k2-ornata.com Open in urlscan Pro
157.112.187.75  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 109

• https://googleads.g.doubleclick.net/pagead/adview?ai=CZ6m1MMrXZNH3Deu8vcAPlIW5uAycztiYcuCzxr6yEWQQASCp1Yt8YInzxYT0E6ABksCkzgPIAQmpAlR6jWqroD0-qAMByAPLBKoEngJP0B9sOwvQhwrlvUJIxgY06G7-NRtDyJgsN_6A_MPHTrkD-I7g21OCjy2ZpAedeO-g8cW6INatw9rqLSJxmRvNU9LxwmKFnp0o77MqDaZOCkga4IfDyVl3Q9sm2rgnamISm6ICiAqQPphADeS0fn5qLfb33m2d00RMGweYmz17CBIALTwvUxDywUeJtqrAqxZr6rlJ7xxs4KpDVlcFhKBlshfnoE65DF8rK58u_kNUxE2tFMW9nXdjvZHsLLIRflcipPplUXgwhdYpR0lFU-25j2XZTga-lNr7fqCRfhKALFZpo4f72u3Pvk1nDnTc0CTae1lyp8xufpr7q6jNUkd0JQ3Rts9cQjA6DuaNLmWEELU6TqDk-lbgAuQziOoQwASyjLHctgSSBQQIBBgBkgUECAUYBKAGLoAH1r_bMagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKrNB9IIFAiAYRABGB8yAooCOgKAQEi9_cE6mgmPAWh0dHBzOi8vamluamlidS5qcC9zZW1pbmFyL2xpc3QvMS8_ZyU1QiU1RD02JmNhPS0xJnA9MCZ1dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPWhyY3NlbWluYXJfcnQmdXRtX2NvbnRlbnQ9bWVudGFsaGVhbHRogAoByAsBogwIKgYKBMOwsQLaDBEKCxCA1c-ZkNzXtN4BEgIBA9gTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NTQyNjA4MDYyNTI1MDUxGAA&sigh=XqUqNSWYxoI&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWracZIDa5lTlTR59Ssr3rThg67kfF0xgB&template_id=5000&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x544512404810d77c0000000000000000%22,%222%22:%220x6feb319e52abd8bb0000000000000000%22,%225%22:%220x1154df82ac9163e70000000000000000%22},%22debug_key%22:%225247785587827652255%22,%22debug_reporting%22:true,%22destination%22:%22https://jinjibu.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22969482258%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228679320089627176449%22}&andc=true

Request Chain 144

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBzJ_LcAljHqNezet9ib7os&google_cver=1&google_push=AXcoOmRg2syyKlHrI68yAM8Mi4lbgasVxdpCkPm_VMZrb5WFlR0wC6S50i9gVvGhLA-Xm3t_90UCYV4B2YX9Ws-M7ick87RZsL-ksw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg1NTYxMzU4NDM3NjE3OTg2Nw==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELe5Y6Ba0dIBxUKkCxONkOA&google_cver=1

Request Chain 145

• https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFV2SrTtkObfZ7pDpVq4WeU&google_cver=1&google_push=AXcoOmRtbAO2uYXx1q8wPAlMdy6anv5nflirsWm9HeDNAkOUTuu1pGEy8g42NaSTduwIyf2F7cnbzvOse_FsmymohI5jS2x8eTULqpw HTTP 302
• https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=b7f87dc9f841b0c&is_secure=true&networkId=14000&version=1&google_gid=CAESEFV2SrTtkObfZ7pDpVq4WeU&google_cver=1&google_push=AXcoOmRtbAO2uYXx1q8wPAlMdy6anv5nflirsWm9HeDNAkOUTuu1pGEy8g42NaSTduwIyf2F7cnbzvOse_FsmymohI5jS2x8eTULqpw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJqtiIndYdnwMb3IM9AAAAAAA&expiration=1691950001&google_cver=1&is_secure=true&google_gid=CAESEFV2SrTtkObfZ7pDpVq4WeU&google_push=AXcoOmRtbAO2uYXx1q8wPAlMdy6anv5nflirsWm9HeDNAkOUTuu1pGEy8g42NaSTduwIyf2F7cnbzvOse_FsmymohI5jS2x8eTULqpw

Request Chain 146

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEM7P2M3MCGXCZPcnC9Wonyk&google_cver=1&google_push=AXcoOmR4kV83Naqsne2kuhKN8q0-6PGZIxMTY5Mk56xI3zeDusAQ89zgahnfNf04Aohh-ajilUXBVA93sujkttmKmhSuEBHstDlyrHM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM7P2M3MCGXCZPcnC9Wonyk&google_push=AXcoOmR4kV83Naqsne2kuhKN8q0-6PGZIxMTY5Mk56xI3zeDusAQ89zgahnfNf04Aohh-ajilUXBVA93sujkttmKmhSuEBHstDlyrHM

Request Chain 147

• https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmSJ7-7NK9HlQIBXFOOJm1yVPRjpbwJtnbrCQknLzMwkJleRT9MINivutPBNzUAj0vaBPL0PGEZHlREVOjLa3D3XlFd6Pb-u7Q&google_gid=CAESEMqqQocJMaePkLoUdruTffs&google_cver=1 HTTP 302
• https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AXcoOmSJ7-7NK9HlQIBXFOOJm1yVPRjpbwJtnbrCQknLzMwkJleRT9MINivutPBNzUAj0vaBPL0PGEZHlREVOjLa3D3XlFd6Pb-u7Q&google_gid=CAESEMqqQocJMaePkLoUdruTffs&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmSJ7-7NK9HlQIBXFOOJm1yVPRjpbwJtnbrCQknLzMwkJleRT9MINivutPBNzUAj0vaBPL0PGEZHlREVOjLa3D3XlFd6Pb-u7Q&google_hm=Adi_WvbW0NgOks8AD7P3pMDQaMA

Request Chain 148

• https://fksnk.com/cs/google?google_gid=CAESEC9Jdzmu0PD_uYizAlK94NQ&google_cver=1&google_push=AXcoOmSkmidpN8x_E5Fs-qHEQQJ4DT2x0OW5vWNBN7t-lBeWZsHEJ0g8rELF5LZBeSy9TGaIv5CxFN9uY55uGH5l2IxxoE-NpYdCXaQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QkVFNzA1MUExRjg5OUFGOA==

Request Chain 150

• https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEBU26pNUZvaeke182xEIW_o&google_cver=1&google_push=AXcoOmRKSXrg1dRd5bRPZkooTMmStmPzeskM7adFwFZDKS87aIzif9NbbKQM-QZOKekfr18HhpUJ8bnDOlTQv9gkmkNcNvsH0rCoxw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ISXooLOXVytpHVJTgUrD5ZJGydk&google_push=AXcoOmRKSXrg1dRd5bRPZkooTMmStmPzeskM7adFwFZDKS87aIzif9NbbKQM-QZOKekfr18HhpUJ8bnDOlTQv9gkmkNcNvsH0rCoxw

Request Chain 164

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBWPIAnkSWmqVFqHZ-udQyA&google_cver=1&google_push=AXcoOmTQl_GwkP8y1mBOUfHiZusihKzSajSmYOGogPsTsAWa9pzUY7Fg9yRGRWHF1HAU1gxZY1ZBSKqbaPssY_pCt_LoACzxLItLaMQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc4MzU1NTk5MDMzODI1MTkzMQ==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELe5Y6Ba0dIBxUKkCxONkOA&google_cver=1

Request Chain 166

• https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEEe38akeFM6zhnZaGUHLemQ&google_cver=1&google_push=AXcoOmQCAVjqfE823jbjXLBi5YMU7DWT4jQUgxQmfocaDrnK6lvT8Zzd2vFZ0RQG9KCk9OFEIHDxSWnv14C48jQVvQ3CeIvrCuBxUjM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=Wk5mS01jQ281dEVBQU56enB0WUFBQUFB HTTP 302
• https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESECC-hJKAO04J1U-dS4tNMrc&google_cver=1

Request Chain 167

• https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmRYM_tMmebfqq245awBLB6sS9yqfvxNT5ZAlZsHcMq20VlK0PZlsAi5hJru4VeP_5gFUwHQrS5HJMKTKuzkXK7HUIoV5sYVTWw&google_gid=CAESEGK_4MGdyV8ube8mXUYN9PI&google_cver=1 HTTP 307
• https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLGU36YGEgUI6AcQAEIASnNnb29nbGVfcHVzaD1BWGNvT21SWU1fdE1tZWJmcXEyNDVhd0JMQjZzUzl5cWZ2eE5UNVpBbFpzSGNNcTIwVmxLMFBabHNBaTVoSnJ1NFZlUF81Z0ZVd0hRclM1SEpNS1RLdXprWEs3SFVJb1Y1c1lWVFd3 HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRWdqaUpPbTZOTmR6YlBGbDJNQXRET1gxUGtNMzRjaW9DaVZUUVIwdExtYw==&google_push

Request Chain 168

• https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEBYPVQt0SsOPxTvVuRwYvts&google_cver=1&google_push=AXcoOmS-ZLyFYV-wYVG6xaSM0nal-ov9R79sN_K2J1Q2CCaeV8MkMSJkOQJKQwaVqugeyQzDlpA1MopavbuMjJyRt7VcaDpbDjg39mM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NjJjYmIzOGUtOTk1Ny00YjhiLWEzNjctZDQ4NjkzODY3YTc3&google_gid=CAESEBYPVQt0SsOPxTvVuRwYvts&google_cver=1&google_push=AXcoOmS-ZLyFYV-wYVG6xaSM0nal-ov9R79sN_K2J1Q2CCaeV8MkMSJkOQJKQwaVqugeyQzDlpA1MopavbuMjJyRt7VcaDpbDjg39mM

Request Chain 169

• https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEESbgy98SeFOOknmSLfkl0M&google_cver=1&google_push=AXcoOmTQ4q33jjOsYZHE267VnlwoufttH3e8B2eYORvmqKPpDCYV9Xb8FF1u-fIMMjEvUGObrJKBFH4Kw0UQ9WxnPoF7BN0g_SA-OYcx HTTP 302
• https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEESbgy98SeFOOknmSLfkl0M&google_cver=1&google_push=AXcoOmTQ4q33jjOsYZHE267VnlwoufttH3e8B2eYORvmqKPpDCYV9Xb8FF1u-fIMMjEvUGObrJKBFH4Kw0UQ9WxnPoF7BN0g_SA-OYcx&uid-set=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AXcoOmTQ4q33jjOsYZHE267VnlwoufttH3e8B2eYORvmqKPpDCYV9Xb8FF1u-fIMMjEvUGObrJKBFH4Kw0UQ9WxnPoF7BN0g_SA-OYcx&google_hm=LUF1VmpWM01vaEw2&suid-set=1

Request Chain 170

• https://sync.gonet-ads.com/match/google?google_gid=CAESEI45mrradFdvUuwiPZFWYyc&google_cver=1&google_push=AXcoOmQNWP4QR7LnrHHklPErWEf0hD94c0vZLmAo5WtBVNEvSRR5qr5Ul5Aa5of4-kTTSkzg94YxLNrKaFO5VjcFpbIs7dHAKPaosC_y HTTP 302
• https://sync.gonet-ads.com/match/google?google_gid=CAESEI45mrradFdvUuwiPZFWYyc&google_cver=1&google_push=AXcoOmQNWP4QR7LnrHHklPErWEf0hD94c0vZLmAo5WtBVNEvSRR5qr5Ul5Aa5of4-kTTSkzg94YxLNrKaFO5VjcFpbIs7dHAKPaosC_y&chk=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=ZTU5ZTE0ZGIyMWMyODU2&google_push=AXcoOmQNWP4QR7LnrHHklPErWEf0hD94c0vZLmAo5WtBVNEvSRR5qr5Ul5Aa5of4-kTTSkzg94YxLNrKaFO5VjcFpbIs7dHAKPaosC_y HTTP 302
• https://sync.gonet-ads.com/match/google HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=ZTU5ZTE0ZGIyMWMyODU2&google_push= HTTP 302
• https://s0.2mdn.net/dot.gif?google_error=5

Request Chain 178

• https://googleads.g.doubleclick.net/pagead/adview?ai=CTDSMMMrXZLqaJby8vcAPhMibYL3tlqVjgMKji6oL2tkeEAEgqdWLfGCJ88WE9BOgAa7V4_4DyAEBqQJUeo1qq6A9PqgDAcgDywSqBJgCT9Ddr3AX2BRTOgPUo9xBGE74y0jmZfgSpw3Tg6dN3gGwO8V5MeDt5F7fA19_YEaURHNmUOodHpFLSfAlALLC-E3QtfHOh0h0eyWLtd0_9Sa5fZNwQ5bn4Q-1PedywEs9nk68bLsKMcQOPpkubexHT4UHjOR67s_f1fRKgMtJzKepRTrQ3WHG9kKFLblv3zcHM2ZuGP1k5snVCNgN0aSCSCsKuCniXu30aGwD0x9mydz541tSW5sSDC-aQgPvWX9nvViAGCVLN6J6Y6N6ppuom0kSZPp-NQzsC1BxQMhNOveVG0GEPdhDngAutHvR745ehAFyVQaULzO2AvwSm5f__MNXA_b6rw30jvTT4KfjruNbkEvLU2tME8AE7eybw8YCkgUECAQYAZIFBAgFGASgBi6AB7qqnAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDssAPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJF2h0dHBzOi8vd3d3LnVuaWZpdmUuY29tgAoByAsBogwIKgYKBMOwsQLaDBEKCxDAj6ekqvWCweoBEgIBA9gTDYgUDNAVAYAXAbIXHAoaCAASFHB1Yi04NTQyNjA4MDYyNTI1MDUxGAA&sigh=op68MiqxuD0&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWNBnT2uJD1OB4qhMawje_9BK7D4qX3FSYxKGMM-ug2qEjY5Kgt9uc076Vl8UviQDV_tRqEmUtGAE&template_id=5021&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xebbcfcca0b9d0e7d0000000000000000%22,%222%22:%220x19c6452ddb13f6030000000000000000%22,%225%22:%220x52113e480408505d0000000000000000%22},%22debug_key%22:%223383046340918016198%22,%22debug_reporting%22:true,%22destination%22:%22https://unifive.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071180462%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225603053706437119249%22}&andc=true

Request Chain 180

• https://googleads.g.doubleclick.net/pagead/adview?ai=CFw7VMMrXZO3DKKjAvcAP9f-1kAScztiYcuCzxr6yEWQQASCp1Yt8YInzxYT0E6ABksCkzgPIAQapAlR6jWqroD0-qAMByAPLBKoElwJP0AeUHk0yFsv4TU4IHrEKhI2nFbRpPoXgGRStgT_lQCJuh5_uM5lfPeR2yVCW99M5iyvtCf6c_hbzMTfZRPm8mtVx9v5JedIqhzRmANFZnkvBZUCeXJadIIVwh_0l02TVKphjwAicc1yqBZB7g015b_Sy2XKP5P09xHMFo0oPfCc8lwG1Kkqa88rVkKN2UdqcXDKK989mJaSxtkljJQFQanZd5OEHW4EZKQQvGtt3hLEbqds4ZkrzkIaEhlDNIPDPFqSZxLguoCwoO6yMTnyBukR2uMq2_W1si9VtdRlLvUvFjyKaUQH4z3M8SwIN3UNnzT2u205ZgvNiRU8vCj1KYYOdVvj1mUKiCp07gCHpOTzW6NQ6GIXABLKMsdy2BJIFBAgEGAGSBQQIBRgEoAY3gAfWv9sxqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQkMwE0ggUCIBhEAEYHzICigI6AoBASL39wTqaCY8BaHR0cHM6Ly9qaW5qaWJ1LmpwL3NlbWluYXIvbGlzdC8xLz9nJTVCJTVEPTYmY2E9LTEmcD0wJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249aHJjc2VtaW5hcl9ydCZ1dG1fY29udGVudD1tZW50YWxoZWFsdGiACgHICwGiDAgqBgoEw7CxAtoMEQoLEODendLIk_Gg8gESAgED2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTg1NDI2MDgwNjI1MjUwNTEYAA&sigh=NtX5QkeFhMY&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWkFwYzQBFB130fvM1VJsHzO6LLjIY3wxm95QctqnIR4RgdffE0r2U_nXHLfIdvj2WVtXyfZfCGAE&template_id=492&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x544512404810d77c0000000000000000%22,%222%22:%220x6feb319e52abd8bb0000000000000000%22,%225%22:%220x1154df82ac9163e70000000000000000%22},%22debug_key%22:%2212605709334850758336%22,%22debug_reporting%22:true,%22destination%22:%22https://jinjibu.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22969482258%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226409054638330093761%22}&andc=true

Request Chain 182

• https://v9999.adv.admeme.net/drtb/n?google_gid=CAESENBm23PCT3D6GEw8NDbX33k&google_cver=1&google_push=AXcoOmR-7qYquegrNzVleu3nZ-9W7aUgo7LkOnpqOeTPA0Yg-RTV4afA6Pe-2MdIoI1DaU9xMA-VMxKg7-ahQBGVeuruYctPjxLOVg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmR-7qYquegrNzVleu3nZ-9W7aUgo7LkOnpqOeTPA0Yg-RTV4afA6Pe-2MdIoI1DaU9xMA-VMxKg7-ahQBGVeuruYctPjxLOVg

Request Chain 185

• https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEG3MEbA2eIXuvPAZxfXa7Fk&google_cver=1&google_push=AXcoOmS_OjHS47WWniQjunTRPaOHYXH0PEo72Z_p50AfjeYkY2djcDs2WxqTH4Z4atpVa23ODYqzZPemr77efn95t99TlS66tQupbQ HTTP 302
• https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEG3MEbA2eIXuvPAZxfXa7Fk&google_push=AXcoOmS_OjHS47WWniQjunTRPaOHYXH0PEo72Z_p50AfjeYkY2djcDs2WxqTH4Z4atpVa23ODYqzZPemr77efn95t99TlS66tQupbQ&s=2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS_OjHS47WWniQjunTRPaOHYXH0PEo72Z_p50AfjeYkY2djcDs2WxqTH4Z4atpVa23ODYqzZPemr77efn95t99TlS66tQupbQ&google_hm=U0RGbFhJQlJIaWtQNXJISkk5dS0=

Request Chain 188

• https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEBJzNcL1xDjND-9D0VOMnnU&google_cver=1&google_push=AXcoOmQuIPMsnKe7J-aOmzIDyA9JO-rWcbyecMtAo-13uUXaOJQ3thsjwhOlHT2R9vmTM-huuf7UJ_CfUX3Ew77YD4A7gc33VPZ9O3M HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AXcoOmQuIPMsnKe7J-aOmzIDyA9JO-rWcbyecMtAo-13uUXaOJQ3thsjwhOlHT2R9vmTM-huuf7UJ_CfUX3Ew77YD4A7gc33VPZ9O3M&google_hm=LUF1VmpWM01vaEw2&suid-set=1

Request Chain 197

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 199

• https://googleads.g.doubleclick.net/pagead/adview?ai=C9P4tMMrXZPjIJ7C8vcAPpfeg-AXM5suEcpu3wbSMEdrZHhABIKnVi3xgifPFhPQToAHxqO6aKMgBCakCVHqNaqugPT6oAwHIA8sEqgSVAk_QlXPtRPoLWrkHKAZWLFI6jKykfCqivfbHgxkKD-INuvzzQfXB3Hsv1j3VV796_t5rf5hW7EdzRInnSwXQxOmpOqTEOOsDDB1JUq0-ZgnJMUVDQYr5VnozPXqgsQl00ds5CyuljHybqK1eKQ_CoHdTobUrpyYnH4UjnsnGqTGyl313VxamtmkHwuv7oZ3jSohCMyhjsEWyoCOIxQl1CdcIzhkG1Fg4XYXeqWG51k2wP6vQQyHyle54Oor0XM3p1l35uS3qow6eGubLD2YQR2xvN_bSwNfOgbm51KLEHG23EfalrGkNjgHIw0FlOI0LmBUAGiwYzoUGwK-Ff_R3yxdjMGxX2q9YQlXLGYUsD49TYTPBbYTABL6vgcybBJIFBAgEGAGSBQQIBRgEoAYugAfx4L76AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELS3AdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgmJAWh0dHBzOi8vc2hpZnQtZW5naW5lZXIuanAvcmVjcnVpdC9yZW1vdGUvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249emVua29rdSZ1dG1fdGVybT1jdXN0b20mdXRtX2NvbnRlbnQ9MjMwMjAxX2NhgAoByAsBogwIKgYKBMOwsQLaDBAKChCQwqD63ODuiCoSAgEDuBPkA9gTDIgUBNAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NTQyNjA4MDYyNTI1MDUxGAA&sigh=gpKzAlc2ayw&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWmCsamOJm2EJenNjW4vdrEZZttCEQitx3c0jMdYQSbaeeNvv9eeLmO5qm6n3AksFP7ZqHJTD0GAE&template_id=484&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x850365581b26ac130000000000000000%22,%222%22:%220x806f3b2c859c35890000000000000000%22,%225%22:%220x9e87eb86b93cd5ea0000000000000000%22},%22debug_key%22:%2216469044577561775280%22,%22debug_reporting%22:true,%22destination%22:%22https://shift-engineer.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210793751665%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223070728874381740449%22}&andc=true

Request Chain 203

• https://googleads.g.doubleclick.net/pagead/adview?ai=CDv_TMMrXZO2vL42-vcAPhKKvsA6cztiYcuCzxr6yEWQQASCp1Yt8YInzxYT0E6ABksCkzgPIAQapAlR6jWqroD0-qAMByAPLBKoEnQJP0KCLzd8-qz9GlI43Ul7uscnf7i0kfNdEeN3fzvuxdCdcbomt4SLvx_5O_ay-Z-VMQZBvXcA5rJt54p0J_-VxSQapkuMHdpoP03vdox_bRhBSAqfrS1NiHc8Fmw2sKXcokAlPsJGYKlMGyfNkB80KXeEF_ra4Fl-Kc7VkPnQ0HODLK6yGDQfE6EKPi54T7Q_FkIj7Tml3IjfM4HiHGB2U5_jiXK8jqNtMBoYcLG4o-zDeslf9_HGJriPOR2r9_rAcuoDrc3wvhMX8BaAPtcu5oRoN62Ri37-L2b7NyL_vBjDU02GVMk8v4zoNOYZwVjn-HIfeSAHW6412UYvRceX0-TnmzDMBRm8AUM7N8QNVQE1QbH9GLtxgd1CPfYHABLKMsdy2BJIFBAgEGAGSBQQIBRgEoAY3gAfWv9sxqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQuNwL0ggUCIBhEAEYHzICigI6AoBASL39wTqaCY8BaHR0cHM6Ly9qaW5qaWJ1LmpwL3NlbWluYXIvbGlzdC8xLz9nJTVCJTVEPTYmY2E9LTEmcD0wJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249aHJjc2VtaW5hcl9ydCZ1dG1fY29udGVudD1tZW50YWxoZWFsdGiACgHICwGiDBAqDgoMw7CxAuS0sQLutbEC2gwQCgoQkPrkrLH53vM1EgIBA9gTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NTQyNjA4MDYyNTI1MDUxGAA&sigh=YJw7pk9Z_MM&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJW88vM8NhoR6g-ld3rv81WbX1jpefNQHhtkL8WGNUNuGNuThI763CAChW2X8bvgSs7K7vpAgG_GAE&template_id=492&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x544512404810d77c0000000000000000%22,%222%22:%220x6feb319e52abd8bb0000000000000000%22,%225%22:%220x1154df82ac9163e70000000000000000%22},%22debug_key%22:%227873089991881000153%22,%22debug_reporting%22:true,%22destination%22:%22https://jinjibu.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22969482258%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221119565088861272001%22}&andc=true

Request Chain 205

• https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHFKqdB8OP_J3yQ2Crd-x9Y&google_cver=1&google_push=AXcoOmSL_peWWDb4jm98M2uZvXKgL_9sF2uleTQBIn4QERlFcotIjfcMLC4OtEYWhuqxNr3SuBEFK79NGGdsybEok3pYNUFgmpC2LZk HTTP 302
• https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1cd5cdbb19722520&is_secure=true&networkId=14000&version=1&google_gid=CAESEHFKqdB8OP_J3yQ2Crd-x9Y&google_cver=1&google_push=AXcoOmSL_peWWDb4jm98M2uZvXKgL_9sF2uleTQBIn4QERlFcotIjfcMLC4OtEYWhuqxNr3SuBEFK79NGGdsybEok3pYNUFgmpC2LZk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAANLxp9tlJDVgMDwVYiAAAAAAA&expiration=1691950001&google_cver=1&is_secure=true&google_gid=CAESEHFKqdB8OP_J3yQ2Crd-x9Y&google_push=AXcoOmSL_peWWDb4jm98M2uZvXKgL_9sF2uleTQBIn4QERlFcotIjfcMLC4OtEYWhuqxNr3SuBEFK79NGGdsybEok3pYNUFgmpC2LZk

Request Chain 206

• https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENtSuINuUGZK2hUg-wk_Bz8&google_cver=1&google_push=AXcoOmQukn49pjYBw4oADZ_jf5wS-YGZghrjOtN4zbSiVOBso1m_1GopDVdUJ1pfTY2l9xPQUpxJfMMZYfMSfprbRC3it9u7JzkY4g HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQukn49pjYBw4oADZ_jf5wS-YGZghrjOtN4zbSiVOBso1m_1GopDVdUJ1pfTY2l9xPQUpxJfMMZYfMSfprbRC3it9u7JzkY4g

Request Chain 207

• https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEPYy3yom4Z3XiEl-9pQusdc&google_cver=1&google_push=AXcoOmSOcnO5X8D1cq6XDfk05Sf0rFd7ouHLZg1EXEMoeqnfWbrXtp2Dc7cxstkFPIgFBYR7n-BrGZ-nExr8mcQ616JrSZ55PhpLdzw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSOcnO5X8D1cq6XDfk05Sf0rFd7ouHLZg1EXEMoeqnfWbrXtp2Dc7cxstkFPIgFBYR7n-BrGZ-nExr8mcQ616JrSZ55PhpLdzw

Request Chain 208

• https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEDAPLTWiLh4CgOdVWU6yzWk&google_cver=1&google_push=AXcoOmTUWDlJZulo-cKQouVG5kNe28gGQQlZFbtRCyZA17IvElQt7mu9eGhe8dGvEJLebMzO1_InP__nKvWRqYF3kzTYzgdKyKrzvRg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OTlhZTJkMWQtNzBiNS00NDJmLWIzZWYtYjE2N2JmNDA1MjIy&google_gid=CAESEDAPLTWiLh4CgOdVWU6yzWk&google_cver=1&google_push=AXcoOmTUWDlJZulo-cKQouVG5kNe28gGQQlZFbtRCyZA17IvElQt7mu9eGhe8dGvEJLebMzO1_InP__nKvWRqYF3kzTYzgdKyKrzvRg

Request Chain 209

• https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEJMb5clHoX82gE1dXr4YXIA&google_cver=1&google_push=AXcoOmQTPPmAA-Sz7q1i6i_0UsDR_eJk68Ol3AP4MzFcpJ5ESbQaFLWetegx2z-XnDxtVUGmUQPvgKnDepyibgp4o6DlDpqGYzZa6eI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQTPPmAA-Sz7q1i6i_0UsDR_eJk68Ol3AP4MzFcpJ5ESbQaFLWetegx2z-XnDxtVUGmUQPvgKnDepyibgp4o6DlDpqGYzZa6eI&google_hm=NTVwSTZmMDBaQkREYTAwN29FVk0

Request Chain 210

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBg7_tSKyE6Y8VARe0W1I6g&google_cver=1&google_push=AXcoOmTaJ9rcAqT8U3RyFyd2-PBOovaFMeeQ-pOoDdBniYCmbsPkdIZx9mJwrILi3vRZzODU5P6olRcnEWW6Laq_1waDK7yRkGt75Q HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTaJ9rcAqT8U3RyFyd2-PBOovaFMeeQ-pOoDdBniYCmbsPkdIZx9mJwrILi3vRZzODU5P6olRcnEWW6Laq_1waDK7yRkGt75Q&google_hm=eS1aWVdwVkZwRTJwRmk5NDQ4SWsxNFhOckpRdTVmOXlRU35B

Request Chain 215

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
12 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response k2-ornata.com/splunk_fields_extract_and_display/	82 KB 21 KB	1055ms 1030ms	Document text/html	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash fffe2910fab3e27f06fc2ca6dc45b21764ba6342ab2ad44ed076097d8dcbbf69 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 12 Aug 2023 18:06:39 GMT expires Thu, 19 Nov 1981 08:52:00 GMT link <https://k2-ornata.com/wp-json/>; rel="https://api.w.org/", <https://k2-ornata.com/wp-json/wp/v2/posts/3322>; rel="alternate"; type="application/json", <https://k2-ornata.com/?p=3322>; rel=shortlink pragma no-cache server nginx vary Accept-Encoding x-pingback https://k2-ornata.com/xmlrpc.php
GET H2	200	js Show response www.googletagmanager.com/gtag/	203 KB 73 KB	91ms 50ms	Script application/javascript	2404:6800:4004:826::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-BGQTJTCWQB Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash de649ace6d66858aec0cf3d50309a7b87d604d37ead0ed67adbe59bf6ab88e40 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 74783 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 12 Aug 2023 18:06:39 GMT
GET H2	200	style.min.css k2-ornata.com/wp-includes/css/dist/block-library/	102 KB 18 KB	25ms 22ms	Stylesheet text/css	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Wed, 09 Aug 2023 01:22:37 GMT server nginx etag W/"19824-6027350a1a082" vary Accept-Encoding content-type text/css
GET H2	200	wpp.css k2-ornata.com/wp-content/plugins/wordpress-popular-posts/assets/css/	2 KB 764 B	33ms 30ms	Stylesheet text/css	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.1.4 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Mon, 17 Jul 2023 05:07:21 GMT server nginx etag W/"688-600a7c5fd98ec" vary Accept-Encoding content-type text/css
GET H2	200	css fonts.googleapis.com/	16 KB 1 KB	85ms 42ms	Stylesheet text/css	2404:6800:4004:826::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 887e18ea2cef901a2af816111d801618689bddad5ddcc547e74ec9f329f2abc7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 12 Aug 2023 18:06:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Aug 2023 18:06:39 GMT
GET H2	200	genericons.css k2-ornata.com/wp-content/themes/twentysixteen/genericons/	28 KB 16 KB	24ms 22ms	Stylesheet text/css	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-content/themes/twentysixteen/genericons/genericons.css?ver=20201208 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Sun, 27 Nov 2022 00:21:18 GMT server nginx etag W/"6e6b-5ee68bbccbde9" vary Accept-Encoding content-type text/css
GET H2	200	style.css k2-ornata.com/wp-content/themes/twentysixteen/	69 KB 17 KB	16ms 14ms	Stylesheet text/css	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-content/themes/twentysixteen/style.css?ver=20221101 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 381ba25c38f0b7fff80ccd9f3b20ca50e058ca5bbb5f954bc95b82e4b68ddd7e Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Sun, 27 Nov 2022 00:21:18 GMT server nginx etag W/"114a6-5ee68bbccdd29" vary Accept-Encoding content-type text/css
GET H2	200	blocks.css k2-ornata.com/wp-content/themes/twentysixteen/css/	9 KB 2 KB	17ms 15ms	Stylesheet text/css	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20221004 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash e2cc7f8fe276b668797a4cad6196f9449830528ba8ec76b1b5eaf71a9c91b089 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Sun, 27 Nov 2022 00:21:18 GMT server nginx etag W/"221a-5ee68bbccae49" vary Accept-Encoding content-type text/css
GET H2	200	frontend-gtag.min.js Show response k2-ornata.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/	11 KB 4 KB	13ms 12ms	Script application/javascript	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.17 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Fri, 30 Jun 2023 12:01:23 GMT server nginx etag W/"2d5d-5ff57936502b6" vary Accept-Encoding content-type application/javascript
GET H2	200	wpp.min.js Show response k2-ornata.com/wp-content/plugins/wordpress-popular-posts/assets/js/	4 KB 2 KB	25ms 23ms	Script application/javascript	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.4 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 9109d2835fcff314bb367875d6d2d1169cf84ff4fa72c2c96c50b7bcf0f21f92 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Mon, 17 Jul 2023 05:07:21 GMT server nginx etag W/"118c-600a7c5fda88c" vary Accept-Encoding content-type application/javascript
GET H2	200	jquery.min.js Show response k2-ornata.com/wp-includes/js/jquery/	85 KB 35 KB	31ms 30ms	Script application/javascript	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Wed, 09 Aug 2023 01:22:37 GMT server nginx etag W/"155ba-6027350a66344" vary Accept-Encoding content-type application/javascript
GET H2	200	jquery-migrate.min.js Show response k2-ornata.com/wp-includes/js/jquery/	13 KB 5 KB	31ms 30ms	Script application/javascript	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Wed, 09 Aug 2023 01:22:37 GMT server nginx etag W/"3509-6027350a66344" vary Accept-Encoding content-type application/javascript
GET H2	200	js Show response www.googletagmanager.com/gtag/	125 KB 48 KB	55ms 52ms	Script application/javascript	2404:6800:4004:826::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-161547419-1 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 94edace0fac8e3b036f836076a2cc88b38674bc65c6640699706367356667282 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 49440 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 12 Aug 2023 18:06:39 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	147 KB 50 KB	96ms 50ms	Script text/javascript	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8542608062525051 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1e43d0be37ff3c5761b99ac062b549a65ea01b3cbffafe4980bd9fb31af0c24c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://k2-ornata.com/ Origin https://k2-ornata.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51096 x-xss-protection 0 server cafe etag 8558809064950013656 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sat, 12 Aug 2023 18:06:39 GMT
GET H2	200	k-ortana_banner_20200418.jpg k2-ornata.com/wp-content/uploads/2021/04/	100 KB 100 KB	61ms 59ms	Image image/jpeg	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2021/04/k-ortana_banner_20200418.jpg Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 142b6594c54f6a3ab76485be1ebb14b2be64e80479bf2f8c0416e36d13f5115e Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT last-modified Sat, 03 Apr 2021 04:18:27 GMT server nginx accept-ranges bytes etag "190cb-5bf09c19a747c" content-length 102603 content-type image/jpeg
GET H2	200	button-only@2x.png b.hatena.ne.jp/images/entry-button/	441 B 897 B	72ms 0ms	Image image/png	18.65.216.57 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://b.hatena.ne.jp/images/entry-button/button-only@2x.png Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.216.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-216-57.nrt57.r.cloudfront.net Software nginx / Resource Hash e6deab93ae202482c73676e54f020aa81eb2be2ce75ec8a62bf2394d0176f93a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 03 Apr 2023 16:46:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 9496dc19277503ce2ac4d4d181a9a432.cloudfront.net (CloudFront) x-amz-cf-pop NRT57-P4 age 11323206 x-cache Hit from cloudfront content-length 441 last-modified Thu, 30 Mar 2023 10:06:24 GMT server nginx etag "64255f20-1b9" content-type image/png access-control-allow-origin https://b.hatena.ne.jp cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id TWkIQFWxUJEQ_8XpXU7YgTy33n33481KD3dX1xnSuUMVflQteVi7Og== expires Tue, 02 Apr 2024 16:46:33 GMT
GET H2	200	bookmark_button.js Show response b.hatena.ne.jp/js/	6 KB 3 KB	72ms 0ms	Script application/x-javascript	18.65.216.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b.hatena.ne.jp/js/bookmark_button.js Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.216.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-216-57.nrt57.r.cloudfront.net Software nginx / Resource Hash f09d9fdc476c87ca8574c34d19241af3fd93226d85f6b0048e36760c07984fab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip via 1.1 9496dc19277503ce2ac4d4d181a9a432.cloudfront.net (CloudFront) date Fri, 11 Aug 2023 22:49:35 GMT last-modified Fri, 28 Jul 2023 01:41:17 GMT server nginx x-amz-cf-pop NRT57-P4 age 69424 etag W/"64c31cbd-1990" x-cache Hit from cloudfront content-type application/x-javascript access-control-allow-origin https://b.hatena.ne.jp cache-control max-age=86400 x-amz-cf-id XFZeSzgXuLw7_hXaKNiLb5pyBd51loADEwcQ9cGRWx_8UDBvtzGRsg== expires Sat, 12 Aug 2023 22:49:35 GMT
GET H2	200	splunk_field_extract_01-768x465.jpg k2-ornata.com/wp-content/uploads/2022/09/	40 KB 40 KB	24ms 23ms	Image image/jpeg	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_01-768x465.jpg Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash ea03ab588b035798133e70d28ee5a2a9316377750bc4f72de25d1a618904787b Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT last-modified Sat, 03 Sep 2022 23:49:37 GMT server nginx accept-ranges bytes etag "a0e7-5e7ce7fd5051c" content-length 41191 content-type image/jpeg
GET H2	200	splunk_field_extract_02-768x484.jpg k2-ornata.com/wp-content/uploads/2022/09/	32 KB 32 KB	68ms 67ms	Image image/jpeg	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_02-768x484.jpg Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 88677add25a463d6ec5ebd6fdea4f8822552975a2a5a8465885a20af78793f72 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT last-modified Sat, 03 Sep 2022 23:53:58 GMT server nginx accept-ranges bytes etag "8142-5e7ce8f693cfc" content-length 33090 content-type image/jpeg
GET H2	200	splunk_field_extract_03-768x484.jpg k2-ornata.com/wp-content/uploads/2022/09/	33 KB 33 KB	60ms 58ms	Image image/jpeg	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_03-768x484.jpg Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash fda511f54ba826e965faf01dde8df4aea38232242b5c2ad2fccbe44f78610ef0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT last-modified Sat, 03 Sep 2022 23:56:13 GMT server nginx accept-ranges bytes etag "83ef-5e7ce9772e2ca" content-length 33775 content-type image/jpeg
GET H2	200	320267596.png k2-ornata.com/wp-content/siteguard/	1 KB 1 KB	49ms 48ms	Image image/png	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/siteguard/320267596.png Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 476b00648209d2f7a752a5dfd621f3d1f8a626ab88c1ab165607fb708733b9e5 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT last-modified Sat, 12 Aug 2023 18:06:39 GMT server nginx accept-ranges bytes etag W/"4df-602bdb0dc4078" content-length 1247 content-type image/png
GET H2	200	related.css k2-ornata.com/wp-content/plugins/yet-another-related-posts-plugin/style/	307 B 440 B	11ms 11ms	Stylesheet text/css	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=5.30.3 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 2efe0d8072659b087901323e1fdb18a0f57e6011cb9cb7edff6e1723fc2e8d70 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT last-modified Tue, 23 May 2023 00:48:56 GMT server nginx accept-ranges bytes etag "133-5fc51c0934236" content-length 307 content-type text/css
GET H2	200	skip-link-focus-fix.js Show response k2-ornata.com/wp-content/themes/twentysixteen/js/	1 KB 749 B	51ms 49ms	Script application/javascript	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Sun, 27 Nov 2022 00:21:18 GMT server nginx etag W/"423-5ee68bbcccd89" vary Accept-Encoding content-type application/javascript
GET H2	200	comment-reply.min.js Show response k2-ornata.com/wp-includes/js/	3 KB 2 KB	51ms 49ms	Script application/javascript	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-includes/js/comment-reply.min.js?ver=6.3 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Wed, 25 May 2022 01:22:37 GMT server nginx etag W/"ba5-5dfcbe8a05ad5" vary Accept-Encoding content-type application/javascript
GET H2	200	functions.js Show response k2-ornata.com/wp-content/themes/twentysixteen/js/	7 KB 2 KB	60ms 58ms	Script application/javascript	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-content/themes/twentysixteen/js/functions.js?ver=20211130 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash fe4725d967cdafe16e972f934768dd5794a931d2e16f10a19a3e681f4afad7eb Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Sun, 27 Nov 2022 00:21:18 GMT server nginx etag W/"1ca1-5ee68bbcccd89" vary Accept-Encoding content-type application/javascript
GET BLOB	200 OK	4b458329-1fbb-477a-b2ef-0520639e4a9c https://k2-ornata.com/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://k2-ornata.com/4b458329-1fbb-477a-b2ef-0520639e4a9c Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Length 1245 Content-Type text/javascript
POST H2	403	popular-posts Show response k2-ornata.com/wp-json/wordpress-popular-posts/v1/	8 KB 5 KB	11ms 11ms	XHR text/html	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-json/wordpress-popular-posts/v1/popular-posts Requested by Host: k2-ornata.com URL: https://k2-ornata.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 995bfdf293498fa25f5b869a972847c5f9a0972978bf9a5d08bcfb4da533d351 Request headers Referer https://k2-ornata.com/splunk_fields_extract_and_display/ X-Requested-With XMLHttpRequest accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip last-modified Thu, 27 Feb 2020 04:48:17 GMT server nginx etag W/"1e91-59f876deb60f8" vary Accept-Encoding content-type text/html
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	8ms 2ms	Script application/x-javascript	2a03:2880:f00f:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ea0ff0cebfe2173c5c87fcb0a78a2c36f4cde3d2487b1cd72d2c62e59d978889 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 12 Aug 2023 18:06:39 GMT content-md5 eB61FUdwFfJMUV54/nN5cw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1688 x-fb-debug y9f0JzpbtamefkfcDxkcW2idgVJMn2uxBD0Y2FckuPJd9e0Fzm+ylCE2/gpKCUGchCL7NqfzK4C7jT7OaM7Pqg== x-fb-content-md5 61e99cd7c7e7b5a1e9b51a9e8ddb7726 cross-origin-opener-policy same-origin-allow-popups etag "8cf43ae2c0b7c9b324a1350c6c900331" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 12 Aug 2023 18:14:59 GMT
GET H2	200	btn.js Show response widgets.getpocket.com/v1/j/	2 KB 1 KB	25ms 1ms	Script application/javascript	18.65.185.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.getpocket.com/v1/j/btn.js?v=1 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.185.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-185-3.nrt57.r.cloudfront.net Software Apache/2.4.52 (Debian) / Resource Hash 5aa869ba3a3f7a8883a0e6457ebaea6bb7c9069e296bdc166ce30431d318bb90 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 17:48:58 GMT content-encoding gzip via 1.1 0bd817a42a89a0fa68e8e7f4e6061dfc.cloudfront.net (CloudFront) last-modified Thu, 10 Aug 2023 01:45:57 GMT server Apache/2.4.52 (Debian) x-amz-cf-pop NRT57-P2 age 1061 etag "90b-60287c1e33f40-gzip" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin https://pocket.com,https://getpocket.com,https://widgets.getpocket.com accept-ranges bytes content-length 1037 x-amz-cf-id ahAT7S0Y75S5XmLuMVy0CqEOG-X0RHa25rrLxrRVayixdMYk1_Dkvg==
GET H/1.1	200 OK	widgets.js Show response platform.twitter.com/	91 KB 28 KB	47ms 2ms	Script application/javascript	2606:2800:248:2f:1d8a:787:dc7:17df EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets.js Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (tkb/7328) / Resource Hash 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Sat, 12 Aug 2023 18:06:39 GMT Content-Encoding gzip Age 1104 x-amz-server-side-encryption AES256 X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Content-Length 27630 Last-Modified Tue, 24 Jan 2023 21:41:51 GMT Server ECS (tkb/7328) Etag "9e99725b7a4cd730a934afba2a438bb5+gzip" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * x-tw-cdn VZ Cache-Control public, max-age=1800 Vary Accept-Encoding
GET H2	200	u-440qyriQwlOrhSvowK_l5-fCZM.woff2 fonts.gstatic.com/s/merriweather/v30/	20 KB 20 KB	57ms 5ms	Font font/woff2	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://k2-ornata.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 12:46:31 GMT x-content-type-options nosniff age 105608 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20028 x-xss-protection 0 last-modified Tue, 26 Apr 2022 16:41:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 10 Aug 2024 12:46:31 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/	30 KB 30 KB	55ms 9ms	Font font/woff2	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://k2-ornata.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 14:46:45 GMT x-content-type-options nosniff age 11994 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 11 Aug 2024 14:46:45 GMT
GET H2	200	u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2 fonts.gstatic.com/s/merriweather/v30/	19 KB 19 KB	57ms 11ms	Font font/woff2	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://k2-ornata.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 10:31:57 GMT x-content-type-options nosniff age 27282 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19816 x-xss-protection 0 last-modified Tue, 26 Apr 2022 16:08:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 11 Aug 2024 10:31:57 GMT
GET H2	200	QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2 fonts.gstatic.com/s/inconsolata/v31/	16 KB 16 KB	57ms 11ms	Font font/woff2	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inconsolata/v31/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f9f98d74dc5dea24db279aedd49367424c72cba9fb67341cbef8bcd2f0ad002 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://k2-ornata.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 16:38:19 GMT x-content-type-options nosniff age 5300 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16244 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:56:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 11 Aug 2024 16:38:19 GMT
GET H2	200	u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2 fonts.gstatic.com/s/merriweather/v30/	19 KB 19 KB	52ms 6ms	Font font/woff2	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://k2-ornata.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 20:11:54 GMT x-content-type-options nosniff age 597285 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19780 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 04 Aug 2024 20:11:54 GMT
GET H2	200	u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 fonts.gstatic.com/s/merriweather/v30/	19 KB 19 KB	58ms 12ms	Font font/woff2	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://k2-ornata.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 09:33:52 GMT x-content-type-options nosniff age 30767 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19740 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 11 Aug 2024 09:33:52 GMT
GET DATA	200 OK	truncated /	14 KB 14 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6 Request headers Referer Origin https://k2-ornata.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H2	200	splunk_field_extract_04-768x484.jpg k2-ornata.com/wp-content/uploads/2022/09/	63 KB 63 KB	22ms 21ms	Image image/jpeg	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_04-768x484.jpg Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 7b81d15a7e646956e72ca04a8a2037d2f0ed313958b88d50eb1a657defb517d8 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT last-modified Sat, 03 Sep 2022 23:59:47 GMT server nginx accept-ranges bytes etag "fbaf-5e7cea42db925" content-length 64431 content-type image/jpeg
GET H2	200	splunk_field_extract_05-1-768x484.jpg k2-ornata.com/wp-content/uploads/2022/09/	28 KB 28 KB	23ms 22ms	Image image/jpeg	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_05-1-768x484.jpg Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash ef58caf03d0cb4571d1e48baffc8a6340cf8de1c5010670c9364063a48b1ef31 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT last-modified Sun, 04 Sep 2022 00:05:39 GMT server nginx accept-ranges bytes etag "707d-5e7ceb926459e" content-length 28797 content-type image/jpeg
GET H2	200	59012dc4982971512b1c60ee4925b976 secure.gravatar.com/avatar/	1 KB 1 KB	9ms 2ms	Image image/jpeg	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://secure.gravatar.com/avatar/59012dc4982971512b1c60ee4925b976?s=49&d=mm&r=g Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash c6d56f8cdef052a7d17726f28428d67ba5fc76cd473b8b3198c7ae4bca139122 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nc HIT nrt 4 date Sat, 12 Aug 2023 18:06:39 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type image/jpeg access-control-allow-origin * cache-control max-age=300 content-disposition inline; filename="59012dc4982971512b1c60ee4925b976.png" accept-ranges bytes link <https://www.gravatar.com/avatar/59012dc4982971512b1c60ee4925b976?s=49&d=mm&r=g>; rel="canonical" content-length 1124 expires Sat, 12 Aug 2023 18:11:39 GMT
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	307 KB 87 KB	7ms 3ms	Script application/x-javascript	2a03:2880:f00f:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=d95a08c2c12d5a81328a0fa3ecdc8857 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6c7b4213dc50be2479f5590ab13829bb7a1a0e2110e0e65f5a52aa616cc6e220 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://k2-ornata.com/ Origin https://k2-ornata.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 12 Aug 2023 18:06:39 GMT content-md5 sNOr4XiJEH9Nvyf4pzrsAA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88672 x-fb-debug c5S0h5OelcJxV6bpI3sqATJeQBFeRL5fhMHeBOSCjWfOT+eJVMyK1Teg5qwkmQ2TB052Dt8hMC9LfT3DcNFKXw== x-fb-content-md5 9ef2d7791e55f6f6fdb9fb8c2915b533 cross-origin-opener-policy same-origin-allow-popups etag "0cfd42c99a30f3e58d16f4e3d52e64e5" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * priority u=3,i expires Sun, 11 Aug 2024 16:14:15 GMT
POST H2	204	collect www.google-analytics.com/g/	0 252 B	77ms 38ms	Ping text/plain	2404:6800:4004:826::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-BGQTJTCWQB&gtm=45je3890&_p=670558742&gdid=dZGIzZG&cid=163057581.1691863600&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691863599&sct=1&seg=0&dl=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&dt=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-BGQTJTCWQB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://k2-ornata.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	122 KB 47 KB	45ms 44ms	Script application/javascript	2404:6800:4004:826::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-161547419-1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-BGQTJTCWQB Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 23d8155f287b7cf40e518086f932fe9b6bed733664ebaaa812da1a1853d678a3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 48419 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 12 Aug 2023 18:06:39 GMT
GET H2	200	/ Show response b.hatena.ne.jp/entry/button/ Frame 0866	1 KB 1 KB	11ms 10ms	Document text/html	18.65.216.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=simple-balloon Requested by Host: b.hatena.ne.jp URL: https://b.hatena.ne.jp/js/bookmark_button.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.216.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-216-57.nrt57.r.cloudfront.net Software nginx / Resource Hash c24228ffcfc6f4ace5b706546a5eb8e68dffd5789acdce0c7203fef6c0aaccce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers cache-control public, max-age=3600, s-maxage=3600 content-encoding gzip content-type text/html; charset=utf-8 date Sat, 12 Aug 2023 18:06:39 GMT server nginx strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 9496dc19277503ce2ac4d4d181a9a432.cloudfront.net (CloudFront) x-amz-cf-id LKX3ItbVdb9uSV22kcQTIOPq3I-8HsFQq7KCLvMImiBpM6ZVALyi0Q== x-amz-cf-pop NRT57-P4 x-cache Miss from cloudfront
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/	372 KB 125 KB	98ms 62ms	Script text/javascript	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8542608062525051 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash daeefa65716e4f2bac215162f658558445c6a499de0e87238c0e10f2ad23b4f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:39 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128420 x-xss-protection 0 server cafe etag 6716558925932892057 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sat, 12 Aug 2023 18:06:39 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame A8C8	10 KB 5 KB	62ms 7ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8542608062525051 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers age 28382 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4544 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 10:13:38 GMT etag 12368291122986407432 expires Sat, 26 Aug 2023 10:13:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	wp-emoji-release.min.js Show response k2-ornata.com/wp-includes/js/	18 KB 6 KB	34ms 34ms	Script application/javascript	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://k2-ornata.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT content-encoding gzip last-modified Thu, 30 Mar 2023 01:28:11 GMT server nginx etag W/"4904-5f81401754f57" vary Accept-Encoding content-type application/javascript
GET H/1.1	200 OK	widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response platform.twitter.com/widgets/ Frame 88E8	320 KB 104 KB	3ms 3ms	Document text/html	2606:2800:248:2f:1d8a:787:dc7:17df EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fk2-ornata.com Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (tkb/73C4) / Resource Hash 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 845617 Cache-Control public, max-age=315360000 Content-Encoding gzip Content-Length 105435 Content-Type text/html; charset=utf-8 Date Sat, 12 Aug 2023 18:06:39 GMT Etag "95e1b50b0c179aefb47b5b211bb347b5+gzip" Last-Modified Tue, 24 Jan 2023 21:41:13 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (tkb/73C4) Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Vary Accept-Encoding X-Cache HIT x-amz-server-side-encryption AES256 x-tw-cdn VZ
GET H3	200	js Show response www.googletagmanager.com/gtag/	249 KB 85 KB	48ms 47ms	Script application/javascript	2404:6800:4004:826::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-V1ZLTGDH5L&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-161547419-1 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash feb73bb0b6c2edde514f1c8a990131733861bdb98979fe6ceaf27b07048b28c2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86486 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 12 Aug 2023 18:06:40 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	2ms 2ms	Script text/javascript	2404:6800:4004:826::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-161547419-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 12 Aug 2023 17:44:52 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 1307 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 12 Aug 2023 19:44:52 GMT
GET H2	200	reset.css b.st-hatena.com/css/ Frame 0866	2 KB 1 KB	27ms 3ms	Stylesheet text/css	18.65.216.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b.st-hatena.com/css/reset.css?75bbda54f0fbe0152940efb1219b39cef3dae7e3 Requested by Host: b.hatena.ne.jp URL: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=simple-balloon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.216.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-216-105.nrt57.r.cloudfront.net Software nginx / Resource Hash 0fda122942f39c62ebd2d1ac9de0cf6c6e4cefefb31eb86e39777f46c7ed5064 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language jp-JP,jp;q=0.9 Referer https://b.hatena.ne.jp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip via 1.1 3a963020e2f0fa2986cf768697d0cf6e.cloudfront.net (CloudFront) date Sat, 12 Aug 2023 13:16:09 GMT x-amz-cf-pop NRT57-P4 age 17431 x-cache Hit from cloudfront last-modified Fri, 28 Jul 2023 01:38:53 GMT server nginx etag W/"64c31c2d-817" vary Accept-Encoding content-type text/css access-control-allow-origin https://b.hatena.ne.jp cache-control max-age=86400 x-amz-cf-id qTGuczERE3Sfo3f3n2dEkDyPJcuhUODMGuMiUR37tpBI8gLi54inuw== expires Sun, 13 Aug 2023 13:16:09 GMT
GET H2	200	entry-button.css b.st-hatena.com/css/ Frame 0866	5 KB 2 KB	32ms 9ms	Stylesheet text/css	18.65.216.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b.st-hatena.com/css/entry-button.css?75bbda54f0fbe0152940efb1219b39cef3dae7e3 Requested by Host: b.hatena.ne.jp URL: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=simple-balloon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.216.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-216-105.nrt57.r.cloudfront.net Software nginx / Resource Hash 61403f586e03ca26a4920ac368ecf4973ad46def79a1b46532f6bfc3d5573125 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language jp-JP,jp;q=0.9 Referer https://b.hatena.ne.jp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip via 1.1 3a963020e2f0fa2986cf768697d0cf6e.cloudfront.net (CloudFront) date Sat, 12 Aug 2023 15:46:09 GMT last-modified Fri, 28 Jul 2023 01:38:53 GMT server nginx x-amz-cf-pop NRT57-P4 age 8431 etag W/"64c31c2d-134a" x-cache Hit from cloudfront content-type text/css access-control-allow-origin https://b.hatena.ne.jp cache-control max-age=86400 x-amz-cf-id IATT3zf0nUlWA4MqLXYej0rDo6VUUEttSeySgTl6sXY_IS73Fxy-Mw== expires Sun, 13 Aug 2023 15:46:09 GMT
GET H2	200	splunk_field_extract_01.jpg k2-ornata.com/wp-content/uploads/2022/09/	88 KB 88 KB	12ms 11ms	Image image/jpeg	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_01.jpg Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash d2297e2f4023ea586ffebf59fd5da6e0fb1a3c36eb4f58f874cf3c4ccb09ea56 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT last-modified Sat, 03 Sep 2022 23:49:37 GMT server nginx accept-ranges bytes etag "15e50-5e7ce7fd25599" content-length 89680 content-type image/jpeg
GET H2	200	splunk_field_extract_02.jpg k2-ornata.com/wp-content/uploads/2022/09/	68 KB 68 KB	15ms 13ms	Image image/jpeg	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_02.jpg Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash c3c58b312d20c16a9351bf84f815f277567f40efe1f5a8517cef3aa9cac15815 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT last-modified Sat, 03 Sep 2022 23:53:58 GMT server nginx accept-ranges bytes etag "10f91-5e7ce8f654559" content-length 69521 content-type image/jpeg
GET H2	200	splunk_field_extract_03.jpg k2-ornata.com/wp-content/uploads/2022/09/	68 KB 68 KB	15ms 12ms	Image image/jpeg	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_03.jpg Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash f603af0a1f8fe36c920bb46a81eb34b72e2e543d117f1f7c917317d5d3359476 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT last-modified Sat, 03 Sep 2022 23:56:13 GMT server nginx accept-ranges bytes etag "10e00-5e7ce9770b048" content-length 69120 content-type image/jpeg
GET H2	200	splunk_field_extract_04.jpg k2-ornata.com/wp-content/uploads/2022/09/	122 KB 123 KB	27ms 25ms	Image image/jpeg	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_04.jpg Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 0cadd24cf8d25aca4bfe8ab55935053fd8aa4cdf583984ca07bb4320fd85a0c0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT last-modified Sat, 03 Sep 2022 23:59:47 GMT server nginx accept-ranges bytes etag "1e967-5e7cea42bf403" content-length 125287 content-type image/jpeg
GET H2	200	splunk_field_extract_05-1.jpg k2-ornata.com/wp-content/uploads/2022/09/	57 KB 57 KB	27ms 25ms	Image image/jpeg	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2022/09/splunk_field_extract_05-1.jpg Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash f0b708dfe0ff558125acc5ad3c7bd5af0b7c3066b13e848cff37d9f68fce83a3 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT last-modified Sun, 04 Sep 2022 00:05:39 GMT server nginx accept-ranges bytes etag "e407-5e7ceb924901d" content-length 58375 content-type image/jpeg
GET H2	200	%E3%82%B9%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%B3%E3%82%B7%E3%83%A7%E3%83%83%E3%83%88-2022-09-04-8.46.26-1024x645.png k2-ornata.com/wp-content/uploads/2022/09/	273 KB 274 KB	26ms 25ms	Image image/png	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2022/09/%E3%82%B9%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%B3%E3%82%B7%E3%83%A7%E3%83%83%E3%83%88-2022-09-04-8.46.26-1024x645.png Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 0291cad6b014a24a4afaf484ad59b28ecf668d0a09d44dbc7fc49a13c52c7892 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT last-modified Sun, 04 Sep 2022 00:11:34 GMT server nginx accept-ranges bytes etag "44581-5e7cece52944a" content-length 279937 content-type image/png
GET H2	200	%E3%82%B9%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%B3%E3%82%B7%E3%83%A7%E3%83%83%E3%83%88-2022-09-04-8.46.49-1024x645.png k2-ornata.com/wp-content/uploads/2022/09/	96 KB 96 KB	27ms 25ms	Image image/png	157.112.187.75 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://k2-ornata.com/wp-content/uploads/2022/09/%E3%82%B9%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%B3%E3%82%B7%E3%83%A7%E3%83%83%E3%83%88-2022-09-04-8.46.49-1024x645.png Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.112.187.75 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv54.star.ne.jp Software nginx / Resource Hash 58af5aaf2157117d1622e505251b188dd75fd5ebe201eecb96d5ca29b9575ad1 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/splunk_fields_extract_and_display/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT last-modified Sun, 04 Sep 2022 00:18:44 GMT server nginx accept-ranges bytes etag "17e8d-5e7cee7fce8a8" content-length 97933 content-type image/png
GET H2	200	button Show response widgets.getpocket.com/v1/ Frame 025B	840 B 965 B	6ms 6ms	Document text/html	18.65.185.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.getpocket.com/v1/button?label=pocket&count=none&align=left&v=1&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&title=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&src=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&r=0.06500222728674498 Requested by Host: widgets.getpocket.com URL: https://widgets.getpocket.com/v1/j/btn.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.185.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-185-3.nrt57.r.cloudfront.net Software Apache/2.4.52 (Debian) / PHP/7.3.33 Resource Hash 090e91d0216d5b535372999d470de96709409422d3d3ab4898c6a5f807cb71ac Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers access-control-allow-origin https://pocket.com,https://getpocket.com,https://widgets.getpocket.com age 1062 content-encoding gzip content-length 551 content-location button.php content-type text/html; charset=UTF-8 date Sat, 12 Aug 2023 17:48:58 GMT server Apache/2.4.52 (Debian) tcn choice vary Accept-Encoding via 1.1 0bd817a42a89a0fa68e8e7f4e6061dfc.cloudfront.net (CloudFront) x-amz-cf-id 5c79GK8AZ8FULKa5Xr6FHQzaDqKn0syRrKDnWDe8nexfNUfWUyfo2w== x-amz-cf-pop NRT57-P2 x-cache Hit from cloudfront x-powered-by PHP/7.3.33
GET H2	200	settings Show response syndication.twitter.com/ Frame 88E8	869 B 657 B	112ms 101ms	Fetch application/json	104.244.42.72 TWITTER
General Check archive.org Show headers Download Go to Full URL https://syndication.twitter.com/settings?session_id=13cba25ba15d75839865b2a12306b7503e172072 Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fk2-ornata.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.72 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_m / Resource Hash 302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language jp-JP,jp;q=0.9 Referer https://platform.twitter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-response-time 97 date Sat, 12 Aug 2023 18:06:39 GMT content-encoding gzip strict-transport-security max-age=631138519 last-modified Sat, 12 Aug 2023 18:06:40 GMT server tsa_m vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://platform.twitter.com x-transaction-id 94c8199fc710066f cache-control must-revalidate, max-age=600 access-control-allow-credentials true perf 7626143928 x-connection-hash ab0c73c5ae0dc60813a4d41da2bec34ddaaa27ea9baee690b5ce9c94b099c22f content-length 337
GET H/1.1	200 OK	widgetButton.91d9e0cb42c020d8c4b1.css assets.getpocket.com/web/ Frame 025B	3 KB 2 KB	22ms 2ms	Stylesheet text/css	18.65.185.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css Requested by Host: widgets.getpocket.com URL: https://widgets.getpocket.com/v1/button?label=pocket&count=none&align=left&v=1&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&title=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&src=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&r=0.06500222728674498 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.65.185.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-185-94.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash e2d84e6a462105e079059bda163a5e23e9b326ad0cb42e2fef52ecf08e20a92e Request headers accept-language jp-JP,jp;q=0.9 Referer https://widgets.getpocket.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Sat, 27 May 2023 19:55:11 GMT Content-Encoding gzip Via 1.1 d55c8c4c436c0f8ae6ad19ea6aabeb56.cloudfront.net (CloudFront) X-Amz-Cf-Pop NRT57-P2 Age 6646289 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Fri, 26 May 2023 17:49:56 GMT Server AmazonS3 ETag W/"5ae752a86d7f88b510c944c8fdbd4398" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=31536000,s-maxage=31536000 X-Amz-Cf-Id mlM0fph0w4MRxOSIkSsT8SFJar8_-2ymrS8lg8E3uSEw2uTR6OHxHg==
GET H/1.1	200 OK	widgetButton.5d2ff226d41975eecf00.js Show response assets.getpocket.com/web/ Frame 025B	20 KB 8 KB	24ms 2ms	Script application/javascript	18.65.185.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.getpocket.com/web/widgetButton.5d2ff226d41975eecf00.js Requested by Host: widgets.getpocket.com URL: https://widgets.getpocket.com/v1/button?label=pocket&count=none&align=left&v=1&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&title=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&src=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&r=0.06500222728674498 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.65.185.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-185-94.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash caf6f3f218eb933bf45fbfa0048756c9302e86def0cf705566b0b40766af2d30 Request headers accept-language jp-JP,jp;q=0.9 Referer https://widgets.getpocket.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Thu, 20 Jul 2023 17:59:18 GMT Content-Encoding gzip Via 1.1 1a32d5b63476b853ffc0505ea6996c7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop NRT57-P2 Age 1987643 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Thu, 20 Jul 2023 17:07:19 GMT Server AmazonS3 ETag W/"f39be6a0f620a18de0c8ebc69a2a56cc" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=31536000,s-maxage=31536000 X-Amz-Cf-Id rlCRKA-fO8TpmnbshqG0BWQbdoOZq1889IxNn6KhNRfEf8IaR-cErw==
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	39ms 38ms	XHR text/plain	2404:6800:4004:826::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=670558742&t=pageview&_s=1&dl=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&ul=en-us&de=UTF-8&dt=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=634069562&gjid=968200917&cid=163057581.1691863600&tid=UA-161547419-1&_gid=2029864527.1691863600&_r=1&gtm=457e3890&did=dZGIzZG%2CdZTNiMT&gdid=dZGIzZG.dZTNiMT&jsscut=1&z=2120553119 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://k2-ornata.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://k2-ornata.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	standard.svg b.st-hatena.com/images/entry-button/ Frame 0866	785 B 1 KB	2ms 2ms	Image image/svg+xml	18.65.216.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://b.st-hatena.com/images/entry-button/standard.svg Requested by Host: b.st-hatena.com URL: https://b.st-hatena.com/css/entry-button.css?75bbda54f0fbe0152940efb1219b39cef3dae7e3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.216.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-216-105.nrt57.r.cloudfront.net Software nginx / Resource Hash fd5454d70f20662294b9cd2fa1e7cd1e6bebf7e5ea4426259f6f538fa012753b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language jp-JP,jp;q=0.9 Referer https://b.st-hatena.com/css/entry-button.css?75bbda54f0fbe0152940efb1219b39cef3dae7e3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 03 Apr 2023 16:45:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 3a963020e2f0fa2986cf768697d0cf6e.cloudfront.net (CloudFront) x-amz-cf-pop NRT57-P4 age 11323288 x-cache Hit from cloudfront content-length 785 last-modified Thu, 30 Mar 2023 10:06:24 GMT server nginx etag "64255f20-311" content-type image/svg+xml access-control-allow-origin https://b.hatena.ne.jp cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id F91U_mVEwwqzO8iwRVHP2jj4SZo3EqsvqDWDee_KQe3OA9KlNx4-kQ== expires Tue, 02 Apr 2024 16:45:12 GMT
POST H2	204	collect analytics.google.com/g/	0 252 B	74ms 36ms	Ping text/plain	2404:6800:4004:81f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-V1ZLTGDH5L&gtm=45je3890&_p=670558742&_gaz=1&cid=163057581.1691863600&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1691863600&sct=1&seg=0&dl=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&dt=Splunk%E5%9F%BA%E6%9C%AC%E6%93%8D%E4%BD%9C%E3%82%92%E7%A2%BA%E8%AA%8D%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F%EF%BC%88%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E6%8A%BD%E5%87%BA%E3%81%A8%E6%8C%87%E5%AE%9A%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB%E3%83%89%E3%81%AE%E8%A1%A8%E7%A4%BA%EF%BC%89%20%E2%80%93%20k2-ornata&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V1ZLTGDH5L&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://k2-ornata.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 252 B	123ms 53ms	Ping text/plain	2404:6800:4008:c15::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V1ZLTGDH5L&cid=163057581.1691863600&gtm=45je3890&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V1ZLTGDH5L&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4008:c15::9c Taipei, Taiwan, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://k2-ornata.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.co.jp/ads/	42 B 408 B	82ms 42ms	Image image/gif	2404:6800:4004:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V1ZLTGDH5L&cid=163057581.1691863600&gtm=45je3890&aip=1&z=615001739 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:828::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:40 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	393 B 601 B	79ms 39ms	Script text/javascript	2404:6800:4004:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=k2-ornata.com&callback=_gfp_s_&client=ca-pub-8542608062525051 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e5c518f137a042fdb3e26039ff451230c403b678d1ecbc9c5b0981e1eea922b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 250 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame EC8F	188 KB 52 KB	332ms 331ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&adk=1812271804&adf=3025194257&lmt=1691831200&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863599942&bpp=9&bdt=320&idt=222&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1478268297759&frm=20&pv=2&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 49f321055cf5238283172c2f546015289f886af288f7346bcbb60817170356aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 52797 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:40 GMT expires Sat, 12 Aug 2023 18:06:40 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	pocket_button.d3a57cce2ccd22d7db8e29ff66dc09df.png assets.getpocket.com/web/widgetButton/images/ Frame 025B	1 KB 2 KB	2ms 2ms	Image image/png	18.65.185.94 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.getpocket.com/web/widgetButton/images/pocket_button.d3a57cce2ccd22d7db8e29ff66dc09df.png Requested by Host: assets.getpocket.com URL: https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.65.185.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-185-94.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 4022b5ef36894f1e2bcedab9a1574665218e7c0f05408ebe8e8ff689601088db Request headers accept-language jp-JP,jp;q=0.9 Referer https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Sun, 14 May 2023 11:08:37 GMT Via 1.1 1a32d5b63476b853ffc0505ea6996c7a.cloudfront.net (CloudFront) Last-Modified Fri, 12 May 2023 19:52:43 GMT Server AmazonS3 X-Amz-Cf-Pop NRT57-P2 Age 7801084 ETag "d3a57cce2ccd22d7db8e29ff66dc09df" x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront Content-Type image/png Cache-Control max-age=31536000,s-maxage=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 1062 X-Amz-Cf-Id pStbaJj3mcvxKLCYmwkF_RdSvWuTmm2QUMYR1TlgH9pESLVr-mzkIw==
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1D02	120 KB 40 KB	443ms 442ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.524440323~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863599951&bpp=2&bdt=329&idt=241&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R4Qbkmflbl&p=https%3A//k2-ornata.com&dtd=244 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash eff52c3df420a2439a69f17bc376db7ef30d2e8f41f0607072b32c84c2303b1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 40536 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:40 GMT expires Sat, 12 Aug 2023 18:06:40 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	button.e7f9415a2e000feaab02c86dd5802747.js Show response platform.twitter.com/js/	8 KB 3 KB	2ms 2ms	Script application/javascript	2606:2800:248:2f:1d8a:787:dc7:17df EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (tkb/7328) / Resource Hash ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Sat, 12 Aug 2023 18:06:40 GMT Content-Encoding gzip Age 845619 x-amz-server-side-encryption AES256 X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Content-Length 2618 Last-Modified Tue, 24 Jan 2023 21:41:06 GMT Server ECS (tkb/7328) Etag "506673dbdb9085e7201e137e893cc152+gzip" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * x-tw-cdn VZ Cache-Control public, max-age=315360000
GET H/1.1	200 OK	tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response platform.twitter.com/widgets/ Frame 3AA5	37 KB 14 KB	2ms 2ms	Document text/html	2606:2800:248:2f:1d8a:787:dc7:17df EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (tkb/7328) / Resource Hash 1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83 Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 845619 Cache-Control public, max-age=315360000 Content-Encoding gzip Content-Length 14019 Content-Type text/html; charset=utf-8 Date Sat, 12 Aug 2023 18:06:40 GMT Etag "888d7d69b14c1f42e5b7c4c036fd76c6+gzip" Last-Modified Tue, 24 Jan 2023 21:41:11 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (tkb/7328) Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Vary Accept-Encoding X-Cache HIT x-amz-server-side-encryption AES256 x-tw-cdn VZ
GET H2	200	embeds syndication.twitter.com/i/jot/	43 B 127 B	99ms 99ms	Image image/gif	104.244.42.72 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22kei_tsu%22%2C%22widget_creator_screen_name%22%3A%22kei_tsu%22%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1691863600233%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=13cba25ba15d75839865b2a12306b7503e172072 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.72 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_m / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-response-time 96 date Sat, 12 Aug 2023 18:06:40 GMT strict-transport-security max-age=631138519 last-modified Sat, 12 Aug 2023 18:06:40 GMT server tsa_m vary Origin content-type image/gif x-transaction-id 18715e4d33936093 cache-control must-revalidate, max-age=600 perf 7626143928 x-connection-hash ab0c73c5ae0dc60813a4d41da2bec34ddaaa27ea9baee690b5ce9c94b099c22f content-length 43
GET DATA	200 OK	truncated / Frame 3AA5	822 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/	154 KB 52 KB	103ms 103ms	Script text/javascript	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/reactive_library_fy2021.js?bust=31076963 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f3d269065173e7e4acf8b2b9bfd49e29c06ba044ca0166b121a61d6d777ce57a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53696 x-xss-protection 0 server cafe etag 15131058961282002561 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sat, 12 Aug 2023 18:06:40 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame EEA6	114 KB 40 KB	464ms 464ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0f8ebf42847fc339b464f32686a38786e3a50ba7d3d2bc00a463e0ad119fe1cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 40819 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:41 GMT expires Sat, 12 Aug 2023 18:06:41 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 8509	112 KB 39 KB	404ms 404ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca6eb52d2440f6cc6625730a44551c33139ea304aa2b2a0f1d866ded15c3b5dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 40404 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:40 GMT expires Sat, 12 Aug 2023 18:06:40 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 468B	436 B 237 B	472ms 472ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=356689889&adf=3494536798&pi=t.aa~a.1551720530~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600&nras=5&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=4731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gN2cQeuK0Q&p=https%3A//k2-ornata.com&dtd=23 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7b258987c6f5bf3a08827eadc744db1b127550b8475633768270e5c4c4dc1d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 212 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:41 GMT expires Sat, 12 Aug 2023 18:06:41 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 8956	135 KB 50 KB	360ms 359ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 65dddddd9730ad807433c52c7a11979901f6fccd9eb92fdf090f6db2060303c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 51616 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:40 GMT expires Sat, 12 Aug 2023 18:06:40 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1EA7	135 KB 50 KB	486ms 486ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6d2d2f0cad307b9648e5708517d4250eab06f884c9c9f6416d38174af4aea002 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 51571 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:41 GMT expires Sat, 12 Aug 2023 18:06:41 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	css fonts.googleapis.com/ Frame 1D02	806 B 500 B	44ms 44ms	Stylesheet text/css	2404:6800:4004:826::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%9C%AC%E3%82%AA%E9%96%8B%E6%96%B0%E6%96%B9%E4%B8%AD%E3%81%A8%E7%B6%9A%E3%80%85%E3%83%89H%E3%82%BB%E4%BA%8B%E6%8C%81%E3%81%A1%E3%82%B9%E6%9C%80%E9%A1%8C%E3%81%A3%E3%83%9F%E9%A0%98%E3%82%A4%E3%82%92%E8%A6%8B%E3%83%88%E7%9F%A5%E3%81%AE%E3%81%8A%E6%97%A5%E3%83%B3%E4%BA%BA%E3%83%A1%E3%83%8A%E3%82%82%E3%83%AC%E3%82%8B%E8%AA%B2%E3%83%BC%E9%83%A8%E3%81%AB%E5%82%AC%E5%9F%9FR%E3%83%A9 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.524440323~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863599951&bpp=2&bdt=329&idt=241&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R4Qbkmflbl&p=https%3A//k2-ornata.com&dtd=244 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7b00af91df4a43f64a4337379b18fa1eae29429b9696632a582756e434622956 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Aug 2023 18:06:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 12 Aug 2023 18:06:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Aug 2023 18:06:40 GMT
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame 5454	10 KB 4 KB	3ms 2ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers age 48180 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4544 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 04:43:40 GMT etag 12368291122986407432 expires Sat, 26 Aug 2023 04:43:40 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1D02	2 KB 973 B	45ms 3ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.524440323~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863599951&bpp=2&bdt=329&idt=241&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R4Qbkmflbl&p=https%3A//k2-ornata.com&dtd=244 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 03:16:47 GMT content-encoding br x-content-type-options nosniff age 53393 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 03:16:47 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 1D02	23 KB 9 KB	45ms 6ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.524440323~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863599951&bpp=2&bdt=329&idt=241&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R4Qbkmflbl&p=https%3A//k2-ornata.com&dtd=244 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35305 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9094 x-xss-protection 0 server cafe etag 8732331910907961498 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1D02	3 KB 1 KB	45ms 6ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.524440323~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863599951&bpp=2&bdt=329&idt=241&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R4Qbkmflbl&p=https%3A//k2-ornata.com&dtd=244 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35305 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1D02	20 KB 8 KB	41ms 2ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.524440323~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863599951&bpp=2&bdt=329&idt=241&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R4Qbkmflbl&p=https%3A//k2-ornata.com&dtd=244 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35305 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8262 x-xss-protection 0 server cafe etag 6392178368060142121 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1D02	179 KB 57 KB	110ms 72ms	Script text/javascript	2404:6800:4004:822::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.524440323~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863599951&bpp=2&bdt=329&idt=241&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R4Qbkmflbl&p=https%3A//k2-ornata.com&dtd=244 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57470 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1691580806885528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Aug 2023 18:06:40 GMT
GET H2	200	1ecb17048d796ff7836f25d4dc1a1361.js Show response www.gstatic.com/mysidia/ Frame 1D02	33 KB 14 KB	44ms 2ms	Script text/javascript	2404:6800:4004:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.524440323~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863599951&bpp=2&bdt=329&idt=241&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R4Qbkmflbl&p=https%3A//k2-ornata.com&dtd=244 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 08:03:30 GMT content-encoding gzip x-content-type-options nosniff age 208990 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14130 x-xss-protection 0 last-modified Wed, 09 Aug 2023 16:01:51 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 08 Nov 2023 08:03:30 GMT
GET H3	200	css2 fonts.googleapis.com/ Frame 5454	4 KB 671 B	42ms 42ms	Stylesheet text/css	2404:6800:4004:826::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Aug 2023 18:06:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 12 Aug 2023 17:31:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Aug 2023 18:06:40 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 5454	205 B 295 B	37ms 3ms	Image image/png	2404:6800:4004:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 20:31:12 GMT x-content-type-options nosniff age 77728 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 10 Aug 2024 20:31:12 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 5454	604 B 920 B	36ms 3ms	Image image/png	2404:6800:4004:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 15:57:29 GMT x-content-type-options nosniff age 180551 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 09 Aug 2024 15:57:29 GMT
GET H2	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 5454	15 KB 6 KB	33ms 3ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 03:16:44 GMT content-encoding br x-content-type-options nosniff age 53396 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6441 x-xss-protection 0 server cafe etag 14691725014340836395 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 03:16:44 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 5454	20 KB 8 KB	33ms 4ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 03:16:45 GMT content-encoding br x-content-type-options nosniff age 53395 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8576 x-xss-protection 0 server cafe etag 10593844011591499743 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 03:16:45 GMT
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/2090779118354810083/ Frame 1D02	31 KB 32 KB	33ms 4ms	Image image/jpeg	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2090779118354810083/14763004658117789537?w=600&h=314 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.524440323~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863599951&bpp=2&bdt=329&idt=241&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R4Qbkmflbl&p=https%3A//k2-ornata.com&dtd=244 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1f5c3b9f86b7a868ed8e30d8360730c8af7c62e9ee77ef4db53e015078c04033 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 15:08:28 GMT x-content-type-options nosniff age 10692 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32178 x-xss-protection 0 last-modified Fri, 23 Jun 2023 03:45:10 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 11 Aug 2024 15:08:28 GMT
GET DATA	200 OK	truncated / Frame 1D02	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 1D02	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 1D02	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1e568d4fe642e930026d531e299983f6e961f6cbcd00dd9ef28ed5e724dd7a3a Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET H3	200	css fonts.googleapis.com/ Frame DCD7	398 B 385 B	38ms 38ms	Stylesheet text/css	2404:6800:4004:826::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%81%A6%E3%80%81%E3%82%AA%E4%BD%8E%E9%96%8B%E6%90%8D%E7%B4%84%E5%A4%B1S%E3%83%95%E3%83%83I%E6%9D%A58%E3%81%97%25%E3%83%81%E6%B8%9BG%E3%82%8B%E3%83%BC%E3%82%BF%E3%83%B3%E3%82%92i%E3%82%A4%E6%AF%94%E3%80%82%20%E3%81%8F%E8%BC%83%E5%BE%93BT%E3%82%B9%E3%82%B00%E3%81%98%E3%81%A8%E9%96%89 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 75471408c3de747fdb66db3ed165ce6d570a7537be23931c7ce54b923e85af33 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Aug 2023 18:06:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 12 Aug 2023 18:06:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Aug 2023 18:06:40 GMT
GET H3	200	css fonts.googleapis.com/ Frame DCD7	14 KB 1 KB	42ms 42ms	Stylesheet text/css	2404:6800:4004:826::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Aug 2023 18:06:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 12 Aug 2023 17:42:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Aug 2023 18:06:40 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame DCD7	2 KB 926 B	3ms 2ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 03:16:47 GMT content-encoding br x-content-type-options nosniff age 53393 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 03:16:47 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame DCD7	23 KB 9 KB	2ms 2ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35305 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9094 x-xss-protection 0 server cafe etag 8732331910907961498 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6F78	143 B 166 B	4ms 3ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers age 2636 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 17:22:44 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame DCD7	3 KB 1 KB	4ms 1ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35305 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame DCD7	20 KB 8 KB	4ms 2ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35305 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8262 x-xss-protection 0 server cafe etag 6392178368060142121 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame DCD7	179 KB 56 KB	88ms 86ms	Script text/javascript	2404:6800:4004:822::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:40 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57470 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1691580806885528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Aug 2023 18:06:40 GMT
GET H2	200	1ecb17048d796ff7836f25d4dc1a1361.js Show response www.gstatic.com/mysidia/ Frame DCD7	33 KB 14 KB	4ms 2ms	Script text/javascript	2404:6800:4004:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 08:03:30 GMT content-encoding gzip x-content-type-options nosniff age 208990 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14130 x-xss-protection 0 last-modified Wed, 09 Aug 2023 16:01:51 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 08 Nov 2023 08:03:30 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6F78 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	172ms 172ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:41 GMT expires Sat, 12 Aug 2023 18:06:41 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:40 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	font fonts.gstatic.com/l/ Frame 1D02	21 KB 21 KB	3ms 2ms	Font text/html	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqF0x83ZGqQ91jqLBpTNTWdW0E0gj_Opibkw927v-3gHvmiJEPn7D30Xd_y6VvMthFprckRTX8IWDN8-aIun8arDPAq3thxolrQshlGoZRUpm7i4p45_-87nMVHBX9bVphGw7thgcLtWxIi-BxzCkJd56ck-NRIVqrlxKlLHOmBMZ4Y-dpe3BNCcjYuTnmEwy5P&skey=72472b0eb8793570&v=v52 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%9C%AC%E3%82%AA%E9%96%8B%E6%96%B0%E6%96%B9%E4%B8%AD%E3%81%A8%E7%B6%9A%E3%80%85%E3%83%89H%E3%82%BB%E4%BA%8B%E6%8C%81%E3%81%A1%E3%82%B9%E6%9C%80%E9%A1%8C%E3%81%A3%E3%83%9F%E9%A0%98%E3%82%A4%E3%82%92%E8%A6%8B%E3%83%88%E7%9F%A5%E3%81%AE%E3%81%8A%E6%97%A5%E3%83%B3%E4%BA%BA%E3%83%A1%E3%83%8A%E3%82%82%E3%83%AC%E3%82%8B%E8%AA%B2%E3%83%BC%E9%83%A8%E3%81%AB%E5%82%AC%E5%9F%9FR%E3%83%A9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 35558e69878ad0da3b1995878e9baca8633a9e2c5ea45d57cae9052c0074d9b6 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 15:43:02 GMT x-content-type-options nosniff age 8618 content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32 cross-origin-resource-policy cross-origin content-disposition attachment; filename="font.woff2"; filename*=UTF-8''font.woff2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21600 x-xss-protection 0 last-modified Tue, 02 May 2023 23:59:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/html; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 timing-allow-origin * expires Sat, 12 Aug 2023 15:43:02 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 1D02 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CZ6m1MMrXZNH3Deu8vcAPlIW5uAycztiYcuCzxr6yEWQQASCp1Yt8YInzxYT0E6ABksCkzgPIAQmpAlR6jWqroD0-qAMByAPLBKoEngJP0B9sOwvQhwrlvUJIxgY06G7-NRtDyJgsN_6A_MP... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x544512404810d77c0000000000000000%22,%222%22:%220x6feb319e52abd8bb0000000000000000%22,%225%22:%220x1154df...	0 0	75ms 37ms	Fetch text/css	142.251.42.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x544512404810d77c0000000000000000%22,%222%22:%220x6feb319e52abd8bb0000000000000000%22,%225%22:%220x1154df82ac9163e70000000000000000%22},%22debug_key%22:%225247785587827652255%22,%22debug_reporting%22:true,%22destination%22:%22https://jinjibu.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22969482258%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228679320089627176449%22}&andc=true Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.251.42.130 Marriottsville, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x544512404810d77c0000000000000000","2":"0x6feb319e52abd8bb0000000000000000","5":"0x1154df82ac9163e70000000000000000"},"debug_key":"5247785587827652255","debug_reporting":true,"destination":"https://jinjibu.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["969482258"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"8679320089627176449"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 12 Aug 2023 18:06:41 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Sat, 12 Aug 2023 18:06:40 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x544512404810d77c0000000000000000","2":"0x6feb319e52abd8bb0000000000000000","5":"0x1154df82ac9163e70000000000000000"},"debug_key":"5247785587827652255","debug_reporting":true,"destination":"https://jinjibu.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["969482258"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"8679320089627176449"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response pagead2.googlesyndication.com/bg/ Frame 2EC7	37 KB 14 KB	3ms 2ms	Script text/javascript	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=280&adk=3249203467&adf=3091479131&pi=t.aa~a.524440323~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=1200x280&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863599951&bpp=2&bdt=329&idt=241&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R4Qbkmflbl&p=https%3A//k2-ornata.com&dtd=244 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 06:27:49 GMT content-encoding br x-content-type-options nosniff age 128331 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14663 x-xss-protection 0 last-modified Mon, 07 Aug 2023 12:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 10 Aug 2024 06:27:49 GMT
GET H3	200	css fonts.googleapis.com/ Frame 8956	10 KB 858 B	39ms 39ms	Stylesheet text/css	2404:6800:4004:826::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500&lang=ja Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 09acf09dd7178b79bcd031a0893529d17e62fd10b5f87cf157d06f6cba5438b8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Aug 2023 18:06:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 12 Aug 2023 18:06:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Aug 2023 18:06:41 GMT
GET H3	200	css fonts.googleapis.com/ Frame 8956	120 KB 31 KB	45ms 44ms	Stylesheet text/css	2404:6800:4004:826::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500|Noto+Sans+JP:400&text= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 775921f6bb3445ce119055dc4d6b4ed9bb387ff7c64284d2709b6206904624f8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Aug 2023 18:06:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 12 Aug 2023 18:06:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Aug 2023 18:06:41 GMT
GET H3	200	m_js_controller_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8956	34 KB 13 KB	5ms 4ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/m_js_controller_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ea3021e1f6152f16fa8b40a93d5d0cb8e5681bc84bb78c575a71acfa9c7400b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 03:40:43 GMT content-encoding br x-content-type-options nosniff age 51958 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13555 x-xss-protection 0 server cafe etag 1106533797828040066 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 03:40:43 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8956	179 KB 56 KB	54ms 54ms	Script text/javascript	2404:6800:4004:822::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57470 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1691580806885528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Aug 2023 18:06:41 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 8956	23 KB 9 KB	2ms 2ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35306 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9094 x-xss-protection 0 server cafe etag 8732331910907961498 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8956	3 KB 1 KB	2ms 2ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35306 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8956	20 KB 8 KB	4ms 4ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35306 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8262 x-xss-protection 0 server cafe etag 6392178368060142121 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 8956	0 0	40ms 40ms	Image text/html	2404:6800:4004:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPIFisBXkGWNA-cU5yctOA9jCEdVxLl9gMH6H3W8guFyToC-L-iim7gBkcc4pJuyhh1U30kZUzNupuyxt7KN00F6U-5g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:828::2004 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	88ms 42ms	Preflight text/html	142.251.42.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x544512404810d77c0000000000000000%22,%222%22:%220x6feb319e52abd8bb0000000000000000%22,%225%22:%220x1154df82ac9163e70000000000000000%22},%22debug_key%22:%225247785587827652255%22,%22debug_reporting%22:true,%22destination%22:%22https://jinjibu.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22969482258%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228679320089627176449%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.42.130 Marriottsville, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sat, 12 Aug 2023 18:06:41 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	css fonts.googleapis.com/ Frame 8509	1 KB 420 B	40ms 39ms	Stylesheet text/css	2404:6800:4004:826::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E4%BC%9A0I%E3%83%95%E3%80%91%E4%BC%81%E3%81%BF%E3%81%9B%E5%88%86%E3%83%97%E5%83%8D%E3%82%AA%E3%83%A9%E3%83%A0%E3%80%81%E3%83%88%E3%83%AA%E3%83%BC3%E3%81%AE%E3%83%B3%E3%82%A4%E3%82%92%EF%BC%9F%E4%BA%BAS%E3%81%A7%E4%B8%8A%E6%B1%82%E5%B8%82%E8%AA%AC%E6%98%8EH%E6%96%BD%E3%80%82%E6%A5%AD%E3%81%BEF%E3%82%93%E3%81%A6%E5%A0%B4%E3%83%AB%E3%83%A2%E3%81%8BT%E3%80%90%E5%AE%9F%E3%81%84%E4%B8%AD Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d2d26f48eecdfe1a8ebe977c3b748ec311f9e49c3169ab4c1da89a7b64c0daf1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Aug 2023 18:06:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 12 Aug 2023 18:06:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Aug 2023 18:06:41 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8509	2 KB 892 B	5ms 4ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 03:16:47 GMT content-encoding br x-content-type-options nosniff age 53394 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 03:16:47 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 8509	23 KB 9 KB	4ms 4ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35306 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9094 x-xss-protection 0 server cafe etag 8732331910907961498 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8509	3 KB 1 KB	5ms 5ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35306 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame EC0B	1 KB 643 B	5ms 4ms	Document text/html	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers age 45015 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 05:36:26 GMT etag 48472445140208031 expires Sun, 13 Aug 2023 05:36:26 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8509	20 KB 8 KB	4ms 4ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35306 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8262 x-xss-protection 0 server cafe etag 6392178368060142121 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8509	179 KB 56 KB	103ms 102ms	Script text/javascript	2404:6800:4004:822::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57470 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1691580806885528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Aug 2023 18:06:41 GMT
GET H3	200	1ecb17048d796ff7836f25d4dc1a1361.js Show response www.gstatic.com/mysidia/ Frame 8509	33 KB 14 KB	5ms 4ms	Script text/javascript	2404:6800:4004:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 08:03:30 GMT content-encoding gzip x-content-type-options nosniff age 208991 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14130 x-xss-protection 0 last-modified Wed, 09 Aug 2023 16:01:51 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 08 Nov 2023 08:03:30 GMT
GET H3	200	2076313506083323656 tpc.googlesyndication.com/simgad/1370130638511078271/ Frame 8509	35 KB 35 KB	5ms 5ms	Image image/jpeg	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1370130638511078271/2076313506083323656 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce8f81c37a8f5b58f272ce4569a1d990659a5e11a7d35ee695b1a03c1f75d356 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 15:13:49 GMT x-content-type-options nosniff age 10372 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35495 x-xss-protection 0 last-modified Fri, 27 Jan 2023 08:32:14 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 11 Aug 2024 15:13:49 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/2097188841725081800/ Frame 8509	1 KB 1 KB	5ms 5ms	Image image/png	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2097188841725081800/14763004658117789537?w=100&h=100 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2e9d7362e9a4dc0e3807bf888a33d6d2387cbebea6b48351a99d14114cee5054 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 20:49:27 GMT x-content-type-options nosniff age 163034 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1100 x-xss-protection 0 last-modified Sun, 26 Jun 2022 19:06:43 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 09 Aug 2024 20:49:27 GMT
GET DATA	200 OK	truncated / Frame 8509	221 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	css fonts.googleapis.com/ Frame EEA6	998 B 480 B	39ms 39ms	Stylesheet text/css	2404:6800:4004:826::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%83%E9%9B%BBA%E5%90%91%E3%83%95%E3%81%9B%E3%82%89%E7%99%82%E6%BA%90%E3%83%BC%E3%82%BF%E6%96%B0%E6%8A%80%E5%BF%9C%E3%82%82%E5%BC%8F%E3%83%8B%E3%81%AA%E3%81%91%E5%AE%89%E3%81%A3%E3%83%96%E7%A4%BE%E3%80%82%E3%82%8A%E3%81%B8%E3%81%A6%E5%85%A8%E6%A0%AA%E3%83%80%E6%A0%BC61C%E3%82%84%E8%A6%8F%E3%81%AB%E4%BC%9A%E3%81%99%E5%9F%BA%E5%8C%BB%E6%BA%96%E3%82%A1%E5%95%8F%E5%B0%8F%E5%90%88%E3%83%97%E6%9C%80%E8%A6%81%E3%81%AE%E8%A1%93%E3%81%8A%E3%83%88%E3%82%8F%E3%82%A4%E8%A1%8C%E3%83%A60%E5%BF%85%E3%82%A2%E5%AF%BE%E3%81%BE%E3%81%8B%E3%81%84%E3%83%AD Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 86838bcb0e2fabe07b8a7f8339f340b3cc283e10f43e00faaaf1639ed11cdda1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Aug 2023 18:06:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 12 Aug 2023 18:06:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Aug 2023 18:06:41 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame EEA6	2 KB 892 B	3ms 2ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 03:16:47 GMT content-encoding br x-content-type-options nosniff age 53394 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 03:16:47 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame EEA6	23 KB 9 KB	4ms 3ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35306 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9094 x-xss-protection 0 server cafe etag 8732331910907961498 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame EEA6	3 KB 1 KB	4ms 4ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35306 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame EEA6	20 KB 8 KB	4ms 3ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35306 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8262 x-xss-protection 0 server cafe etag 6392178368060142121 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame EEA6	0 0	39ms 38ms	Image text/html	2404:6800:4004:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTybfg2P44gIdCtrk1I47bjKOYxdi1B29Pa3j1fXkGp9-FoVW5O6lA9C8BNBmX6cSLwWDFfT2NJhkL7Qy4_otxmJj8zjg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:828::2004 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame EEA6	179 KB 56 KB	56ms 56ms	Script text/javascript	2404:6800:4004:822::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57470 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1691580806885528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Aug 2023 18:06:41 GMT
GET H3	200	1ecb17048d796ff7836f25d4dc1a1361.js Show response www.gstatic.com/mysidia/ Frame EEA6	33 KB 14 KB	2ms 2ms	Script text/javascript	2404:6800:4004:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 08:03:30 GMT content-encoding gzip x-content-type-options nosniff age 208991 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14130 x-xss-protection 0 last-modified Wed, 09 Aug 2023 16:01:51 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 08 Nov 2023 08:03:30 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 7504	1 KB 643 B	5ms 2ms	Document text/html	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers age 45015 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 05:36:26 GMT etag 48472445140208031 expires Sun, 13 Aug 2023 05:36:26 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/4266985673206972475/ Frame EEA6	634 B 661 B	3ms 2ms	Image image/png	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4266985673206972475/14763004658117789537?w=100&h=100 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 522a8a0fdd72ec416503be19b1698d29e73dbbed7da5eecf713214180d8c7ebb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 07:02:04 GMT x-content-type-options nosniff age 126277 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 634 x-xss-protection 0 last-modified Sun, 26 Jun 2022 22:35:54 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 10 Aug 2024 07:02:04 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/1361685943227427481/ Frame EEA6	19 KB 19 KB	4ms 3ms	Image image/jpeg	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1361685943227427481/14763004658117789537?w=400&h=209 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 081357c67c00b111fb37e8a59d5a5314825e918e1f4d0065e922cbf63615ed63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 07:25:03 GMT x-content-type-options nosniff age 38498 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19081 x-xss-protection 0 last-modified Tue, 28 Jun 2022 18:07:35 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 11 Aug 2024 07:25:03 GMT
GET DATA	200 OK	truncated / Frame EEA6	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67e46831a7b2ca2baeafbddecb78dc507c001d7ae93962e423d2782e02f9d81c Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame EEA6	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EC0B Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBzJ_LcAljHqNezet9ib7os&google_cver=1&google_push=AXcoOmRg2syyKlHrI68yAM8Mi4lbgasVxdpCkPm_VMZrb5WFlR0wC6S50i9gVvGhLA-Xm3t_90UCYV4B2YX9Ws-M7ick87RZsL-ksw https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg1NTYxMzU4NDM3NjE3OTg2Nw==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELe5Y6Ba0dIBxUKkCxONkOA&google_cver=1	43 B 398 B	453ms 59ms	Image image/gif	2001:df2:a300:bbbb::135 TURN-US-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELe5Y6Ba0dIBxUKkCxONkOA&google_cver=1 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Server 2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELe5Y6Ba0dIBxUKkCxONkOA&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame EC0B Redirect Chain https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFV2SrTtkObfZ7pDpVq4WeU&google_cver=1&google_push=AXcoOmRtbAO2uYXx1q8wPAlMdy6anv5nflirsWm9HeDNAkOUTuu1pGE... https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=b7f87dc9f841b0c&is_secure=true&networkId=14000&version=1&google_gid=CAESEFV2SrTtkObfZ7pDpVq4WeU&google_cver=1&google_push=AXcoOmRtbAO2u... https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJqtiIndYdnwMb3IM9AAAAAAA&expiration=1691950001&google_cver=1&is_secure=true&google_gid=CAESEFV2SrTtkObfZ7pDpVq4W...	170 B 188 B	46ms 45ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJqtiIndYdnwMb3IM9AAAAAAA&expiration=1691950001&google_cver=1&is_secure=true&google_gid=CAESEFV2SrTtkObfZ7pDpVq4WeU&google_push=AXcoOmRtbAO2uYXx1q8wPAlMdy6anv5nflirsWm9HeDNAkOUTuu1pGEy8g42NaSTduwIyf2F7cnbzvOse_FsmymohI5jS2x8eTULqpw Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" location https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJqtiIndYdnwMb3IM9AAAAAAA&expiration=1691950001&google_cver=1&is_secure=true&google_gid=CAESEFV2SrTtkObfZ7pDpVq4WeU&google_push=AXcoOmRtbAO2uYXx1q8wPAlMdy6anv5nflirsWm9HeDNAkOUTuu1pGEy8g42NaSTduwIyf2F7cnbzvOse_FsmymohI5jS2x8eTULqpw cache-control no-cache, private, max-age=0, no-store content-length 0 expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame EC0B Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM7P2M3MCGXCZPcnC9Wonyk&google_push=AXcoOmR4kV83Naqsne2kuhKN8q0-6PGZIxMTY5Mk56xI3zeDusAQ89zgah...	170 B 188 B	43ms 43ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM7P2M3MCGXCZPcnC9Wonyk&google_push=AXcoOmR4kV83Naqsne2kuhKN8q0-6PGZIxMTY5Mk56xI3zeDusAQ89zgahnfNf04Aohh-ajilUXBVA93sujkttmKmhSuEBHstDlyrHM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-nrt-rjtf7700025-NRT pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1691863601.155887,VS0,VE161 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM7P2M3MCGXCZPcnC9Wonyk&google_push=AXcoOmR4kV83Naqsne2kuhKN8q0-6PGZIxMTY5Mk56xI3zeDusAQ89zgahnfNf04Aohh-ajilUXBVA93sujkttmKmhSuEBHstDlyrHM cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame EC0B Redirect Chain https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmSJ7-7NK9HlQIBXFOOJm1yVPRjpbwJtnbrCQknLzMwkJleRT9MINivutPBNzUAj0vaBPL0PGEZHlREVOjLa3D3XlFd6Pb-u7Q&google_gid=CAESEMqqQocJMaePkLoUdruTffs&goog... https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AXcoOmSJ7-7NK9HlQIBXFOOJm1yVPRjpbwJtnbrCQknLzMwkJleRT9MINivutPBNzUAj0vaBPL0PGEZHlREVOjLa3D3XlFd6Pb-u7Q&google_gid=CAESEMqqQocJMaePkLoUdruT... https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmSJ7-7NK9HlQIBXFOOJm1yVPRjpbwJtnbrCQknLzMwkJleRT9MINivutPBNzUAj0vaBPL0PGEZHlREVOjLa3D3XlFd6Pb-u7Q&google_hm=Adi_WvbW0NgOks8AD7P3...	170 B 329 B	42ms 41ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmSJ7-7NK9HlQIBXFOOJm1yVPRjpbwJtnbrCQknLzMwkJleRT9MINivutPBNzUAj0vaBPL0PGEZHlREVOjLa3D3XlFd6Pb-u7Q&google_hm=Adi_WvbW0NgOks8AD7P3pMDQaMA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H2 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT via 1.1 8246396d0e0c0de7666d18eae9856bde.cloudfront.net (CloudFront) server Logicad x-amz-cf-pop NRT57-P1 x-cache Miss from cloudfront p3p CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml" location https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmSJ7-7NK9HlQIBXFOOJm1yVPRjpbwJtnbrCQknLzMwkJleRT9MINivutPBNzUAj0vaBPL0PGEZHlREVOjLa3D3XlFd6Pb-u7Q&google_hm=Adi_WvbW0NgOks8AD7P3pMDQaMA cache-control no-cache content-length 0 x-amz-cf-id QEXYWx-lxbD6zx4h0qMY9hsOD_3-8FsX74Evus5-mVQqrS7C1ssHlw== expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame EC0B Redirect Chain https://fksnk.com/cs/google?google_gid=CAESEC9Jdzmu0PD_uYizAlK94NQ&google_cver=1&google_push=AXcoOmSkmidpN8x_E5Fs-qHEQQJ4DT2x0OW5vWNBN7t-lBeWZsHEJ0g8rELF5LZBeSy9TGaIv5CxFN9uY55uGH5l2IxxoE-NpYdCXaQ https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QkVFNzA1MUExRjg5OUFGOA==	170 B 188 B	41ms 40ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QkVFNzA1MUExRjg5OUFGOA== Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QkVFNzA1MUExRjg5OUFGOA== date Sat, 12 Aug 2023 18:06:41 GMT content-language en-US content-type text/html;charset=ISO-8859-1
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame EC0B	43 B 363 B	8ms 2ms	Image image/gif	182.161.74.16 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmREWSbibxvfvwoU-0RA3dvY3z_iDA316ixRJwwlxK3iC_AgGQqaPA0kzBviBgRAbuhkvOxXznQSnHlrd-LnmmIWVnpz0C4iC54&google_gid=CAESEGVvvdybUllIhvCPgA6nwTo&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:40 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 194706 expires Sat, 12 Aug 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame EC0B Redirect Chain https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEBU26pNUZvaeke182xEIW_o&google_cver=1&google_push=AXcoOmRKSXrg1dRd5bRPZkooTMmStmPzeskM7adFwFZDKS87aIzif9NbbKQM-QZOKekfr18HhpUJ8bnDOlTQv9g... https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ISXooLOXVytpHVJTgUrD5ZJGydk&google_push=AXcoOmRKSXrg1dRd5bRPZkooTMmStmPzeskM7adFwFZDKS87aIzif9NbbKQM-QZOKekfr18HhpUJ8bnDOlTQv9...	170 B 188 B	43ms 43ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ISXooLOXVytpHVJTgUrD5ZJGydk&google_push=AXcoOmRKSXrg1dRd5bRPZkooTMmStmPzeskM7adFwFZDKS87aIzif9NbbKQM-QZOKekfr18HhpUJ8bnDOlTQv9gkmkNcNvsH0rCoxw Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ISXooLOXVytpHVJTgUrD5ZJGydk&google_push=AXcoOmRKSXrg1dRd5bRPZkooTMmStmPzeskM7adFwFZDKS87aIzif9NbbKQM-QZOKekfr18HhpUJ8bnDOlTQv9gkmkNcNvsH0rCoxw Date Sat, 12 Aug 2023 18:06:41 GMT Connection keep-alive Content-Length 244 Content-Type text/html; charset=utf-8
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame EC0B	0 139 B	78ms 37ms	Image text/html	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IbSUJGfIiv-3MY6vZasrzofBbTdqy4MGqDTR7k42kjdzSK3Qs3hGJLpD7lwBnhxPuLkXSH Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/2090779118354810083/ Frame 8956	42 KB 43 KB	85ms 85ms	Image image/jpeg	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2090779118354810083/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI8wMQhQIYASABLQAAAD8w9AM4hQJFAACAPw&rs=AOga4qlDlaMnty0ymDxxBxlmFziYX-YSdw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c5c873b6124b9d552c942c76e4f72d449bc2656365b207260cf2ef1e6eae89a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43495 x-xss-protection 0 last-modified Fri, 23 Jun 2023 03:45:10 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 11 Aug 2024 18:06:41 GMT
GET H3	200	css fonts.googleapis.com/ Frame 1EA7	10 KB 858 B	42ms 42ms	Stylesheet text/css	2404:6800:4004:826::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500&lang=ja Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 09acf09dd7178b79bcd031a0893529d17e62fd10b5f87cf157d06f6cba5438b8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Aug 2023 18:06:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 12 Aug 2023 18:06:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Aug 2023 18:06:41 GMT
GET H3	200	css fonts.googleapis.com/ Frame 1EA7	120 KB 31 KB	48ms 48ms	Stylesheet text/css	2404:6800:4004:826::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500|Noto+Sans+JP:400&text= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 775921f6bb3445ce119055dc4d6b4ed9bb387ff7c64284d2709b6206904624f8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Aug 2023 18:06:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 12 Aug 2023 18:06:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Aug 2023 18:06:41 GMT
GET H3	200	m_js_controller_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1EA7	34 KB 13 KB	2ms 2ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/m_js_controller_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ea3021e1f6152f16fa8b40a93d5d0cb8e5681bc84bb78c575a71acfa9c7400b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 03:40:43 GMT content-encoding br x-content-type-options nosniff age 51958 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13555 x-xss-protection 0 server cafe etag 1106533797828040066 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 03:40:43 GMT
GET H3	200	u-440qyriQwlOrhSvowK_l5-fCZM.woff2 fonts.gstatic.com/s/merriweather/v30/ Frame 8956	20 KB 20 KB	3ms 3ms	Font font/woff2	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500&lang=ja Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 12:46:31 GMT x-content-type-options nosniff age 105610 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20028 x-xss-protection 0 last-modified Tue, 26 Apr 2022 16:41:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 10 Aug 2024 12:46:31 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 8956	16 KB 16 KB	3ms 2ms	Font font/woff2	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500&lang=ja Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 09:04:09 GMT x-content-type-options nosniff age 118952 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 10 Aug 2024 09:04:09 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1EA7	179 KB 56 KB	44ms 44ms	Script text/javascript	2404:6800:4004:822::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57470 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1691580806885528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Aug 2023 18:06:41 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 1EA7	23 KB 9 KB	2ms 2ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35306 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9094 x-xss-protection 0 server cafe etag 8732331910907961498 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1EA7	3 KB 1 KB	3ms 3ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35306 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1EA7	20 KB 8 KB	2ms 2ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:18:15 GMT content-encoding br x-content-type-options nosniff age 35306 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8262 x-xss-protection 0 server cafe etag 6392178368060142121 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Aug 2023 08:18:15 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 1EA7	0 0	38ms 37ms	Image text/html	2404:6800:4004:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgOR_Gb6zhpMG-O3QWQqIinleUtXBi-di4PdhBTTd-hTv7UjgQ6tlj_y2MI_EQ5XQxDV_9CHEbmLhT5ogCyJcskJ1cKQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:828::2004 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
GET H3	200	CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response pagead2.googlesyndication.com/bg/ Frame 1723	37 KB 14 KB	2ms 2ms	Script text/javascript	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 06:27:49 GMT content-encoding br x-content-type-options nosniff age 128332 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14663 x-xss-protection 0 last-modified Mon, 07 Aug 2023 12:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 10 Aug 2024 06:27:49 GMT
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 7504 Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBWPIAnkSWmqVFqHZ-udQyA&google_cver=1&google_push=AXcoOmTQl_GwkP8y1mBOUfHiZusihKzSajSmYOGogPsTsAWa9pzUY7Fg9yRGRWHF1HAU1gxZY1ZBSKqbaPssY_pCt_LoACzxLItLaMQ https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc4MzU1NTk5MDMzODI1MTkzMQ==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELe5Y6Ba0dIBxUKkCxONkOA&google_cver=1	43 B 398 B	450ms 57ms	Image image/gif	2001:df2:a300:bbbb::135 TURN-US-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELe5Y6Ba0dIBxUKkCxONkOA&google_cver=1 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Server 2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELe5Y6Ba0dIBxUKkCxONkOA&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame 7504	35 B 464 B	241ms 78ms	Image image/gif	2620:116:800e:21:c338:3a39:7c0b:1a51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH-1mAIw71pie064XsnKTPI&google_cver=1&google_push=AXcoOmQjJJqMddF0UAtD8KXfJkxGPJ8ivncjNJp4MKeapoUPRYP01NyAMA-noj3JL1MZmLHKU2Qc0XfrDFRI8L8I29K1irSmni3s4T0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800e:21:c338:3a39:7c0b:1a51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H/1.1	200 OK	sync gdn.socdm.com/rtb/ Frame 7504 Redirect Chain https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEEe38akeFM6zhnZaGUHLemQ&google_cver=1&google_push=AXcoOmQCAVjqfE823jbjXLBi5YMU7DWT4jQUgxQmfocaDrnK6lvT8Zzd2vFZ0RQG9KCk9... https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=Wk5mS01jQ281dEVBQU56enB0WUFBQUFB https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESECC-hJKAO04J1U-dS4tNMrc&google_cver=1	43 B 947 B	14ms 6ms	Image image/gif	202.241.208.3 IDCF IDC Frontier...
General Check archive.org Show headers Download Go to Show image Full URL https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESECC-hJKAO04J1U-dS4tNMrc&google_cver=1 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol HTTP/1.1 Server 202.241.208.3 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP), Reverse DNS Software nginx / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Sat, 12 Aug 2023 18:06:41 GMT X-SO-LB-Data {"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESECC-hJKAO04J1U-dS4tNMrc&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.217","key":"ZNfKMcCo5tEAANzzptYAAAAA","privacy_sensitive":false,"uid":"ZNfKMcCo5tEAANzzptYAAAAA","upstream_id":"m-ad49"} X-SO-Key ZNfKMcCo5tEAANzzptYAAAAA X-SO-Upstream-ID m-ad49 P3P CP="See also http://www.scaleout.jp/privacy/" X-SO-HostName m-ad49.dc4p.scaleout.jp X-SO-UID ZNfKMcCo5tEAANzzptYAAAAA Connection keep-alive Content-Length 43 X-SO-IP 146.70.201.217 X-SO-Cluster-ID 0 Server nginx Content-Type image/gif Cache-Control private X-SO-Ads-Time 2 X-SO-LB-Hostname a-ng40007.dc2p.scaleout.jp Redirect headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESECC-hJKAO04J1U-dS4tNMrc&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 318 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 7504 Redirect Chain https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmRYM_tMmebfqq245awBLB6sS9yqfvxNT5ZAlZsHcMq20VlK0PZlsAi5hJru4VeP_5gFUwHQrS5HJMKTKuzkXK7HUIoV5sYVTWw&google_gid=CAESEGK_4MGdyV8ube8mXUYN9PI&... https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLGU36YGEgUI6AcQAEIASnNnb29nbGVfcHVzaD1BWGNvT21SWU1fdE1tZWJmcXEyNDVhd0JMQjZzUzl5cWZ2eE5UNVpBbFpzSGNNcTIwVmxLMFBabHNBaTVoSnJ1NFZlUF81Z0ZVd0hRclM1SEpNS1RLdX... https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRWdqaUpPbTZOTmR6YlBGbDJNQXRET1gxUGtNMzRjaW9DaVZUUVIwdExtYw==&google_push	170 B 188 B	41ms 41ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRWdqaUpPbTZOTmR6YlBGbDJNQXRET1gxUGtNMzRjaW9DaVZUUVIwdExtYw==&google_push Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 12 Aug 2023 18:06:41 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRWdqaUpPbTZOTmR6YlBGbDJNQXRET1gxUGtNMzRjaW9DaVZUUVIwdExtYw==&google_push cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 7504 Redirect Chain https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEBYPVQt0SsOPxTvVuRwYvts&google_cver=... https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NjJjYmIzOGUtOTk1Ny00YjhiLWEzNjctZDQ4NjkzODY3YTc3&google_gid=CAESEBYPVQt0SsOPxTvVuRwYvts&google_cver=1&google_push=AXcoOmS-...	170 B 188 B	42ms 41ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NjJjYmIzOGUtOTk1Ny00YjhiLWEzNjctZDQ4NjkzODY3YTc3&google_gid=CAESEBYPVQt0SsOPxTvVuRwYvts&google_cver=1&google_push=AXcoOmS-ZLyFYV-wYVG6xaSM0nal-ov9R79sN_K2J1Q2CCaeV8MkMSJkOQJKQwaVqugeyQzDlpA1MopavbuMjJyRt7VcaDpbDjg39mM Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NjJjYmIzOGUtOTk1Ny00YjhiLWEzNjctZDQ4NjkzODY3YTc3&google_gid=CAESEBYPVQt0SsOPxTvVuRwYvts&google_cver=1&google_push=AXcoOmS-ZLyFYV-wYVG6xaSM0nal-ov9R79sN_K2J1Q2CCaeV8MkMSJkOQJKQwaVqugeyQzDlpA1MopavbuMjJyRt7VcaDpbDjg39mM date Sat, 12 Aug 2023 18:06:41 GMT strict-transport-security max-age=15724800; includeSubDomains content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 7504 Redirect Chain https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEESbgy98SeFOOknmSLfkl0M&google_cver=1&google_push=AXcoOmTQ4q33jjOsYZHE267VnlwoufttH3e8B2eYORvmqKPpDCYV9Xb8FF1u-fIM... https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEESbgy98SeFOOknmSLfkl0M&google_cver=1&google_push=AXcoOmTQ4q33jjOsYZHE267VnlwoufttH3e8B2eYORvmqKPpDCYV9Xb8FF1u-fIM... https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AXcoOmTQ4q33jjOsYZHE267VnlwoufttH3e8B2eYORvmqKPpDCYV9Xb8FF1u-fIMMjEvUGObrJKBFH4Kw0UQ9WxnPoF7BN0g_SA-OYcx&google_hm=LUF1VmpWM01...	170 B 188 B	39ms 39ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AXcoOmTQ4q33jjOsYZHE267VnlwoufttH3e8B2eYORvmqKPpDCYV9Xb8FF1u-fIMMjEvUGObrJKBFH4Kw0UQ9WxnPoF7BN0g_SA-OYcx&google_hm=LUF1VmpWM01vaEw2&suid-set=1 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 12 Aug 2023 18:06:41 GMT Server nginx Location https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AXcoOmTQ4q33jjOsYZHE267VnlwoufttH3e8B2eYORvmqKPpDCYV9Xb8FF1u-fIMMjEvUGObrJKBFH4Kw0UQ9WxnPoF7BN0g_SA-OYcx&google_hm=LUF1VmpWM01vaEw2&suid-set=1 Cache-Control no-store,no-cache Connection close Content-Length 0 expires -1
GET H2	200	dot.gif s0.2mdn.net/ Frame 7504 Redirect Chain https://sync.gonet-ads.com/match/google?google_gid=CAESEI45mrradFdvUuwiPZFWYyc&google_cver=1&google_push=AXcoOmQNWP4QR7LnrHHklPErWEf0hD94c0vZLmAo5WtBVNEvSRR5qr5Ul5Aa5of4-kTTSkzg94YxLNrKaFO5VjcFpbIs... https://sync.gonet-ads.com/match/google?google_gid=CAESEI45mrradFdvUuwiPZFWYyc&google_cver=1&google_push=AXcoOmQNWP4QR7LnrHHklPErWEf0hD94c0vZLmAo5WtBVNEvSRR5qr5Ul5Aa5of4-kTTSkzg94YxLNrKaFO5VjcFpbIs... https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=ZTU5ZTE0ZGIyMWMyODU2&google_push=AXcoOmQNWP4QR7LnrHHklPErWEf0hD94c0vZLmAo5WtBVNEvSRR5qr5Ul5Aa5of4-kTTSkzg94YxLNrKaFO5VjcFpbIs7dHAK... https://sync.gonet-ads.com/match/google https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=ZTU5ZTE0ZGIyMWMyODU2&google_push= https://s0.2mdn.net/dot.gif?google_error=5	43 B 489 B	50ms 3ms	Image image/gif	2404:6800:4004:821::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_error=5 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H2 Server 2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 16:35:15 GMT x-content-type-options nosniff age 5487 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-xss-protection 0 last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 13 Aug 2023 16:35:15 GMT Redirect headers pragma no-cache date Sat, 12 Aug 2023 18:06:42 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://s0.2mdn.net/dot.gif?google_error=5 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 239 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 7504	0 49 B	40ms 40ms	Image text/html	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYSw-nFsARqlN1tAcFT185KT_QL9Uxqy1BF6wvk6yJT8QaV0a8vV-neWWl7eltbyACnm95URU Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 3E87	143 B 166 B	3ms 2ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers age 2637 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 17:22:44 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 5F0C	1 KB 643 B	3ms 2ms	Document text/html	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers age 45015 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 05:36:26 GMT etag 48472445140208031 expires Sun, 13 Aug 2023 05:36:26 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 8956	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 117118905651b81c6aac5799cf6266efea722829ee129fbf3d1b6215a0c1f7ff Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET H3	200	-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2 fonts.gstatic.com/s/notosansjp/v52/ Frame 8956	42 KB 42 KB	3ms 3ms	Font font/woff2	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500|Noto+Sans+JP:400&text= Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1ef167e3112a81527dac4791653d424da6848e92d7c642fa2ebd2e64f5656ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 18:55:13 GMT x-content-type-options nosniff age 169888 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42600 x-xss-protection 0 last-modified Tue, 02 May 2023 16:11:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 09 Aug 2024 18:55:13 GMT
GET DATA	200 OK	truncated / Frame EEA6	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9bf5ad5d54c6aaf4dea78a9c7a3ab929fb7696714b06c95cf9f9fc9b3bb60c84 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET H3	200	font fonts.gstatic.com/l/ Frame EEA6	35 KB 35 KB	3ms 3ms	Font text/html	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrd02dUsatW91niLBp2NTW1W0Ecgj_qpibcw92Cv-3XHvq6JED37D76XdzI6VjOthJkrcoCTXwZWDBp-aEqn8SaDPIZ3tpFolvNshhjoZV0pm_E4p8F_-4em_9wAkdxUaBexbtph9_NXh0j_QlAD1ds4rMI_ctDU7XcwLV4GNyMOrs18vNB1hNWfxw_Qly0zwN4-aRL6f37kRWLgfDQag7VZABwMxaRjn4hCZGPeAuiN-viZRuOnT_JyNUg1x8EfyQ73DSBE8MChmkWRLSnt2btxNRqiZUdegW_&skey=72472b0eb8793570&v=v52 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%83%E9%9B%BBA%E5%90%91%E3%83%95%E3%81%9B%E3%82%89%E7%99%82%E6%BA%90%E3%83%BC%E3%82%BF%E6%96%B0%E6%8A%80%E5%BF%9C%E3%82%82%E5%BC%8F%E3%83%8B%E3%81%AA%E3%81%91%E5%AE%89%E3%81%A3%E3%83%96%E7%A4%BE%E3%80%82%E3%82%8A%E3%81%B8%E3%81%A6%E5%85%A8%E6%A0%AA%E3%83%80%E6%A0%BC61C%E3%82%84%E8%A6%8F%E3%81%AB%E4%BC%9A%E3%81%99%E5%9F%BA%E5%8C%BB%E6%BA%96%E3%82%A1%E5%95%8F%E5%B0%8F%E5%90%88%E3%83%97%E6%9C%80%E8%A6%81%E3%81%AE%E8%A1%93%E3%81%8A%E3%83%88%E3%82%8F%E3%82%A4%E8%A1%8C%E3%83%A60%E5%BF%85%E3%82%A2%E5%AF%BE%E3%81%BE%E3%81%8B%E3%81%84%E3%83%AD Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 34cc809e60e8d1300f72fbbcf91a081c1caec849056f61b7711a60fec9f7061f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 08:02:31 GMT x-content-type-options nosniff age 36250 cross-origin-resource-policy cross-origin content-disposition attachment; filename="font.woff2"; filename*=UTF-8''font.woff2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35856 x-xss-protection 0 last-modified Tue, 02 May 2023 23:59:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/html; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 timing-allow-origin * expires Sat, 12 Aug 2023 08:02:31 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame EEA6 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CTDSMMMrXZLqaJby8vcAPhMibYL3tlqVjgMKji6oL2tkeEAEgqdWLfGCJ88WE9BOgAa7V4_4DyAEBqQJUeo1qq6A9PqgDAcgDywSqBJgCT9Ddr3AX2BRTOgPUo9xBGE74y0jmZfgSpw3Tg6d... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xebbcfcca0b9d0e7d0000000000000000%22,%222%22:%220x19c6452ddb13f6030000000000000000%22,%225%22:%220x52113e...	0 0	37ms 37ms	Fetch text/css	142.251.42.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xebbcfcca0b9d0e7d0000000000000000%22,%222%22:%220x19c6452ddb13f6030000000000000000%22,%225%22:%220x52113e480408505d0000000000000000%22},%22debug_key%22:%223383046340918016198%22,%22debug_reporting%22:true,%22destination%22:%22https://unifive.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071180462%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225603053706437119249%22}&andc=true Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.251.42.130 Marriottsville, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0xebbcfcca0b9d0e7d0000000000000000","2":"0x19c6452ddb13f6030000000000000000","5":"0x52113e480408505d0000000000000000"},"debug_key":"3383046340918016198","debug_reporting":true,"destination":"https://unifive.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1071180462"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"5603053706437119249"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 12 Aug 2023 18:06:41 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Sat, 12 Aug 2023 18:06:41 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xebbcfcca0b9d0e7d0000000000000000","2":"0x19c6452ddb13f6030000000000000000","5":"0x52113e480408505d0000000000000000"},"debug_key":"3383046340918016198","debug_reporting":true,"destination":"https://unifive.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1071180462"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"5603053706437119249"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/2090779118354810083/ Frame 1EA7	42 KB 43 KB	4ms 3ms	Image image/jpeg	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2090779118354810083/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI8wMQhQIYASABLQAAAD8w9AM4hQJFAACAPw&rs=AOga4qlDlaMnty0ymDxxBxlmFziYX-YSdw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c5c873b6124b9d552c942c76e4f72d449bc2656365b207260cf2ef1e6eae89a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43495 x-xss-protection 0 last-modified Fri, 23 Jun 2023 03:45:10 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 11 Aug 2024 18:06:41 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 8956 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CFw7VMMrXZO3DKKjAvcAP9f-1kAScztiYcuCzxr6yEWQQASCp1Yt8YInzxYT0E6ABksCkzgPIAQapAlR6jWqroD0-qAMByAPLBKoElwJP0AeUHk0yFsv4TU4IHrEKhI2nFbRpPoXgGRStgT_... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x544512404810d77c0000000000000000%22,%222%22:%220x6feb319e52abd8bb0000000000000000%22,%225%22:%220x1154df...	0 0	39ms 39ms	Fetch text/css	142.251.42.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x544512404810d77c0000000000000000%22,%222%22:%220x6feb319e52abd8bb0000000000000000%22,%225%22:%220x1154df82ac9163e70000000000000000%22},%22debug_key%22:%2212605709334850758336%22,%22debug_reporting%22:true,%22destination%22:%22https://jinjibu.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22969482258%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226409054638330093761%22}&andc=true Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.251.42.130 Marriottsville, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x544512404810d77c0000000000000000","2":"0x6feb319e52abd8bb0000000000000000","5":"0x1154df82ac9163e70000000000000000"},"debug_key":"12605709334850758336","debug_reporting":true,"destination":"https://jinjibu.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["969482258"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"6409054638330093761"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 12 Aug 2023 18:06:41 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Sat, 12 Aug 2023 18:06:41 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x544512404810d77c0000000000000000","2":"0x6feb319e52abd8bb0000000000000000","5":"0x1154df82ac9163e70000000000000000"},"debug_key":"12605709334850758336","debug_reporting":true,"destination":"https://jinjibu.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["969482258"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"6409054638330093761"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame 8509	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dee29423f46946e3c4823fb565b3be4fc12e954f9a74bb155ed827ca13d79492 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5F0C Redirect Chain https://v9999.adv.admeme.net/drtb/n?google_gid=CAESENBm23PCT3D6GEw8NDbX33k&google_cver=1&google_push=AXcoOmR-7qYquegrNzVleu3nZ-9W7aUgo7LkOnpqOeTPA0Yg-RTV4afA6Pe-2MdIoI1DaU9xMA-VMxKg7-ahQBGVeuruYctP... https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmR-7qYquegrNzVleu3nZ-9W7aUgo7LkOnpqOeTPA0Yg-RTV4afA6Pe-2MdIoI1DaU9xMA-VMxKg7-ahQBGVeuruYctPjxLOVg	170 B 188 B	41ms 40ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmR-7qYquegrNzVleu3nZ-9W7aUgo7LkOnpqOeTPA0Yg-RTV4afA6Pe-2MdIoI1DaU9xMA-VMxKg7-ahQBGVeuruYctPjxLOVg Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmR-7qYquegrNzVleu3nZ-9W7aUgo7LkOnpqOeTPA0Yg-RTV4afA6Pe-2MdIoI1DaU9xMA-VMxKg7-ahQBGVeuruYctPjxLOVg Date Sat, 12 Aug 2023 18:06:40 GMT Server Apache-Coyote/1.1 Connection keep-alive Content-Length 0
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame 5F0C	0 174 B	84ms 75ms	Image text/plain	34.96.105.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEBA7cuRE6GF0q_N2uazX9w&google_cver=1&google_push=AXcoOmTlwJUODB6nCmqAwt-GDhliA8Ri4HfIpVg92lcmuJTO4hs2hyOlFILonu_uOEBJGaJ5WXFzR032bSD4czRCLECbidqiA1eysw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 5F0C	43 B 362 B	4ms 3ms	Image image/gif	182.161.74.16 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmREP2KORQf0LXkT8nakHAkbMOJR-YRoKKgHOMMCF6bDUCq0ZP6JwwZQ-0uTgG6DMKb7z4jcwbrBPstNjR2pxE-VXgEd3eHd8g&google_gid=CAESEMGbxlVtgnJkhydg39R1WDI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:40 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 259007 expires Sat, 12 Aug 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5F0C Redirect Chain https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEG3MEbA2eIXuvPAZxfXa7Fk&google_cver=1&google_push=AXcoOmS_OjHS47WWniQjunTRPaOHYXH0PEo72Z_p50AfjeYkY2djcDs2WxqTH4Z4atpVa23ODYqzZPemr77ef... https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEG3MEbA2eIXuvPAZxfXa7Fk&google_push=AXcoOmS_OjHS47WWniQjunTRPaOHYXH0PEo72Z_p50AfjeYkY2djcDs2WxqTH4Z4atpVa23ODYqzZPemr77ef... https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS_OjHS47WWniQjunTRPaOHYXH0PEo72Z_p50AfjeYkY2djcDs2WxqTH4Z4atpVa23ODYqzZPemr77efn95t99TlS66tQupbQ&google_hm=U0RGbFhJQlJIaWtQNX...	170 B 188 B	42ms 42ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS_OjHS47WWniQjunTRPaOHYXH0PEo72Z_p50AfjeYkY2djcDs2WxqTH4Z4atpVa23ODYqzZPemr77efn95t99TlS66tQupbQ&google_hm=U0RGbFhJQlJIaWtQNXJISkk5dS0= Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:42 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 12 Aug 2023 18:06:42 GMT Content-Type text/html; charset=utf-8 Location https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS_OjHS47WWniQjunTRPaOHYXH0PEo72Z_p50AfjeYkY2djcDs2WxqTH4Z4atpVa23ODYqzZPemr77efn95t99TlS66tQupbQ&google_hm=U0RGbFhJQlJIaWtQNXJISkk5dS0= P3p CP="We do not support P3P header." Cache-Control no-cache, no-store, must-revalidate Content-Length 238 Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H/1.1	404 Not Found	doubleclick app.cauly.co.kr/idsync_ssp/ Frame 5F0C	0 161 B	99ms 32ms	Image application/xml	133.186.161.88 NHN-AS-KR NHNCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEOizRDODuDBbxpF9B_YXXRE&google_cver=1&google_push=AXcoOmRWGLCk0kiqvoAhqyF-kxl_hKnavzq1iMqLH0-xA44KCvVOXIIozJdQ28f6czMSgyxfV7WKpo7gKzYEVg5FXKemuzxNY-Lt Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 133.186.161.88 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Sat, 12 Aug 2023 18:06:41 GMT Server nginx Connection close Content-Length 0 Content-Type Application/xml;charset=UTF-8
GET H/1.1	200 OK	sync rtb2-useast.e-volution.ai/ Frame 5F0C	42 B 233 B	474ms 151ms	Image image/gif	174.137.133.49 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Show image Full URL https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEPSnpmnvQWf7PFcoudtOvDY&google_cver=1&google_push=AXcoOmSusuw_SpKb4sS7EVCTtf-DbHjp4DMSc5b9dxA17ViKdPXTY4S2aAcmwEt1gLTEz5bkWc3Ok5G2v1ksB1rKSdmsA8F3x5mvDGs Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Pragma no-cache Date Sat, 12 Aug 2023 18:06:41 GMT Server nginx Age 0 Content-Type image/gif Cache-Control no-store Connection keep-alive Content-Length 42
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5F0C Redirect Chain https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEBJzNcL1xDjND-9D0VOMnnU&google_cver=1&google_push=AXcoOmQuIPMsnKe7J-aOmzIDyA9JO-rWcbyecMtAo-13uUXaOJQ3thsjwhOlHT2R... https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AXcoOmQuIPMsnKe7J-aOmzIDyA9JO-rWcbyecMtAo-13uUXaOJQ3thsjwhOlHT2R9vmTM-huuf7UJ_CfUX3Ew77YD4A7gc33VPZ9O3M&google_hm=LUF1VmpWM01v...	170 B 188 B	38ms 38ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AXcoOmQuIPMsnKe7J-aOmzIDyA9JO-rWcbyecMtAo-13uUXaOJQ3thsjwhOlHT2R9vmTM-huuf7UJ_CfUX3Ew77YD4A7gc33VPZ9O3M&google_hm=LUF1VmpWM01vaEw2&suid-set=1 Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 12 Aug 2023 18:06:41 GMT Server nginx P3P CP='CAO PSA CONi OTR OUR DEM ONL' Location https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AXcoOmQuIPMsnKe7J-aOmzIDyA9JO-rWcbyecMtAo-13uUXaOJQ3thsjwhOlHT2R9vmTM-huuf7UJ_CfUX3Ew77YD4A7gc33VPZ9O3M&google_hm=LUF1VmpWM01vaEw2&suid-set=1 Cache-Control no-store,no-cache Connection close Content-Length 0 expires -1
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 5F0C	0 12 B	39ms 38ms	Image text/html	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IRzFe3GOLhT1UVhknUb8qc6kxoExArLqfI2jOZYo_yLwiVxBciUtNyTx7Dk4qW-62MQ-8W64Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	font fonts.gstatic.com/l/ Frame 8509	23 KB 23 KB	3ms 3ms	Font text/html	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqd02dWwaJcR42DTxoRVjbcOFB04S-FxCOuodfz3eCtfODDRl2PjhmFP_qIi3eL1C0gz_RLLG9ROSIkmLlx_t_AbddAv_EYwlGs0hMEwYIexnutgoppn8xk-98JYmwzMYgfpZIu5-6RPiJHpgAnVHkAu4plosksDKysoLsLc9n-eYx2v-8JjRIMDR1DP1f6jyIlrbYrpsGFyB8&skey=72472b0eb8793570&v=v52 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E4%BC%9A0I%E3%83%95%E3%80%91%E4%BC%81%E3%81%BF%E3%81%9B%E5%88%86%E3%83%97%E5%83%8D%E3%82%AA%E3%83%A9%E3%83%A0%E3%80%81%E3%83%88%E3%83%AA%E3%83%BC3%E3%81%AE%E3%83%B3%E3%82%A4%E3%82%92%EF%BC%9F%E4%BA%BAS%E3%81%A7%E4%B8%8A%E6%B1%82%E5%B8%82%E8%AA%AC%E6%98%8EH%E6%96%BD%E3%80%82%E6%A5%AD%E3%81%BEF%E3%82%93%E3%81%A6%E5%A0%B4%E3%83%AB%E3%83%A2%E3%81%8BT%E3%80%90%E5%AE%9F%E3%81%84%E4%B8%AD Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e09a3f1a83a2f821913d2fb4f4fbf4e6f019129545d51d3febb8fe15f197d77c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 20:12:18 GMT x-content-type-options nosniff age 78863 cross-origin-resource-policy cross-origin content-disposition attachment; filename="font.woff2"; filename*=UTF-8''font.woff2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23568 x-xss-protection 0 last-modified Tue, 02 May 2023 23:59:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/html; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 timing-allow-origin * expires Fri, 11 Aug 2023 20:12:18 GMT
GET H3	200	u-440qyriQwlOrhSvowK_l5-fCZM.woff2 fonts.gstatic.com/s/merriweather/v30/ Frame 1EA7	20 KB 20 KB	2ms 2ms	Font font/woff2	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500&lang=ja Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 12:46:31 GMT x-content-type-options nosniff age 105610 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20028 x-xss-protection 0 last-modified Tue, 26 Apr 2022 16:41:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 10 Aug 2024 12:46:31 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 1EA7	16 KB 16 KB	3ms 3ms	Font font/woff2	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500&lang=ja Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 09:04:09 GMT x-content-type-options nosniff age 118952 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 10 Aug 2024 09:04:09 GMT
GET H3	200	CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response pagead2.googlesyndication.com/bg/ Frame B414	37 KB 14 KB	3ms 2ms	Script text/javascript	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2083658471&adf=1567400748&pi=t.aa~a.3137754886~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8UnU15RHrn&p=https%3A//k2-ornata.com&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 06:27:49 GMT content-encoding br x-content-type-options nosniff age 128332 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14663 x-xss-protection 0 last-modified Mon, 07 Aug 2023 12:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 10 Aug 2024 06:27:49 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7D33	143 B 166 B	4ms 2ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers age 2637 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 17:22:44 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame F5DF	1 KB 643 B	2ms 2ms	Document text/html	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers age 45015 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 05:36:26 GMT etag 48472445140208031 expires Sun, 13 Aug 2023 05:36:26 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 1EA7	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7ef87c1f94ebf1aea5215e571f25ede9c35632a1d721cd1de25abf9b05713afe Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 3E87 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	1539ms 1539ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:42 GMT expires Sat, 12 Aug 2023 18:06:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:41 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response pagead2.googlesyndication.com/bg/ Frame 8681	37 KB 14 KB	3ms 2ms	Script text/javascript	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=328&adk=2555763624&adf=2156928726&pi=t.aa~a.3553761812~rp.4&w=608&lmt=1691831200&nsk=95d24e97&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x328&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600&nras=6&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=LVIpXcqOXy&p=https%3A//k2-ornata.com&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 06:27:49 GMT content-encoding br x-content-type-options nosniff age 128332 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14663 x-xss-protection 0 last-modified Mon, 07 Aug 2023 12:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 10 Aug 2024 06:27:49 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 8509 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=C9P4tMMrXZPjIJ7C8vcAPpfeg-AXM5suEcpu3wbSMEdrZHhABIKnVi3xgifPFhPQToAHxqO6aKMgBCakCVHqNaqugPT6oAwHIA8sEqgSVAk_QlXPtRPoLWrkHKAZWLFI6jKykfCqivfbHgxk... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x850365581b26ac130000000000000000%22,%222%22:%220x806f3b2c859c35890000000000000000%22,%225%22:%220x9e87eb...	0 0	39ms 39ms	Fetch text/css	142.251.42.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x850365581b26ac130000000000000000%22,%222%22:%220x806f3b2c859c35890000000000000000%22,%225%22:%220x9e87eb86b93cd5ea0000000000000000%22},%22debug_key%22:%2216469044577561775280%22,%22debug_reporting%22:true,%22destination%22:%22https://shift-engineer.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210793751665%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223070728874381740449%22}&andc=true Requested by Host: k2-ornata.com URL: https://k2-ornata.com/splunk_fields_extract_and_display/ Protocol H3 Server 142.251.42.130 Marriottsville, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x850365581b26ac130000000000000000","2":"0x806f3b2c859c35890000000000000000","5":"0x9e87eb86b93cd5ea0000000000000000"},"debug_key":"16469044577561775280","debug_reporting":true,"destination":"https://shift-engineer.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10793751665"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"3070728874381740449"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 12 Aug 2023 18:06:41 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Sat, 12 Aug 2023 18:06:41 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x850365581b26ac130000000000000000","2":"0x806f3b2c859c35890000000000000000","5":"0x9e87eb86b93cd5ea0000000000000000"},"debug_key":"16469044577561775280","debug_reporting":true,"destination":"https://shift-engineer.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10793751665"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"3070728874381740449"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2 fonts.gstatic.com/s/notosansjp/v52/ Frame 1EA7	42 KB 42 KB	2ms 2ms	Font font/woff2	2404:6800:4004:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather:300,400|Roboto:300,400,500|Noto+Sans+JP:400&text= Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1ef167e3112a81527dac4791653d424da6848e92d7c642fa2ebd2e64f5656ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 18:55:13 GMT x-content-type-options nosniff age 169888 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42600 x-xss-protection 0 last-modified Tue, 02 May 2023 16:11:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 09 Aug 2024 18:55:13 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	37ms 37ms	Preflight text/html	142.251.42.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xebbcfcca0b9d0e7d0000000000000000%22,%222%22:%220x19c6452ddb13f6030000000000000000%22,%225%22:%220x52113e480408505d0000000000000000%22},%22debug_key%22:%223383046340918016198%22,%22debug_reporting%22:true,%22destination%22:%22https://unifive.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071180462%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225603053706437119249%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.42.130 Marriottsville, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sat, 12 Aug 2023 18:06:41 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	39ms 39ms	Preflight text/html	142.251.42.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x544512404810d77c0000000000000000%22,%222%22:%220x6feb319e52abd8bb0000000000000000%22,%225%22:%220x1154df82ac9163e70000000000000000%22},%22debug_key%22:%2212605709334850758336%22,%22debug_reporting%22:true,%22destination%22:%22https://jinjibu.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22969482258%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226409054638330093761%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.42.130 Marriottsville, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sat, 12 Aug 2023 18:06:41 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 1EA7 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CDv_TMMrXZO2vL42-vcAPhKKvsA6cztiYcuCzxr6yEWQQASCp1Yt8YInzxYT0E6ABksCkzgPIAQapAlR6jWqroD0-qAMByAPLBKoEnQJP0KCLzd8-qz9GlI43Ul7uscnf7i0kfNdEeN3fzvu... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x544512404810d77c0000000000000000%22,%222%22:%220x6feb319e52abd8bb0000000000000000%22,%225%22:%220x1154df...	0 0	37ms 37ms	Fetch text/css	142.251.42.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x544512404810d77c0000000000000000%22,%222%22:%220x6feb319e52abd8bb0000000000000000%22,%225%22:%220x1154df82ac9163e70000000000000000%22},%22debug_key%22:%227873089991881000153%22,%22debug_reporting%22:true,%22destination%22:%22https://jinjibu.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22969482258%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221119565088861272001%22}&andc=true Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Server 142.251.42.130 Marriottsville, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x544512404810d77c0000000000000000","2":"0x6feb319e52abd8bb0000000000000000","5":"0x1154df82ac9163e70000000000000000"},"debug_key":"7873089991881000153","debug_reporting":true,"destination":"https://jinjibu.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["969482258"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"1119565088861272001"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 12 Aug 2023 18:06:41 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Sat, 12 Aug 2023 18:06:41 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x544512404810d77c0000000000000000","2":"0x6feb319e52abd8bb0000000000000000","5":"0x1154df82ac9163e70000000000000000"},"debug_key":"7873089991881000153","debug_reporting":true,"destination":"https://jinjibu.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["969482258"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"1119565088861272001"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response pagead2.googlesyndication.com/bg/ Frame 5DA9	37 KB 14 KB	2ms 2ms	Script text/javascript	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=600&adk=2012330426&adf=1630513123&pi=t.aa~a.4190812565~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1691831200&rafmt=1&to=qs&pwprc=7990423358&format=300x600&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600570&bpp=1&bdt=948&idt=-M&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KXEpoksOdD&p=https%3A//k2-ornata.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 06:27:49 GMT content-encoding br x-content-type-options nosniff age 128332 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14663 x-xss-protection 0 last-modified Mon, 07 Aug 2023 12:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 10 Aug 2024 06:27:49 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame F5DF Redirect Chain https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHFKqdB8OP_J3yQ2Crd-x9Y&google_cver=1&google_push=AXcoOmSL_peWWDb4jm98M2uZvXKgL_9sF2uleTQBIn4QERlFcotIjfc... https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1cd5cdbb19722520&is_secure=true&networkId=14000&version=1&google_gid=CAESEHFKqdB8OP_J3yQ2Crd-x9Y&google_cver=1&google_push=AXcoOmSL_peW... https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAANLxp9tlJDVgMDwVYiAAAAAAA&expiration=1691950001&google_cver=1&is_secure=true&google_gid=CAESEHFKqdB8OP_J3yQ2Crd-x...	170 B 188 B	44ms 43ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAANLxp9tlJDVgMDwVYiAAAAAAA&expiration=1691950001&google_cver=1&is_secure=true&google_gid=CAESEHFKqdB8OP_J3yQ2Crd-x9Y&google_push=AXcoOmSL_peWWDb4jm98M2uZvXKgL_9sF2uleTQBIn4QERlFcotIjfcMLC4OtEYWhuqxNr3SuBEFK79NGGdsybEok3pYNUFgmpC2LZk Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" location https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAANLxp9tlJDVgMDwVYiAAAAAAA&expiration=1691950001&google_cver=1&is_secure=true&google_gid=CAESEHFKqdB8OP_J3yQ2Crd-x9Y&google_push=AXcoOmSL_peWWDb4jm98M2uZvXKgL_9sF2uleTQBIn4QERlFcotIjfcMLC4OtEYWhuqxNr3SuBEFK79NGGdsybEok3pYNUFgmpC2LZk cache-control no-cache, private, max-age=0, no-store content-length 0 expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame F5DF Redirect Chain https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENtSuINuUGZK2hUg-wk_Bz8&google_cver=1&google_push=AXcoOmQukn49pjYBw4oADZ_jf5wS-YGZghrjOtN4zbSiVOBso1m_1GopDVdUJ1pfTY2l9xPQUpxJf... https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQukn49pjYBw4oADZ_jf5wS-YGZghrjOtN4zbSiVOBso1m_1GopDVdUJ1pfTY2l9xPQUpxJfMMZYfMSfprbRC3it9u7JzkY4g	170 B 188 B	41ms 40ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQukn49pjYBw4oADZ_jf5wS-YGZghrjOtN4zbSiVOBso1m_1GopDVdUJ1pfTY2l9xPQUpxJfMMZYfMSfprbRC3it9u7JzkY4g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 12 Aug 2023 18:06:41 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 098F2C8D6BBC4347A2EA7195A2AF835D Ref B: TYAEDGE0418 Ref C: 2023-08-12T18:06:41Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQukn49pjYBw4oADZ_jf5wS-YGZghrjOtN4zbSiVOBso1m_1GopDVdUJ1pfTY2l9xPQUpxJfMMZYfMSfprbRC3it9u7JzkY4g x-li-proto http/2 content-length 0 x-li-uuid AAYCvbD6B3fIegU99rHOrA==
GET H3	200	pixel cm.g.doubleclick.net/ Frame F5DF Redirect Chain https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEPYy3yom4Z3XiEl-9pQusdc&google_cver=1&google_push=AXcoOmSOcnO5X8D1cq6XDfk05Sf0rFd7ouHLZg1EXEMoeqnfWbrXtp2Dc7cxstkFPIgFBYR7n-BrGZ-nExr8mcQ616JrSZ55... https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSOcnO5X8D1cq6XDfk05Sf0rFd7ouHLZg1EXEMoeqnfWbrXtp2Dc7cxstkFPIgFBYR7n-BrGZ-nExr8mcQ616JrSZ55PhpLdzw	170 B 188 B	37ms 37ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSOcnO5X8D1cq6XDfk05Sf0rFd7ouHLZg1EXEMoeqnfWbrXtp2Dc7cxstkFPIgFBYR7n-BrGZ-nExr8mcQ616JrSZ55PhpLdzw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSOcnO5X8D1cq6XDfk05Sf0rFd7ouHLZg1EXEMoeqnfWbrXtp2Dc7cxstkFPIgFBYR7n-BrGZ-nExr8mcQ616JrSZ55PhpLdzw Date Sat, 12 Aug 2023 18:06:40 GMT Server Apache-Coyote/1.1 Connection keep-alive Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame F5DF Redirect Chain https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEDAPLTWiLh4CgOdVWU6yzWk&google_cver=... https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OTlhZTJkMWQtNzBiNS00NDJmLWIzZWYtYjE2N2JmNDA1MjIy&google_gid=CAESEDAPLTWiLh4CgOdVWU6yzWk&google_cver=1&google_push=AXcoOmTU...	170 B 188 B	43ms 42ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OTlhZTJkMWQtNzBiNS00NDJmLWIzZWYtYjE2N2JmNDA1MjIy&google_gid=CAESEDAPLTWiLh4CgOdVWU6yzWk&google_cver=1&google_push=AXcoOmTUWDlJZulo-cKQouVG5kNe28gGQQlZFbtRCyZA17IvElQt7mu9eGhe8dGvEJLebMzO1_InP__nKvWRqYF3kzTYzgdKyKrzvRg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OTlhZTJkMWQtNzBiNS00NDJmLWIzZWYtYjE2N2JmNDA1MjIy&google_gid=CAESEDAPLTWiLh4CgOdVWU6yzWk&google_cver=1&google_push=AXcoOmTUWDlJZulo-cKQouVG5kNe28gGQQlZFbtRCyZA17IvElQt7mu9eGhe8dGvEJLebMzO1_InP__nKvWRqYF3kzTYzgdKyKrzvRg date Sat, 12 Aug 2023 18:06:41 GMT strict-transport-security max-age=15724800; includeSubDomains content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame F5DF Redirect Chain https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEJMb5clHoX82gE1dXr4YXIA&google_cver=1&google_push=AXcoOmQTPPmAA-Sz7q1i6i_0UsDR_eJk68Ol3AP4MzFcpJ5ESbQaFLWetegx2z-XnDxtVUGmUQPvgKnDepyibgp4o6DlDpqGYzZa6eI https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQTPPmAA-Sz7q1i6i_0UsDR_eJk68Ol3AP4MzFcpJ5ESbQaFLWetegx2z-XnDxtVUGmUQPvgKnDepyibgp4o6DlDpqGYzZa6eI&google_hm=NTVwSTZmMDBaQkREYTAw...	170 B 188 B	39ms 38ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQTPPmAA-Sz7q1i6i_0UsDR_eJk68Ol3AP4MzFcpJ5ESbQaFLWetegx2z-XnDxtVUGmUQPvgKnDepyibgp4o6DlDpqGYzZa6eI&google_hm=NTVwSTZmMDBaQkREYTAwN29FVk0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-store, no-cache Date Sat, 12 Aug 2023 18:06:41 GMT Server nginx P3P CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA" location //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQTPPmAA-Sz7q1i6i_0UsDR_eJk68Ol3AP4MzFcpJ5ESbQaFLWetegx2z-XnDxtVUGmUQPvgKnDepyibgp4o6DlDpqGYzZa6eI&google_hm=NTVwSTZmMDBaQkREYTAwN29FVk0 cache-control private, no-store, no-cache, must-revalidate, max-age=0 Connection keep-alive Content-Length 0 X-SID 159f32b0
GET H3	200	pixel cm.g.doubleclick.net/ Frame F5DF Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBg7_tSKyE6Y8VARe0W1I6g&google_cver=1&google_push=AXcoOmTaJ9rcAqT8U3RyFyd2-PBOovaFMeeQ-pOoDdBniYCmbsPkdIZx9mJwrILi3vRZzODU5P6olRcnEWW6Laq_1waDK7y... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTaJ9rcAqT8U3RyFyd2-PBOovaFMeeQ-pOoDdBniYCmbsPkdIZx9mJwrILi3vRZzODU5P6olRcnEWW6Laq_1waDK7yRkGt75Q&google_hm=eS1aWVdwVkZwRTJwRmk5...	170 B 188 B	42ms 41ms	Image image/png	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTaJ9rcAqT8U3RyFyd2-PBOovaFMeeQ-pOoDdBniYCmbsPkdIZx9mJwrILi3vRZzODU5P6olRcnEWW6Laq_1waDK7yRkGt75Q&google_hm=eS1aWVdwVkZwRTJwRmk5NDQ4SWsxNFhOckpRdTVmOXlRU35B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 12 Aug 2023 18:06:41 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTaJ9rcAqT8U3RyFyd2-PBOovaFMeeQ-pOoDdBniYCmbsPkdIZx9mJwrILi3vRZzODU5P6olRcnEWW6Laq_1waDK7yRkGt75Q&google_hm=eS1aWVdwVkZwRTJwRmk5NDQ4SWsxNFhOckpRdTVmOXlRU35B content-length 0
GET H/1.1	404 Not Found	doubleclick app.cauly.co.kr/idsync_ssp/ Frame F5DF	0 161 B	96ms 33ms	Image application/xml	133.186.161.88 NHN-AS-KR NHNCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEE5ZJaloQPDUYqjgLTHps5M&google_cver=1&google_push=AXcoOmTcvtY9wVYQpRcIkL07uUrOasL-h8bJ1SuSLroHrIwpQMhzoNDaFUHCgo-2Z-NHmilC8EmpZeQ7x6x1uy03pUuPag4CkTg7kow Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 133.186.161.88 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Sat, 12 Aug 2023 18:06:41 GMT Server nginx Connection close Content-Length 0 Content-Type Application/xml;charset=UTF-8
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame F5DF	0 12 B	39ms 38ms	Image text/html	142.250.199.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYkeiXq8eFi9uxRJqkre3Ix_yY7EnQpMrHpnyuUwPZTQGqfZ6ANCO_H6DPrOmFMyrhxAzE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.199.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:41 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
OPTIONS H3	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	39ms 39ms	Preflight text/html	142.251.42.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x850365581b26ac130000000000000000%22,%222%22:%220x806f3b2c859c35890000000000000000%22,%225%22:%220x9e87eb86b93cd5ea0000000000000000%22},%22debug_key%22:%2216469044577561775280%22,%22debug_reporting%22:true,%22destination%22:%22https://shift-engineer.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210793751665%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223070728874381740449%22}&andc=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.130 Marriottsville, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sat, 12 Aug 2023 18:06:41 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H3	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	40ms 39ms	Preflight text/html	142.251.42.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x544512404810d77c0000000000000000%22,%222%22:%220x6feb319e52abd8bb0000000000000000%22,%225%22:%220x1154df82ac9163e70000000000000000%22},%22debug_key%22:%227873089991881000153%22,%22debug_reporting%22:true,%22destination%22:%22https://jinjibu.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22969482258%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221119565088861272001%22}&andc=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.130 Marriottsville, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sat, 12 Aug 2023 18:06:41 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7D33 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	1466ms 1466ms	Document text/html	2404:6800:4004:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:42 GMT expires Sat, 12 Aug 2023 18:06:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:41 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 1D02	42 B 174 B	44ms 43ms	Fetch image/gif	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMXhGlzzHA_b2i-spROoE5kY1IOjJDdbWXS0F02ix0RfPGMBm1DEy2I9nmZ1DR_UlWRHaHsFl_ko4A_k3YekrAPIotA15pLbc1JN4jdS7a5pzJYnKU8W1xyB1dnCrH8fNvw4QLevr8xA&sai=AMfl-YQ4DW0NftW-B7tdEx1u5wA20ZYVhjWzxJxJd544KvKOyZy-S4EMDpfkVnBsHY5OkAMAHU4MlQKph85S&sig=Cg0ArKJSzBCe1_TW-TLuEAE&cid=CAQSGwBpAlJWracZIDa5lTlTR59Ssr3rThg67kfF0xgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3249203467&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691863600196&rpt=742&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sat, 12 Aug 2023 18:06:41 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	like.php Show response www.facebook.com/v2.7/plugins/ Frame 35C7	49 KB 18 KB	278ms 270ms	Document text/html	2a03:2880:f10f:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df370e76794e2124%26domain%3Dk2-ornata.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fk2-ornata.com%252Ff3031e8c56a991c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=100 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=d95a08c2c12d5a81328a0fa3ecdc8857 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b757acd4d9a2f6d32a16e39df0a39d090b15a7b4d5eaa6012232acd4a586c711 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:43 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT facebook-api-version v11.0 origin-agent-cluster ?0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() pragma no-cache report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug DPhYpy+zzgOvJOVSLITWGE9+WR3i1vNs0I40OLcLfh1K+PqE+//8lqX909bcRqrVtlp6aVmmHvEvNw4sEgj/bg== x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	55ms 55ms	XHR application/json	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230809&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 88df5f5fba18319f2f849fa9f2a3e260bd840312ab6e86ce8a50d2c2984db061 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:43 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11725 x-xss-protection 0
GET H3	200	CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response pagead2.googlesyndication.com/bg/ Frame 396A	37 KB 14 KB	2ms 2ms	Script text/javascript	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542608062525051&output=html&h=335&adk=116830626&adf=150062749&pi=t.aa~a.3553758502~rp.4&w=608&lmt=1691831200&nsk=c718d4f4&rafmt=11&pwprc=7990423358&ad_type=text_image&format=608x335&url=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691863600603&bpp=1&bdt=981&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a7abae167778e77-220f39d2cee200e1%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_Mbin66v00ovw7NxtX3d9EB-zpzWBg&gpic=UID%3D00000c2b58c56b01%3AT%3D1691863600%3ART%3D1691863600%3AS%3DALNI_MbFqQWqg2xjl1li08LcTwIQS6N4Bg&prev_fmts=0x0%2C1200x280%2C300x600%2C300x600%2C300x600%2C608x328&nras=7&correlator=1478268297759&frm=20&pv=1&ga_vid=163057581.1691863600&ga_sid=1691863600&ga_hid=670558742&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3695&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076804%2C31076836%2C31076924%2C42531706%2C44795922%2C31076963%2C44799570&oid=2&pvsid=1141272002511139&tmod=1510292657&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=ikwV8J0OZ5&p=https%3A//k2-ornata.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 06:27:49 GMT content-encoding br x-content-type-options nosniff age 128334 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14663 x-xss-protection 0 last-modified Mon, 07 Aug 2023 12:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 10 Aug 2024 06:27:49 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	78ms 78ms	Script text/javascript	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 12 Aug 2023 18:06:43 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C76	13 KB 5 KB	8ms 3ms	Document text/html	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers accept-ranges bytes age 126315 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 11 Aug 2023 07:01:28 GMT expires Sat, 10 Aug 2024 07:01:28 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 17B2	831 B 556 B	42ms 41ms	Document text/html	2404:6800:4004:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:828::2004 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2a1f56ddcdbc3d514409db11cf45d8cfe1f6d1af4ef025d7b64d22bb2423e5bb Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-3qx3r59IF1SfU0BBboK7tQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://k2-ornata.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 534 content-security-policy script-src 'report-sample' 'nonce-3qx3r59IF1SfU0BBboK7tQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 12 Aug 2023 18:06:43 GMT expires Sat, 12 Aug 2023 18:06:43 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response pagead2.googlesyndication.com/bg/ Frame 7C76	37 KB 14 KB	3ms 2ms	Script text/javascript	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 06:27:49 GMT content-encoding br x-content-type-options nosniff age 128334 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14663 x-xss-protection 0 last-modified Mon, 07 Aug 2023 12:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 10 Aug 2024 06:27:49 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 17B2	0 0	37ms 37ms	Image text/html	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230809&jk=1141272002511139&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 7C76	0 10 B	2ms 2ms	Image text/plain	2404:6800:4004:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?A34DqA Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:43 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	PoBH1SQfI0A.js Show response static.xx.fbcdn.net/rsrc.php/v3iEpO4/yf/l/en_US/ Frame 35C7	519 KB 134 KB	14ms 3ms	XHR application/x-javascript	2a03:2880:f00f:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yf/l/en_US/PoBH1SQfI0A.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df370e76794e2124%26domain%3Dk2-ornata.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fk2-ornata.com%252Ff3031e8c56a991c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 504160d25c7f9b933607055d6aa735215f90c71ea1204a7bb778964a050bb6c3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:43 GMT content-encoding br x-content-type-options nosniff content-md5 4C/8LhcZKdPPHyheMd2aVA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 136814 x-fb-debug 4iktNaZlI7E3yni6fWB1gElvJNBK1nLEw85F33Jv7vjhc7zVkbhhO1CJ9NZPy7HPLY+C3YhBEYqXCE3mufPf5g== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sun, 11 Aug 2024 02:46:36 GMT
GET H3	200	FEppCFCt76d.png static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 35C7	299 B 437 B	10ms 3ms	Image image/png	2a03:2880:f00f:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png Requested by Host: www.facebook.com URL: https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df370e76794e2124%26domain%3Dk2-ornata.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fk2-ornata.com%252Ff3031e8c56a991c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fk2-ornata.com%2Fsplunk_fields_extract_and_display%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=100 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 18:06:43 GMT x-content-type-options nosniff content-md5 OIlAxCmR79nrM/Ez4ygGlg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 299 x-fb-debug ot8UOAAGJQU1XOB4TcDZW9V15s9GUcQJ+k1jlsyNovolZ4Cu55if+vtfWTO+eFmyM6NxzLNXAbl7FslVN0tzxg== last-modified Mon, 01 Jan 2001 08:00:00 GMT content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * priority u=3,i expires Fri, 02 Aug 2024 20:23:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	42ms 41ms	Image text/html	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230809&jk=1141272002511139&bg=!s7ClsOTNAAaiGN5Pghg7ADkAdvg8WpcWUVmvSGNaE-e8wr1acLKuUsq5SOBccr3LBH4lzzxKEhgN_LV6XSY7nykA9dL8XHKGx3MCAAAARFIAAAAFaAEHmQKwGHuXPJaK4tSKe9JHW3Dglel85Ixj8jlMzt0FfCRF-tF29ECGw2ky8gOqweuqmTUneMf-J2KAt4Z2cQgY4t_sJOJfxiKsX142YHyCkxN23jEgzIhQbau-ctG5W0nfpsvbAFrZ0O2WGy27wzgOR_IjpjqdUmK07A1JtOI69qDEPItN8iuIy7P2XBeQi8Gc_1NXNpcfwBxRGnU-9Ru2U9cq3Q52yf8VXGVgvFhcPS5XEVpYPObBIsLZFMnxb_bPv3lscKiOKIY-hL6x054go0Ps97S9or5GfD6Xo3viMT5W8JuBqBqv2k20WkAZNfkItgwxTys6-8hAYZJscoXCqI8Ol_QSAjAOHZiVZbYOgS0HUc4jer2tdPEwHYzqHiF-1hNUqUFjkzNvAQIQGxtiHJ3FXfI5ecH_6W5QepHhn2rjPY7E9cQRDcSgvjXSNgzZZewaEXkrlWQ2ZglID1CrjTfr_exVzhL_Rfy_x_-15r0cmo_ogVP198e4CyUsChy52cxNcQhw1H0eN57M4pleq9wus5-IJyiv6gtETwga9pygVLZdcWi0bPXDfesFYCh9DA64cos-mfZ5UeRvUPtKm-c4rby3VzfXrsL9e9jZqSRWEfMp1PVytwaeDdd61A_8f88Mnv7uYlPvCAiwFnR7wKfU7u4-5sIwcrpBsOVLvGd_fopSbghWzum1NWDyUU_2X1egelcWOJW9adYzo0tQTPCOLWD4XuyofVBGQnsTUpL34TD7zI5aIJbszVWWxbPd9olyoM12kOEkoulbWCuodN3PRcRX5wzVc81Tm_xc9ObMXQ60MfLisr--vD0q-eVLYdKf9JrjAQL0oqyFGH3AWh7umF7nW5wSvel3ciB28iVo8NdXI2ztfcBpIRnCmlUG3bp_8Gj5y0xke7y_CJNEoGXGbg Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://k2-ornata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers