urlscan.io logo urlscan.io
SecurityTrails logo

k2-ornata.com Open in urlscan Pro
157.112.187.75  Public Scan

Go To Rescan Add Verdict Report
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Submission: On June 16 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 6 countries across 47 domains to perform 224 HTTP transactions. The main IP is 157.112.187.75, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is k2-ornata.com.
TLS certificate: Issued by R3 on May 22nd 2023. Valid for: 3 months.
This is the only time k2-ornata.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 157.112.187.75 131965 (XSERVER X...)
4 172.217.175.104 15169 (GOOGLE)
7 142.251.42.138 15169 (GOOGLE)
26 142.251.42.130 15169 (GOOGLE)
3 13.225.165.28 16509 (AMAZON-02)
4 31.13.82.7 32934 (FACEBOOK)
2 18.65.185.124 16509 (AMAZON-02)
4 192.229.237.25 15133 (EDGECAST)
10 142.251.42.131 15169 (GOOGLE)
1 192.0.73.2 2635 (AUTOMATTIC)
5 142.251.222.14 15169 (GOOGLE)
3 99.84.140.67 16509 (AMAZON-02)
3 18.65.185.94 16509 (AMAZON-02)
1 216.239.38.181 15169 (GOOGLE)
1 142.251.170.156 15169 (GOOGLE)
1 172.217.31.131 15169 (GOOGLE)
19 142.250.196.130 15169 (GOOGLE)
2 104.244.42.8 13414 (TWITTER)
1 142.250.199.98 15169 (GOOGLE)
3 216.58.220.130 15169 (GOOGLE)
32 172.217.26.225 15169 (GOOGLE)
6 142.251.42.162 15169 (GOOGLE)
4 172.217.175.3 15169 (GOOGLE)
3 8 142.250.196.132 15169 (GOOGLE)
4 172.217.26.226 15169 (GOOGLE)
2 172.217.174.102 15169 (GOOGLE)
3 6 50.116.239.135 6336 (TURN-US-ASN)
8 37 142.250.207.34 15169 (GOOGLE)
1 1 103.229.205.242 30419 (MEDIAMATH...)
1 1 151.101.130.49 54113 (FASTLY)
2 2 3.33.220.150 16509 (AMAZON-02)
2 2 20.85.134.6 8075 (MICROSOFT...)
1 1 139.162.117.143 63949 (AKAMAI-LI...)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 1 202.233.84.8 131957 (MICROAD M...)
3 5 23.90.68.235 27381 (CASALE-MEDIA)
3 4 103.43.90.179 29990 (ASN-APPNEX)
2 3 34.98.64.218 396982 (GOOGLE-CL...)
1 1 202.241.208.56 4694 (IDCF IDC ...)
1 124.146.153.150 2514 (INFOSPHER...)
1 1 18.176.234.133 16509 (AMAZON-02)
1 1 54.251.79.41 16509 (AMAZON-02)
4 4 70.42.32.223 13789 (INTERNAP-...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 103.229.10.247 16509 (AMAZON-02)
1 1 34.126.167.117 396982 (GOOGLE-CL...)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 1 13.114.84.250 16509 (AMAZON-02)
2 2 185.84.60.21 198622 (ADFORM)
1 1 54.211.72.252 14618 (AMAZON-AES)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 34.200.89.174 14618 (AMAZON-AES)
2 2 35.213.12.39 15169 (GOOGLE)
1 202.233.84.1 131957 (MICROAD M...)
1 1 31.220.27.135 39572 (ADVANCEDH...)
1 1 150.95.47.242 7506 (INTERQ GM...)
1 31.13.82.36 32934 (FACEBOOK)
224 36
31    157.112.187.75 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv54.star.ne.jp
k2-ornata.com
4    172.217.175.104 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f8.1e100.net
www.googletagmanager.com
7    142.251.42.138 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f10.1e100.net
fonts.googleapis.com
26    142.251.42.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net
pagead2.googlesyndication.com
3    13.225.165.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-28.nrt12.r.cloudfront.net
b.hatena.ne.jp
4    31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
2    18.65.185.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-124.nrt57.r.cloudfront.net
widgets.getpocket.com
4    192.229.237.25 (Granada Hills, United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
10    142.251.42.131 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f3.1e100.net
fonts.gstatic.com
1    192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
5    142.251.222.14 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f14.1e100.net
www.google-analytics.com
3    99.84.140.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-67.nrt57.r.cloudfront.net
b.st-hatena.com
3    18.65.185.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-94.nrt57.r.cloudfront.net
assets.getpocket.com
1    216.239.38.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    142.251.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: tc-in-f156.1e100.net
stats.g.doubleclick.net
1    172.217.31.131 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f3.1e100.net
www.google.co.jp
19    142.250.196.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net
googleads.g.doubleclick.net
2    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    142.250.199.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net
partner.googleadservices.com
3    216.58.220.130 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s01-in-f130.1e100.net
adservice.google.com
32    172.217.26.225 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f1.1e100.net
tpc.googlesyndication.com
6    142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net
www.googletagservices.com
4    172.217.175.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s18-in-f3.1e100.net
www.gstatic.com
8    142.250.196.132 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f4.1e100.net
www.google.com
4    172.217.26.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bom05s09-in-f2.1e100.net
googleads4.g.doubleclick.net
2    172.217.174.102 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s28-in-f6.1e100.net
s0.2mdn.net
6    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
37    142.250.207.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f2.1e100.net
cm.g.doubleclick.net
1    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    20.85.134.6 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    139.162.117.143 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1601-143.members.linode.com
a.c.appier.net
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-cs.send.microad.jp
5    23.90.68.235 (India)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    103.43.90.179 (Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    202.241.208.56 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    124.146.153.150 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
gdn.socdm.com
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
1    54.251.79.41 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-79-41.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
4    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    34.126.167.117 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com
um.simpli.fi
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.114.84.250 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-84-250.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
2    185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    54.211.72.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-72-252.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    202.232.238.37 (Tokyo, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    34.200.89.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-89-174.compute-1.amazonaws.com
fksnk.com
2    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
1    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    150.95.47.242 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io
sync.dsp.reemo-ad.jp
1    31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
61 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 124
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359
cm.g.doubleclick.net — Cisco Umbrella Rank: 244
264 KB
58 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
647 KB
31 k2-ornata.com
k2-ornata.com
1 MB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
263 KB
12 google.com
analytics.google.com — Cisco Umbrella Rank: 256
adservice.google.com — Cisco Umbrella Rank: 107
www.google.com — Cisco Umbrella Rank: 3
2 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80
36 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 1039
r.turn.com — Cisco Umbrella Rank: 3929
3 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
335 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 959
syndication.twitter.com — Cisco Umbrella Rank: 1131
149 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621
4 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
22 KB
5 getpocket.com
widgets.getpocket.com — Cisco Umbrella Rank: 88913
assets.getpocket.com — Cisco Umbrella Rank: 64022
14 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 249
4 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
254 KB
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 492
860 B
3 st-hatena.com
b.st-hatena.com — Cisco Umbrella Rank: 85060
4 KB
3 hatena.ne.jp
b.hatena.ne.jp — Cisco Umbrella Rank: 73130
9 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 659
134 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 361
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 635
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1091
gdn.socdm.com — Cisco Umbrella Rank: 85620
2 KB
2 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 27176
aid.send.microad.jp — Cisco Umbrella Rank: 5991
1 KB
2 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4691
972 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 375
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
246 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
90 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
18 KB
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 8942
354 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10545
293 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 5707
615 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 47131
661 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 792
993 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 20161
305 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 408
642 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 976
715 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 846
464 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 9107
598 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
760 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 74665
739 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1105
454 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 16506
601 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 778
539 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 566
878 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1107
603 B
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 18644
408 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1988
1 KB
224 47
Domain Requested by
37 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
k2-ornata.com
32 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
31 k2-ornata.com k2-ornata.com
26 pagead2.googlesyndication.com k2-ornata.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
19 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 fonts.gstatic.com fonts.googleapis.com
8 www.google.com 3 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
7 fonts.googleapis.com k2-ornata.com
googleads.g.doubleclick.net
6 www.googletagservices.com googleads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
k2-ornata.com
4 b1sync.zemanta.com 4 redirects
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
4 platform.twitter.com k2-ornata.com
platform.twitter.com
4 www.googletagmanager.com k2-ornata.com
www.googletagmanager.com
3 us-u.openx.net 2 redirects googleads.g.doubleclick.net
3 r.turn.com k2-ornata.com
3 ad.turn.com 3 redirects
3 adservice.google.com pagead2.googlesyndication.com
3 assets.getpocket.com widgets.getpocket.com
assets.getpocket.com
3 b.st-hatena.com b.hatena.ne.jp
b.st-hatena.com
3 b.hatena.ne.jp k2-ornata.com
b.hatena.ne.jp
2 static.xx.fbcdn.net www.facebook.com
2 x.bidswitch.net 2 redirects
2 c1.adform.net 2 redirects
2 mweb.ck.inmobi.com 2 redirects
2 match.adsrvr.org 2 redirects
2 s0.2mdn.net googleads.g.doubleclick.net
2 syndication.twitter.com platform.twitter.com
k2-ornata.com
2 widgets.getpocket.com k2-ornata.com
widgets.getpocket.com
2 connect.facebook.net k2-ornata.com
connect.facebook.net
1 www.facebook.com connect.facebook.net
1 sync.dsp.reemo-ad.jp 1 redirects
1 s.uuidksinc.net 1 redirects
1 aid.send.microad.jp googleads.g.doubleclick.net
1 fksnk.com 1 redirects
1 sync.fout.jp 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 px.ads.linkedin.com 1 redirects
1 um.simpli.fi 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 dsp.adkernel.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 cs.r-ad.ne.jp 1 redirects
1 gdn.socdm.com googleads.g.doubleclick.net
1 tg.socdm.com 1 redirects
1 s-cs.send.microad.jp 1 redirects
1 trace.mediago.io 1 redirects
1 a.c.appier.net 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 sync.mathtag.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.co.jp k2-ornata.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 secure.gravatar.com k2-ornata.com
224 59

This site contains links to these domains. Also see Links.

Domain
ja.wordpress.org
Subject Issuer Validity Valid
www.k2-ornata.com
R3		 2023-05-22 -
2023-08-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.b.hatena.ne.jp
Amazon RSA 2048 M02		 2023-02-22 -
2023-11-21		 9 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-25 -
2023-06-23		 3 months crt.sh
widgets.getpocket.com
Amazon RSA 2048 M01		 2023-01-30 -
2024-02-28		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
*.b.st-hatena.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-11-21		 9 months crt.sh
assets.getpocket.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-10-07		 7 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-25 -
2023-12-25		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh

This page contains 32 frames:

Primary Page: https://k2-ornata.com/splunk_fields_extract_and_display/
Frame ID: ABE70807940AB8F5CF54CD9A497D742D
Requests: 70 HTTP requests in this frame

Frame: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=simple-balloon&mode=popup
Frame ID: E4F18464C593FE6B3EAFAE5463F4CF8E
Requests: 4 HTTP requests in this frame

Frame: https://widgets.getpocket.com/v1/button?label=pocket&count=none&align=left&v=1&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&title=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&src=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&r=0.5266254309827632
Frame ID: 5AA8E4A36AF1AB853DD8B37E19027E7E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html
Frame ID: 73FDEDA0B6237EC18BACDF2F97FECC9F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fk2-ornata.com
Frame ID: 065673F52F7913645FD65078313058DB
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 96DD283C9DFD3798E51E3634A3E81455
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&adk=1812271804&adf=3025194257&lmt=1686891660&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660219&bpp=6&bdt=1712&idt=695&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6707657911768&frm=20&pv=2&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=727
Frame ID: 6EC0481E215E984E74935AC286DFEAAC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
Frame ID: 0B355D7E15543A9E4A68F38A3C4616B2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Frame ID: DC6CDADACD5A56C7BE14740F66DACBA3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Frame ID: 9CEE452D1426363DCBB5B68B66910100
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Frame ID: 2EF861AC8749A6456ACA74DBCB4326AD
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Frame ID: 0321D3F0F66F20F17175DC5DC0F20196
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3E2261FDDE3C892F000A7EE1CE21A172
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%82%B2%E3%82%8B%E3%81%8F%E3%81%A7H%E9%96%93%E3%82%92%E3%83%BC%E3%81%8A%E3%83%ACF%E3%82%A4%E5%8F%B0%E3%80%81%20%E3%83%97T%E6%83%B3%E3%83%A0%E3%81%AB%EF%BC%81%E3%83%A7I%E3%81%8D%E3%82%B7%E9%96%89%E6%96%99%E7%84%A1%E8%88%9E%E6%88%A6P%E9%96%8B%E3%81%AFEN%E7%A9%BA%E3%81%86%E3%81%98LA%E4%BB%AES
Frame ID: 4590698928B595A9B71D2F7F40D4F73D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7A6E5B285A2D6BDB8D567C1BC197CC7C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A51F49EC80C2E43D32E3BB60B31B083E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC9A6250B461AFD332925A6DB166F307
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYovbs7QEwAQ&v=APEucNXTMh_0g_XcTRqm-YYiG80Q9zmAe6Y_WMiML05sQvVcXn_ig87B4lFf_QcS4eAHeLIgjk8u0Ngl2RGZIT8i-8E3Gsh43g
Frame ID: DC5ED14462F450079DA330751BD079B4
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A6BBADBA7D6ED876C7A35F46521B4ADC
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYovbs7QEwAQ&v=APEucNUe_xZSH2ZIG5wWai9OgiY1xtv2hv-VomhbwdybezZaRu8LtBqRqhaezbuJOspkHWB6Uxm6biE65GRWO6LYs27uu5HqhQ
Frame ID: FC4700D51A3803B9ADC2689950A03CB0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 76D1BF83C6A70A7819502C1DF69EE91D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F973CF0ED2A5F520D818FDC58A6F443E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 869399E04912378E71564CFF8FC1B615
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Frame ID: DF3DBF0BD5102C3D1202E85A7496F3C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E2F9934241CEBA6ADE5A20657013D1AF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 164A7DA165C2D35B3E1A8138D680680E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Frame ID: 8A2EBD471EA9AF447CD8D35950377F21
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Frame ID: CDF86B74AD5BA8AC482551D8FDB6F798
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Frame ID: E6B5D2B34AA6A66388CE0E6B29A2584D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2fa73871023f1c%26domain%3Dk2-ornata.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fk2-ornata.com%252Ff11b6bd3972d394%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=100
Frame ID: 41EF7E97D4F49C2CF34465C412BD455B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4B3FEFF75FC5A0AF47ED895D0591C958
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3787B9581930721BB772C12D74AF47E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Splunk基本操作を確認してみた(フィールドの抽出と指定フィールドの表示) – k2-ornata

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

224
Requests

85 %
HTTPS

0 %
IPv6

47
Domains

59
Subdomains

36
IPs

6
Countries

3714 kB
Transfer

7693 kB
Size

55
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 160
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1&google_push=ATf1kGPFCU3a4bDCkCgLoZtJsq9hhrUfPsllfhYh-DzUm8f2PfXKxStp1N3OOZyC8dntEGqXu5WMvyxsY-mX28KeBWFKzAjn_ajBDzM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI0OTA5MTY4NjEzMjYxNTE5Mg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1
Request Chain 161
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHF8fR0wxTXvipZFALMDog8&google_cver=1&google_push=ATf1kGOO0nWStofT-PexwDUlOHIbycFf4jWSkyuxp9skPDvcjO2lIw-Vkv5NpyntuxNJusW4yuL9vJMM7446Obvb9dy-QrSkxkel1vA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOO0nWStofT-PexwDUlOHIbycFf4jWSkyuxp9skPDvcjO2lIw-Vkv5NpyntuxNJusW4yuL9vJMM7446Obvb9dy-QrSkxkel1vA
Request Chain 162
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEP9Vsv-MLiylW-WWH0i4eoc&google_cver=1&google_push=ATf1kGP38t0_Ukef0jTOf0xs-uU6cvYplpDmK92qLLHynJDYlERfS3PBI0obGWI0XZXMj6cqaQh6DGOKOAULcH_bdy7S2xkeydtDa58 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP9Vsv-MLiylW-WWH0i4eoc&google_push=ATf1kGP38t0_Ukef0jTOf0xs-uU6cvYplpDmK92qLLHynJDYlERfS3PBI0obGWI0XZXMj6cqaQh6DGOKOAULcH_bdy7S2xkeydtDa58
Request Chain 163
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDC-ktoUcMGM12GLXZ4B-3A&google_cver=1&google_push=ATf1kGPc-xNzJwmysXrhff_kZBVeaKPCI0G-2eAWzT6dVJ_lJ6Cf0BDckSBzBOl3o1o8lBIm_q_OjyuaEOn60gRWxNJAaUu03dizSs0I HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEDC-ktoUcMGM12GLXZ4B-3A&google_cver=1&google_push=ATf1kGPc-xNzJwmysXrhff_kZBVeaKPCI0G-2eAWzT6dVJ_lJ6Cf0BDckSBzBOl3o1o8lBIm_q_OjyuaEOn60gRWxNJAaUu03dizSs0I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MGQ0NjRjODEtZmJiYy00ODU3LWFmMDItMGQ4ZGVhMTg2ZjVi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=0d464c81-fbbc-4857-af02-0d8dea186f5b
Request Chain 164
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELAbv-zC79sLK24AbuhgcKE&google_cver=1&google_push=ATf1kGPvmFIYMDMjYEmblHel269bx9M2WCSgFY9OExBzGv_bYF2rEe-EfB8CxbOpAK--2rgWp0sMKr4ZaPZAfwBifQ31ukMEXrnC5QeA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZmJiMjVhNzYtNWZiMS00YzkzLThhYzEtZmY4YjIyZDU1Yzhk&google_gid=CAESELAbv-zC79sLK24AbuhgcKE&google_cver=1&google_push=ATf1kGPvmFIYMDMjYEmblHel269bx9M2WCSgFY9OExBzGv_bYF2rEe-EfB8CxbOpAK--2rgWp0sMKr4ZaPZAfwBifQ31ukMEXrnC5QeA
Request Chain 165
  • https://a.c.appier.net/gcm?google_gid=CAESECUi4PGJ1SM05xUB73Acqxk&google_cver=1&google_push=ATf1kGORZJu6zt7amuHp8N5_blXCDFMvJpwww8yTgjtAoeXHcgmYwsSk_r7vyzrm1LqZTIR9zjKBhpAx8mGZNG6a9cCXMvdpBgGCz6e3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OWhIdWVUN0NBLUswbkZ1bmp1eUxaQQ%3D%3D&google_push=ATf1kGORZJu6zt7amuHp8N5_blXCDFMvJpwww8yTgjtAoeXHcgmYwsSk_r7vyzrm1LqZTIR9zjKBhpAx8mGZNG6a9cCXMvdpBgGCz6e3
Request Chain 166
  • https://trace.mediago.io/cs/google?google_gid=CAESEPaBCnkT7-FZ_eOVnEUVoWI&google_cver=1&google_push=ATf1kGPRFKjm_UL_HapsWorlOeTvpLaMzc7JPbcXnYHg0pLYcMaZB5jNLIhHyVLdVWNFL26vNvTlVGX14INI37g40SBzLbYq5m_jHh7DHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGPRFKjm_UL_HapsWorlOeTvpLaMzc7JPbcXnYHg0pLYcMaZB5jNLIhHyVLdVWNFL26vNvTlVGX14INI37g40SBzLbYq5m_jHh7DHQ&google_hm=6cf81914f08d49a5b42842a781e1dc57
Request Chain 173
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 174
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPR9yVQsOH9S84QU7anz4M8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPR9yVQsOH9S84QU7anz4M8&google_cver=1&C=1
Request Chain 176
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZIvsjod1UOFsLIt2VUG3CgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPR9yVQsOH9S84QU7anz4M8&google_cver=1
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMhwls5dSOgdOqG13s5CxvU&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMhwls5dSOgdOqG13s5CxvU%26google_cver%3D1
Request Chain 178
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2MDcxNTA5OTM1NTM3Mzc0Nw%3D%3D
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBPEyH50zUFx9k2y3LvgaZ8&google_cver=1
Request Chain 180
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWNmZThlZWItNzM0ZC0yMGRiLWZhMjMtYWIzNDYxMmM1ZjU0
Request Chain 182
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1&google_push=ATf1kGP9PT1UA6_CVRma-RN1F00N9GyU9cvknQsrrihR-3sT4-Cru6LopshOSgKGlsZN9qIxKBKrt-UtmmQmmPUubuxe-_QptxewJcvhBuetAs_8RIm-sSPUlTlxrOjWXvsVS4x7AItJThWXBycPJPRsFdwuFg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU3NTU2MTc2NTA4MTg0MzczNg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1
Request Chain 183
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEP2wNaFo2UA7lvjTs0rczXE&google_cver=1&google_push=ATf1kGN7hXidf-49ZN4ccR64TGTbcqyLNTG5RQwiLX4vwvOO7B8eVP1Wjp6nc1xCm4T-tOXaw1611BB2G8rjMnUB2WIXYcGHIZ7xl1_g36gnDPZKpnhB_etsWrNl5CJckJRlsDKvdblTSjzvXSW8xUIpteK30A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=Wkl2c2pzQ281dVlBQUpwbVJld0FBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEP2wNaFo2UA7lvjTs0rczXE&google_cver=1
Request Chain 184
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELAbv-zC79sLK24AbuhgcKE&google_cver=1&google_push=ATf1kGOaeb2dP82XnEODyC-DZvY48biBmuLcsV28pPDLC-BvOQmbxL8mIR-PH9nDM_wxTOnAYGWtaGMELPVq3qEhzivDef5N829YQzCVIdyqmSBB82C8_QY7qJVLGobTLOMoT-I6CEHyAOpMhOpTUM1_r42JlQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTA1NjgyNTItM2MzNy00MDI2LWFmZGItZTg0ZmZiMjM3ZGY1&google_gid=CAESELAbv-zC79sLK24AbuhgcKE&google_cver=1&google_push=ATf1kGOaeb2dP82XnEODyC-DZvY48biBmuLcsV28pPDLC-BvOQmbxL8mIR-PH9nDM_wxTOnAYGWtaGMELPVq3qEhzivDef5N829YQzCVIdyqmSBB82C8_QY7qJVLGobTLOMoT-I6CEHyAOpMhOpTUM1_r42JlQ
Request Chain 185
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEGINknfRPQfSkkXEPgyptLY&google_cver=1&google_push=ATf1kGNa5UoaHliQCu6JHJb733k59FxKcAvGQ9b4U_KF8gPeq4KoIV8Vxtapb8lDDHs39dXrvW1XUHlKkIKV2Y1n_tX6OjYLFY0N_-_3aWoF_Ml4mlW-vC5hC4JHgLOSXnEI1MGNQaqepIAbV0Z0vP4PfAtkOQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ATf1kGNa5UoaHliQCu6JHJb733k59FxKcAvGQ9b4U_KF8gPeq4KoIV8Vxtapb8lDDHs39dXrvW1XUHlKkIKV2Y1n_tX6OjYLFY0N_-_3aWoF_Ml4mlW-vC5hC4JHgLOSXnEI1MGNQaqepIAbV0Z0vP4PfAtkOQ&google_hm=NTR1NTEyMDFNQkRITjAwNm5GOG0
Request Chain 186
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHK_zfnSIMozEJ1QQwrjMmU&google_cver=1&google_push=ATf1kGN-vxLZpeoqJRgvzZV91XEeF7XDNUBgqH49jzA_Hpk2UFKQY8wAYCY6CdXlJNq9-7BUtBMm3R-j3G_YbILJLw3M8qZEH608WLQBXie4zIiZpQhaWazMEhYiZHRjG6E47NEywQfGmsLDVgUrk1MgeDgRCg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGN-vxLZpeoqJRgvzZV91XEeF7XDNUBgqH49jzA_Hpk2UFKQY8wAYCY6CdXlJNq9-7BUtBMm3R-j3G_YbILJLw3M8qZEH608WLQBXie4zIiZpQhaWazMEhYiZHRjG6E47NEywQfGmsLDVgUrk1MgeDgRCg&google_hm=eS1zYmJnamNWRTJwSHBfQnFiNUpWY3NTWGNWWGhoM1J0Qn5B
Request Chain 187
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENXpQOKWyy6WoGOh3xSTgyU&google_cver=1&google_push=ATf1kGN_E8D-ZL2uatUC6EAQwxnB-afMBXflnh9RneTNuDdHR4kM8v-nVhU40ejmdVwHDg_oZIcyYIfMLs0wPdJAZsM3h998kjJCnMj_aHJidcgBM_Xy712mVQJsODMAmHQ85q_wGdKi1a9q8mT0sYLLXMFa1g HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENXpQOKWyy6WoGOh3xSTgyU&google_push=ATf1kGN_E8D-ZL2uatUC6EAQwxnB-afMBXflnh9RneTNuDdHR4kM8v-nVhU40ejmdVwHDg_oZIcyYIfMLs0wPdJAZsM3h998kjJCnMj_aHJidcgBM_Xy712mVQJsODMAmHQ85q_wGdKi1a9q8mT0sYLLXMFa1g&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGN_E8D-ZL2uatUC6EAQwxnB-afMBXflnh9RneTNuDdHR4kM8v-nVhU40ejmdVwHDg_oZIcyYIfMLs0wPdJAZsM3h998kjJCnMj_aHJidcgBM_Xy712mVQJsODMAmHQ85q_wGdKi1a9q8mT0sYLLXMFa1g&google_hm=T1BJb2tFaWtjRVdfRnpCT0t4ZEE=
Request Chain 188
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEKe4edGy93NEOX0DPaytVWI&google_cver=1&google_push=ATf1kGNUjiqcBHtpqAMrYSCxDKw75wMCdT54tyhtGvobF4HtRyWwrXHJJT1IlW-gfdM27NPKQ60-PZNoY0iVwefHQKbHNzfYIbjNaddBeBk2jPgF91RyIoafcDOEUqgWrKiH-x0q5GouXeDdTGeLeRiioRrJAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTIwMDQ3MTM2NTg3OTUyMjE1NjA&google_push=ATf1kGNUjiqcBHtpqAMrYSCxDKw75wMCdT54tyhtGvobF4HtRyWwrXHJJT1IlW-gfdM27NPKQ60-PZNoY0iVwefHQKbHNzfYIbjNaddBeBk2jPgF91RyIoafcDOEUqgWrKiH-x0q5GouXeDdTGeLeRiioRrJAw
Request Chain 192
  • https://um.simpli.fi/gp_match?google_gid=CAESEKRDqFsUrzp9M2HCENvaQkA&google_cver=1&google_push=ATf1kGMmZN5BNNTfIXdUnYsaLW2qn0hE4i7uKgULUfxvvyjhSf58XmJ6lcf-Sv1zH3xozi8mT87ZB3WKvVUgxT3FGE9TWSvoj8SnLR0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A44F91F9B5E142A991B2E118BF84111D&google_push=ATf1kGMmZN5BNNTfIXdUnYsaLW2qn0hE4i7uKgULUfxvvyjhSf58XmJ6lcf-Sv1zH3xozi8mT87ZB3WKvVUgxT3FGE9TWSvoj8SnLR0
Request Chain 193
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEG_AzlmWJbsd00KdaBDyU7c&google_cver=1&google_push=ATf1kGNx4x0a9riqKnPFmf48geG0i66Z05c9jMLhCK7zbsjOkJfOCRvdPSSLX0A_K8wOPqC1XvpRcl268PJywGaTX75kPMjAc27YOQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGNx4x0a9riqKnPFmf48geG0i66Z05c9jMLhCK7zbsjOkJfOCRvdPSSLX0A_K8wOPqC1XvpRcl268PJywGaTX75kPMjAc27YOQ
Request Chain 194
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEBrV90UUWlYoIr31Tm6rDbk&google_cver=1&google_push=ATf1kGOAGUtjUvaJy2_WXK3367-nZp3WIOZ-565nH0rtKuxQbF2tScEXZ0V_7qJ-5PxLV2sjAUW-zwFuw6ls5StASLTl-YNQzq6NbQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ATf1kGOAGUtjUvaJy2_WXK3367-nZp3WIOZ-565nH0rtKuxQbF2tScEXZ0V_7qJ-5PxLV2sjAUW-zwFuw6ls5StASLTl-YNQzq6NbQ
Request Chain 195
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMM6XKnM2ul6za29SYlqCv0&google_cver=1&google_push=ATf1kGOZRjlmTSK-jEEWYgGt64x8f-WG_IFvIMf4q5jcs7MJJ-RXaAaeQ_PqdqbZ890a96ke_sxk6Fp8MGT22X7MWcduhr1zT7ejVHU HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMM6XKnM2ul6za29SYlqCv0&google_cver=1&google_push=ATf1kGOZRjlmTSK-jEEWYgGt64x8f-WG_IFvIMf4q5jcs7MJJ-RXaAaeQ_PqdqbZ890a96ke_sxk6Fp8MGT22X7MWcduhr1zT7ejVHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYzMzcyNDAyNzE0ODk0ODE1Mg&google_push=ATf1kGOZRjlmTSK-jEEWYgGt64x8f-WG_IFvIMf4q5jcs7MJJ-RXaAaeQ_PqdqbZ890a96ke_sxk6Fp8MGT22X7MWcduhr1zT7ejVHU
Request Chain 196
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENXpQOKWyy6WoGOh3xSTgyU&google_cver=1&google_push=ATf1kGNFmWWU_kBk3LxATNJNciwYTM-N5SKYBL1k0ZA1RexoiV5e8ei1GbppcC9QymlD8iyPSoc5bOhGx--nPeyBHzEqsD0BmCXX_Gg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENXpQOKWyy6WoGOh3xSTgyU&google_push=ATf1kGNFmWWU_kBk3LxATNJNciwYTM-N5SKYBL1k0ZA1RexoiV5e8ei1GbppcC9QymlD8iyPSoc5bOhGx--nPeyBHzEqsD0BmCXX_Gg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGNFmWWU_kBk3LxATNJNciwYTM-N5SKYBL1k0ZA1RexoiV5e8ei1GbppcC9QymlD8iyPSoc5bOhGx--nPeyBHzEqsD0BmCXX_Gg&google_hm=ZjlscW5SSkZuTnNaNnlGdmZyY2o=
Request Chain 197
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGQObcI_0tzBMDY-7t6clY0&google_cver=1&google_push=ATf1kGPshpSOPhCyNeaQ7fcOiRXzIwHm0tPIgO03hKoeKBkzIXbDAwpNoSYLUv7i-0rBBSGhYtFFnVG3A5z8NFihqwgDU5PLgtzhiA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kqALka2QVOlY2ERXKp2qIX5cULw&google_push=ATf1kGPshpSOPhCyNeaQ7fcOiRXzIwHm0tPIgO03hKoeKBkzIXbDAwpNoSYLUv7i-0rBBSGhYtFFnVG3A5z8NFihqwgDU5PLgtzhiA8
Request Chain 200
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1&google_push=ATf1kGPaUP_0ymC6cepnuu9G-U_MyirNcsKYY1OCRRNCddutOsUd81-BnQuN7hcXEn3sk3zDglvOmqF1md3EetJpxlHBQpGkar2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzQ2NTI2NDQ2ODI0NjM5OTAwMA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1
Request Chain 201
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEDtLXCAgqnvDlfWvPydgl3o&google_cver=1&google_push=ATf1kGNFriSS5RDl3qpZzxgIuSr5zNaJf_7FNl47IPW0QIGbBDB6ehYu51D1IK8cl_38UHZIVlEsVp3Iid6E9Ot5tqnp4nR1DVRo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ATf1kGNFriSS5RDl3qpZzxgIuSr5zNaJf_7FNl47IPW0QIGbBDB6ehYu51D1IK8cl_38UHZIVlEsVp3Iid6E9Ot5tqnp4nR1DVRo&google_hm=Vnpiclg1TVo4Ry1ndXo3bXNDZ0Z5Zk8yU2Fz&from_google=pc1
Request Chain 202
  • https://fksnk.com/cs/google?google_gid=CAESEDXOzzjC4ToqAl7pChjSP8I&google_cver=1&google_push=ATf1kGPrmmjAa1knTypKLI6eF1nx3uYqhC8A3ciiVqelaH8li68D5wSuZp66lPiMQgirJaWObw7WDyC7RralCtZdV60WfAiMrdl6YA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTVGN0I5MjIyNTQ5MjM3RA==
Request Chain 203
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEGsx--yFXVNHnuqwuQ83V68&google_cver=1&google_push=ATf1kGMncR1sQebS_9Y51m43D9RzuhYfwT62fwOhEFGujpKnp6U0z83OKZScO9lFm6neH4j-s4rRAkB9fgJkYVhyx5IBuHxd8KU7TQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEGsx--yFXVNHnuqwuQ83V68&google_cver=1&google_push=ATf1kGMncR1sQebS_9Y51m43D9RzuhYfwT62fwOhEFGujpKnp6U0z83OKZScO9lFm6neH4j-s4rRAkB9fgJkYVhyx5IBuHxd8KU7TQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ATf1kGMncR1sQebS_9Y51m43D9RzuhYfwT62fwOhEFGujpKnp6U0z83OKZScO9lFm6neH4j-s4rRAkB9fgJkYVhyx5IBuHxd8KU7TQ&google_hm=s6Z-YEsmQGmz8ICqMnUsag==
Request Chain 205
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEC9M6RLZ53pxmME2o0C6Plg&c_param1=ATf1kGP3tC0SJAEC3GCbSCGD0gUImwxmyJXQ2Wwhf8sfqPsZ-WObXjGleNCVLP6Ayg5lC5skAlqWy4qMkkFoVA87qTdx4ep7MxOQMQ&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGP3tC0SJAEC3GCbSCGD0gUImwxmyJXQ2Wwhf8sfqPsZ-WObXjGleNCVLP6Ayg5lC5skAlqWy4qMkkFoVA87qTdx4ep7MxOQMQ
Request Chain 206
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEAAvwJ840-xB5QUeIQ2n23U&google_cver=1&google_push=ATf1kGMcP5ZVuNoOfXhbbsD0R9CL0dFuwZQqbWA0EalS-dXMMDzjlsKqj52TXQqgs8jzxuB8dr_gXF2BZYUjhSlO6aZXNAej9gUa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ATf1kGMcP5ZVuNoOfXhbbsD0R9CL0dFuwZQqbWA0EalS-dXMMDzjlsKqj52TXQqgs8jzxuB8dr_gXF2BZYUjhSlO6aZXNAej9gUa
Request Chain 208
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

224 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
k2-ornata.com/splunk_fields_extract_and_display/ 		86 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
08887d051deaecee1205bfc9c9932c290e4d9b8ffc0607b5fd0937849da024b6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 05:00:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://k2-ornata.com/wp-json/>; rel="https://api.w.org/", <https://k2-ornata.com/wp-json/wp/v2/posts/3322>; rel="alternate"; type="application/json", <https://k2-ornata.com/?p=3322>; rel=shortlink
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-pingback
https://k2-ornata.com/xmlrpc.php
js
www.googletagmanager.com/gtag/ 		204 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BGQTJTCWQB
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
72764be9f5bc2441dada9e219a427d3ecc223b7197110f7d16b16e8642c828d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75729
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 16 Jun 2023 05:00:59 GMT
style.min.css
k2-ornata.com/wp-includes/css/dist/block-library/ 		95 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:58 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 01:28:10 GMT
server
nginx
etag
W/"17ced-5f81401700f92"
vary
Accept-Encoding
content-type
text/css
classic-themes.min.css
k2-ornata.com/wp-includes/css/ 		291 B
424 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:58 GMT
last-modified
Thu, 30 Mar 2023 01:28:10 GMT
server
nginx
accept-ranges
bytes
etag
"123-5f8140170ea53"
content-length
291
content-type
text/css
wpp.css
k2-ornata.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 		2 KB
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.1.1
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:58 GMT
content-encoding
gzip
last-modified
Sun, 11 Dec 2022 01:08:58 GMT
server
nginx
etag
W/"688-5ef830814f54d"
vary
Accept-Encoding
content-type
text/css
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
887e18ea2cef901a2af816111d801618689bddad5ddcc547e74ec9f329f2abc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 05:00:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 05:00:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Jun 2023 05:00:59 GMT
genericons.css
k2-ornata.com/wp-content/themes/twentysixteen/genericons/ 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-content/themes/twentysixteen/genericons/genericons.css?ver=20201208
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:58 GMT
content-encoding
gzip
last-modified
Sun, 27 Nov 2022 00:21:18 GMT
server
nginx
etag
W/"6e6b-5ee68bbccbde9"
vary
Accept-Encoding
content-type
text/css
style.css
k2-ornata.com/wp-content/themes/twentysixteen/ 		69 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-content/themes/twentysixteen/style.css?ver=20221101
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
381ba25c38f0b7fff80ccd9f3b20ca50e058ca5bbb5f954bc95b82e4b68ddd7e

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:58 GMT
content-encoding
gzip
last-modified
Sun, 27 Nov 2022 00:21:18 GMT
server
nginx
etag
W/"114a6-5ee68bbccdd29"
vary
Accept-Encoding
content-type
text/css
blocks.css
k2-ornata.com/wp-content/themes/twentysixteen/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20221004
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
e2cc7f8fe276b668797a4cad6196f9449830528ba8ec76b1b5eaf71a9c91b089

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:58 GMT
content-encoding
gzip
last-modified
Sun, 27 Nov 2022 00:21:18 GMT
server
nginx
etag
W/"221a-5ee68bbccae49"
vary
Accept-Encoding
content-type
text/css
frontend-gtag.min.js
k2-ornata.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.15
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:58 GMT
content-encoding
gzip
last-modified
Tue, 23 May 2023 00:48:09 GMT
server
nginx
etag
W/"2e7a-5fc51bdbb2a05"
vary
Accept-Encoding
content-type
application/javascript
wpp.min.js
k2-ornata.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.1
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:58 GMT
content-encoding
gzip
last-modified
Sun, 11 Dec 2022 01:08:58 GMT
server
nginx
etag
W/"bd7-5ef83081504ed"
vary
Accept-Encoding
content-type
application/javascript
jquery.min.js
k2-ornata.com/wp-includes/js/jquery/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:58 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 01:28:11 GMT
server
nginx
etag
W/"15ed7-5f8140174c2b6"
vary
Accept-Encoding
content-type
application/javascript
jquery-migrate.min.js
k2-ornata.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:58 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 01:28:11 GMT
server
nginx
etag
W/"3470-5f8140174b316"
vary
Accept-Encoding
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		123 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-161547419-1
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
73a3a7fbb12dec974635a1f5a1cb78a727f04b5c392ef7158159b93d724fed4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48650
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 16 Jun 2023 05:00:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8542608062525051
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
f0a3eab52dd1293941d3cc73e24eca8beeefb6c670dd95be7de808aba49ca892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://k2-ornata.com/
Origin
https://k2-ornata.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47481
x-xss-protection
0
server
cafe
etag
2322789590004075277
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 05:01:00 GMT
k-ortana_banner_20200418.jpg
k2-ornata.com/wp-content/uploads/2021/04/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2021/04/k-ortana_banner_20200418.jpg
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
142b6594c54f6a3ab76485be1ebb14b2be64e80479bf2f8c0416e36d13f5115e

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sat, 03 Apr 2021 04:18:27 GMT
server
nginx
accept-ranges
bytes
etag
"190cb-5bf09c19a747c"
content-length
102603
content-type
image/jpeg
button-only@2x.png
b.hatena.ne.jp/images/entry-button/ 		441 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.hatena.ne.jp/images/entry-button/button-only@2x.png
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.165.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-165-28.nrt12.r.cloudfront.net
Software
nginx /
Resource Hash
e6deab93ae202482c73676e54f020aa81eb2be2ce75ec8a62bf2394d0176f93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 16:46:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e6b20196b0d9593ce8bf37920e475b8c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C4
age
6351266
x-cache
Hit from cloudfront
content-length
441
last-modified
Thu, 30 Mar 2023 10:06:24 GMT
server
nginx
etag
"64255f20-1b9"
content-type
image/png
access-control-allow-origin
https://b.hatena.ne.jp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
MiAsAEZEEUAJTfEMfOD51T8Gfl6aGxSUsDvKlFDJ4YOnQOzRReH4OQ==
expires
Tue, 02 Apr 2024 16:46:33 GMT
bookmark_button.js
b.hatena.ne.jp/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.hatena.ne.jp/js/bookmark_button.js
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.165.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-165-28.nrt12.r.cloudfront.net
Software
nginx /
Resource Hash
ff6c7e12a48fa77ed222b18ebd834a1ac84e30fee80ec69637d5bcd2add16dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
via
1.1 e6b20196b0d9593ce8bf37920e475b8c.cloudfront.net (CloudFront)
date
Thu, 15 Jun 2023 08:14:57 GMT
last-modified
Thu, 08 Jun 2023 07:29:34 GMT
server
nginx
x-amz-cf-pop
NRT12-C4
age
74762
etag
W/"6481835e-5016"
x-cache
Hit from cloudfront
content-type
application/x-javascript
access-control-allow-origin
https://b.hatena.ne.jp
cache-control
max-age=86400
x-amz-cf-id
i2b3JdbKZXbdKwkaqobTE_LWmX6-BnG-mLCCtZ_8To6yQEUCW0tloA==
expires
Fri, 16 Jun 2023 08:14:57 GMT
splunk_field_extract_01-768x465.jpg
k2-ornata.com/wp-content/uploads/2022/09/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_01-768x465.jpg
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
ea03ab588b035798133e70d28ee5a2a9316377750bc4f72de25d1a618904787b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sat, 03 Sep 2022 23:49:37 GMT
server
nginx
accept-ranges
bytes
etag
"a0e7-5e7ce7fd5051c"
content-length
41191
content-type
image/jpeg
wp-emoji-release.min.js
k2-ornata.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 01:28:11 GMT
server
nginx
etag
W/"4904-5f81401754f57"
vary
Accept-Encoding
content-type
application/javascript
722598797.png
k2-ornata.com/wp-content/siteguard/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/siteguard/722598797.png
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
88953dc0aec3c012af6f8e09f0cfe2d32e8fbe709976af6eb8b8520ea12f0a01

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Fri, 16 Jun 2023 05:00:58 GMT
server
nginx
accept-ranges
bytes
etag
"551-5fe38121279dc"
content-length
1361
content-type
image/png
related.css
k2-ornata.com/wp-content/plugins/yet-another-related-posts-plugin/style/ 		307 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=5.30.3
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
2efe0d8072659b087901323e1fdb18a0f57e6011cb9cb7edff6e1723fc2e8d70

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Tue, 23 May 2023 00:48:56 GMT
server
nginx
accept-ranges
bytes
etag
"133-5fc51c0934236"
content-length
307
content-type
text/css
skip-link-focus-fix.js
k2-ornata.com/wp-content/themes/twentysixteen/js/ 		1 KB
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
content-encoding
gzip
last-modified
Sun, 27 Nov 2022 00:21:18 GMT
server
nginx
etag
W/"423-5ee68bbcccd89"
vary
Accept-Encoding
content-type
application/javascript
comment-reply.min.js
k2-ornata.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-includes/js/comment-reply.min.js?ver=6.2.2
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 01:22:37 GMT
server
nginx
etag
W/"ba5-5dfcbe8a05ad5"
vary
Accept-Encoding
content-type
application/javascript
functions.js
k2-ornata.com/wp-content/themes/twentysixteen/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-content/themes/twentysixteen/js/functions.js?ver=20211130
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
fe4725d967cdafe16e972f934768dd5794a931d2e16f10a19a3e681f4afad7eb

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
content-encoding
gzip
last-modified
Sun, 27 Nov 2022 00:21:18 GMT
server
nginx
etag
W/"1ca1-5ee68bbcccd89"
vary
Accept-Encoding
content-type
application/javascript
popular-posts
k2-ornata.com/wp-json/wordpress-popular-posts/v1/ 		55 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k2-ornata.com/wp-json/wordpress-popular-posts/v1/popular-posts
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
6a5c224768f2ddf9acc6ddac0d69d7c3dbb31e2a2e53127df1212e42fdeb6a54
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
X-Requested-With
XMLHttpRequest
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
x-content-type-options
nosniff
pragma
no-cache
server
nginx
allow
GET, POST
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://k2-ornata.com
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
vary
Origin
x-robots-tag
noindex
link
<https://k2-ornata.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-wp-nonce
6f0fff3798
expires
Thu, 19 Nov 1981 08:52:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
b80aba89400acaa307dd0ae705eef7dc787c8fe57f6c18f0e0fa9a329dacde45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 05:01:00 GMT
content-md5
CrMKVYCjk1+0r9QfWOh7xQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-debug
YShYVTUmRFi38LXoaby9WP7kLbv9f9/GVk4DTIVAnScwGPO5YucYmE4/Vd8oyBThgGim/JD3FevNDTW82qQ1kw==
x-fb-trip-id
1679558926
x-fb-content-md5
2d6eb952cc1f7ca0829f27c8740e99b9
cross-origin-opener-policy
same-origin-allow-popups
etag
"3d275ac0cfd0e8024ffc3f4ea479c90a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 16 Jun 2023 05:06:51 GMT
btn.js
widgets.getpocket.com/v1/j/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.getpocket.com/v1/j/btn.js?v=1
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-124.nrt57.r.cloudfront.net
Software
Apache/2.4.25 (Debian) /
Resource Hash
5aa869ba3a3f7a8883a0e6457ebaea6bb7c9069e296bdc166ce30431d318bb90

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 04:42:22 GMT
content-encoding
gzip
via
1.1 9bc02c0e66fba3c7d773b9367b192e40.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 16:37:27 GMT
server
Apache/2.4.25 (Debian)
x-amz-cf-pop
NRT57-P2
age
1117
etag
"90b-5fe2daf06dfc0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
https://pocket.com,https://getpocket.com,https://widgets.getpocket.com
accept-ranges
bytes
content-length
1037
x-amz-cf-id
uWkj8r-4ewj0MFIfwQTxPxi_TEWjqO_lvkFTql_AwhruqWYFg9VOMw==
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.237.25 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (itm/7568) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 05:01:00 GMT
Content-Encoding
gzip
Age
49
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (itm/7568)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f3.1e100.net
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k2-ornata.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:00:01 GMT
x-content-type-options
nosniff
age
586858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Jun 2024 10:00:01 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f3.1e100.net
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k2-ornata.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 16:37:32 GMT
x-content-type-options
nosniff
age
476607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 16:37:32 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f3.1e100.net
Software
sffe /
Resource Hash
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k2-ornata.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 16:33:04 GMT
x-content-type-options
nosniff
age
476875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19816
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:08:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 16:33:04 GMT
QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2
fonts.gstatic.com/s/inconsolata/v31/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inconsolata/v31/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f3.1e100.net
Software
sffe /
Resource Hash
4f9f98d74dc5dea24db279aedd49367424c72cba9fb67341cbef8bcd2f0ad002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k2-ornata.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 22:59:22 GMT
x-content-type-options
nosniff
age
453697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16244
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 22:59:22 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f3.1e100.net
Software
sffe /
Resource Hash
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k2-ornata.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 16:41:50 GMT
x-content-type-options
nosniff
age
44349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19780
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 16:41:50 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f3.1e100.net
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k2-ornata.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 12:50:02 GMT
x-content-type-options
nosniff
age
231057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 12:50:02 GMT
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://k2-ornata.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
splunk_field_extract_02-768x484.jpg
k2-ornata.com/wp-content/uploads/2022/09/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_02-768x484.jpg
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
88677add25a463d6ec5ebd6fdea4f8822552975a2a5a8465885a20af78793f72

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sat, 03 Sep 2022 23:53:58 GMT
server
nginx
accept-ranges
bytes
etag
"8142-5e7ce8f693cfc"
content-length
33090
content-type
image/jpeg
splunk_field_extract_03-768x484.jpg
k2-ornata.com/wp-content/uploads/2022/09/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_03-768x484.jpg
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
fda511f54ba826e965faf01dde8df4aea38232242b5c2ad2fccbe44f78610ef0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sat, 03 Sep 2022 23:56:13 GMT
server
nginx
accept-ranges
bytes
etag
"83ef-5e7ce9772e2ca"
content-length
33775
content-type
image/jpeg
splunk_field_extract_04-768x484.jpg
k2-ornata.com/wp-content/uploads/2022/09/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_04-768x484.jpg
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
7b81d15a7e646956e72ca04a8a2037d2f0ed313958b88d50eb1a657defb517d8

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sat, 03 Sep 2022 23:59:47 GMT
server
nginx
accept-ranges
bytes
etag
"fbaf-5e7cea42db925"
content-length
64431
content-type
image/jpeg
splunk_field_extract_05-1-768x484.jpg
k2-ornata.com/wp-content/uploads/2022/09/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_05-1-768x484.jpg
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
ef58caf03d0cb4571d1e48baffc8a6340cf8de1c5010670c9364063a48b1ef31

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sun, 04 Sep 2022 00:05:39 GMT
server
nginx
accept-ranges
bytes
etag
"707d-5e7ceb926459e"
content-length
28797
content-type
image/jpeg
59012dc4982971512b1c60ee4925b976
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/59012dc4982971512b1c60ee4925b976?s=49&d=mm&r=g
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c6d56f8cdef052a7d17726f28428d67ba5fc76cd473b8b3198c7ae4bca139122

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc
HIT nrt 1
date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="59012dc4982971512b1c60ee4925b976.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/59012dc4982971512b1c60ee4925b976?s=49&d=mm&r=g>; rel="canonical"
content-length
1124
expires
Fri, 16 Jun 2023 05:05:59 GMT
collect
www.google-analytics.com/g/ 		0
169 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BGQTJTCWQB&gtm=45je36e0&_p=810261117&gdid=dZGIzZG&cid=2074388333.1686891659&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686891659&sct=1&seg=0&dl=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&dt=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BGQTJTCWQB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://k2-ornata.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-161547419-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BGQTJTCWQB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
123b6d142899d77a1d5a616f027610fed53461bea1e565b43201f9b4aa237f68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
47679
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 16 Jun 2023 05:00:59 GMT
splunk_field_extract_01.jpg
k2-ornata.com/wp-content/uploads/2022/09/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_01.jpg
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
d2297e2f4023ea586ffebf59fd5da6e0fb1a3c36eb4f58f874cf3c4ccb09ea56

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sat, 03 Sep 2022 23:49:37 GMT
server
nginx
accept-ranges
bytes
etag
"15e50-5e7ce7fd25599"
content-length
89680
content-type
image/jpeg
splunk_field_extract_02.jpg
k2-ornata.com/wp-content/uploads/2022/09/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_02.jpg
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
c3c58b312d20c16a9351bf84f815f277567f40efe1f5a8517cef3aa9cac15815

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sat, 03 Sep 2022 23:53:58 GMT
server
nginx
accept-ranges
bytes
etag
"10f91-5e7ce8f654559"
content-length
69521
content-type
image/jpeg
splunk_field_extract_03.jpg
k2-ornata.com/wp-content/uploads/2022/09/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_03.jpg
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
f603af0a1f8fe36c920bb46a81eb34b72e2e543d117f1f7c917317d5d3359476

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sat, 03 Sep 2022 23:56:13 GMT
server
nginx
accept-ranges
bytes
etag
"10e00-5e7ce9770b048"
content-length
69120
content-type
image/jpeg
splunk_field_extract_04.jpg
k2-ornata.com/wp-content/uploads/2022/09/ 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_04.jpg
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
0cadd24cf8d25aca4bfe8ab55935053fd8aa4cdf583984ca07bb4320fd85a0c0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sat, 03 Sep 2022 23:59:47 GMT
server
nginx
accept-ranges
bytes
etag
"1e967-5e7cea42bf403"
content-length
125287
content-type
image/jpeg
splunk_field_extract_05-1.jpg
k2-ornata.com/wp-content/uploads/2022/09/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_05-1.jpg
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
f0b708dfe0ff558125acc5ad3c7bd5af0b7c3066b13e848cff37d9f68fce83a3

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sun, 04 Sep 2022 00:05:39 GMT
server
nginx
accept-ranges
bytes
etag
"e407-5e7ceb924901d"
content-length
58375
content-type
image/jpeg
%E3%82%B9%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%B3%E3%82%B7%E3%83%A7%E3%83%83%E3%83%88-2022-09-04-8.46.26-1024x645.png
k2-ornata.com/wp-content/uploads/2022/09/ 		273 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2022/09/%E3%82%B9%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%B3%E3%82%B7%E3%83%A7%E3%83%83%E3%83%88-2022-09-04-8.46.26-1024x645.png
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
0291cad6b014a24a4afaf484ad59b28ecf668d0a09d44dbc7fc49a13c52c7892

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sun, 04 Sep 2022 00:11:34 GMT
server
nginx
accept-ranges
bytes
etag
"44581-5e7cece52944a"
content-length
279937
content-type
image/png
%E3%82%B9%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%B3%E3%82%B7%E3%83%A7%E3%83%83%E3%83%88-2022-09-04-8.46.49-1024x645.png
k2-ornata.com/wp-content/uploads/2022/09/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k2-ornata.com/wp-content/uploads/2022/09/%E3%82%B9%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%B3%E3%82%B7%E3%83%A7%E3%83%83%E3%83%88-2022-09-04-8.46.49-1024x645.png
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv54.star.ne.jp
Software
nginx /
Resource Hash
58af5aaf2157117d1622e505251b188dd75fd5ebe201eecb96d5ca29b9575ad1

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/splunk_fields_extract_and_display/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:00:59 GMT
last-modified
Sun, 04 Sep 2022 00:18:44 GMT
server
nginx
accept-ranges
bytes
etag
"17e8d-5e7cee7fce8a8"
content-length
97933
content-type
image/png
/
b.hatena.ne.jp/entry/button/ Frame E4F1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=simple-balloon&mode=popup
Requested by
Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/js/bookmark_button.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.165.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-165-28.nrt12.r.cloudfront.net
Software
nginx /
Resource Hash
5fc74f8578b307dc108e58360d971606f0bf7a5d66ca217bc132aaeb3133077b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

age
520
cache-control
public, max-age=3600, s-maxage=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 04:52:19 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 e6b20196b0d9593ce8bf37920e475b8c.cloudfront.net (CloudFront)
x-amz-cf-id
yxye2tIPJJDZJkM-HYjbLhTPmo8Sz6KQzActoqR1ODQWGzCNZDCSPw==
x-amz-cf-pop
NRT12-C4
x-cache
Hit from cloudfront
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V1ZLTGDH5L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161547419-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5c98385b699cbdb11d44ffd43348e0d7167f67deaee818e2fd60d05e53e471a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86875
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 16 Jun 2023 05:01:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161547419-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 04:45:21 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
939
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 16 Jun 2023 06:45:21 GMT
reset.css
b.st-hatena.com/css/ Frame E4F1 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b.st-hatena.com/css/reset.css?f3f449b554dc944fafecc8da6975225a25b6c3de
Requested by
Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=simple-balloon&mode=popup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-67.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
0fda122942f39c62ebd2d1ac9de0cf6c6e4cefefb31eb86e39777f46c7ed5064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://b.hatena.ne.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 13:29:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C3
age
55891
x-cache
Hit from cloudfront
last-modified
Thu, 15 Jun 2023 09:12:32 GMT
server
nginx
etag
W/"648ad600-817"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://b.hatena.ne.jp
cache-control
max-age=86400
x-amz-cf-id
xgt3y1Q_rjQIZ5Al_HRCoebMqs5IUK6Imnp4bVzv7F5uNFBHG0pDnw==
expires
Fri, 16 Jun 2023 13:29:28 GMT
entry-button.css
b.st-hatena.com/css/ Frame E4F1 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b.st-hatena.com/css/entry-button.css?f3f449b554dc944fafecc8da6975225a25b6c3de
Requested by
Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=simple-balloon&mode=popup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-67.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
61403f586e03ca26a4920ac368ecf4973ad46def79a1b46532f6bfc3d5573125
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://b.hatena.ne.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 12:40:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C3
age
58802
x-cache
Hit from cloudfront
last-modified
Thu, 15 Jun 2023 09:12:32 GMT
server
nginx
etag
W/"648ad600-134a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://b.hatena.ne.jp
cache-control
max-age=86400
x-amz-cf-id
SqgNVKwihxd9ZIaD489smlz6l2s3K4Put0xqi5i08P2jPAvnVTRV0A==
expires
Fri, 16 Jun 2023 12:40:57 GMT
button
widgets.getpocket.com/v1/ Frame 5AA8 		840 B
964 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.getpocket.com/v1/button?label=pocket&count=none&align=left&v=1&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&title=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&src=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&r=0.5266254309827632
Requested by
Host: widgets.getpocket.com
URL: https://widgets.getpocket.com/v1/j/btn.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-124.nrt57.r.cloudfront.net
Software
Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash
9d83c433ba3da97b751ace7ad035ca7e6edf689be1fb8f1e7da5ec2426c20054

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

access-control-allow-origin
https://pocket.com,https://getpocket.com,https://widgets.getpocket.com
age
1118
content-encoding
gzip
content-length
549
content-location
button.php
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 04:42:22 GMT
server
Apache/2.4.25 (Debian)
tcn
choice
vary
Accept-Encoding
via
1.1 9bc02c0e66fba3c7d773b9367b192e40.cloudfront.net (CloudFront)
x-amz-cf-id
Xs5_ebA5ibY1y9GMzeZRkQdUXMKN6dwY-ckrmHbYUYdxfpqDPWkggw==
x-amz-cf-pop
NRT57-P2
x-cache
Hit from cloudfront
x-powered-by
PHP/5.6.40
standard.svg
b.st-hatena.com/images/entry-button/ Frame E4F1 		785 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.st-hatena.com/images/entry-button/standard.svg
Requested by
Host: b.st-hatena.com
URL: https://b.st-hatena.com/css/entry-button.css?f3f449b554dc944fafecc8da6975225a25b6c3de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-67.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
fd5454d70f20662294b9cd2fa1e7cd1e6bebf7e5ea4426259f6f538fa012753b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://b.st-hatena.com/css/entry-button.css?f3f449b554dc944fafecc8da6975225a25b6c3de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 06:18:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C3
age
5870569
x-cache
Hit from cloudfront
content-length
785
last-modified
Thu, 06 Apr 2023 02:01:41 GMT
server
nginx
etag
"642e2805-311"
content-type
image/svg+xml
access-control-allow-origin
https://b.hatena.ne.jp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XkKp50-0jLdMWJ1qSUiNJH5mewb_S7R7o3oZOZA6Rmk0HHVd5SX41w==
expires
Mon, 08 Apr 2024 06:18:10 GMT
widgetButton.91d9e0cb42c020d8c4b1.css
assets.getpocket.com/web/ Frame 5AA8 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css
Requested by
Host: widgets.getpocket.com
URL: https://widgets.getpocket.com/v1/button?label=pocket&count=none&align=left&v=1&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&title=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&src=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&r=0.5266254309827632
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2d84e6a462105e079059bda163a5e23e9b326ad0cb42e2fef52ecf08e20a92e

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://widgets.getpocket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 20:53:50 GMT
Content-Encoding
gzip
Via
1.1 5383a3a3cc7bce128040f7b69eb4bc38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
NRT57-P2
Age
7632431
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Mar 2023 19:53:21 GMT
Server
AmazonS3
ETag
W/"5ae752a86d7f88b510c944c8fdbd4398"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000,s-maxage=31536000
X-Amz-Cf-Id
sVk_qBYr6lU0oStVpyGQdyuk6GPRutwus_0_JlT6TAF--Yc6g8rYpw==
widgetButton.feb550d464c5482ef251.js
assets.getpocket.com/web/ Frame 5AA8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.getpocket.com/web/widgetButton.feb550d464c5482ef251.js
Requested by
Host: widgets.getpocket.com
URL: https://widgets.getpocket.com/v1/button?label=pocket&count=none&align=left&v=1&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&title=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&src=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&r=0.5266254309827632
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe286d3d2c4aa4a663d5b10b1d53f31bad5b9fee4742170b49835d4f86bcd2bd

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://widgets.getpocket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 27 Apr 2023 14:06:00 GMT
Content-Encoding
gzip
Via
1.1 80f9a735214ee6903d0442ea922d2030.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
NRT57-P2
Age
4287300
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 26 Apr 2023 16:47:05 GMT
Server
AmazonS3
ETag
W/"66a4e45e3310f3b82b2bb18daee63f70"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000,s-maxage=31536000
X-Amz-Cf-Id
aH6hUUgDprwQmTycIDLbDUYzIR-99Ib6AFfj06IXSEJ4Q9B9FrE_Bw==
collect
analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-V1ZLTGDH5L&gtm=45je36e0&_p=810261117&_gaz=1&cid=2074388333.1686891659&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686891660&sct=1&seg=0&dl=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&dt=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V1ZLTGDH5L&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://k2-ornata.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V1ZLTGDH5L&cid=2074388333.1686891659&gtm=45je36e0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V1ZLTGDH5L&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tc-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://k2-ornata.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V1ZLTGDH5L&cid=2074388333.1686891659&gtm=45je36e0&aip=1&z=92354732
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=a9d0fc571a0dfb1ecb830ad57a04071b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
e21cfd7b4a5e951d7c762b02cf54541e8750f7d3e3511a1cf1724f5d5dcb3ae7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://k2-ornata.com/
Origin
https://k2-ornata.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 05:01:00 GMT
content-md5
5k6PLODItQPyIv6uWDIHiA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88648
x-fb-debug
PkuXML5pFeojkUPaTeCFU8laqDPR70iY7+qfPFtneWmMz4BtsTqms8yeXbrsB7nrNm7OZ5rZkixbwaXEq1DqzA==
x-fb-trip-id
1679558926
x-fb-content-md5
6901ac1003cce78b2b57fdc11a7ca96f
cross-origin-opener-policy
same-origin-allow-popups
etag
"5fce3738e8c562f054bdcd99d6fe522e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 15 Jun 2024 01:46:41 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8542608062525051
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
f2cc9e69897108084e35e8ae0778e238fed59b28bf18bb1863af276ea066995c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120773
x-xss-protection
0
server
cafe
etag
3697532723915604030
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 05:01:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/ Frame 73FD 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8542608062525051
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

age
1570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 04:34:50 GMT
etag
15057649708203361565
expires
Fri, 30 Jun 2023 04:34:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pocket_button.d3a57cce2ccd22d7db8e29ff66dc09df.png
assets.getpocket.com/web/widgetButton/images/ Frame 5AA8 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.getpocket.com/web/widgetButton/images/pocket_button.d3a57cce2ccd22d7db8e29ff66dc09df.png
Requested by
Host: assets.getpocket.com
URL: https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4022b5ef36894f1e2bcedab9a1574665218e7c0f05408ebe8e8ff689601088db

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:05:27 GMT
Via
1.1 80f9a735214ee6903d0442ea922d2030.cloudfront.net (CloudFront)
Last-Modified
Thu, 19 May 2022 00:08:47 GMT
Server
AmazonS3
X-Amz-Cf-Pop
NRT57-P2
Age
2829144
ETag
"d3a57cce2ccd22d7db8e29ff66dc09df"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=31536000,s-maxage=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1062
X-Amz-Cf-Id
z64P83eCOqGWAw6gIunMN9WUPKrpHZQomko4NvLMFfbIL5DD_x9rCQ==
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 0656 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fk2-ornata.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.237.25 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (itm/75CD) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
4174119
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Jun 2023 05:01:00 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (itm/75CD)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame 0656 		870 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=ad19d2794ecef824cbd7b8557d873a64aca6c062
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fk2-ornata.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_m /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time
106
date
Fri, 16 Jun 2023 05:01:00 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 16 Jun 2023 05:01:00 GMT
server
tsa_m
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
4dc0e74c9c20eba8
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
cec28bcf56f05ffb2da82e6967657f526fa9ab24a4cbe1934a87dc446c45348e
content-length
338
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f14.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 04:45:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Wed, 14 Jun 2023 09:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 16 Jun 2023 05:45:03 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=810261117&t=pageview&_s=1&dl=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&ul=en-us&de=UTF-8&dt=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIhAAAAACAAI~&jid=134609102&gjid=752261702&cid=2074388333.1686891659&tid=UA-161547419-1&_gid=152274300.1686891661&_r=1&gtm=457e36e0&did=dZGIzZG&gdid=dZGIzZG&jsscut=1&z=842837792
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://k2-ornata.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://k2-ornata.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=810261117&t=pageview&_s=1&dl=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&ul=en-us&de=UTF-8&dt=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACUIhBAAAACAAI~&jid=&gjid=&cid=2074388333.1686891659&tid=UA-161547419-1&_gid=152274300.1686891661&gtm=457e36e0&did=dZGIzZG%2CdZTNiMT&gdid=dZGIzZG.dZTNiMT&jsscut=1&z=1472413478
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 03:06:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
button.e7f9415a2e000feaab02c86dd5802747.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.237.25 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (itm/7568) /
Resource Hash
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 05:01:00 GMT
Content-Encoding
gzip
Age
4174120
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2618
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (itm/7568)
Etag
"506673dbdb9085e7201e137e893cc152+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
platform.twitter.com/widgets/ Frame 96DD 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.237.25 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (itm/7568) /
Resource Hash
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
4174117
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14019
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Jun 2023 05:01:00 GMT
Etag
"888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (itm/7568)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22kei_tsu%22%2C%22widget_creator_screen_name%22%3A%22kei_tsu%22%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1686891660788%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=ad19d2794ecef824cbd7b8557d873a64aca6c062
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_m /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time
106
date
Fri, 16 Jun 2023 05:01:00 GMT
strict-transport-security
max-age=631138519
last-modified
Fri, 16 Jun 2023 05:01:00 GMT
server
tsa_m
vary
Origin
content-type
image/gif
x-transaction-id
31a652d0fb885ab4
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
cec28bcf56f05ffb2da82e6967657f526fa9ab24a4cbe1934a87dc446c45348e
content-length
43
truncated
/ Frame 96DD 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie.js
partner.googleadservices.com/gampad/ 		393 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=k2-ornata.com&callback=_gfp_s_&client=ca-pub-8542608062525051
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ce51d5644c7b1ac82f869490f962ae18744f55bd81667c63af39f4406df4fecb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=k2-ornata.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6EC0 		180 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&adk=1812271804&adf=3025194257&lmt=1686891660&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660219&bpp=6&bdt=1712&idt=695&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6707657911768&frm=20&pv=2&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=727
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
70146f0684bef6a4abae9005bd1b8cb874046381d731ff8f2441f3238f5b383a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
50879
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:01 GMT
expires
Fri, 16 Jun 2023 05:01:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0B35 		111 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
2ba4d117bd8697010d7a712f8ebad97661ea9638ae4ac2b62769a4f44aa4f9fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
37439
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:01 GMT
expires
Fri, 16 Jun 2023 05:01:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 0B35 		980 B
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%BC%E7%A4%BE%E8%A9%B1%E5%89%8D%E3%83%A1%E3%82%89%E3%82%B8%E3%81%AE%E5%87%BA%E3%83%84%E8%B3%AA%E3%82%8B%E3%81%8F%E6%A0%AA%E3%83%94%E4%BA%8B%E3%82%B9o%E3%82%A7%E9%96%8B%E3%81%8DK%E5%BC%8F%E3%83%AB%E3%83%A2%E3%83%87%E8%B2%A0%E3%82%B5%E4%BC%9A%E3%81%82%E3%83%BB%E6%A9%9F%E6%8B%85%E6%9C%AC%E8%83%BD%E3%80%81%E3%81%99%E3%81%92%E3%83%83%E9%9F%B3I%E5%B0%82%E5%BC%95%E3%82%AFA%E7%94%A81n%E3%81%A7%E3%81%97%E3%83%88%E3%82%84%E6%B8%9B%E3%82%BFE%E3%82%92
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
6de3e63e9954accb582023595f6b1a79d533e02830b66fe76f8faab6969d19ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 05:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 05:01:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Jun 2023 05:01:01 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 0B35 		2 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0B35 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZSH_jeyLZIeHAdWDrQTngYSYArzrzZBxvrHOqY0RZBABIKnVi3xgibPPhJwUoAHL__j5AsgBCakCvylfLlSoPj6oAwHIA8sEqgSNAk_QgDtb4KbS0a88PgRCwhqTyJBY2qfNvi7_F25XvGPseVZT2Fkc_4nU2FK7HY0uV3DfrItZ-ewQWj_Y4EkoaZiu0hO_3wEzR50s1fN5Q74RIYprmUxkgv67urJqyeU99EAqqvHeT8uIE4TpER6oWZAvY23sTrDKXtBABf0p03QcdWIpl9ZfKBbM_XgA0ZUR8qtKfv3hUcNau7HDd0Wz5Z4iFNsIhmfnyNzU2rqFUAxnXwEdnYAqIwrG9fL8NI2jusRRqFWWZj-dCvCCHNIwETMNWg-8RatdO1cnnIoCsb5aUjHdQNpzTdEVBkTHuk-aseRMA4LL_62-G0LZcKE17XVVJV8GNV9x4H7FxLFCwAS_0b2shASSBQQIBBgBkgUECAUYBKAGLoAHnYCHhgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCZuQrSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NTQyNjA4MDYyNTI1MDUxGAA&sigh=IRKkZWAysCY&uach_m=[UACH]&cid=CAQSGwBygQiDRw7q7CWefLPWAsIw0Fl53f1CNEwxHxgB&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 05:01:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 05:01:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 0B35 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8931
x-xss-protection
0
server
cafe
etag
12022837384336330993
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 0B35 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 0B35 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B35 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 05:01:02 GMT
9c81088c85b4e7b59d5cd8ce7f87e269.js
www.gstatic.com/mysidia/ Frame 0B35 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f3.1e100.net
Software
sffe /
Resource Hash
c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 00:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13708
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 20:44:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 00:48:01 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/16630155020622247894/ Frame 0B35 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16630155020622247894/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
sffe /
Resource Hash
2136f25774fc5835496c5da8af6e18a6531cf8eaa0a76645352ea5de823e2b9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 01:24:44 GMT
x-content-type-options
nosniff
age
185778
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31841
x-xss-protection
0
last-modified
Fri, 19 Aug 2022 03:10:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Jun 2024 01:24:44 GMT
truncated
/ Frame 0B35 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0B35 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 		152 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
2482ca063826c20a61cd4ff86426d08d6771cd61f10056cdaa170d66c1bae8cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52884
x-xss-protection
0
server
cafe
etag
17021854506403172559
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 05:01:01 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=k2-ornata.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DC6C 		86 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
68389b54a803e4cffd8fdf6de48f44b485759dd6b1e47134da2174cdbd1c9837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
34931
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9CEE 		85 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
92b0f3732d4dfd5d458c2db747fcae8a7f15a2549a4ccd76758b68e9a3266b4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
40686
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2EF8 		85 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
508742edf8c52c5661f6171d49fe1ce00d5efead1dfc4a4de083c35a7534096a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
40392
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0321 		125 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
b635e1d80f4f114e2ccf129e5dba6ec69c79f9241bf427742b7353d7fa5aca8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
47745
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=k2-ornata.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/ Frame 3E22 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

age
44573
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 16:38:08 GMT
etag
15057649708203361565
expires
Thu, 29 Jun 2023 16:38:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 3E22 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 05:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 04:29:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Jun 2023 05:01:01 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3E22 		205 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 00:55:32 GMT
x-content-type-options
nosniff
age
101130
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 14 Jun 2024 00:55:32 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3E22 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 17:10:26 GMT
x-content-type-options
nosniff
age
301836
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 11 Jun 2024 17:10:26 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 3E22 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
31209227123a6cacf64ad11dbb97b083d77d899df1a026527110f6deb8b614fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 14:08:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
53538
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5826
x-xss-protection
0
server
cafe
etag
11489500519353907035
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 14:08:44 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 3E22 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab296b2bb2aecd4942237b656e45565beb04d9e73c45346a60e1d92616aeaae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:32:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
34087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9409
x-xss-protection
0
server
cafe
etag
7294307571184633120
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:32:55 GMT
css
fonts.googleapis.com/ Frame 4590 		421 B
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%82%B2%E3%82%8B%E3%81%8F%E3%81%A7H%E9%96%93%E3%82%92%E3%83%BC%E3%81%8A%E3%83%ACF%E3%82%A4%E5%8F%B0%E3%80%81%20%E3%83%97T%E6%83%B3%E3%83%A0%E3%81%AB%EF%BC%81%E3%83%A7I%E3%81%8D%E3%82%B7%E9%96%89%E6%96%99%E7%84%A1%E8%88%9E%E6%88%A6P%E9%96%8B%E3%81%AFEN%E7%A9%BA%E3%81%86%E3%81%98LA%E4%BB%AES
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
07ea26fd76bbf2c2b84d1711bb99c609ca55f41a762a19c74fb34b8879047700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 05:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 05:01:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Jun 2023 05:01:02 GMT
css
fonts.googleapis.com/ Frame 4590 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 05:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 04:26:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Jun 2023 05:01:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 4590 		2 KB
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 4590 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8931
x-xss-protection
0
server
cafe
etag
12022837384336330993
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7A6E 		143 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

age
1939
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 04:28:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 4590 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 4590 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4590 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 05:01:02 GMT
9c81088c85b4e7b59d5cd8ce7f87e269.js
www.gstatic.com/mysidia/ Frame 4590 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f3.1e100.net
Software
sffe /
Resource Hash
c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 00:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13708
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 20:44:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 00:48:01 GMT
truncated
/ Frame 0B35 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f9fe406cdf964925c6233fb992f3c3ea658d12df3c26c25df1850e73f727aa1

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7A6E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:02 GMT
expires
Fri, 16 Jun 2023 05:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 0321 		10 KB
908 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500&lang=ja
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
09acf09dd7178b79bcd031a0893529d17e62fd10b5f87cf157d06f6cba5438b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 05:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 05:01:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Jun 2023 05:01:02 GMT
css
fonts.googleapis.com/ Frame 0321 		120 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500|Noto+Sans+JP:400&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
775921f6bb3445ce119055dc4d6b4ed9bb387ff7c64284d2709b6206904624f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 05:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 05:01:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Jun 2023 05:01:02 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 0321 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
e8045c28432cb3891e968727513b92ec2a5014b1181fa78a7bc8b14756b52747
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 09:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
69274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13540
x-xss-protection
0
server
cafe
etag
3521231793971592742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 09:46:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0321 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 05:01:02 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 0321 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8931
x-xss-protection
0
server
cafe
etag
12022837384336330993
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 0321 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 0321 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
l
www.google.com/ads/measurement/ Frame 0321 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiVqPfG5Dbk0DcxTAykF_gwrN35PelZuA61lrrrmwLWvwIkL1taOKECX28hLjhPsgI8KSrJxXywINjCxJUmGzJtq1c1A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame DC6C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CxtaPjeyLZLmKMouws8IPyvCe8A6Gz6qPcZL4lv_LEdC_2uCvCRABIKnVi3xgibPPhJwUoAGrjaPLKcgBAqkCvylfLlSoPj6oAwHIA8kEqgSDAk_QEowYi5QCzM9zlArWpY-9PGu8skg0bkQwfF68EDFdb9T5g_H9oWf5fNFGzs299fox2uIWUKBQybu2cEUj77blchOiIlaOXhv3HuONXgG7J2wdrfe1kkN5zasO4Liyjp8MikdiNI0ZdNltbi5KY07vOeqrNh6dCHXIbXU0hZRHeneYL_IYyuapd7P5OVccRUgLFH1OW3I5fW02SL7qBTWhwGVVenfPWwSzQI0ukkENuy_11AGp5b3OoVWjuDQYEX-NMMuJe2tKt2RQsxGrvOSSh_3Tn_8erlzzeA2hrzJDfuqpr1PDIJos4CJM9dVZLtv3yyIR8sjE2ehETI9jnrWTf7LABMGT98G2BJIFBAgEGAGSBQQIBRgEoAYCgAerxfOqBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJGeBtIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTg1NDI2MDgwNjI1MjUwNTEYAA&sigh=EoevItG7myg&uach_m=[UACH]&cid=CAQSOwBygQiDkaQBZxkS7_Ly7Fz_lqLX4V2yksNm3tPsfvjN0SwzDkdmV0kAWrqY2w952hDqvsOUqu7SR1wyGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 05:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
7610199806176793082
tpc.googlesyndication.com/simgad/ Frame DC6C 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7610199806176793082?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlKdiPFB11pnJtWGfqIP6OS3g01oQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
sffe /
Resource Hash
353ca8904188cb2c4842c8091d9b06acac58e3fee045a8363c1184026a179c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:16:18 GMT
x-content-type-options
nosniff
age
182684
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50480
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 01:59:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Jun 2024 02:16:18 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame DC6C 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8931
x-xss-protection
0
server
cafe
etag
12022837384336330993
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A51F 		143 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

age
1939
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 04:28:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame DC6C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EC9A 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

age
57451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 13:03:31 GMT
etag
48472445140208031
expires
Fri, 16 Jun 2023 13:03:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame DC6C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
l
www.google.com/ads/measurement/ Frame DC6C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2M-Z3ewJ-CIX2VHouCCL3GZp6e_mHAjS9AsjUC2rQPJ0rMSkCaMPBXICHGZFWea4bcJEidVQQJyvYNU7Ub28nMidjSg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DC6C 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 05:01:02 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame DC6C 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
40d6be014f0faf1bfdcdcb51e1776f47a66663c8bcd98af0978ffc206d66a962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 20:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
29699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13300
x-xss-protection
0
server
cafe
etag
3238982501927506917
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 20:46:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CEE 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSreP0dwycJZTqbDQT14h7uDRFnfMdC6j_A7zMvqYlUV3aFsYLXLnB3TSfvu5ffzYVg5vLQALWhcNwuNJViHc-giIOHiUUoAhUUAun3hxecVZW7mY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 9CEE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 9CEE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
l
www.google.com/ads/measurement/ Frame 9CEE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSM9QnntfnjslDkBFQBX4JWTvvZKsiL7lX56mkV4i5dcSpJFf6oFsT6blGwrd-GB8p74twzbvqy0zJa4aOB2m3sE8s4Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9CEE 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 05:01:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EF8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AFQ3v59aSudeGUYmHoHFRyrWfn2kNV4jOC7L_wtZ8tegme6feE6osW5bMrqbSvvk0KHiGOOV50motbyEzkPlT7KswaeeEA3DouwQ7v4WG0mVXgp08
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 2EF8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 2EF8 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
34264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 19:29:58 GMT
l
www.google.com/ads/measurement/ Frame 2EF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYhEm0rUar4Oi0DA7eKpNbGpbUFSoPKm1NbimpCZGu25XPQSgobHo8DRQgqdHEADoOK9w7jUn58QYWRH1PVa_dvdQ_ig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2EF8 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 05:01:02 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DC5E 		448 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYovbs7QEwAQ&v=APEucNXTMh_0g_XcTRqm-YYiG80Q9zmAe6Y_WMiML05sQvVcXn_ig87B4lFf_QcS4eAHeLIgjk8u0Ngl2RGZIT8i-8E3Gsh43g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 9CEE 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 05:27:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
84825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8931
x-xss-protection
0
server
cafe
etag
12022837384336330993
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 05:27:17 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 9CEE 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
eb97ae42500ac290cc6b1e1c63b0784a790777a63883f57ee7f418b09f448657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 05:27:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
84825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3046
x-xss-protection
0
server
cafe
etag
8710410791850112160
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 05:27:17 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9CEE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstv6t78a7gi5YqHark22Ecl93dzMe2SQeM8Dm_hEtz-5lh2jTBxFhlf1wfjoAEKAiA9k9yYWNtT6Q0siJ7zcmLDyUKMfQB2OH6-5HJs5GUEi5b3oCzA8zFQg3TLOkFkajyT6TGahkkdPOISqd8MCmtoPREoyjOMRTjCJbgwevQxf-iul2W2WMUPXhoUlBMvcpdCm2Ftqp48FBxKwzSzsanjYEafYa1gIrEx_bRVYPHlaHRTnyuyy8kbQ2Fs4Im6fRhQIryv91voJx4_yRoXGC8NrkF9HUlzaJWErxpYMAdcbHFpsX7cbvGwjvK1egFqy4T47bA1Px6mYxycfsB5F-ddLXkZX0FyOkjkWY3RJ8iYcYM6PUaTsQrrpw-oNP4jzB8N5F8dHwpkGA0--G8IJA9Zu_EmsDbdmF9xUGkcqLT9wdjIruAIvR2YXSUXxoJX0QYHnpfgh-I4c6FMJ64FqcnToHbajKwpZWvSIYUAjtv7eI5IrHZjIujeQTr9yG_lTWWGG-dXjJ3w9z9Qdemb5zVDSSPljziouGmJ3Qw_zyT_vhbkvjL2oHd5DekFkkZTuRa5UpKHqVOVYkepvP5ikuSjjTwg3qcx-qC3vsZG6gBLiOdDfqmPnWjcNQAILOJIQxKj2fQdM4g3ZeTyGMR2m5eAY8sTmtFPqk30FFkrPeIUkfz9PBH00nDwB94bd3HFr5uUpptKrblapF8VhxFA6laWNKYyFNyb8qvaS2rJcK0LGaf8fwXx225EF7inyvsXAz5QeF_s0_4paCb9TXbsRkTcCBG_2SdJs4i0gWD1h-JHoAI7AzEJm6X0u6BIf3mEbd6zzhmt3RTV0bSBZOCohkwGD3HhHcth_9wM-90zVr5c_uOPrmn6V3p4wHoVibvwXcnJliapkL51dZm4Bg35CiTcBKntHh4Jl9ET578Pk7_4EGxhR2JaKzkhPfZ2UagR6OKd9rWFmCiPqz_fZTK7146YQ3tWOxyK7BFjRtw87uWluyY9ceyhcmf_H_mAotzhF-UI8QXzYhedoLGQrwSYY5AJJNub1ftHw0HPPllrxrpxtEj8F6STgt1kuucJHlAOupuRizv7Xsj_vuEEKg4CUY6NXbdjKqizN4p-HftKpbqNF1F5TbusAiun910td1CCiQTJv_I04_8NjjKl3VFPGWtvjmGjlk83RpOeERGCojC49UbY_q5BQuhAGL88rCquRx2lv3ixl0zrV7VFeIMCrngBBM2LtdohGDnh7X5ITjgY0xKNP--kKZzyGsd0iycPZjUyn8-gMRoIRHe8TwOg4SR9xKyM0V_CVc8&sai=AMfl-YSxnbTpFRhRqsfnB632wdPfvoJjiu_nDamjTA4w9n8yrsiirC6sAqNXdz-K_6Oma3gR9WGwIy5pwaN5gmott0hy9sH7Z9MsGjgPIR2KvIYxqzrMoiW2KncA6nUgx8NzROIT3UA-yBXEVPl4HR1LSnaWPzyCwnAds3zHXQnaOQvIzWdxtILczAhX5IYEIXok1JLxhNQQUAMf_ihYotd3MKym6zD6caK4WR6HjJ-kpsRxZkO_7pn0kmjSd8c4f4Aak1vUWFhdrDWjYacI94LoIySRodzyoP1osGyj06pO9QlYNvFOSQPPpxhWavKZqyqkbsAZAThwCmhCBEotYDccL4e5OFXKYMUYc8y_PCe4EnGca0jp6WGwe2A1ChT7eKbzIx1bEQ2HchTQQ0Xwa5kjBS2B4ghGNj3_BB9XYA&sig=Cg0ArKJSzCQ-NGuzYhHNEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230614.79183&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 05:01:02 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 16 Jun 2023 05:01:02 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9CEE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 14:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 14:33:29 GMT
18420552197013379044
s0.2mdn.net/simgad/ Frame 9CEE 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/18420552197013379044
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.174.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s28-in-f6.1e100.net
Software
sffe /
Resource Hash
00b267dba64401f3e19ad69ad6d497b9720ec7c9c46e95af9e13497cf416efba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 04:53:12 GMT
x-content-type-options
nosniff
age
259670
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125403
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 02:30:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Jun 2024 04:53:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A6BB 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

age
57451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 13:03:31 GMT
etag
48472445140208031
expires
Fri, 16 Jun 2023 13:03:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame FC47 		611 B
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYovbs7QEwAQ&v=APEucNUe_xZSH2ZIG5wWai9OgiY1xtv2hv-VomhbwdybezZaRu8LtBqRqhaezbuJOspkHWB6Uxm6biE65GRWO6LYs27uu5HqhQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
18420552197013379044
s0.2mdn.net/simgad/ Frame 2EF8 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/18420552197013379044
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.174.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s28-in-f6.1e100.net
Software
sffe /
Resource Hash
00b267dba64401f3e19ad69ad6d497b9720ec7c9c46e95af9e13497cf416efba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 04:53:12 GMT
x-content-type-options
nosniff
age
259670
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125403
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 02:30:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Jun 2024 04:53:12 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 2EF8 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 05:27:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
84825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8931
x-xss-protection
0
server
cafe
etag
12022837384336330993
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 05:27:17 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 2EF8 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
eb97ae42500ac290cc6b1e1c63b0784a790777a63883f57ee7f418b09f448657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 05:27:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
84825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3046
x-xss-protection
0
server
cafe
etag
8710410791850112160
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 05:27:17 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2EF8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstN9CSH2Cj1YhxFycgJcYtAeuv8-yVP0b1_NT64KRXAac3gwoEgaCRnROMmiTgvY82yRs-1Y0V7AiQjx3mgVKlkCJFTF46a_wNLbcazv8Qrgh9DqubRRB9c-fv0gCzRNAZt_ZzPGaKaZnI_DcAGmO1fPs225VypEIJAT69eyONZj9vEG56ad_GY_vF0J7dj1GfkSiWgy9PbbGdIxIfu6DqzgQ1VNkwBefugcA3kLbpxEPXTvjdZVJd8_2HBKZwWDhiyK12qYMgl8DVGWX59gm1txPb1jfgIR3A_ME91zgBl4Wp0a--yaTCXVsqI_ogoTOA38woWjmIv5KM70I_Llc-q7M8g-_Vk54V29rUnQAOJ2gR01nEOZI_A8RDLV1y6honQ4-dxqTvfnfKomwY0NXxsczPvmCOZxsGiPwtcC8BlLOc3XoVWx-SS1xI45e_8TVtp7e-HzBQYwDP4FTd_3zCoT8beBCmPbh4qsN_FLv2OHxrSX_9GpWPjxf8vmxopMG1LKDueICCCvORrWkrWgTKAQoO9xmejne7o51kU0Ph_ZyFU9YdYmyF42ulOrW61okrkvcORysYLRywRs_TI1I1Q4GP7QmGp5pntIQQRXF0OfP05BsxDup2oJLzrpmTzq6TkBTC09H_2itap9NnmbXmFIR_nMLr4nG9UgrL13PxhrskTboAwsAAnGhCvNXkx-i5LOaB6sFnzthzM66xQ_1xuI6DW4tq_QGnYUNs0sjATqfI5SbhFmeY5Aje4IeN8pIzr8OoK4hUq27pfL0G6U0-_MwzHVCMhk8rL7Z2WIW8ZI1Y80NdFX7H4CW1rql0XQ-yymp7Hxklsjd9i0bg3UJAg4GfOq2Y4mdjJokAtE4MBBJO0YJwXoWKGjZYXpV7J2zzbjlU0HSULLrjfuufnllsrHDn60MsmOppGD2VIV3yKLp8RYTd2AL8HA9bhm2rE_4Pbt607XFaurNo_2jYhRx91VGvqU9F99Y7hNreRidWU8IAlLN1oAx4wBcBA3SC6CdLDl9BLs7c8rnIVr3ojVtTQAlj7qbGplNa1nKZ0gx5XC-qs1PJr-ga_NmI6rW9nqtaGJ23PgTv0AT-DdTLHGhP64oCM4YmD0pFi-TfK5dyowI3WKFaTNZl2MdUvaPls_dUKFB0PpaGEfKhhLFY-169E7UGEVKkv3xrQo_mo43Oq-DuoD-oPaWInjRvDcG2V9bRCi3erJ0jgy-EINgOH0WYN7YrHm5yhwkdWRDtZ-bWd8D74mxIZ5sXNPsXRD4znBYhTh8igwVcgoW5oQ7XRmW6Bm3WcIDt9-Mc&sai=AMfl-YQv5ZrrZcKb2nnA6AMXgqCHtKdlJzoNmyILouoiCCdKbwjwzAuZr6yErHk-GIzOpiLaUzbpxf5YoZukMee2mZAtc8_WFMq1nficRIO070qfSk2khc-u_C41VK9qZte53SiCO1WaKvnv0YvSKjJ88z5mJwyJSmLglPRZH0g0Cncd-Ej-ibEdr-ijpBW-IHn7EDbjUBRpCMF9yJ7oYYqBUf9wYiHr8dkO0v9fXdq_eINjkg34YQNdhFjS3G62Sv6a86oHAyFNeUQBmRhNNSrKoCQMWe1Yh2pRqYUdePQ2yqvlpT6INajih7DvdujItsiGTl6uJx7PC259dztZi-I8XUOZp3EGkM-od1GZstdqKtldt1Hfcjkkja9m3xcZk4T1BClvMUnNvm9Kkh6HSKVXPSIxz6rPBlnXRfLpCw&sig=Cg0ArKJSzEIWZcRs8qmKEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230614.15464&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 05:01:02 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 16 Jun 2023 05:01:02 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2EF8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 14:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 14:33:29 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 76D1 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

age
57451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 13:03:31 GMT
etag
48472445140208031
expires
Fri, 16 Jun 2023 13:03:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/9828020940970865507/ Frame 0321 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9828020940970865507/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI8wMQhQIYASABLQAAAD8w9AM4hQJFAACAPw&rs=AOga4qmgxVdxLAzr7-Q4OcU3m8yE7jI0Gg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
sffe /
Resource Hash
8e6b8fede0ae764636e3711cc6168f393bfbbd2e2bef9458274f249b97871e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 23:44:58 GMT
x-content-type-options
nosniff
age
105364
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17885
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 18:46:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Jun 2024 23:44:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0321 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CfdC8jeyLZMiyM4nTs8IPupyr6AHgncOScdq14pK4Eafv8_0IEAEgqdWLfGCJs8-EnBSgAdOb7-YDyAEGqAMByAPLBKoEgAJP0BfwtEH19GEP-ImUqAwTDz-qqHl_TFh0RV-rOFuv4XWJ2ARSOR3Rz_pZ02jVcah2dfwwIJw7EmnZpQ1xs5i44FdcWYyasfVF6gKkG9utvHZ4Q-LA-e53xwyYKgGVXW-FwvcYcqZq-TWpEfOBlGpxhiyw8r6MiBiHp5U3zQ-0MLoE7CgZpb2w7dZOAjCL6GSWv9Ark5T8cd7MyaACDS8H3XO5vYVDn_bC4USYzuu_BzYt66Bi1VWnbKXwcExPtIY5quw_UWZJCCLOStxXQe65kehMpPNI9RpG16H-ab2GYggPjtC7G2XKoQxW83QWee54CuiWbWJPfGiUhW4lSNHMwASr64rRgQSSBQQIBBgBkgUECAUYBKAGN4AH2qCyMagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJzuDNIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTg1NDI2MDgwNjI1MjUwNTEYAA&sigh=wHICgGblPRQ&uach_m=[UACH]&cid=CAQSOwBygQiDzibRn0Rbtmk1GWVlnt5rmC8B8oQZGISvV6PFrpOwLhp5oyrYFdAyMahxr1DXvhjbqnISq_GbGAE&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 05:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
font
fonts.gstatic.com/l/ Frame 0B35 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxra02YkwqNeeraDTxoRVzbcOU104DCFxCiuoczz3f2tfOnDRlaPjieFP8SIi0OL1DUgz-xLL1NROTUkmKlx_s7AbeFAv8IYw0Os0z0EwLgex12tg6hpntpk-soJY30zMJsfpIMu5uKRPh5AnQkgb1AHgrVinc4rM7GqoL4NeNb4WqpwkuMPtgQJGAFGJHv_qSQgn48gj9GOzgvg2PWPCBq5CCIrZiT7101LULvsFjHYTc2EIyfY0jyvlu5tpRdfPSBDuTP_Xeto021AH7_CyUyXs8E&skey=72472b0eb8793570&v=v52
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%BC%E7%A4%BE%E8%A9%B1%E5%89%8D%E3%83%A1%E3%82%89%E3%82%B8%E3%81%AE%E5%87%BA%E3%83%84%E8%B3%AA%E3%82%8B%E3%81%8F%E6%A0%AA%E3%83%94%E4%BA%8B%E3%82%B9o%E3%82%A7%E9%96%8B%E3%81%8DK%E5%BC%8F%E3%83%AB%E3%83%A2%E3%83%87%E8%B2%A0%E3%82%B5%E4%BC%9A%E3%81%82%E3%83%BB%E6%A9%9F%E6%8B%85%E6%9C%AC%E8%83%BD%E3%80%81%E3%81%99%E3%81%92%E3%83%83%E9%9F%B3I%E5%B0%82%E5%BC%95%E3%82%AFA%E7%94%A81n%E3%81%A7%E3%81%97%E3%83%88%E3%82%84%E6%B8%9B%E3%82%BFE%E3%82%92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f3.1e100.net
Software
ESF /
Resource Hash
48b2b497efca37691fe00866412ef13252a82689ee93246dad7ddb42b9cbe1d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 15:11:26 GMT
x-content-type-options
nosniff
age
49776
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33524
x-xss-protection
0
last-modified
Tue, 02 May 2023 23:59:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Thu, 15 Jun 2023 15:11:26 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 0321 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500&lang=ja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f3.1e100.net
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:00:01 GMT
x-content-type-options
nosniff
age
586861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Jun 2024 10:00:01 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0321 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500&lang=ja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 21:02:38 GMT
x-content-type-options
nosniff
age
201504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 21:02:38 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EC9A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1&google_push=ATf1kGPFCU3a4bDCkCgLoZtJsq9hhrUfPsllfhYh-DzUm8f2PfXKxStp1N3OOZyC8dntEGqXu5WMvyxsY-mX28KeBWFKzAjn_ajBDzM
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI0OTA5MTY4NjEzMjYxNTE5Mg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EC9A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHF8fR0wxTXvipZFALMDog8&google_cver=1&google_push=ATf1kGOO0nWStofT-PexwDUlOHIbycFf4jWSkyuxp9skPDvcjO2lIw-Vkv5NpyntuxNJusW4yuL9vJMM7446Obvb...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOO0nWStofT-PexwDUlOHIbycFf4jWSkyuxp9skPDvcjO2lIw-Vkv5NpyntuxNJusW4yuL9vJMM7446Obvb9dy-QrSkxkel1vA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOO0nWStofT-PexwDUlOHIbycFf4jWSkyuxp9skPDvcjO2lIw-Vkv5NpyntuxNJusW4yuL9vJMM7446Obvb9dy-QrSkxkel1vA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 05:01:02 GMT
Server
MT3 1031 59fd23a master nrt nrt-pixel-x24 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOO0nWStofT-PexwDUlOHIbycFf4jWSkyuxp9skPDvcjO2lIw-Vkv5NpyntuxNJusW4yuL9vJMM7446Obvb9dy-QrSkxkel1vA
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Jun 2023 05:01:01 GMT
pixel
cm.g.doubleclick.net/ Frame EC9A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP9Vsv-MLiylW-WWH0i4eoc&google_push=ATf1kGP38t0_Ukef0jTOf0xs-uU6cvYplpDmK92qLLHynJDYlERfS3PBI0...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP9Vsv-MLiylW-WWH0i4eoc&google_push=ATf1kGP38t0_Ukef0jTOf0xs-uU6cvYplpDmK92qLLHynJDYlERfS3PBI0obGWI0XZXMj6cqaQh6DGOKOAULcH_bdy7S2xkeydtDa58
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-itm18835-ITM
pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1686891663.510419,VS0,VE167
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP9Vsv-MLiylW-WWH0i4eoc&google_push=ATf1kGP38t0_Ukef0jTOf0xs-uU6cvYplpDmK92qLLHynJDYlERfS3PBI0obGWI0XZXMj6cqaQh6DGOKOAULcH_bdy7S2xkeydtDa58
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame EC9A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDC-ktoUcMGM12GLXZ4B-3A&google_cver=1&google_push=ATf1kGPc-xNzJwmysXrhff_kZBVeaKPCI0G-2eAWzT6dVJ_lJ6Cf0BDckSBzBOl3o1o8lBIm_q_OjyuaEOn60gRWxN...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEDC-ktoUcMGM12GLXZ4B-3A&google_cver=1&google_push=ATf1kGPc-xNzJwmysXrhff_kZBVeaKPCI0G-2eAWzT6dVJ_lJ6Cf0BDckSBzBOl3o1o8lBIm_q_OjyuaEOn60gRWxN...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MGQ0NjRjODEtZmJiYy00ODU3LWFmMDItMGQ4ZGVhMTg2ZjVi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=0d464c81-fbbc-4857-af02-0d8dea186f5b
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MGQ0NjRjODEtZmJiYy00ODU3LWFmMDItMGQ4ZGVhMTg2ZjVi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=0d464c81-fbbc-4857-af02-0d8dea186f5b
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MGQ0NjRjODEtZmJiYy00ODU3LWFmMDItMGQ4ZGVhMTg2ZjVi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=0d464c81-fbbc-4857-af02-0d8dea186f5b
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame EC9A
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELAbv-zC79sLK24AbuhgcKE&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZmJiMjVhNzYtNWZiMS00YzkzLThhYzEtZmY4YjIyZDU1Yzhk&google_gid=CAESELAbv-zC79sLK24AbuhgcKE&google_cver=1&google_push=ATf1kGPv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZmJiMjVhNzYtNWZiMS00YzkzLThhYzEtZmY4YjIyZDU1Yzhk&google_gid=CAESELAbv-zC79sLK24AbuhgcKE&google_cver=1&google_push=ATf1kGPvmFIYMDMjYEmblHel269bx9M2WCSgFY9OExBzGv_bYF2rEe-EfB8CxbOpAK--2rgWp0sMKr4ZaPZAfwBifQ31ukMEXrnC5QeA
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZmJiMjVhNzYtNWZiMS00YzkzLThhYzEtZmY4YjIyZDU1Yzhk&google_gid=CAESELAbv-zC79sLK24AbuhgcKE&google_cver=1&google_push=ATf1kGPvmFIYMDMjYEmblHel269bx9M2WCSgFY9OExBzGv_bYF2rEe-EfB8CxbOpAK--2rgWp0sMKr4ZaPZAfwBifQ31ukMEXrnC5QeA
date
Fri, 16 Jun 2023 05:01:03 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EC9A
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESECUi4PGJ1SM05xUB73Acqxk&google_cver=1&google_push=ATf1kGORZJu6zt7amuHp8N5_blXCDFMvJpwww8yTgjtAoeXHcgmYwsSk_r7vyzrm1LqZTIR9zjKBhpAx8mGZNG6a9cCXMvdpBgGCz6e3
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OWhIdWVUN0NBLUswbkZ1bmp1eUxaQQ%3D%3D&google_push=ATf1kGORZJu6zt7amuHp8N5_blXCDFMvJpwww8yTgjtAoeXHcgmYwsSk_r7vyzrm1LqZTIR9zjKBhpAx8mGZN...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OWhIdWVUN0NBLUswbkZ1bmp1eUxaQQ%3D%3D&google_push=ATf1kGORZJu6zt7amuHp8N5_blXCDFMvJpwww8yTgjtAoeXHcgmYwsSk_r7vyzrm1LqZTIR9zjKBhpAx8mGZNG6a9cCXMvdpBgGCz6e3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 05:01:02 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OWhIdWVUN0NBLUswbkZ1bmp1eUxaQQ%3D%3D&google_push=ATf1kGORZJu6zt7amuHp8N5_blXCDFMvJpwww8yTgjtAoeXHcgmYwsSk_r7vyzrm1LqZTIR9zjKBhpAx8mGZNG6a9cCXMvdpBgGCz6e3
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
247
pixel
cm.g.doubleclick.net/ Frame EC9A
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEPaBCnkT7-FZ_eOVnEUVoWI&google_cver=1&google_push=ATf1kGPRFKjm_UL_HapsWorlOeTvpLaMzc7JPbcXnYHg0pLYcMaZB5jNLIhHyVLdVWNFL26vNvTlVGX14INI37g40SBzLbYq5...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGPRFKjm_UL_HapsWorlOeTvpLaMzc7JPbcXnYHg0pLYcMaZB5jNLIhHyVLdVWNFL26vNvTlVGX14INI37g40SBzLbYq5m_jHh7DHQ&google_hm=6cf81914...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGPRFKjm_UL_HapsWorlOeTvpLaMzc7JPbcXnYHg0pLYcMaZB5jNLIhHyVLdVWNFL26vNvTlVGX14INI37g40SBzLbYq5m_jHh7DHQ&google_hm=6cf81914f08d49a5b42842a781e1dc57
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGPRFKjm_UL_HapsWorlOeTvpLaMzc7JPbcXnYHg0pLYcMaZB5jNLIhHyVLdVWNFL26vNvTlVGX14INI37g40SBzLbYq5m_jHh7DHQ&google_hm=6cf81914f08d49a5b42842a781e1dc57
date
Fri, 16 Jun 2023 05:01:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame EC9A 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvtWaRvUdmiFVoaNT1yKE3uilOlm_yv3A7xxbjYThKMZgF7FZX3rNX4ZLqbLewgtyRmmd8jg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
s
googleads.g.doubleclick.net/pagead/drt/ Frame F973 		143 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

age
1939
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 04:28:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8693 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

age
57451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 13:03:31 GMT
etag
48472445140208031
expires
Fri, 16 Jun 2023 13:03:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DC6C 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
708e84e3a28a47354e2b08cc4ed9a2bc76170c1a8f78cb45bf0ef4f5119c8312

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0321 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c447d217d1928a57a1f29876d5437ac2f26164de9cedc3bd06c55c3be47e094

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2
fonts.gstatic.com/s/notosansjp/v52/ Frame 0321 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500|Noto+Sans+JP:400&text=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f3.1e100.net
Software
sffe /
Resource Hash
c1ef167e3112a81527dac4791653d424da6848e92d7c642fa2ebd2e64f5656ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 17:29:46 GMT
x-content-type-options
nosniff
age
214276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42600
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:11:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 17:29:46 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A51F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:02 GMT
expires
Fri, 16 Jun 2023 05:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame DC5E
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYovbs7QEwAQ&v=APEucNXTMh_0g_XcTRqm-YYiG80Q9zmAe6Y_WMiML05sQvVcXn_ig87B4lFf_QcS4eAHeLIgjk8u0Ngl2RGZIT8i-8E3Gsh43g
Protocol
H2
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 05:01:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame DC5E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPR9yVQsOH9S84QU7anz4M8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPR9yVQsOH9S84QU7anz4M8&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPR9yVQsOH9S84QU7anz4M8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYovbs7QEwAQ&v=APEucNXTMh_0g_XcTRqm-YYiG80Q9zmAe6Y_WMiML05sQvVcXn_ig87B4lFf_QcS4eAHeLIgjk8u0Ngl2RGZIT8i-8E3Gsh43g
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 05:01:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 05:01:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEPR9yVQsOH9S84QU7anz4M8&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame DC5E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZIvsjod1UOFsLIt2VUG3CgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPR9yVQsOH9S84QU7anz4M8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPR9yVQsOH9S84QU7anz4M8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYovbs7QEwAQ&v=APEucNXTMh_0g_XcTRqm-YYiG80Q9zmAe6Y_WMiML05sQvVcXn_ig87B4lFf_QcS4eAHeLIgjk8u0Ngl2RGZIT8i-8E3Gsh43g
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 05:01:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPR9yVQsOH9S84QU7anz4M8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame FC47
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMhwls5dSOgdOqG13s5CxvU&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMhwls5dSOgdOqG13s5CxvU%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMhwls5dSOgdOqG13s5CxvU%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYovbs7QEwAQ&v=APEucNUe_xZSH2ZIG5wWai9OgiY1xtv2hv-VomhbwdybezZaRu8LtBqRqhaezbuJOspkHWB6Uxm6biE65GRWO6LYs27uu5HqhQ
Protocol
HTTP/1.1
Server
103.43.90.179 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 05:01:03 GMT
AN-X-Request-Uuid
3a20bc4d-c446-47e1-bc37-f486c73e2c93
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
126.92.80.188; 126.92.80.188; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 05:01:03 GMT
AN-X-Request-Uuid
9faa4df9-3c83-44d8-bdce-6bf5335456d1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMhwls5dSOgdOqG13s5CxvU%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
126.92.80.188; 126.92.80.188; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FC47
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2MDcxNTA5OTM1NTM3Mzc0Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2MDcxNTA5OTM1NTM3Mzc0Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYovbs7QEwAQ&v=APEucNUe_xZSH2ZIG5wWai9OgiY1xtv2hv-VomhbwdybezZaRu8LtBqRqhaezbuJOspkHWB6Uxm6biE65GRWO6LYs27uu5HqhQ
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 05:01:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
126.92.80.188; 126.92.80.188; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5194fc0b-9201-4afc-9625-708b45761190
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2MDcxNTA5OTM1NTM3Mzc0Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FC47
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBPEyH50zUFx9k2y3LvgaZ8&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBPEyH50zUFx9k2y3LvgaZ8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYovbs7QEwAQ&v=APEucNUe_xZSH2ZIG5wWai9OgiY1xtv2hv-VomhbwdybezZaRu8LtBqRqhaezbuJOspkHWB6Uxm6biE65GRWO6LYs27uu5HqhQ
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBPEyH50zUFx9k2y3LvgaZ8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FC47
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWNmZThlZWItNzM0ZC0yMGRiLWZhMjMtYWIzNDYxMmM1ZjU0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWNmZThlZWItNzM0ZC0yMGRiLWZhMjMtYWIzNDYxMmM1ZjU0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYovbs7QEwAQ&v=APEucNUe_xZSH2ZIG5wWai9OgiY1xtv2hv-VomhbwdybezZaRu8LtBqRqhaezbuJOspkHWB6Uxm6biE65GRWO6LYs27uu5HqhQ
Protocol
H2
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 05:01:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWNmZThlZWItNzM0ZC0yMGRiLWZhMjMtYWIzNDYxMmM1ZjU0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame 9CEE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c704a1ec10c2ec61b257ed907f40797771a1ae0e42722d201977c1bdcef80820

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A6BB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1&google_push=ATf1kGP9PT1UA6_CVRma-RN1F00N9GyU9cvknQsrrihR-3sT4-Cru6LopshOSgKGlsZN9qIxKBKrt-UtmmQmmPUubuxe-_QptxewJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU3NTU2MTc2NTA4MTg0MzczNg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gdn.socdm.com/rtb/ Frame A6BB
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEP2wNaFo2UA7lvjTs0rczXE&google_cver=1&google_push=ATf1kGN7hXidf-49ZN4ccR64TGTbcqyLNTG5RQwiLX4vwvOO7B8eVP1Wjp6nc1xCm4T-t...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=Wkl2c2pzQ281dVlBQUpwbVJld0FBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEP2wNaFo2UA7lvjTs0rczXE&google_cver=1
43 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEP2wNaFo2UA7lvjTs0rczXE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
HTTP/1.1
Server
124.146.153.150 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 05:01:03 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEP2wNaFo2UA7lvjTs0rczXE&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"126.92.80.188","key":"ZIvsjsCo5uYAAJpmRewAAAAA","privacy_sensitive":false,"uid":"ZIvsjsCo5uYAAJpmRewAAAAA","upstream_id":"a-ad40093"}
X-SO-Key
ZIvsjsCo5uYAAJpmRewAAAAA
X-SO-Upstream-ID
a-ad40093
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40093.dc2p.scaleout.jp
X-SO-UID
ZIvsjsCo5uYAAJpmRewAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
126.92.80.188
X-SO-Cluster-ID
0
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
5
X-SO-LB-Hostname
m-ng13.dc4p.scaleout.jp

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEP2wNaFo2UA7lvjTs0rczXE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A6BB
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELAbv-zC79sLK24AbuhgcKE&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTA1NjgyNTItM2MzNy00MDI2LWFmZGItZTg0ZmZiMjM3ZGY1&google_gid=CAESELAbv-zC79sLK24AbuhgcKE&google_cver=1&google_push=ATf1kGOa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTA1NjgyNTItM2MzNy00MDI2LWFmZGItZTg0ZmZiMjM3ZGY1&google_gid=CAESELAbv-zC79sLK24AbuhgcKE&google_cver=1&google_push=ATf1kGOaeb2dP82XnEODyC-DZvY48biBmuLcsV28pPDLC-BvOQmbxL8mIR-PH9nDM_wxTOnAYGWtaGMELPVq3qEhzivDef5N829YQzCVIdyqmSBB82C8_QY7qJVLGobTLOMoT-I6CEHyAOpMhOpTUM1_r42JlQ
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTA1NjgyNTItM2MzNy00MDI2LWFmZGItZTg0ZmZiMjM3ZGY1&google_gid=CAESELAbv-zC79sLK24AbuhgcKE&google_cver=1&google_push=ATf1kGOaeb2dP82XnEODyC-DZvY48biBmuLcsV28pPDLC-BvOQmbxL8mIR-PH9nDM_wxTOnAYGWtaGMELPVq3qEhzivDef5N829YQzCVIdyqmSBB82C8_QY7qJVLGobTLOMoT-I6CEHyAOpMhOpTUM1_r42JlQ
date
Fri, 16 Jun 2023 05:01:03 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A6BB
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEGINknfRPQfSkkXEPgyptLY&google_cver=1&google_push=ATf1kGNa5UoaHliQCu6JHJb733k59FxKcAvGQ9b4U_KF8gPeq4KoIV8Vxtapb8lDDHs39dXrvW1XUHlKkIKV2Y1n_tX6OjYLFY0N_-_3a...
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ATf1kGNa5UoaHliQCu6JHJb733k59FxKcAvGQ9b4U_KF8gPeq4KoIV8Vxtapb8lDDHs39dXrvW1XUHlKkIKV2Y1n_tX6OjYLFY0N_-_3aWoF_Ml4mlW-vC5hC4JHgLOSXnEI1M...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ATf1kGNa5UoaHliQCu6JHJb733k59FxKcAvGQ9b4U_KF8gPeq4KoIV8Vxtapb8lDDHs39dXrvW1XUHlKkIKV2Y1n_tX6OjYLFY0N_-_3aWoF_Ml4mlW-vC5hC4JHgLOSXnEI1MGNQaqepIAbV0Z0vP4PfAtkOQ&google_hm=NTR1NTEyMDFNQkRITjAwNm5GOG0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Fri, 16 Jun 2023 05:01:02 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ATf1kGNa5UoaHliQCu6JHJb733k59FxKcAvGQ9b4U_KF8gPeq4KoIV8Vxtapb8lDDHs39dXrvW1XUHlKkIKV2Y1n_tX6OjYLFY0N_-_3aWoF_Ml4mlW-vC5hC4JHgLOSXnEI1MGNQaqepIAbV0Z0vP4PfAtkOQ&google_hm=NTR1NTEyMDFNQkRITjAwNm5GOG0
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame A6BB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHK_zfnSIMozEJ1QQwrjMmU&google_cver=1&google_push=ATf1kGN-vxLZpeoqJRgvzZV91XEeF7XDNUBgqH49jzA_Hpk2UFKQY8wAYCY6CdXlJNq9-7BUtBMm3R-j3G_YbILJLw3M8qZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGN-vxLZpeoqJRgvzZV91XEeF7XDNUBgqH49jzA_Hpk2UFKQY8wAYCY6CdXlJNq9-7BUtBMm3R-j3G_YbILJLw3M8qZEH608WLQBXie4zIiZpQhaWazMEhYiZHRjG6E47...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGN-vxLZpeoqJRgvzZV91XEeF7XDNUBgqH49jzA_Hpk2UFKQY8wAYCY6CdXlJNq9-7BUtBMm3R-j3G_YbILJLw3M8qZEH608WLQBXie4zIiZpQhaWazMEhYiZHRjG6E47NEywQfGmsLDVgUrk1MgeDgRCg&google_hm=eS1zYmJnamNWRTJwSHBfQnFiNUpWY3NTWGNWWGhoM1J0Qn5B
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 05:01:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGN-vxLZpeoqJRgvzZV91XEeF7XDNUBgqH49jzA_Hpk2UFKQY8wAYCY6CdXlJNq9-7BUtBMm3R-j3G_YbILJLw3M8qZEH608WLQBXie4zIiZpQhaWazMEhYiZHRjG6E47NEywQfGmsLDVgUrk1MgeDgRCg&google_hm=eS1zYmJnamNWRTJwSHBfQnFiNUpWY3NTWGNWWGhoM1J0Qn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame A6BB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENXpQOKWyy6WoGOh3xSTgyU&google_cver=1&google_push=ATf1kGN_E8D-ZL2uatUC6EAQwxnB-afMBXflnh9RneTNuDdHR4kM8v-nVhU40ejmdVwHDg_oZIcyYIfMLs0wP...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENXpQOKWyy6WoGOh3xSTgyU&google_push=ATf1kGN_E8D-ZL2uatUC6EAQwxnB-afMBXflnh9RneTNuDdHR4kM8v-nVhU40ejmdVwHDg_oZIcyYIfMLs0wP...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGN_E8D-ZL2uatUC6EAQwxnB-afMBXflnh9RneTNuDdHR4kM8v-nVhU40ejmdVwHDg_oZIcyYIfMLs0wPdJAZsM3h998kjJCnMj_aHJidcgBM_Xy712mVQJsODMAmHQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGN_E8D-ZL2uatUC6EAQwxnB-afMBXflnh9RneTNuDdHR4kM8v-nVhU40ejmdVwHDg_oZIcyYIfMLs0wPdJAZsM3h998kjJCnMj_aHJidcgBM_Xy712mVQJsODMAmHQ85q_wGdKi1a9q8mT0sYLLXMFa1g&google_hm=T1BJb2tFaWtjRVdfRnpCT0t4ZEE=
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 05:01:03 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGN_E8D-ZL2uatUC6EAQwxnB-afMBXflnh9RneTNuDdHR4kM8v-nVhU40ejmdVwHDg_oZIcyYIfMLs0wPdJAZsM3h998kjJCnMj_aHJidcgBM_Xy712mVQJsODMAmHQ85q_wGdKi1a9q8mT0sYLLXMFa1g&google_hm=T1BJb2tFaWtjRVdfRnpCT0t4ZEE=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
294
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A6BB
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEKe4edGy93NEOX0DPaytVWI&google_cver=1&google_push=ATf1kGNUjiqcBHtpqAMrYSCxDKw75wMCdT54tyhtGvobF4HtRyWwrXHJJT1IlW-gfdM27NPKQ60-PZNoY0iVwefHQK...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTIwMDQ3MTM2NTg3OTUyMjE1NjA&google_push=ATf1kGNUjiqcBHtpqAMrYSCxDKw75wMCdT54tyhtGvobF4HtRyWwrXHJJT1IlW-gfdM27NPKQ60-PZNoY0iVwefHQKbH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTIwMDQ3MTM2NTg3OTUyMjE1NjA&google_push=ATf1kGNUjiqcBHtpqAMrYSCxDKw75wMCdT54tyhtGvobF4HtRyWwrXHJJT1IlW-gfdM27NPKQ60-PZNoY0iVwefHQKbHNzfYIbjNaddBeBk2jPgF91RyIoafcDOEUqgWrKiH-x0q5GouXeDdTGeLeRiioRrJAw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTIwMDQ3MTM2NTg3OTUyMjE1NjA&google_push=ATf1kGNUjiqcBHtpqAMrYSCxDKw75wMCdT54tyhtGvobF4HtRyWwrXHJJT1IlW-gfdM27NPKQ60-PZNoY0iVwefHQKbHNzfYIbjNaddBeBk2jPgF91RyIoafcDOEUqgWrKiH-x0q5GouXeDdTGeLeRiioRrJAw
Date
Fri, 16 Jun 2023 05:01:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame A6BB 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-hqwk5xGjFK0HbYRjIf2NBHxCbEFRGU0x7gCFMWyv459xmPOnF4oj4CqT2-CfL3PkcXwD
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 2EF8 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e8493f564352dc6c5dd45bbe6af2af7fa7a0e3b798d9371d6931d90628a4c1

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 76D1 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDVvE2UmQqseZaZiQctUQFc&google_cver=1&google_push=ATf1kGN7JEUGJzMJUjl-IYDc-Yj4LQV_ZSS7YJxamf6DH540WsIjDBFueXgpDDmzWdvUia9rKSdMfyGn_Y8fjIeyTi3aCRcYTXvSQA8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 76D1
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKRDqFsUrzp9M2HCENvaQkA&google_cver=1&google_push=ATf1kGMmZN5BNNTfIXdUnYsaLW2qn0hE4i7uKgULUfxvvyjhSf58XmJ6lcf-Sv1zH3xozi8mT87ZB3WKvVUgxT3FGE9TWSvoj8SnLR0
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A44F91F9B5E142A991B2E118BF84111D&google_push=ATf1kGMmZN5BNNTfIXdUnYsaLW2qn0hE4i7uKgULUfxvvyjhSf58XmJ6lcf-Sv1zH3xozi8mT87ZB3WKvVUgxT3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A44F91F9B5E142A991B2E118BF84111D&google_push=ATf1kGMmZN5BNNTfIXdUnYsaLW2qn0hE4i7uKgULUfxvvyjhSf58XmJ6lcf-Sv1zH3xozi8mT87ZB3WKvVUgxT3FGE9TWSvoj8SnLR0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 05:01:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A44F91F9B5E142A991B2E118BF84111D&google_push=ATf1kGMmZN5BNNTfIXdUnYsaLW2qn0hE4i7uKgULUfxvvyjhSf58XmJ6lcf-Sv1zH3xozi8mT87ZB3WKvVUgxT3FGE9TWSvoj8SnLR0
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 15 Jun 2023 05:01:02 GMT
pixel
cm.g.doubleclick.net/ Frame 76D1
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEG_AzlmWJbsd00KdaBDyU7c&google_cver=1&google_push=ATf1kGNx4x0a9riqKnPFmf48geG0i66Z05c9jMLhCK7zbsjOkJfOCRvdPSSLX0A_K8wOPqC1XvpRc...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGNx4x0a9riqKnPFmf48geG0i66Z05c9jMLhCK7zbsjOkJfOCRvdPSSLX0A_K8wOPqC1XvpRcl268PJywGaTX75kPMjAc27YOQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGNx4x0a9riqKnPFmf48geG0i66Z05c9jMLhCK7zbsjOkJfOCRvdPSSLX0A_K8wOPqC1XvpRcl268PJywGaTX75kPMjAc27YOQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 05:01:02 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6E1245B301F14C6CA95CFDD21EF7EC07 Ref B: OSA30EDGE0516 Ref C: 2023-06-16T05:01:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGNx4x0a9riqKnPFmf48geG0i66Z05c9jMLhCK7zbsjOkJfOCRvdPSSLX0A_K8wOPqC1XvpRcl268PJywGaTX75kPMjAc27YOQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAX+OBJXuM36dF/SBO4saA==
pixel
cm.g.doubleclick.net/ Frame 76D1
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEBrV90UUWlYoIr31Tm6rDbk&google_cver=1&google_push=ATf1kGOAGUtjUvaJy2_WXK3367-nZp3WIOZ-565nH0rtKuxQbF2tScEXZ0V_7qJ-5PxLV2sjAUW-zwFuw6ls5StASLTl-YNQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ATf1kGOAGUtjUvaJy2_WXK3367-nZp3WIOZ-565nH0rtKuxQbF2tScEXZ0V_7qJ-5PxLV2sjAUW-zwFuw6ls5StASLTl-YNQzq6NbQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ATf1kGOAGUtjUvaJy2_WXK3367-nZp3WIOZ-565nH0rtKuxQbF2tScEXZ0V_7qJ-5PxLV2sjAUW-zwFuw6ls5StASLTl-YNQzq6NbQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ATf1kGOAGUtjUvaJy2_WXK3367-nZp3WIOZ-565nH0rtKuxQbF2tScEXZ0V_7qJ-5PxLV2sjAUW-zwFuw6ls5StASLTl-YNQzq6NbQ
Date
Fri, 16 Jun 2023 05:01:02 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 76D1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMM6XKnM2ul6za29SYlqCv0&google_cver=1&google_push=ATf1kGOZRjlmTSK-jEEWYgGt64x8f-WG_IFvIMf4q5jcs7MJJ-RXaAaeQ_PqdqbZ890a96ke_sxk6Fp8...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMM6XKnM2ul6za29SYlqCv0&google_cver=1&google_push=ATf1kGOZRjlmTSK-jEEWYgGt64x8f-WG_IFvIMf4q5jcs7MJJ-RXaAaeQ_PqdqbZ890a96ke_sx...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYzMzcyNDAyNzE0ODk0ODE1Mg&google_push=ATf1kGOZRjlmTSK-jEEWYgGt64x8f-WG_IFvIMf4q5jcs7MJJ-RXaAaeQ_PqdqbZ890a96ke_sxk6F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYzMzcyNDAyNzE0ODk0ODE1Mg&google_push=ATf1kGOZRjlmTSK-jEEWYgGt64x8f-WG_IFvIMf4q5jcs7MJJ-RXaAaeQ_PqdqbZ890a96ke_sxk6Fp8MGT22X7MWcduhr1zT7ejVHU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYzMzcyNDAyNzE0ODk0ODE1Mg&google_push=ATf1kGOZRjlmTSK-jEEWYgGt64x8f-WG_IFvIMf4q5jcs7MJJ-RXaAaeQ_PqdqbZ890a96ke_sxk6Fp8MGT22X7MWcduhr1zT7ejVHU
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 76D1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENXpQOKWyy6WoGOh3xSTgyU&google_cver=1&google_push=ATf1kGNFmWWU_kBk3LxATNJNciwYTM-N5SKYBL1k0ZA1RexoiV5e8ei1GbppcC9QymlD8iyPSoc5bOhGx--nP...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENXpQOKWyy6WoGOh3xSTgyU&google_push=ATf1kGNFmWWU_kBk3LxATNJNciwYTM-N5SKYBL1k0ZA1RexoiV5e8ei1GbppcC9QymlD8iyPSoc5bOhGx--nP...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGNFmWWU_kBk3LxATNJNciwYTM-N5SKYBL1k0ZA1RexoiV5e8ei1GbppcC9QymlD8iyPSoc5bOhGx--nPeyBHzEqsD0BmCXX_Gg&google_hm=ZjlscW5SSkZuTnNaN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGNFmWWU_kBk3LxATNJNciwYTM-N5SKYBL1k0ZA1RexoiV5e8ei1GbppcC9QymlD8iyPSoc5bOhGx--nPeyBHzEqsD0BmCXX_Gg&google_hm=ZjlscW5SSkZuTnNaNnlGdmZyY2o=
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 05:01:03 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGNFmWWU_kBk3LxATNJNciwYTM-N5SKYBL1k0ZA1RexoiV5e8ei1GbppcC9QymlD8iyPSoc5bOhGx--nPeyBHzEqsD0BmCXX_Gg&google_hm=ZjlscW5SSkZuTnNaNnlGdmZyY2o=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
239
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 76D1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGQObcI_0tzBMDY-7t6clY0&google_cver=1&google_push=ATf1kGPshpSOPhCyNeaQ7fcOiRXzIwHm0tPIgO03hKoeKBkzIXbDAwpNoSYLUv7i-0rBBSGhYtFFnVG3A5z8NFi...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kqALka2QVOlY2ERXKp2qIX5cULw&google_push=ATf1kGPshpSOPhCyNeaQ7fcOiRXzIwHm0tPIgO03hKoeKBkzIXbDAwpNoSYLUv7i-0rBBSGhYtFFnVG3A5z8NF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kqALka2QVOlY2ERXKp2qIX5cULw&google_push=ATf1kGPshpSOPhCyNeaQ7fcOiRXzIwHm0tPIgO03hKoeKBkzIXbDAwpNoSYLUv7i-0rBBSGhYtFFnVG3A5z8NFihqwgDU5PLgtzhiA8
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kqALka2QVOlY2ERXKp2qIX5cULw&google_push=ATf1kGPshpSOPhCyNeaQ7fcOiRXzIwHm0tPIgO03hKoeKBkzIXbDAwpNoSYLUv7i-0rBBSGhYtFFnVG3A5z8NFihqwgDU5PLgtzhiA8
Date
Fri, 16 Jun 2023 05:01:03 GMT
Connection
keep-alive
Content-Length
245
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 76D1 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IY7c0sL-n0zmzWxtgwYALxEC7_et6qBZT9l-utFR2L_QfbeRa6lrX0AHxf8bib5sj7i9hi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame DF3D 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686891660&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891660226&bpp=1&bdt=1719&idt=729&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qNRmQBvJGw&p=https%3A//k2-ornata.com&dtd=732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 03:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
6216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 03:17:26 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8693
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1&google_push=ATf1kGPaUP_0ymC6cepnuu9G-U_MyirNcsKYY1OCRRNCddutOsUd81-BnQuN7hcXEn3sk3zDglvOmqF1md3EetJpxlHBQpGkar2g
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzQ2NTI2NDQ2ODI0NjM5OTAwMA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENtjvY6Z9DW_cIbiNKkb51Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8693
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEDtLXCAgqnvDlfWvPydgl3o&google_cver=1&google_push=ATf1kGNFriSS5RDl3qpZzxgIuSr5zNaJf_7FNl47IPW0QIGbBDB6ehYu51D1IK8cl_38UHZIVlEsVp3Iid...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ATf1kGNFriSS5RDl3qpZzxgIuSr5zNaJf_7FNl47IPW0QIGbBDB6ehYu51D1IK8cl_38UHZIVlEsVp3Iid6E9Ot5tqnp4nR1DVRo&google_hm=Vnpiclg1TVo4Ry1ndXo...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ATf1kGNFriSS5RDl3qpZzxgIuSr5zNaJf_7FNl47IPW0QIGbBDB6ehYu51D1IK8cl_38UHZIVlEsVp3Iid6E9Ot5tqnp4nR1DVRo&google_hm=Vnpiclg1TVo4Ry1ndXo3bXNDZ0Z5Zk8yU2Fz&from_google=pc1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 05:01:02 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ATf1kGNFriSS5RDl3qpZzxgIuSr5zNaJf_7FNl47IPW0QIGbBDB6ehYu51D1IK8cl_38UHZIVlEsVp3Iid6E9Ot5tqnp4nR1DVRo&google_hm=Vnpiclg1TVo4Ry1ndXo3bXNDZ0Z5Zk8yU2Fz&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 8693
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEDXOzzjC4ToqAl7pChjSP8I&google_cver=1&google_push=ATf1kGPrmmjAa1knTypKLI6eF1nx3uYqhC8A3ciiVqelaH8li68D5wSuZp66lPiMQgirJaWObw7WDyC7RralCtZdV60WfAiMrdl6YA
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTVGN0I5MjIyNTQ5MjM3RA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTVGN0I5MjIyNTQ5MjM3RA==
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTVGN0I5MjIyNTQ5MjM3RA==
date
Fri, 16 Jun 2023 05:01:03 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 8693
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEGsx--yFXVNHnuqwuQ83V68&google_cver=1&google_push=ATf1kGMncR1sQebS_9Y51m43D9RzuhYfwT62fwOhEFGujpKnp6U0z83OKZScO9lFm6neH4j-s4rRAkB9fgJkYVhyx...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEGsx--yFXVNHnuqwuQ83V68&google_cver=1&google_push=ATf1kGMncR1sQebS_9Y51m43D9RzuhYfwT62fwOhEFGujpKnp6U0z83OKZScO9lFm6neH4j-s4rRAkB9fgJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ATf1kGMncR1sQebS_9Y51m43D9RzuhYfwT62fwOhEFGujpKnp6U0z83OKZScO9lFm6neH4j-s4rRAkB9fgJkYVhyx5IBuHxd8KU7TQ&google_hm=s6Z-YEsmQGmz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ATf1kGMncR1sQebS_9Y51m43D9RzuhYfwT62fwOhEFGujpKnp6U0z83OKZScO9lFm6neH4j-s4rRAkB9fgJkYVhyx5IBuHxd8KU7TQ&google_hm=s6Z-YEsmQGmz8ICqMnUsag==
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ATf1kGMncR1sQebS_9Y51m43D9RzuhYfwT62fwOhEFGujpKnp6U0z83OKZScO9lFm6neH4j-s4rRAkB9fgJkYVhyx5IBuHxd8KU7TQ&google_hm=s6Z-YEsmQGmz8ICqMnUsag==
Date
Fri, 16 Jun 2023 05:01:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
asr
aid.send.microad.jp/g/ Frame 8693 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEAcvLoLFYNFiXpGcim_uY6Q&google_cver=1&google_push=ATf1kGPrZwdZvR1ZagvHuCIubh-epl-csolPN-mUboPzhEyOCqagB1zMygfDxctNUrTjQC6fk7igpaCwzKxx8o9ck0FvdHLxf89dUw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 05:01:02 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 8693
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEC9M6RLZ53pxmME2o0C6Plg&c_param1=ATf1kGP3tC0SJAEC3GCbSCGD0gUImwxmyJXQ2Wwhf8sfqPsZ-WObXjGleNCVLP6Ayg5lC5skAlqWy4qMkkFoVA87qTdx4ep7MxOQMQ&gdpr=%%GDPR%...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGP3tC0SJAEC3GCbSCGD0gUImwxmyJXQ2Wwhf8sfqPsZ-WObXjGleNCVLP6Ayg5lC5skAlqWy4qMkkFoVA87qTdx4ep7MxOQMQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGP3tC0SJAEC3GCbSCGD0gUImwxmyJXQ2Wwhf8sfqPsZ-WObXjGleNCVLP6Ayg5lC5skAlqWy4qMkkFoVA87qTdx4ep7MxOQMQ
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGP3tC0SJAEC3GCbSCGD0gUImwxmyJXQ2Wwhf8sfqPsZ-WObXjGleNCVLP6Ayg5lC5skAlqWy4qMkkFoVA87qTdx4ep7MxOQMQ
date
Fri, 16 Jun 2023 05:01:03 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8693
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEAAvwJ840-xB5QUeIQ2n23U&google_cver=1&google_push=ATf1kGMcP5ZVuNoOfXhbbsD0R9CL0dFuwZQqbWA0EalS-dXMMDzjlsKqj52TXQqgs8jzxuB8dr_gXF2BZYUjhSlO6aZX...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ATf1kGMcP5ZVuNoOfXhbbsD0R9CL0dFuwZQqbWA0EalS-dXMMDzjlsKqj52TXQqgs8jzxuB8dr_gXF2BZYUjhSlO6aZXNAej9gUa
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ATf1kGMcP5ZVuNoOfXhbbsD0R9CL0dFuwZQqbWA0EalS-dXMMDzjlsKqj52TXQqgs8jzxuB8dr_gXF2BZYUjhSlO6aZXNAej9gUa
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ATf1kGMcP5ZVuNoOfXhbbsD0R9CL0dFuwZQqbWA0EalS-dXMMDzjlsKqj52TXQqgs8jzxuB8dr_gXF2BZYUjhSlO6aZXNAej9gUa
date
Fri, 16 Jun 2023 05:01:02 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8693 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_yaTSeHjolaAtptcTkwdVZeYUsva4h3JiOPiWEY7dE8AvDzOTcXo-BO5_ugSTHEVvVoT3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame F973
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:02 GMT
expires
Fri, 16 Jun 2023 05:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E2F9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
age
172862
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 05:00:00 GMT
expires
Thu, 13 Jun 2024 05:00:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 164A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
age
172862
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 05:00:00 GMT
expires
Thu, 13 Jun 2024 05:00:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame E2F9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 03:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
6216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 03:17:26 GMT
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame 164A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 03:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
6216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 03:17:26 GMT
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame 8A2E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: k2-ornata.com
URL: https://k2-ornata.com/splunk_fields_extract_and_display/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 03:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
6216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 03:17:26 GMT
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame CDF8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=2351132527&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3228&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N6VERiESij&p=https%3A//k2-ornata.com&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 03:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
6216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 03:17:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E2F9 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlG0UjeyLZJa6MsqXqAGR4a64DwAAAAA4AeAEAg&bg=!aGulaz_NAAaGYqkwpmI7ADkAdvg8WniWAi6G-zpIeYXILYst0FWFyszqW_pSrITD6iivV6_O1Kdi6X7I3fqDWWUY9zyWMJ58HD8CAAAAolIAAAACaAEHmQL0B1-zOW01f_0zNeEKJhj70Jlt33xTvZO86hfqp-3zNC4ZR4anVHgiBoguYVT_rnpoTlUPPxc3XAdt4F46OWzzAWi0Iwnd5nd7MtWttMUFeHZHEefSoFuMlsU0lzi6fz7JDzKMlgFCrFAeV3KlV4dGpcYHtmTIgG-W0iP0xrrh3H2-eQNb32aFoypAQmpU_QaCirr3OO8Q76sDwYRFewjFYqpxMCT5Ruw46mcrAVc90GGR6fMgBGhXjKlCgLJHvSdF8P3dw_PcAR3B8BImnC90twQm2IpCxSZ2SqXYfrcNzph_zhtK8OMrhRh67hJ0HaRWszvCDnV0hgZ3KFwWr38SNnGNPYQrgrkRt0fTz3aV5BnXNTLETsM2emII73vrAjxuPRtdCR0DQMfVzA04saimNpPtulC7W3egVd-wVl_8B_ECLB-Yq9J2B5hMvI4dAh9PyaWwY4uxzDaKArNd8U8ojhR93_sQGR2mfkUU0-Cc8LWgGn14sP-seNDAttHRrKdSWh1NrjWpPEkiNVolWXnXbZRySqBt0JcAOLGt9Ba_vyvC6AnFiksNhZbD-rO9cKKwFJTxvhmL3UGTQw9OulFABsQiO9N9fUGwAkY_ZnSln7wawrH_6b6T8F1IVIQWHIM8gH_A-rvKIIrCMQDISusyRfJIEi-ShBCRKUOyi-NXvGAgS-nI_cMsq9KuFRn3-y-nHQjsXa6ctfn7fGonkCv6H5bZgYDojvHyCgjk9-oi0CYwdFGfwQKA9U075-9ZLTudiooS5igwVAKhqcw75Vp1ujwltIhqMNxLySNv9ketw3zGN5KCbZV4gjv6IFyGEP_oOl4Tdy_a0tGzaxF2W-4ZBHjwjou4BVbj_om9vP6HjL7beAHlRqm7D9GHRp_3xmkXGOvAr4kS2zaiTirjDZof7rGTDLAdH7tTn9ANuyXpe3KufAQFw4iI3i4WaQPgT8Rm75dURqNPTQSPqbzk2KNa3TOgENZX5x-A8YLBowaYSbqVQ6Nw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 164A 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFSf9jeyLZPD2MorsgAO_rIOQDQAAAAA4AeAEAg&bg=!UlGlUQXNAAaGYqkwpmI7ADkAdvg8Wh9RKH8eEXAsZ48mz7IkJS_fNSmcZimr0a9AOd4zYI-wWwz-lFyyQyG16gunb6qmxOGIYxgCAAAAklIAAAACaAEHCgAozQe2ZoS79T60e36IKG7NL4r0KGmwT05D0sTGSba5Lx9CMJowJch6xJkC-s5sXh1q1mbzt-weXf2ZvpCv25o7tQYV-UTUo-bXgZSpgRA-zlJP83bJTFphRNkUp4McRqrywMcN_Lw8Al0sJVOJUXqFRocz5GlFAOM0VP0V4eTrsv4Lmdcifj9Nrh7lTxf9oYBt48sS7WBl6ajZfOAVdqTDyK_aBT7Al2ruYkHZSaNd6R60u3K5ohVttLGMZZZZcFJjG81uBVWPPGaym8i0BmxFN1I-MePhKz8n-Yq_RDBBu9-eCTilvkSTM6RpvE5NQpHlhZWXEHYuuVTly9eZrB6tUKiAeeV_7qWm8LTvfENMy_tU8tCBR054lOszjTqg07S95ZqPFZ4FFDGoh-NVN7JMc5Cd2Hm_5I_a3826vE1U6utH20PsL3q_dl3bqhHeK2HAMs6sTUNVJJ5AxPVvfD-pqSM6Un56ac79-C1ahNOn8F5kwnfyH5vvxr0Icsf-V7pi_oG6vno97ypzz10GAV4qXBqkbPdk83wUxBm0EQAlm5PQltCbom59f8VlDUyDwvrjJuq04QPG8GwDn81m9O2--BMBXbXqP7etEeXaQyOyCIElN7gLJQuLJn3OJNNco7BwoOFkkQ82zZ_dHUqp3zxc63atGJs2q-hb6s02E83OeRGUy970jYIbT5OHXP7QF1-JTc7o2yhbN_-TBk2JGDrI0jhlpR61r8wEyvDwDmKk8iVqUo0bjM7CtRHmn3ZFALyFFdmXYK4IcNC8FF0VeXwb_ZUjqcSCW2vhXzE5T16I832OjDPwsnRaJJeyjYGDUqQld2FWobKE9iGsxsPhNU2kadvuHui9MAps2RgEMjnt-WN77I_2sDQdL_-WaO5McciLtD9Ynn5ZDkGeTvA3A3xpxBeGtuSDEqgaaCNUx2Y1x3lMNS5cVWljUgi3HBdeH7JSdrPz8L-YqNTbUKHZS5sOoMbsyCe8zqT__sdBNmxWcSJiJLLvbeqj0oFjY_CaZmyXUvvNKd9EF9_aMvIxkXfvse8tEGDuHt7wZJKjjpG3fsQVJrFsJA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9CEE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstv6t78a7gi5YqHark22Ecl93dzMe2SQeM8Dm_hEtz-5lh2jTBxFhlf1wfjoAEKAiA9k9yYWNtT6Q0siJ7zcmLDyUKMfQB2OH6-5HJs5GUEi5b3oCzA8zFQg3TLOkFkajyT6TGahkkdPOISqd8MCmtoPREoyjOMRTjCJbgwevQxf-iul2W2WMUPXhoUlBMvcpdCm2Ftqp48FBxKwzSzsanjYEafYa1gIrEx_bRVYPHlaHRTnyuyy8kbQ2Fs4Im6fRhQIryv91voJx4_yRoXGC8NrkF9HUlzaJWErxpYMAdcbHFpsX7cbvGwjvK1egFqy4T47bA1Px6mYxycfsB5F-ddLXkZX0FyOkjkWY3RJ8iYcYM6PUaTsQrrpw-oNP4jzB8N5F8dHwpkGA0--G8IJA9Zu_EmsDbdmF9xUGkcqLT9wdjIruAIvR2YXSUXxoJX0QYHnpfgh-I4c6FMJ64FqcnToHbajKwpZWvSIYUAjtv7eI5IrHZjIujeQTr9yG_lTWWGG-dXjJ3w9z9Qdemb5zVDSSPljziouGmJ3Qw_zyT_vhbkvjL2oHd5DekFkkZTuRa5UpKHqVOVYkepvP5ikuSjjTwg3qcx-qC3vsZG6gBLiOdDfqmPnWjcNQAILOJIQxKj2fQdM4g3ZeTyGMR2m5eAY8sTmtFPqk30FFkrPeIUkfz9PBH00nDwB94bd3HFr5uUpptKrblapF8VhxFA6laWNKYyFNyb8qvaS2rJcK0LGaf8fwXx225EF7inyvsXAz5QeF_s0_4paCb9TXbsRkTcCBG_2SdJs4i0gWD1h-JHoAI7AzEJm6X0u6BIf3mEbd6zzhmt3RTV0bSBZOCohkwGD3HhHcth_9wM-90zVr5c_uOPrmn6V3p4wHoVibvwXcnJliapkL51dZm4Bg35CiTcBKntHh4Jl9ET578Pk7_4EGxhR2JaKzkhPfZ2UagR6OKd9rWFmCiPqz_fZTK7146YQ3tWOxyK7BFjRtw87uWluyY9ceyhcmf_H_mAotzhF-UI8QXzYhedoLGQrwSYY5AJJNub1ftHw0HPPllrxrpxtEj8F6STgt1kuucJHlAOupuRizv7Xsj_vuEEKg4CUY6NXbdjKqizN4p-HftKpbqNF1F5TbusAiun910td1CCiQTJv_I04_8NjjKl3VFPGWtvjmGjlk83RpOeERGCojC49UbY_q5BQuhAGL88rCquRx2lv3ixl0zrV7VFeIMCrngBBM2LtdohGDnh7X5ITjgY0xKNP--kKZzyGsd0iycPZjUyn8-gMRoIRHe8TwOg4SR9xKyM0V_CVc8&sai=AMfl-YSxnbTpFRhRqsfnB632wdPfvoJjiu_nDamjTA4w9n8yrsiirC6sAqNXdz-K_6Oma3gR9WGwIy5pwaN5gmott0hy9sH7Z9MsGjgPIR2KvIYxqzrMoiW2KncA6nUgx8NzROIT3UA-yBXEVPl4HR1LSnaWPzyCwnAds3zHXQnaOQvIzWdxtILczAhX5IYEIXok1JLxhNQQUAMf_ihYotd3MKym6zD6caK4WR6HjJ-kpsRxZkO_7pn0kmjSd8c4f4Aak1vUWFhdrDWjYacI94LoIySRodzyoP1osGyj06pO9QlYNvFOSQPPpxhWavKZqyqkbsAZAThwCmhCBEotYDccL4e5OFXKYMUYc8y_PCe4EnGca0jp6WGwe2A1ChT7eKbzIx1bEQ2HchTQQ0Xwa5kjBS2B4ghGNj3_BB9XYA&sig=Cg0ArKJSzCQ-NGuzYhHNEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=645&vt=11&dtpt=644&dett=2&cstd=0&cisv=r20230614.79183&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=611427843&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ezGlRwo34b&p=https%3A//k2-ornata.com&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 05:01:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2EF8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstN9CSH2Cj1YhxFycgJcYtAeuv8-yVP0b1_NT64KRXAac3gwoEgaCRnROMmiTgvY82yRs-1Y0V7AiQjx3mgVKlkCJFTF46a_wNLbcazv8Qrgh9DqubRRB9c-fv0gCzRNAZt_ZzPGaKaZnI_DcAGmO1fPs225VypEIJAT69eyONZj9vEG56ad_GY_vF0J7dj1GfkSiWgy9PbbGdIxIfu6DqzgQ1VNkwBefugcA3kLbpxEPXTvjdZVJd8_2HBKZwWDhiyK12qYMgl8DVGWX59gm1txPb1jfgIR3A_ME91zgBl4Wp0a--yaTCXVsqI_ogoTOA38woWjmIv5KM70I_Llc-q7M8g-_Vk54V29rUnQAOJ2gR01nEOZI_A8RDLV1y6honQ4-dxqTvfnfKomwY0NXxsczPvmCOZxsGiPwtcC8BlLOc3XoVWx-SS1xI45e_8TVtp7e-HzBQYwDP4FTd_3zCoT8beBCmPbh4qsN_FLv2OHxrSX_9GpWPjxf8vmxopMG1LKDueICCCvORrWkrWgTKAQoO9xmejne7o51kU0Ph_ZyFU9YdYmyF42ulOrW61okrkvcORysYLRywRs_TI1I1Q4GP7QmGp5pntIQQRXF0OfP05BsxDup2oJLzrpmTzq6TkBTC09H_2itap9NnmbXmFIR_nMLr4nG9UgrL13PxhrskTboAwsAAnGhCvNXkx-i5LOaB6sFnzthzM66xQ_1xuI6DW4tq_QGnYUNs0sjATqfI5SbhFmeY5Aje4IeN8pIzr8OoK4hUq27pfL0G6U0-_MwzHVCMhk8rL7Z2WIW8ZI1Y80NdFX7H4CW1rql0XQ-yymp7Hxklsjd9i0bg3UJAg4GfOq2Y4mdjJokAtE4MBBJO0YJwXoWKGjZYXpV7J2zzbjlU0HSULLrjfuufnllsrHDn60MsmOppGD2VIV3yKLp8RYTd2AL8HA9bhm2rE_4Pbt607XFaurNo_2jYhRx91VGvqU9F99Y7hNreRidWU8IAlLN1oAx4wBcBA3SC6CdLDl9BLs7c8rnIVr3ojVtTQAlj7qbGplNa1nKZ0gx5XC-qs1PJr-ga_NmI6rW9nqtaGJ23PgTv0AT-DdTLHGhP64oCM4YmD0pFi-TfK5dyowI3WKFaTNZl2MdUvaPls_dUKFB0PpaGEfKhhLFY-169E7UGEVKkv3xrQo_mo43Oq-DuoD-oPaWInjRvDcG2V9bRCi3erJ0jgy-EINgOH0WYN7YrHm5yhwkdWRDtZ-bWd8D74mxIZ5sXNPsXRD4znBYhTh8igwVcgoW5oQ7XRmW6Bm3WcIDt9-Mc&sai=AMfl-YQv5ZrrZcKb2nnA6AMXgqCHtKdlJzoNmyILouoiCCdKbwjwzAuZr6yErHk-GIzOpiLaUzbpxf5YoZukMee2mZAtc8_WFMq1nficRIO070qfSk2khc-u_C41VK9qZte53SiCO1WaKvnv0YvSKjJ88z5mJwyJSmLglPRZH0g0Cncd-Ej-ibEdr-ijpBW-IHn7EDbjUBRpCMF9yJ7oYYqBUf9wYiHr8dkO0v9fXdq_eINjkg34YQNdhFjS3G62Sv6a86oHAyFNeUQBmRhNNSrKoCQMWe1Yh2pRqYUdePQ2yqvlpT6INajih7DvdujItsiGTl6uJx7PC259dztZi-I8XUOZp3EGkM-od1GZstdqKtldt1Hfcjkkja9m3xcZk4T1BClvMUnNvm9Kkh6HSKVXPSIxz6rPBlnXRfLpCw&sig=Cg0ArKJSzEIWZcRs8qmKEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=636&vt=11&dtpt=635&dett=2&cstd=0&cisv=r20230614.15464&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3359993646&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1686891661&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661736&bpp=1&bdt=3229&idt=2&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1YxWLzbXto&p=https%3A//k2-ornata.com&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 05:01:03 GMT
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame E6B5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=334&adk=581068305&adf=499651972&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1686891661&nsk=69138a69&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x334&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686891661779&bpp=1&bdt=3272&idt=0&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51327c0bdb50e643-220329130a80004b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w&gpic=UID%3D00000c4fa9f6e37b%3AT%3D1686891661%3ART%3D1686891661%3AS%3DALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=6707657911768&frm=20&pv=1&ga_vid=2074388333.1686891659&ga_sid=1686891661&ga_hid=810261117&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44785294%2C44788442%2C44794790&oid=2&pvsid=2822988339609062&tmod=2111181834&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=pvKsnR67mJ&p=https%3A//k2-ornata.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 03:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
6217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 03:17:26 GMT
like.php
www.facebook.com/v2.7/plugins/ Frame 41EF 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2fa73871023f1c%26domain%3Dk2-ornata.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fk2-ornata.com%252Ff11b6bd3972d394%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a9d0fc571a0dfb1ecb830ad57a04071b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
9128a1686e8719de388b8317e53307350948e267feb9a482b874c5af34ce213b
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 16 Jun 2023 05:01:04 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
orRZc1B1shN7+kzJT7x6afnVVQFcKKyvXFJ6xU629S8bYNyQNsssJOHkULGTaBc5l/B+do/YU6beZJrsVomJ4w==
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230614&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
320045a6fb2f96c50a0059731a8a893d99af6fb58ba2671279832c0ff7aa2bdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11281
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 05:01:03 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0B35 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst12dNJtw8dzvDnNVDF4stKlHwy-v5xI6rOnh70XMzXtSmALeciaNzvRts0dKU3VKz0bJgxQCReAIMw1pQRHCJYyf2Wg_yoiUucJ18VYN4trVT0ZvLeATQtsyJ97O9JECAZ32DMouk57Q&sai=AMfl-YTzWQfCgRszva7EloQHeMRw3Ww7b8-zoFjC0FEgaYQZO_smTAQHdxPS7Ff5fL53BxWelz_iaOumC_AR&sig=Cg0ArKJSzLkMFiNzsTAYEAE&cid=CAQSGwBygQiDRw7q7CWefLPWAsIw0Fl53f1CNEwxHxgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3363353524&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686891660959&rpt=1500&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 05:01:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4B3F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
age
3379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 04:04:44 GMT
expires
Sat, 15 Jun 2024 04:04:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A378 		783 B
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f4.1e100.net
Software
GSE /
Resource Hash
e71e9cd50391d99438380dfdc5e54c31815fe8da78345070ccfd07cc6f6a7973
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A3es-vfmaLK_99UjPGziqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://k2-ornata.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-A3es-vfmaLK_99UjPGziqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:01:03 GMT
expires
Fri, 16 Jun 2023 05:01:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame A378 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230614&jk=2822988339609062&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame 4B3F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 03:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
6217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 03:17:26 GMT
generate_204
tpc.googlesyndication.com/ Frame 4B3F 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KIpfPw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tNKyyceRUMc.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/ Frame 41EF 		517 KB
134 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/tNKyyceRUMc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2fa73871023f1c%26domain%3Dk2-ornata.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fk2-ornata.com%252Ff11b6bd3972d394%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
c13b65781813570dd60d87e7e2c2125813bc7b498ddc6a0b6c723aef7e07090d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oamqmNf6DU+pE/tDP5uiNg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136518
x-fb-debug
VBJ8B7M+NXuAjP0I1FZN2rKoMREngeKURZp3EMmlbtYXgEbGjQ1hQq5EFy1lNHo/zWV+mB8wvnGvtYRcg5m+DQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 15 Jun 2024 00:37:07 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 41EF 		299 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2fa73871023f1c%26domain%3Dk2-ornata.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fk2-ornata.com%252Ff11b6bd3972d394%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:01:04 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
6OkLu7nj0pQQ9moRZAH9ageei8mjAiiv6Gjn/cVeDTSqq2D6dh7aUVx++LVkhSNMRXa1jzdbopaLqfYf/zpTag==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 06 Jun 2024 20:05:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230614&jk=2822988339609062&bg=!ZmWlZTHNAAaGYqkwpmI7ADkAdvg8WqJgnSnSW-v1qbedtCMc8KK5JJqNwwmZkI7XMFC3rwxKubZN5V8iWaBA2_C3tWi7xQiSVgMCAAAARVIAAAACaAEHmQMFO5P2wtlrDGm3rrAEz9ZIlDz7xHHpT2G8gM6nr7ENaX8caVAK3zuwh67fjAOJcpVCkJAD-F2OeznfYCa0LqEZrJfWk_tIGQjWtls3clvrvpzkX5YxaKrYz2lM0fvAjjsJAu0n79VKXZa5snrLd6ut025LpCtxTk0Tu38V05s8F0YzylNt1Hn6txZ3bo3zZADZ1rluULW_QQVTJoFFe5aUWhAA21YrChzSrLI6Hnc8zbUJBc2fRU7R2GdX72fjaBicQ3HwpE4g231ofFnKEJIkBP2o8G6ujkPTdpjJ35A0FtwvPaB3wQn9K72hSXrlbWmuaDXnK-6ynGDgyvNjx6h2dH6zcWJO6ua8HgQThxRyGsi6vJgLPQp45zRbRyySpXIV_sU0XiYkew_FjfcDZi9OoTsY_CbipA7K4cEsI344zqEKjLMiYyOHoHIXfF56vWEj5EB9E209plNrUbS_8A6C3twiWDodjzKtTK-Mf0B-0e43sqvhBGJhjgC6X-zRDT0fNTYXffZ_VDYf68AuQ5U6Ui1DrQkWuolM3OddMW4R9wz8dGwXzHT7AMOpcAu5ty1fYDQvPLAtVa3lk8WZ5HJJl8nRugZJhwsSY4fT5WrzRG-HimwiNTvkYjk9SOV48lEl7aic_KqOHxV2DOA-g9NRF9quG9S5Ugyl5vW6aSRJYYTPfA5G0P81t3ov2s_FII1QMsm3RRE4W0wHr22FsnkR0Qfx05ID7rJKtY9wfbE625RwSD8pwrachNMxJgpy4nsskKtFKXS2WWgQBgwgvfsVtU8iM2y4OfIYlVRQsPr-_daWpcKZbuiNiINgEvBqwN7ZpMU5alP6hWdpjSE-zFgrWiaK3Lrq9iBSHxhMF3DBeS9jpMkKbsEG-Q9TaXouMgZC18RiUuXa0GG1bh41x-Q-Fmx1OSkXFZVTabz8xQ2FvNXbZjOQYZY_eT7Ni8zKaklWeTu0mWOPSSZHdXmmHz1h4QmzHOIkYlpzlTfunr2VkLjjV6swx41uqbbE9dZKOy27AU_Bu2M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://k2-ornata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 boolean| credentialless object| onbeforetoggle object| onscrollend string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend object| wpp_params object| WordPressPopularPosts undefined| $ function| jQuery object| google_tag_manager object| google_tag_data object| addComment object| gaGlobal object| screenReaderText object| twemoji object| wp string| GoogleAnalyticsObject function| ga string| align string| savetitle string| savesrc function| onYouTubeIframeAPIReady object| FB object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| __twttrll object| twttr object| __twttr object| gaplugins object| gaData object| __buffer function| google_sa_impl boolean| _gfp_p_ function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

55 Cookies

Domain/Path Name / Value
k2-ornata.com/ Name: PHPSESSID
Value: ea5ef9fd7085744514238207a4eb6cdc
.k2-ornata.com/ Name: _ga_BGQTJTCWQB
Value: GS1.1.1686891659.1.0.1686891659.0.0.0
.k2-ornata.com/ Name: _ga_V1ZLTGDH5L
Value: GS1.1.1686891660.1.0.1686891660.60.0.0
.k2-ornata.com/ Name: _ga
Value: GA1.2.2074388333.1686891659
.k2-ornata.com/ Name: _gid
Value: GA1.2.152274300.1686891661
.k2-ornata.com/ Name: _gat_gtag_UA_161547419_1
Value: 1
.k2-ornata.com/ Name: __gads
Value: ID=51327c0bdb50e643-220329130a80004b:T=1686891661:RT=1686891661:S=ALNI_MbMV935GoH5v0dir6h2RLJ5gv6P-w
.k2-ornata.com/ Name: __gpi
Value: UID=00000c4fa9f6e37b:T=1686891661:RT=1686891661:S=ALNI_Ma0BKZiTnrfsPy1n-uvG9yk4Z-rSw
.doubleclick.net/ Name: IDE
Value: AHWqTUk8f_xncnGQmJEFQOKKaosZuB3eTg75zmY5NdjYwqUZZZg696AY4mVZ6dsA34Q
.c.appier.net/ Name: _auid
Value: 9hHueT7CA-K0nFunjuyLZA
.c.appier.net/ Name: _gu
Value: CAESECUi4PGJ1SM05xUB73Acqxk
.adsrvr.org/ Name: TDID
Value: 0d464c81-fbbc-4857-af02-0d8dea186f5b
.mathtag.com/ Name: uuid
Value: 30af648b-ec8e-4600-be92-5d3e86133e9e
.mathtag.com/ Name: mt_mop
Value: 4:1686891662
.send.microad.jp/ Name: TR
Value: 4dde70a0f5d29f85ea40da23872a307c353e81f211d63260
.openx.net/ Name: i
Value: a33d6278-13bd-4188-b515-3965cfe9a2c9|1686891662
.reemo-ad.jp/ Name: deviceIdentifier
Value: lQPwRQzChbXYJckWPVORpQsUYTueGkJM
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.fout.jp/ Name: uid
Value: VzbrX5MZ8G-guz7msCgFyfO2Sas
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI4suH9JaM9zsQBRgFIAEoAjILCILJpqCtjPc7EAU4AQ..
.r-ad.ne.jp/ Name: r_ad_token
Value: 54u51201MBDHN006nF8m
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZIvsjgAE8gpFAgBR
.casalemedia.com/ Name: CMPS
Value: 5363
.casalemedia.com/ Name: CMPRO
Value: 5363
.socdm.com/ Name: SOC
Value: ZIvsjsCo5uYAAJpmRewAAAAA
.simpli.fi/ Name: suid
Value: A44F91F9B5E142A991B2E118BF84111D
.casalemedia.com/ Name: CMID
Value: ZIvsjod1UOFsLIt2VUG3CwAA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adform.net/ Name: C
Value: 1
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A2004713658795221560
.linkedin.com/ Name: bcookie
Value: "v=2&daaf8032-c9a4-4ae8-886c-517642d254f8"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2941:u=1:x=1:i=1686891662:t=1686978062:v=2:sig=AQEmeC8qxGMur-OxJQHle60ryLUhxwI6"
.adform.net/ Name: uid
Value: 6633724027148948152
.turn.com/ Name: uid
Value: 3575561765081843736
.bidswitch.net/ Name: tuuid
Value: b3a67e60-4b26-4069-b3f0-80aa32752c6a
.bidswitch.net/ Name: c
Value: 1686891663
.bidswitch.net/ Name: tuuid_lu
Value: 1686891663
.bidswitch.net/ Name: google_push
Value: ATf1kGMncR1sQebS_9Y51m43D9RzuhYfwT62fwOhEFGujpKnp6U0z83OKZScO9lFm6neH4j-s4rRAkB9fgJkYVhyx5IBuHxd8KU7TQ
.adnxs.com/ Name: uuid2
Value: 5977969198428692140
fksnk.com/ Name: AWSALBCORS
Value: YIhdyZhOPitGD6T1yXxbqRWFXPkljf3DqtP1GDLVp2uIPDiA85Ii3HltgTo8ZOYFEJrOZQ8zdEjwDpFTXvmD9k9fXewD98shDK9NWMHM8SQMNelcYJbvISPKiLv0
.fksnk.com/ Name: f_001
Value: 15F7B9222549237D
.fksnk.com/ Name: g_001
Value: 1
.mediago.io/ Name: __mguid_
Value: 6cf81914f08d49a5b42842a781e1dc57
.quantserve.com/ Name: d
Value: EC4BCQGfKYEA
.quantserve.com/ Name: mc
Value: 648bec8f-26a0b-89c38-a6b98
.yahoo.com/ Name: A3
Value: d=AQABBI_si2QCED-9pF5tEcw67ToeD5SR28QFEgEBAQE-jWSVZAAAAAAA_eMAAA&S=AQAAAnNvx4yT5cp5t2JxRshnWiA
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTY4Njg5MTY2M30
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$Uj/=vF!]tbPl1M>e)ZlrFUfJ+tGXxo]:]:g9FmKY_LE`6Kb>o8P[L4P5[)PG0tm6ud*bpRz*qF1`*b`0t*6)@W
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-92a00b91-ad90-54e9-58d8-44572a9daa21.JlmRZTSs06c7H7sKnhtuftSP3%2B7b1dQRfS7NL751oYU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AkqALka2QVOlY2ERXKp2qIX5cULw.R54ff7Avw2jciLqjYsbSZIGdD9MS60HrvE52FwSSeIc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AkqALka2QVOlY2ERXKp2qIX5cULw.R54ff7Avw2jciLqjYsbSZIGdD9MS60HrvE52FwSSeIc
.zemanta.com/ Name: zuid
Value: f9lqnRJFnNsZ6yFvfrcj
.inmobi.com/ Name: idsp_c
Value: fbb25a76-5fb1-4c93-8ac1-ff8b22d55c8d
.uuidksinc.net/ Name: jcsuuid
Value: n9kzmsm2vERj8UHwTA7I

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
ad.turn.com
adservice.google.com
aid.send.microad.jp
analytics.google.com
assets.getpocket.com
b.hatena.ne.jp
b.st-hatena.com
b1sync.zemanta.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cs.r-ad.ne.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gdn.socdm.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
k2-ornata.com
match.adsrvr.org
mweb.ck.inmobi.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
r.turn.com
s-cs.send.microad.jp
s.uuidksinc.net
s0.2mdn.net
secure.gravatar.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.dsp.reemo-ad.jp
sync.fout.jp
sync.mathtag.com
sync.srv.stackadapt.com
syndication.twitter.com
tg.socdm.com
tpc.googlesyndication.com
trace.mediago.io
um.simpli.fi
us-u.openx.net
v9999.adv.admeme.net
widgets.getpocket.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
103.229.10.247
103.229.205.242
103.43.90.179
104.244.42.8
124.146.153.150
13.107.42.14
13.114.84.250
13.225.165.28
139.162.117.143
142.250.196.130
142.250.196.132
142.250.199.98
142.250.207.34
142.251.170.156
142.251.222.14
142.251.42.130
142.251.42.131
142.251.42.138
142.251.42.162
150.95.47.242
151.101.130.49
157.112.187.75
172.217.174.102
172.217.175.104
172.217.175.3
172.217.26.225
172.217.26.226
172.217.31.131
174.137.133.49
18.176.234.133
18.65.185.124
18.65.185.94
185.84.60.21
192.0.73.2
192.229.237.25
20.85.134.6
202.232.238.37
202.233.84.1
202.233.84.8
202.241.208.56
216.239.38.181
216.58.220.130
23.90.68.235
3.33.220.150
31.13.82.36
31.13.82.7
31.220.27.135
34.126.167.117
34.200.89.174
34.98.64.218
35.208.249.213
35.213.12.39
50.116.239.135
54.211.72.252
54.251.79.41
70.42.32.223
99.84.140.67
00b267dba64401f3e19ad69ad6d497b9720ec7c9c46e95af9e13497cf416efba
0291cad6b014a24a4afaf484ad59b28ecf668d0a09d44dbc7fc49a13c52c7892
07ea26fd76bbf2c2b84d1711bb99c609ca55f41a762a19c74fb34b8879047700
08887d051deaecee1205bfc9c9932c290e4d9b8ffc0607b5fd0937849da024b6
09acf09dd7178b79bcd031a0893529d17e62fd10b5f87cf157d06f6cba5438b8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cadd24cf8d25aca4bfe8ab55935053fd8aa4cdf583984ca07bb4320fd85a0c0
0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c
0fda122942f39c62ebd2d1ac9de0cf6c6e4cefefb31eb86e39777f46c7ed5064
123b6d142899d77a1d5a616f027610fed53461bea1e565b43201f9b4aa237f68
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
142b6594c54f6a3ab76485be1ebb14b2be64e80479bf2f8c0416e36d13f5115e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
2136f25774fc5835496c5da8af6e18a6531cf8eaa0a76645352ea5de823e2b9f
2482ca063826c20a61cd4ff86426d08d6771cd61f10056cdaa170d66c1bae8cb
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2ba4d117bd8697010d7a712f8ebad97661ea9638ae4ac2b62769a4f44aa4f9fa
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2efe0d8072659b087901323e1fdb18a0f57e6011cb9cb7edff6e1723fc2e8d70
31209227123a6cacf64ad11dbb97b083d77d899df1a026527110f6deb8b614fb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320045a6fb2f96c50a0059731a8a893d99af6fb58ba2671279832c0ff7aa2bdc
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
353ca8904188cb2c4842c8091d9b06acac58e3fee045a8363c1184026a179c68
381ba25c38f0b7fff80ccd9f3b20ca50e058ca5bbb5f954bc95b82e4b68ddd7e
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3ab296b2bb2aecd4942237b656e45565beb04d9e73c45346a60e1d92616aeaae
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c447d217d1928a57a1f29876d5437ac2f26164de9cedc3bd06c55c3be47e094
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4022b5ef36894f1e2bcedab9a1574665218e7c0f05408ebe8e8ff689601088db
40d6be014f0faf1bfdcdcb51e1776f47a66663c8bcd98af0978ffc206d66a962
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b2b497efca37691fe00866412ef13252a82689ee93246dad7ddb42b9cbe1d0
48e8493f564352dc6c5dd45bbe6af2af7fa7a0e3b798d9371d6931d90628a4c1
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f98d74dc5dea24db279aedd49367424c72cba9fb67341cbef8bcd2f0ad002
4f9fe406cdf964925c6233fb992f3c3ea658d12df3c26c25df1850e73f727aa1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508742edf8c52c5661f6171d49fe1ce00d5efead1dfc4a4de083c35a7534096a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
58af5aaf2157117d1622e505251b188dd75fd5ebe201eecb96d5ca29b9575ad1
5aa869ba3a3f7a8883a0e6457ebaea6bb7c9069e296bdc166ce30431d318bb90
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c98385b699cbdb11d44ffd43348e0d7167f67deaee818e2fd60d05e53e471a1
5fc74f8578b307dc108e58360d971606f0bf7a5d66ca217bc132aaeb3133077b
61403f586e03ca26a4920ac368ecf4973ad46def79a1b46532f6bfc3d5573125
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68389b54a803e4cffd8fdf6de48f44b485759dd6b1e47134da2174cdbd1c9837
6a5c224768f2ddf9acc6ddac0d69d7c3dbb31e2a2e53127df1212e42fdeb6a54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
6de3e63e9954accb582023595f6b1a79d533e02830b66fe76f8faab6969d19ae
70146f0684bef6a4abae9005bd1b8cb874046381d731ff8f2441f3238f5b383a
708e84e3a28a47354e2b08cc4ed9a2bc76170c1a8f78cb45bf0ef4f5119c8312
72764be9f5bc2441dada9e219a427d3ecc223b7197110f7d16b16e8642c828d6
73a3a7fbb12dec974635a1f5a1cb78a727f04b5c392ef7158159b93d724fed4e
775921f6bb3445ce119055dc4d6b4ed9bb387ff7c64284d2709b6206904624f8
7b81d15a7e646956e72ca04a8a2037d2f0ed313958b88d50eb1a657defb517d8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
88677add25a463d6ec5ebd6fdea4f8822552975a2a5a8465885a20af78793f72
887e18ea2cef901a2af816111d801618689bddad5ddcc547e74ec9f329f2abc7
88953dc0aec3c012af6f8e09f0cfe2d32e8fbe709976af6eb8b8520ea12f0a01
8e6b8fede0ae764636e3711cc6168f393bfbbd2e2bef9458274f249b97871e9b
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
9128a1686e8719de388b8317e53307350948e267feb9a482b874c5af34ce213b
92b0f3732d4dfd5d458c2db747fcae8a7f15a2549a4ccd76758b68e9a3266b4a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d83c433ba3da97b751ace7ad035ca7e6edf689be1fb8f1e7da5ec2426c20054
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b635e1d80f4f114e2ccf129e5dba6ec69c79f9241bf427742b7353d7fa5aca8b
b80aba89400acaa307dd0ae705eef7dc787c8fe57f6c18f0e0fa9a329dacde45
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2
c13b65781813570dd60d87e7e2c2125813bc7b498ddc6a0b6c723aef7e07090d
c1ef167e3112a81527dac4791653d424da6848e92d7c642fa2ebd2e64f5656ae
c3c58b312d20c16a9351bf84f815f277567f40efe1f5a8517cef3aa9cac15815
c6d56f8cdef052a7d17726f28428d67ba5fc76cd473b8b3198c7ae4bca139122
c704a1ec10c2ec61b257ed907f40797771a1ae0e42722d201977c1bdcef80820
ce51d5644c7b1ac82f869490f962ae18744f55bd81667c63af39f4406df4fecb
d2297e2f4023ea586ffebf59fd5da6e0fb1a3c36eb4f58f874cf3c4ccb09ea56
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e21cfd7b4a5e951d7c762b02cf54541e8750f7d3e3511a1cf1724f5d5dcb3ae7
e2cc7f8fe276b668797a4cad6196f9449830528ba8ec76b1b5eaf71a9c91b089
e2d84e6a462105e079059bda163a5e23e9b326ad0cb42e2fef52ecf08e20a92e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6deab93ae202482c73676e54f020aa81eb2be2ce75ec8a62bf2394d0176f93a
e71e9cd50391d99438380dfdc5e54c31815fe8da78345070ccfd07cc6f6a7973
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8045c28432cb3891e968727513b92ec2a5014b1181fa78a7bc8b14756b52747
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
ea03ab588b035798133e70d28ee5a2a9316377750bc4f72de25d1a618904787b
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eb97ae42500ac290cc6b1e1c63b0784a790777a63883f57ee7f418b09f448657
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef58caf03d0cb4571d1e48baffc8a6340cf8de1c5010670c9364063a48b1ef31
f0a3eab52dd1293941d3cc73e24eca8beeefb6c670dd95be7de808aba49ca892
f0b708dfe0ff558125acc5ad3c7bd5af0b7c3066b13e848cff37d9f68fce83a3
f2cc9e69897108084e35e8ae0778e238fed59b28bf18bb1863af276ea066995c
f603af0a1f8fe36c920bb46a81eb34b72e2e543d117f1f7c917317d5d3359476
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
fd5454d70f20662294b9cd2fa1e7cd1e6bebf7e5ea4426259f6f538fa012753b
fda511f54ba826e965faf01dde8df4aea38232242b5c2ad2fccbe44f78610ef0
fe286d3d2c4aa4a663d5b10b1d53f31bad5b9fee4742170b49835d4f86bcd2bd
fe4725d967cdafe16e972f934768dd5794a931d2e16f10a19a3e681f4afad7eb
ff6c7e12a48fa77ed222b18ebd834a1ac84e30fee80ec69637d5bcd2add16dc4