefined%3BPageURL%3Dhttps%3A%2F%2Fcampaign.gratus.com....
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/756828600/?url=https%3A%2F%2Fcampaign.gratus.com.hk%2F&guid=ON&script=0&data=itemtypeid%3Dundefined%3BPageURL%3Dhttps%3A%2F%2Fcampai...
https://www.google.com/pagead/1p-conversion/756828600/?url=https%3A%2F%2Fcampaign.gratus.com.hk%2F&guid=ON&script=0&data=itemtypeid%3Dundefined%3BPageURL%3Dhttps%3A%2F%2Fcampaign.gratus.com.hk%2F&c...
https://www.google.co.jp/pagead/1p-conversion/756828600/?url=https%3A%2F%2Fcampaign.gratus.com.hk%2F&guid=ON&script=0&data=itemtypeid%3Dundefined%3BPageURL%3Dhttps%3A%2F%2Fcampaign.gratus.com.hk%2F...

42 B
108 B

56ms
49ms

Image
image/gif

2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-conversion/756828600/?url=https%3A%2F%2Fcampaign.gratus.com.hk%2F&guid=ON&script=0&data=itemtypeid%3Dundefined%3BPageURL%3Dhttps%3A%2F%2Fcampaign.gratus.com.hk%2F&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2035632548&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=G8EyY6mjLpLS9gWBmp2wCw&random=89064383&ipr=y&prhg=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-TM33JK5

Protocol

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.googletagmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.co.jp/pagead/1p-conversion/756828600/?url=https%3A%2F%2Fcampaign.gratus.com.hk%2F&guid=ON&script=0&data=itemtypeid%3Dundefined%3BPageURL%3Dhttps%3A%2F%2Fcampaign.gratus.com.hk%2F&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2035632548&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=G8EyY6mjLpLS9gWBmp2wCw&random=89064383&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

activityi;dc_pre=CJbL55jTtPoCFejwTAIdfWYBXg;src=8834082;type=invmedia;cat=natsoodz;u1=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2F;u2=undefined;u3=undefined;ord=1710860454;~ore...
8834082.fls.doubleclick.net/ Frame BA13
Redirect Chain

https://8834082.fls.doubleclick.net/activityi;src=8834082;type=invmedia;cat=natsoodz;u1=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2F;u2=undefined;u3=undefined;ord=1710860454;~o...
https://8834082.fls.doubleclick.net/activityi;dc_pre=CJbL55jTtPoCFejwTAIdfWYBXg;src=8834082;type=invmedia;cat=natsoodz;u1=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2F;u2=undefi...

0
0

GET

activityi;dc_pre=CPzJ6JjTtPoCFRnbTAIdAUkNmA;src=10065619;type=invmedia;cat=allpa0;ord=7509027;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2F
10065619.fls.doubleclick.net/ Frame AB7A
Redirect Chain

https://10065619.fls.doubleclick.net/activityi;src=10065619;type=invmedia;cat=allpa0;ord=7509027;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2F?
https://10065619.fls.doubleclick.net/activityi;dc_pre=CPzJ6JjTtPoCFRnbTAIdAUkNmA;src=10065619;type=invmedia;cat=allpa0;ord=7509027;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2F?

0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
23 KB 25ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/track/click?msgid=89ee44a0-e2bd-4d94-8f36-4dcd3f60de46&linkid=633251aec16f4b77286e9eff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

142b2ea0873ac373f6579f120251c58f610e463530e5242cfdbb869a4bdae3a4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 22471
x-xss-protection: 0
pragma: public
x-fb-debug: +eGgMNx4t5xyo579kG4SRFssZ7cvmPv5Q01z2Fh78SC91GrNWzR/+4NvYzbrqvTHGoQPFPTpV8EyU3oRxgGU0g==
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 27 Sep 2022 09:23:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 54ms
54ms Script
text/javascript 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TM33JK5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15701
x-xss-protection: 0
server: cafe
etag: 15927311876428925992
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 09:23:39 GMT

GET
H2

200

activityi;dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%... Show response
10065619.fls.doubleclick.net/ Frame 6324
Redirect Chain

https://10065619.fls.doubleclick.net/activityi;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F2022...
https://10065619.fls.doubleclick.net/activityi;dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fc...

521 B
586 B

54ms
54ms

Document
text/html

172.217.31.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10065619.fls.doubleclick.net/activityi;dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TM33JK5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.31.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f673a3b5261463b3393ae80f3fa8155a63fb539ba846c53562b34d29ace4bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campaign.gratus.com.hk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10065619.fls.doubleclick.net/activityi;dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CKO56ZjTtPoCFfLjTAIdr2gLgw;src=9104188;type=invmedia;cat=bicel00;ord=2545772698412;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=htt... Show response
9104188.fls.doubleclick.net/ Frame D6AC
Redirect Chain

https://9104188.fls.doubleclick.net/activityi;src=9104188;type=invmedia;cat=bicel00;ord=2545772698412;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=h...
https://9104188.fls.doubleclick.net/activityi;dc_pre=CKO56ZjTtPoCFfLjTAIdr2gLgw;src=9104188;type=invmedia;cat=bicel00;ord=2545772698412;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u2=undefi...

648 B
611 B

46ms
46ms

Document
text/html

172.217.31.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9104188.fls.doubleclick.net/activityi;dc_pre=CKO56ZjTtPoCFfLjTAIdr2gLgw;src=9104188;type=invmedia;cat=bicel00;ord=2545772698412;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TM33JK5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.31.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3007cd67d04555768948b470f46ef8867a6e39d84a82b599ac98688ec46c7249

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campaign.gratus.com.hk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9104188.fls.doubleclick.net/activityi;dc_pre=CKO56ZjTtPoCFfLjTAIdr2gLgw;src=9104188;type=invmedia;cat=bicel00;ord=2545772698412;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CPj_65jTtPoCFTGWwgodvpQOPg;src=8834082;type=invmedia;cat=natsoodz;ord=3685149701895;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratu... Show response
8834082.fls.doubleclick.net/ Frame F991
Redirect Chain

https://8834082.fls.doubleclick.net/activityi;src=8834082;type=invmedia;cat=natsoodz;ord=3685149701895;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gra...
https://8834082.fls.doubleclick.net/activityi;dc_pre=CPj_65jTtPoCFTGWwgodvpQOPg;src=8834082;type=invmedia;cat=natsoodz;ord=3685149701895;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u4=undef...

561 B
413 B

54ms
54ms

Document
text/html

172.217.31.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8834082.fls.doubleclick.net/activityi;dc_pre=CPj_65jTtPoCFTGWwgodvpQOPg;src=8834082;type=invmedia;cat=natsoodz;ord=3685149701895;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F;u2=undefined;u3=undefined;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5WQBLF

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04b6e3f9eb903487165001f557d4a0e572335b9d4fc6489866e5f608e1e8e841

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campaign.gratus.com.hk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 388
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:39 GMT
expires: Tue, 27 Sep 2022 09:23:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8834082.fls.doubleclick.net/activityi;dc_pre=CPj_65jTtPoCFTGWwgodvpQOPg;src=8834082;type=invmedia;cat=natsoodz;ord=3685149701895;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F;u2=undefined;u3=undefined;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 61ms
6ms Script
text/javascript 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5WQBLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 6278
date: Tue, 27 Sep 2022 07:39:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Tue, 27 Sep 2022 09:39:01 GMT

GET
H2 255 /
rtr.adsfactor.net/api/adtarget/img/403/11580/12345678/ 43 B
259 B 233ms
83ms Image
image/gif 46.137.228.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtr.adsfactor.net/api/adtarget/img/403/11580/12345678/
Requested by: Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.228.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-228-19.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:23:40 GMT
content-length: 43
content-type: image/gif

GET
H2 200 2181464038545647 Show response
connect.facebook.net/signals/config/ 355 KB
85 KB 146ms
145ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2181464038545647?v=2.9.5&r=c2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9429b025bf73092665999d3bfd17f4031f4bdcc6399533d002a900241a1041a8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 48e7xp18CAPN5xchDG9tj6QCRsLQX6eUEKY1kWGzkMIP+DTVzawQsHTOX9MwVInvCwq67HUspHIoMrIqE7wgKQ==
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 27 Sep 2022 09:23:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/793352288/ 3 KB
1 KB 90ms
49ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/793352288/?random=1664270619822&cv=9&fst=1664270619822&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&ref=https%3A%2F%2Ft.rimanggis.com%2F&tiba=%E9%80%B2%E5%85%A5%E5%85%A8%E6%96%B0%E9%86%AB%E7%BE%8E%E8%99%9B%E6%93%AC%E9%A0%98%E5%9F%9F%E3%80%8C%E7%BE%8E%E6%96%B0%E6%AC%A1%E5%85%83%E3%80%8D%E9%A6%96%E6%89%B9NFT%E9%9A%86%E9%87%8D%E7%99%BB%E5%A0%B4!&auid=658306684.1664270620&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00c929e72de5f618abd18f37f2fc0cc76c7f8934ed93b99e6f4f3c29dc20f51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1162
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/756828600/ 3 KB
1 KB 90ms
50ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/756828600/?random=1664270619824&cv=9&fst=1664270619824&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&data=PageURL%3Dhttps%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&frm=0&url=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&ref=https%3A%2F%2Ft.rimanggis.com%2F&tiba=%E9%80%B2%E5%85%A5%E5%85%A8%E6%96%B0%E9%86%AB%E7%BE%8E%E8%99%9B%E6%93%AC%E9%A0%98%E5%9F%9F%E3%80%8C%E7%BE%8E%E6%96%B0%E6%AC%A1%E5%85%83%E3%80%8D%E9%A6%96%E6%89%B9NFT%E9%9A%86%E9%87%8D%E7%99%BB%E5%A0%B4!&auid=658306684.1664270620&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6b413984597ce9b7529a2f23797e0a2db73e3abb1b816dfea19e30147d5a611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1182
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/691673908/ 2 KB
2 KB 87ms
45ms Script
text/javascript 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/691673908/?random=1664270619825&cv=9&fst=1664270619825&num=1&value=0&label=c5MgCOnmoIACELS26MkC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&ref=https%3A%2F%2Ft.rimanggis.com%2F&tiba=%E9%80%B2%E5%85%A5%E5%85%A8%E6%96%B0%E9%86%AB%E7%BE%8E%E8%99%9B%E6%93%AC%E9%A0%98%E5%9F%9F%E3%80%8C%E7%BE%8E%E6%96%B0%E6%AC%A1%E5%85%83%E3%80%8D%E9%A6%96%E6%89%B9NFT%E9%9A%86%E9%87%8D%E7%99%BB%E5%A0%B4!&auid=658306684.1664270620&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0c266da607eb08f8301496fb7e9b827af9ac4a991dec57d23123ee5e670e270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1560
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST4092... Show response
adservice.google.com/ddm/fls/i/ Frame 9450 523 B
485 B 90ms
50ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F

Requested by

Host: 10065619.fls.doubleclick.net
URL: https://10065619.fls.doubleclick.net/activityi;dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6d4a4ed480bf18bd276e3dafcfaa32f9c087d79794d062671169084b71ca8ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10065619.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 415
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CKO56ZjTtPoCFfLjTAIdr2gLgw;src=9104188;type=invmedia;cat=bicel00;ord=2545772698412;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=https%3A%2F%2... Show response
adservice.google.com/ddm/fls/i/ Frame 0A14 650 B
911 B 77ms
43ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKO56ZjTtPoCFfLjTAIdr2gLgw;src=9104188;type=invmedia;cat=bicel00;ord=2545772698412;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F

Requested by

Host: 9104188.fls.doubleclick.net
URL: https://9104188.fls.doubleclick.net/activityi;dc_pre=CKO56ZjTtPoCFfLjTAIdr2gLgw;src=9104188;type=invmedia;cat=bicel00;ord=2545772698412;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3b0dfa8eebb2033d68a53cda5aa2f0a4fd9d7f196ed1d13b636a7ff04c96f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9104188.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 442
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 80ms
40ms XHR
text/plain 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=281395443&t=pageview&_s=1&dl=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&dr=https%3A%2F%2Ft.rimanggis.com%2F&ul=en-us&de=UTF-8&dt=%E9%80%B2%E5%85%A5%E5%85%A8%E6%96%B0%E9%86%AB%E7%BE%8E%E8%99%9B%E6%93%AC%E9%A0%98%E5%9F%9F%E3%80%8C%E7%BE%8E%E6%96%B0%E6%AC%A1%E5%85%83%E3%80%8D%E9%A6%96%E6%89%B9NFT%E9%9A%86%E9%87%8D%E7%99%BB%E5%A0%B4!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1531023391&gjid=480163502&cid=631270571.1664270620&tid=UA-97713122-9&_gid=1278791525.1664270620&_r=1&gtm=2wg9l0N5WQBLF&z=1201399180

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://campaign.gratus.com.hk/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://campaign.gratus.com.hk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 44ms
7ms Image
image/gif 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=281395443&t=pageview&_s=1&dl=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&dr=https%3A%2F%2Ft.rimanggis.com%2F&ul=en-us&de=UTF-8&dt=%E9%80%B2%E5%85%A5%E5%85%A8%E6%96%B0%E9%86%AB%E7%BE%8E%E8%99%9B%E6%93%AC%E9%A0%98%E5%9F%9F%E3%80%8C%E7%BE%8E%E6%96%B0%E6%AC%A1%E5%85%83%E3%80%8D%E9%A6%96%E6%89%B9NFT%E9%9A%86%E9%87%8D%E7%99%BB%E5%A0%B4!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=631270571.1664270620&tid=UA-97713122-9&_gid=1278791525.1664270620&gtm=2wg9l0N5WQBLF&z=1902764279

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 15:37:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63971
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPj_65jTtPoCFTGWwgodvpQOPg;src=8834082;type=invmedia;cat=natsoodz;ord=3685149701895;gtm=2wg9l0;auiddc=*;u1=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGS...
adservice.google.com/ddm/fls/z/ Frame F991 42 B
118 B 48ms
48ms Image
image/gif 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPj_65jTtPoCFTGWwgodvpQOPg;src=8834082;type=invmedia;cat=natsoodz;ord=3685149701895;gtm=2wg9l0;auiddc=*;u1=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F;u2=undefined;u3=undefined;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F

Requested by

Host: 8834082.fls.doubleclick.net
URL: https://8834082.fls.doubleclick.net/activityi;dc_pre=CPj_65jTtPoCFTGWwgodvpQOPg;src=8834082;type=invmedia;cat=natsoodz;ord=3685149701895;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F;u2=undefined;u3=undefined;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://8834082.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/793352288/ 42 B
108 B 115ms
86ms Image
image/gif 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/793352288/?random=1664270619822&cv=9&fst=1664269200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&ref=https%3A%2F%2Ft.rimanggis.com%2F&tiba=%E9%80%B2%E5%85%A5%E5%85%A8%E6%96%B0%E9%86%AB%E7%BE%8E%E8%99%9B%E6%93%AC%E9%A0%98%E5%9F%9F%E3%80%8C%E7%BE%8E%E6%96%B0%E6%AC%A1%E5%85%83%E3%80%8D%E9%A6%96%E6%89%B9NFT%E9%9A%86%E9%87%8D%E7%99%BB%E5%A0%B4!&async=1&fmt=3&is_vtc=1&random=2975036069&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.jp/pagead/1p-user-list/793352288/ 42 B
548 B 177ms
45ms Image
image/gif 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/793352288/?random=1664270619822&cv=9&fst=1664269200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&ref=https%3A%2F%2Ft.rimanggis.com%2F&tiba=%E9%80%B2%E5%85%A5%E5%85%A8%E6%96%B0%E9%86%AB%E7%BE%8E%E8%99%9B%E6%93%AC%E9%A0%98%E5%9F%9F%E3%80%8C%E7%BE%8E%E6%96%B0%E6%AC%A1%E5%85%83%E3%80%8D%E9%A6%96%E6%89%B9NFT%E9%9A%86%E9%87%8D%E7%99%BB%E5%A0%B4!&async=1&fmt=3&is_vtc=1&random=2975036069&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.co.jp/pagead/1p-conversion/691673908/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/691673908/?random=1501652478&cv=9&fst=1664270619825&num=1&value=0&label=c5MgCOnmoIACELS26MkC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/691673908/?random=1501652478&cv=9&fst=1664270619825&num=1&value=0&label=c5MgCOnmoIACELS26MkC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.co.jp/pagead/1p-conversion/691673908/?random=1501652478&cv=9&fst=1664270619825&num=1&value=0&label=c5MgCOnmoIACELS26MkC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&...

42 B
64 B

62ms
51ms

Image
image/gif

2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-conversion/691673908/?random=1501652478&cv=9&fst=1664270619825&num=1&value=0&label=c5MgCOnmoIACELS26MkC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&ref=https%3A%2F%2Ft.rimanggis.com%2F&tiba=%E9%80%B2%E5%85%A5%E5%85%A8%E6%96%B0%E9%86%AB%E7%BE%8E%E8%99%9B%E6%93%AC%E9%A0%98%E5%9F%9F%E3%80%8C%E7%BE%8E%E6%96%B0%E6%AC%A1%E5%85%83%E3%80%8D%E9%A6%96%E6%89%B9NFT%E9%9A%86%E9%87%8D%E7%99%BB%E5%A0%B4!&auid=658306684.1664270620&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOEw3S21RWVE2T2Vsc3FlbXctcmZBUklsQUhDT1JWTXk2SXZpd09pOWlxdlJrcEp1ZGpfOEJza3NscjIxcFk1bnZPT2lkeXJSeUEaWENoRUk4TDdLbVFZUTRMYXQ3dERLOFlQOEFSSXRBRkdsenB5bUFkLUtjQ3VGUzFsZHVyY3o1M1ZZSDEtWm9odU1pSEhVTkIyNjN4VEp3ZXZZSndCZVdMaVM&is_vtc=1&ocp_id=G8EyY56sNoL49AWm3bKoAQ&cid=CAQSKQCsnQUxWJMx4F4cH_hkJA01kCMyYp2qrI5GKKwJokpzw_3toP2twK2_&eitems=ChAI8L7KmQYQ66uj9OfPhPJDEh0A-8Q4mAGXEkCRjRcfex61xVc4eQYU2nlRFZajUA&random=3718986640&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.co.jp/pagead/1p-conversion/691673908/?random=1501652478&cv=9&fst=1664270619825&num=1&value=0&label=c5MgCOnmoIACELS26MkC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&ref=https%3A%2F%2Ft.rimanggis.com%2F&tiba=%E9%80%B2%E5%85%A5%E5%85%A8%E6%96%B0%E9%86%AB%E7%BE%8E%E8%99%9B%E6%93%AC%E9%A0%98%E5%9F%9F%E3%80%8C%E7%BE%8E%E6%96%B0%E6%AC%A1%E5%85%83%E3%80%8D%E9%A6%96%E6%89%B9NFT%E9%9A%86%E9%87%8D%E7%99%BB%E5%A0%B4!&auid=658306684.1664270620&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOEw3S21RWVE2T2Vsc3FlbXctcmZBUklsQUhDT1JWTXk2SXZpd09pOWlxdlJrcEp1ZGpfOEJza3NscjIxcFk1bnZPT2lkeXJSeUEaWENoRUk4TDdLbVFZUTRMYXQ3dERLOFlQOEFSSXRBRkdsenB5bUFkLUtjQ3VGUzFsZHVyY3o1M1ZZSDEtWm9odU1pSEhVTkIyNjN4VEp3ZXZZSndCZVdMaVM&is_vtc=1&ocp_id=G8EyY56sNoL49AWm3bKoAQ&cid=CAQSKQCsnQUxWJMx4F4cH_hkJA01kCMyYp2qrI5GKKwJokpzw_3toP2twK2_&eitems=ChAI8L7KmQYQ66uj9OfPhPJDEh0A-8Q4mAGXEkCRjRcfex61xVc4eQYU2nlRFZajUA&random=3718986640&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/756828600/ 42 B
548 B 81ms
53ms Image
image/gif 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/756828600/?random=1664270619824&cv=9&fst=1664269200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&data=PageURL%3Dhttps%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&frm=0&url=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&ref=https%3A%2F%2Ft.rimanggis.com%2F&tiba=%E9%80%B2%E5%85%A5%E5%85%A8%E6%96%B0%E9%86%AB%E7%BE%8E%E8%99%9B%E6%93%AC%E9%A0%98%E5%9F%9F%E3%80%8C%E7%BE%8E%E6%96%B0%E6%AC%A1%E5%85%83%E3%80%8D%E9%A6%96%E6%89%B9NFT%E9%9A%86%E9%87%8D%E7%99%BB%E5%A0%B4!&async=1&fmt=3&is_vtc=1&random=1749397199&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.jp/pagead/1p-user-list/756828600/ 42 B
108 B 179ms
48ms Image
image/gif 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/756828600/?random=1664270619824&cv=9&fst=1664269200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&data=PageURL%3Dhttps%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&frm=0&url=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&ref=https%3A%2F%2Ft.rimanggis.com%2F&tiba=%E9%80%B2%E5%85%A5%E5%85%A8%E6%96%B0%E9%86%AB%E7%BE%8E%E8%99%9B%E6%93%AC%E9%A0%98%E5%9F%9F%E3%80%8C%E7%BE%8E%E6%96%B0%E6%AC%A1%E5%85%83%E3%80%8D%E9%A6%96%E6%89%B9NFT%E9%9A%86%E9%87%8D%E7%99%BB%E5%A0%B4!&async=1&fmt=3&is_vtc=1&random=1749397199&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKO56ZjTtPoCFfLjTAIdr2gLgw;src=9104188;type=invmedia;cat=bicel00;ord=2545772698412;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=https%3A%2F%2... Show response
adservice.google.co.jp/ddm/fls/i/ Frame FE33 194 B
287 B 139ms
44ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/ddm/fls/i/dc_pre=CKO56ZjTtPoCFfLjTAIdr2gLgw;src=9104188;type=invmedia;cat=bicel00;ord=2545772698412;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKO56ZjTtPoCFfLjTAIdr2gLgw;src=9104188;type=invmedia;cat=bicel00;ord=2545772698412;gtm=2wg9l0;auiddc=658306684.1664270620;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:40 GMT
expires: Tue, 27 Sep 2022 09:23:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST4092... Show response
10065619.fls.doubleclick.net/ddm/fls/r/ Frame 839A
Redirect Chain

https://adservice.google.co.jp/ddm/fls/i/dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaig...
https://10065619.fls.doubleclick.net/ddm/fls/r/dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fc...

836 B
513 B

41ms
41ms

Document
text/html

172.217.31.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10065619.fls.doubleclick.net/ddm/fls/r/dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34493cc2deb0403a9fbc63737869ca1e9289c125cbf33169d65b9d81ea4c1805

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 490
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:40 GMT
expires: Tue, 27 Sep 2022 09:23:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 09:23:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://10065619.fls.doubleclick.net/ddm/fls/r/dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
450 B 151ms
36ms XHR
text/plain 2404:6800:4008:c13::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-97713122-9&cid=631270571.1664270620&jid=1531023391&gjid=480163502&_gid=1278791525.1664270620&_u=YEBAAEAAAAAAAC~&z=1760824926

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c13::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://campaign.gratus.com.hk/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Sep 2022 09:23:40 GMT
content-type: text/plain
access-control-allow-origin: https://campaign.gratus.com.hk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 40ms
40ms Image
image/gif 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-97713122-9&cid=631270571.1664270620&jid=1531023391&_u=YEBAAEAAAAAAAC~&z=1437473859

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.jp/ads/ 42 B
63 B 94ms
55ms Image
image/gif 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-97713122-9&cid=631270571.1664270620&jid=1531023391&_u=YEBAAEAAAAAAAC~&z=1437473859

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 09:23:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 839A 45 KB
17 KB 76ms
75ms Script
text/javascript 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 10065619.fls.doubleclick.net
URL: https://10065619.fls.doubleclick.net/ddm/fls/r/dc_pre=CL3V6JjTtPoCFQMUYAoduFcCXQ;src=10065619;type=invmedia;cat=allpa0;ord=1701649743706;gtm=2wg9l0;auiddc=658306684.1664270620;~oref=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

283ab662ebcf00415d4ba2b25452e97a3bdaa40934a4c64da16368f38d5e0063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://10065619.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17404
x-xss-protection: 0
server: cafe
etag: 12810633067890993197
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 09:23:40 GMT

GET
H3 200 1159996684173033 Show response
connect.facebook.net/signals/config/ 355 KB
85 KB 135ms
134ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1159996684173033?v=2.9.5&r=c2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4493554b910c2c18326baf3f84f56281a20507b2ef22e3342963329fa2f42066

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Y3rUzAWcArW50eTdEzf8yOlP+QLYZl8ugElZ5SJVc7iCNDYNpIidhR6gTthoIpquDuCQ3oRQ0VL61sXkn40bgg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 27 Sep 2022 09:23:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 24ms
4ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2181464038545647&ev=PageView&dl=https%3A%2F%2Fcampaign.gratus.com.hk%2Fedm%2F202209%2FGGST40922CA04B%2F&rl=https%3A%2F%2Ft.rimanggis.com%2F&if=false&ts=1664270620238&sw=1600&sh=1200&v=2.9.5&r=c2&ec=0&o=30&fbp=fb.2.1664270620236.328881224&it=1664270619818&coo=false&rqm=GET

Requested by

Host: campaign.gratus.com.hk
URL: https://campaign.gratus.com.hk/edm/202209/GGST40922CA04B/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://campaign.gratus.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 27 Sep 2022 09:23:40 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/634920084/ Frame 839A 2 KB
1 KB 45ms
45ms Script
text/javascript 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/634920084/?random=1664270620256&cv=9&fst=1664270620256&num=1&npa=1&label=mCYICKXnrdcBEJS54K4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10065619.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCL3V6JjTtPoCFQMUYAoduFcCXQ%3Bsrc%3D10065619%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1701649743706%3Bgtm%3D2wg9l0%3Bauiddc%3D658306684.1664270620%3B~oref%3Dhttps%253A%252F%252Fcampaign.gratus.com.hk%252Fedm%252F202209%252FGGST40922CA04B%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS