r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3059
Expires: Mon, 30 Jan 2023 23:35:42 GMT
Date: Mon, 30 Jan 2023 22:44:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3656
Expires: Mon, 30 Jan 2023 23:45:39 GMT
Date: Mon, 30 Jan 2023 22:44:43 GMT
Connection: keep-alive
orcd.co/whiskeywhispersyourname
308 Permanent Redirect 177 B URL HTTP/1.1 orcd.co/whiskeywhispersyourname
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 18c5383e2ad3240bfbb048bc7e49d1c1
0311daa1f37353d5ec20273650944c3e45cba853
6fcf110ca8fcb6ae4484690ccb1e0dfc2485e66562328cbcdcbfc9df45206d3e
GET /whiskeywhispersyourname HTTP/1.1
Host: orcd.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 308 Permanent Redirect
Server: openresty/1.15.8.1
Date: Mon, 30 Jan 2023 22:44:43 GMT
Content-Type: text/html
Content-Length: 177
Connection: keep-alive
Location: https://orcd.co/whiskeywhispersyourname
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4955
Expires: Tue, 31 Jan 2023 00:07:18 GMT
Date: Mon, 30 Jan 2023 22:44:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 22:35:47 GMT
content-type: application/json
age: 536
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zW2hw5Qy1Q/vijknB1uLieyjzu/6Ki5SPmssuodtapOCdErYvHBfUh9EvntefE0c/aMngQrLUXc=
x-amz-request-id: 1831516DBQYHFBZF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 22:21:58 GMT
age: 1365
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 22:44:44 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5405b1b034291f3f698e79c9c6d3d3d2
305339938a32c4b5dae4abcf39fccf8f5fb2cf21
ab98b43f92b6cdaf06f9de3f036c6ff5773d0194fd57f9309f2e1e0a3ecc28c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB98B43F92B6CDAF06F9DE3F036C6FF5773D0194FD57F9309F2E1E0A3ECC28C1"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2470
Expires: Mon, 30 Jan 2023 23:25:54 GMT
Date: Mon, 30 Jan 2023 22:44:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 22:41:41 GMT
age: 183
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20766
Expires: Tue, 31 Jan 2023 04:30:50 GMT
Date: Mon, 30 Jan 2023 22:44:44 GMT
Connection: keep-alive
cloudinary-cdn.ffm.to/s--BuOsZiLg--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_deezer.png
200 OK 2.2 kB URL HTTP/2 cloudinary-cdn.ffm.to/s--BuOsZiLg--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_deezer.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 384e664e3d0c1c076e8e5bb85195c454
5d16e05c7b3e0e7c48d660d4b809cc10bcbd56d5
cc7ff09e6bb13be3504bd037eb11a8463c91d48cbb5f419c596a0855f902bfcf
GET /s--BuOsZiLg--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_deezer.png HTTP/1.1
Host: cloudinary-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 2156
content-disposition: inline; filename="music-service_deezer.webp"
last-modified: Mon, 01 Nov 2021 16:56:13 GMT
strict-transport-security: max-age=604800
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
date: Sun, 29 Jan 2023 00:48:32 GMT
cache-control: public, no-transform, immutable, max-age=604800
etag: "384e664e3d0c1c076e8e5bb85195c454"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LaXL-IWj4WnBFdocSw80ifwDEPFh2OJq2OYacEoG1Wu54ziK1H-eBw==
age: 165545
X-Firefox-Spdy: h2
cloudinary-cdn.ffm.to/s--e_GXTT_B--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_spotify.png
200 OK 4.2 kB URL HTTP/2 cloudinary-cdn.ffm.to/s--e_GXTT_B--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_spotify.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 044598182cc6532d4a9cd5e5251a085a
6aa6758c6cae3a9185da995765c3b441a6d2f16e
435e91822f3cbfa88f6d400a4a292ce0261221c52efd3407aa5e8fa9bd95c684
GET /s--e_GXTT_B--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_spotify.png HTTP/1.1
Host: cloudinary-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 4202
content-disposition: inline; filename="music-service_spotify.webp"
etag: "044598182cc6532d4a9cd5e5251a085a"
last-modified: Mon, 01 Nov 2021 00:11:36 GMT
date: Tue, 24 Jan 2023 06:36:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=604800
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6yZX2aDxxOKYJXf8afaI4MfO3M7NJLCzxQOwT0q6dRguZNBNq5UFmA==
age: 576472
X-Firefox-Spdy: h2
cloudinary-cdn.ffm.to/s--uf3wpRWG--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_amazon.png
200 OK 3.1 kB URL HTTP/2 cloudinary-cdn.ffm.to/s--uf3wpRWG--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_amazon.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8005ec5c70a1a86dede351b7ad2d9011
15499b77355af41c307bfb3b70610d3724c1f214
a298039ca49310380f999065ec9986340388a97192806aa8e395ef18e484d554
GET /s--uf3wpRWG--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_amazon.png HTTP/1.1
Host: cloudinary-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 3138
content-disposition: inline; filename="music-service_amazon.webp"
last-modified: Mon, 01 Nov 2021 00:11:36 GMT
strict-transport-security: max-age=604800
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
date: Sat, 28 Jan 2023 00:41:17 GMT
cache-control: public, no-transform, immutable, max-age=604800
etag: "8005ec5c70a1a86dede351b7ad2d9011"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Xf1-Gmrzp9SPO7BZxtKRaYulMH77LVFgPNsFHZ5qypXxehTsJ1jLVA==
age: 252207
X-Firefox-Spdy: h2
cloudinary-cdn.ffm.to/s--nYvVzXAq--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_youtube.png
200 OK 3.6 kB URL HTTP/2 cloudinary-cdn.ffm.to/s--nYvVzXAq--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_youtube.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash b8b611a2c7f539a2856655b884b4e1f5
7a2c8afe836d72dd9727a6230de6a14d009b9a18
de3902d845529430c8d0e88e61acc9bc574a489b1cf4fb784b7b33e88bde64ed
GET /s--nYvVzXAq--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_youtube.png HTTP/1.1
Host: cloudinary-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 3604
content-disposition: inline; filename="music-service_youtube.webp"
last-modified: Mon, 01 Nov 2021 00:11:37 GMT
strict-transport-security: max-age=604800
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
date: Sun, 29 Jan 2023 03:31:00 GMT
cache-control: public, no-transform, immutable, max-age=604800
etag: "b8b611a2c7f539a2856655b884b4e1f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3XD-9r0i07VXP6VRlz25uUsNzT0B5L2o4EGayG1Zb4510jyTmwxf-Q==
age: 155624
X-Firefox-Spdy: h2
cloudinary-cdn.ffm.to/s--U_n7Xhib--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_soundcloud.png
200 OK 2.9 kB URL HTTP/2 cloudinary-cdn.ffm.to/s--U_n7Xhib--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_soundcloud.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash dcee62f9748649d86ea240e1667698c9
15bbb063fba172f6d00465dbed497ea7986c262e
d6060c4b827937489c31bb03c262f5b34ff1931f385a9e3512b3063867139379
GET /s--U_n7Xhib--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_soundcloud.png HTTP/1.1
Host: cloudinary-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 2868
content-disposition: inline; filename="music-service_soundcloud.webp"
last-modified: Sun, 05 Dec 2021 11:45:26 GMT
strict-transport-security: max-age=604800
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
date: Sun, 29 Jan 2023 04:49:31 GMT
cache-control: public, no-transform, immutable, max-age=604800
etag: "dcee62f9748649d86ea240e1667698c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PKNOfdAfeyaAaVCMbjZSzjHN5gPqQFADqQylYfs4PpcAkotpta4-_g==
age: 150913
X-Firefox-Spdy: h2
cloudinary-cdn.ffm.to/s--wJHSivtl--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_tidal.png
200 OK 4.5 kB URL HTTP/2 cloudinary-cdn.ffm.to/s--wJHSivtl--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_tidal.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4574b1be5469e4280c3ffafcb04f6eeb
91521006193e6e76ad705cfebd629f5e75402d32
a05af27187cec434d6adbc5b7489d0d073cce15b0fc374b4e8365596c8fd4d0f
GET /s--wJHSivtl--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_tidal.png HTTP/1.1
Host: cloudinary-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 4530
content-disposition: inline; filename="music-service_tidal.webp"
last-modified: Mon, 01 Nov 2021 00:11:37 GMT
strict-transport-security: max-age=604800
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
date: Thu, 26 Jan 2023 03:17:48 GMT
cache-control: public, no-transform, immutable, max-age=604800
etag: "4574b1be5469e4280c3ffafcb04f6eeb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DZy3pUvx7oHVVxwdptaE1kV5pIjDjuS5VKLP6GltzKNfrk5Ncig9Qw==
age: 415736
X-Firefox-Spdy: h2
cloudinary-cdn.ffm.to/s--abCrNs3k--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_pandora.png
200 OK 3.8 kB URL HTTP/2 cloudinary-cdn.ffm.to/s--abCrNs3k--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_pandora.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 14dda5f75cf7f51463ed68694a09f14b
2bb04b8a61d578d36169910cce7b01894ff83254
5bc736e7bfd8e41f28b69e2bf1bc55d2632f93f90afa0fe5415423198aab3e10
GET /s--abCrNs3k--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_pandora.png HTTP/1.1
Host: cloudinary-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 3800
content-disposition: inline; filename="music-service_pandora.webp"
last-modified: Mon, 01 Nov 2021 00:11:37 GMT
strict-transport-security: max-age=604800
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
date: Thu, 26 Jan 2023 05:19:05 GMT
cache-control: public, no-transform, immutable, max-age=604800
etag: "14dda5f75cf7f51463ed68694a09f14b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xls5JX3r7MrXMOXjEQv0tZ2GIbUK1CEpkVqiHvkyecRL2YakPiFdaQ==
age: 408339
X-Firefox-Spdy: h2
cloudinary-cdn.ffm.to/s--LpZFcfe0--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_applemusic_listen.png
200 OK 3.8 kB URL HTTP/2 cloudinary-cdn.ffm.to/s--LpZFcfe0--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_applemusic_listen.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash cf7872a715b204eaaae3bd6587935b09
c1538affb361eb00d7eba230de63d800d1dafc4c
f0edd93908f2e5d4f0721774bf5f4c66996f2f6ce7b16490b98f486674795007
GET /s--LpZFcfe0--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_applemusic_listen.png HTTP/1.1
Host: cloudinary-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 3760
content-disposition: inline; filename="music-service_applemusic_listen.webp"
last-modified: Thu, 20 Jan 2022 17:36:07 GMT
strict-transport-security: max-age=604800
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
date: Mon, 30 Jan 2023 02:43:00 GMT
cache-control: public, no-transform, immutable, max-age=604800
etag: "cf7872a715b204eaaae3bd6587935b09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nuaJj-SucgqI8xlBWalpEDARZ3xQsikJ9GM86_FcJogdO8Sb2oRICg==
age: 575297
X-Firefox-Spdy: h2
cloudinary-cdn.ffm.to/s--BkidcqFo--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_tiktok.png
200 OK 2.9 kB URL HTTP/2 cloudinary-cdn.ffm.to/s--BkidcqFo--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_tiktok.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 569191c3704ab6d417a33c068f8034c3
05fd6a4cd3070a74c0e1f5d56ce069f3ca1a5200
f45f45ccb22fdae95b3a9a474074a470c15ca86ba0556b77844ca3044c27bb7f
GET /s--BkidcqFo--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_tiktok.png HTTP/1.1
Host: cloudinary-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 2946
content-disposition: inline; filename="music-service_tiktok.webp"
last-modified: Sun, 05 Dec 2021 11:45:54 GMT
strict-transport-security: max-age=604800
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
date: Sun, 29 Jan 2023 04:12:51 GMT
cache-control: public, no-transform, immutable, max-age=604800
etag: "569191c3704ab6d417a33c068f8034c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RDAXcJtBp2-pICRc1wO5cZjq8e3JSbMRX5je5iUVrl7IWTkbV4WZhQ==
age: 153113
X-Firefox-Spdy: h2
cloudinary-cdn.ffm.to/s--40s9zDd5--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_itunes.png
200 OK 2.0 kB URL HTTP/2 cloudinary-cdn.ffm.to/s--40s9zDd5--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_itunes.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1c9777fde10b9654f2c13b587c54675e
0790e6ed53cdea00f3deb66a46b76a5ff02def84
ff4614f63d59af625ed6c218558edb5505d8840470c5e1f61f5c01974c8feeb9
GET /s--40s9zDd5--/h_64,c_scale/f_webp/https%3A%2F%2Fassets.ffm.to%2Fimages%2Flogo%2Fmusic-service_itunes.png HTTP/1.1
Host: cloudinary-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 1976
content-disposition: inline; filename="music-service_itunes.webp"
last-modified: Mon, 01 Nov 2021 00:11:36 GMT
strict-transport-security: max-age=604800
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
date: Sun, 29 Jan 2023 03:55:39 GMT
cache-control: public, no-transform, immutable, max-age=604800
etag: "1c9777fde10b9654f2c13b587c54675e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3jZTYfEESsKA36eej_7tMu702cX-VrfkRuooqENbem-3WgyKoXL0fg==
age: 154145
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iUZMft5yHWKwh5rvA0adGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uyWjAfqew7PxcQ8+VSC3W5TWdOU=
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d6226c92d5ee80e38137c00b85839733
231e2512de14d75324412117a0f01b3077316673
5e76b181800be122b78b3b55a28ce81871f86a3bc050f39388b79d33c6da6ddd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 22:44:44 GMT
Last-Modified: Mon, 30 Jan 2023 22:43:12 GMT
Server: ECS (dcb/7EC6)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iQVE8q1uZPFgh1Q_n8qsVYJjjZko0EqYkJ17j8y0qObqgJh5F1Vj9g==
Age: 92
cloudinary-cdn.ffm.to/s--vHFvoVg_--/f_webp/https%3A%2F%2Fimagestore.ffm.to%2Flink%2F9ed7e503c25a545b900c3dd88d0383bb.png
200 OK 50 kB URL HTTP/2 cloudinary-cdn.ffm.to/s--vHFvoVg_--/f_webp/https%3A%2F%2Fimagestore.ffm.to%2Flink%2F9ed7e503c25a545b900c3dd88d0383bb.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x1000, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c7115b495c5d5e2dce9d7f23d61078e0
3ccb4bd7bd7ad4db7df598ef80c2aa827faff30d
846f610b87cb88188dc2550562e1023dcf50ff06a3ae7c540abb8d48347b2191
GET /s--vHFvoVg_--/f_webp/https%3A%2F%2Fimagestore.ffm.to%2Flink%2F9ed7e503c25a545b900c3dd88d0383bb.png HTTP/1.1
Host: cloudinary-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 49630
content-disposition: inline; filename="9ed7e503c25a545b900c3dd88d0383bb.webp"
etag: "c7115b495c5d5e2dce9d7f23d61078e0"
last-modified: Fri, 25 Feb 2022 08:45:03 GMT
date: Mon, 30 Jan 2023 22:44:45 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=147;cpu=0;start=2023-01-30T22:44:44.870Z;desc=miss,rtt;dur=1,cloudinary;dur=55;start=2023-01-30T22:44:44.916Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R8AaGO6a3H8agPqxVeuTsckA9MDj8bqq5OEUtglj9_mmb67We41GIA==
X-Firefox-Spdy: h2
cloudinary-cdn.ffm.to/s--E6QjT-Wn--/w_424,h_424,c_lfill/c_scale,fl_relative,w_1.1/e_blur_region:800/f_webp/https%3A%2F%2Fimagestore.ffm.to%2Flink%2F9ed7e503c25a545b900c3dd88d0383bb.png
200 OK 4.3 kB URL HTTP/2 cloudinary-cdn.ffm.to/s--E6QjT-Wn--/w_424,h_424,c_lfill/c_scale,fl_relative,w_1.1/e_blur_region:800/f_webp/https%3A%2F%2Fimagestore.ffm.to%2Flink%2F9ed7e503c25a545b900c3dd88d0383bb.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 466x466, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da24f7543b7643664a665314c629e169
5d4c55c28ddc5f069d34b06a07582cb0a051a79f
ad039925722a65045803b21c82149d869bcb66e26b5ed5ba56b93c892bd7dacb
GET /s--E6QjT-Wn--/w_424,h_424,c_lfill/c_scale,fl_relative,w_1.1/e_blur_region:800/f_webp/https%3A%2F%2Fimagestore.ffm.to%2Flink%2F9ed7e503c25a545b900c3dd88d0383bb.png HTTP/1.1
Host: cloudinary-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 4304
content-disposition: inline; filename="9ed7e503c25a545b900c3dd88d0383bb.webp"
etag: "da24f7543b7643664a665314c629e169"
last-modified: Fri, 25 Feb 2022 08:45:03 GMT
date: Mon, 30 Jan 2023 22:44:45 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=177;cpu=0;start=2023-01-30T22:44:45.016Z;desc=miss,rtt;dur=0,cloudinary;dur=86;start=2023-01-30T22:44:45.063Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AIVtl_nMvhs4a3fJXJ4hjVhNZrkyLqv8C6fjg9bARTbkKTsybum0Kw==
X-Firefox-Spdy: h2
fast-cdn.ffm.to/016a9b4.modern.js
200 OK 2.5 kB URL HTTP/2 fast-cdn.ffm.to/016a9b4.modern.js
IP
Hash 831dd41d3888414926bb599638253339
ce973a2c2472a90eab1007414ff8d4c2792b45cb
19cdf425db6ce60e9cace614e8a1b73f9b22fb94f3a77a85254da171e67209a4
GET /016a9b4.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Tue, 10 Jan 2023 10:09:29 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"17dc-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1iUR_1jiyC1HAPMeAkmbRK_BN8_auAzYOd0nJbUjJX7tVlReTv3Ndw==
age: 1773316
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bd257053b3c801a62da8f829616d846
06c555c649631e5e86e20d7b3a59e0e0d2470f43
d88fc1d52fe9b1d8527abd66b2c24b565dbc4ec6f3eb7c3b68e6112942ed812d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D88FC1D52FE9B1D8527ABD66B2C24B565DBC4EC6F3EB7C3B68E6112942ED812D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15659
Expires: Tue, 31 Jan 2023 03:05:44 GMT
Date: Mon, 30 Jan 2023 22:44:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bd257053b3c801a62da8f829616d846
06c555c649631e5e86e20d7b3a59e0e0d2470f43
d88fc1d52fe9b1d8527abd66b2c24b565dbc4ec6f3eb7c3b68e6112942ed812d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D88FC1D52FE9B1D8527ABD66B2C24B565DBC4EC6F3EB7C3B68E6112942ED812D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15659
Expires: Tue, 31 Jan 2023 03:05:44 GMT
Date: Mon, 30 Jan 2023 22:44:45 GMT
Connection: keep-alive
fast-cdn.ffm.to/364028a.modern.js
200 OK 4.5 kB URL HTTP/2 fast-cdn.ffm.to/364028a.modern.js
IP
Hash b056f94f55fc7395a3028c34dbf79446
33c86ce4030c51f28fd62162ef3feacee0b0797e
99926383fb0ab46d2b55dba1efe96bcc90b5a2960e01ba53c1781e50c86a1e3a
GET /364028a.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Mon, 23 Jan 2023 01:28:14 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"1070-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IMghBxbGkXVBNZU77zi83OXPuVqYg0qQFURQkwViMaGrJkShB8Lw4g==
age: 681391
X-Firefox-Spdy: h2
fast-cdn.ffm.to/9f9ef7a.modern.js
200 OK 78 kB URL HTTP/2 fast-cdn.ffm.to/9f9ef7a.modern.js
IP
Hash 643e95363e14e4fd6af54882558763d5
21636e78ef738dde281426d7016a2754574c5953
22a004f809f0be7efb5e1c033488e71e5a83369694158db92c865f4db62eaae3
GET /9f9ef7a.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Fri, 20 Jan 2023 04:13:58 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"35cf-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: falB7wcn0pqP0jDUMrmhKGg-JZSjzJrwOzNfdgCQm7JLFVzMBMskDg==
age: 930647
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.redditstatic.com/ads/pixel.js
200 OK 7.4 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP
File type ASCII text, with very long lines (23347)
Hash 03d5db9dfd00a5719bb4c9261e6fa1bb
be9899225f59b4d3ef6fefcf0e66b72568353a94
e90f19642062e4311b58ede732592e8f29b7799661086a0bbfc68e259fd81398
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 22:44:45 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7356
X-Firefox-Spdy: h2
api.ffm.to/sl/e/i/whiskeywhispersyourname?cd=eyJ1YSI6eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiYnJvd3NlciI6eyJuYW1lIjoiRmlyZWZveCIsInZlcnNpb24iOiIxMDUuMCIsIm1ham9yIjoiMTA1In0sImVuZ2luZSI6eyJuYW1lIjoiR2Vja28iLCJ2ZXJzaW9uIjoiMTA1LjAifSwib3MiOnsibmFtZSI6IldpbmRvd3MiLCJ2ZXJzaW9uIjoiMTAifSwiZGV2aWNlIjp7fSwiY3B1Ijp7ImFyY2hpdGVjdHVyZSI6ImFtZDY0In19LCJjbGllbnQiOnsicmlkIjoiYWNlNTA5N2EtMTNiOC00ZGVmLWIyOWEtM2ZlNGM3OWY5MGFkIiwic2lkIjoiMGUyOGYxMWMtMjA0NS00NDYxLWFiNjEtZGFkZDVlMmVkNmM5IiwiaXAiOiI5MS45MC40Mi4xNTQiLCJyZWYiOiIiLCJob3N0Ijoib3JjZC5jbyIsImxhbmciOiJlbi1VUyIsImlwQ291bnRyeSI6Ik5PIn0sImlzV2VicFN1cHBvcnRlZCI6dHJ1ZSwiaXNGcm9tRVUiOmZhbHNlLCJjb3VudHJ5Q29kZSI6Ik5PIiwidXNlQWZmIjoib3JpZ2luIiwiaWQiOiI2MjAyZGM4MTJiMDAwMDRmMDAwMjRhM2QiLCJ0em8iOjM2MCwiY2giOm51bGwsImFuIjpudWxsLCJkZXN0VXJsIjoidXBjOjE5NjYyNjExNTQxNiIsInZpZCI6IjZhMjZlN2UwLThjZDUtNGJkZS1iMjRjLWU4MDAyZTMzMTQ0MSIsInNydmMiOm51bGwsInByb2R1Y3QiOiJzbWFydGxpbmsiLCJzaG9ydElkIjoid2hpc2tleXdoaXNwZXJzeW91cm5hbWUiLCJpc0F1dGhvcml6YXRpb25SZXF1aXJlZCI6ZmFsc2UsIm93bmVyIjoiNjIwMmRjNmYyMzAwMDA1ZDAwNjI2ZGQzIiwidGVuYW50IjoiNWJkOWUzNDA3OGY0ZjAzZmE3MmE5ZmIxIiwiYXIiOiI1ZmZjYjkxODMwMDAwMDZjZDYzMDE3M2QiLCJpc1Nob3J0TGluayI6ZmFsc2V9
200 OK 35 B URL HTTP/2 api.ffm.to/sl/e/i/whiskeywhispersyourname?cd=eyJ1YSI6eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiYnJvd3NlciI6eyJuYW1lIjoiRmlyZWZveCIsInZlcnNpb24iOiIxMDUuMCIsIm1ham9yIjoiMTA1In0sImVuZ2luZSI6eyJuYW1lIjoiR2Vja28iLCJ2ZXJzaW9uIjoiMTA1LjAifSwib3MiOnsibmFtZSI6IldpbmRvd3MiLCJ2ZXJzaW9uIjoiMTAifSwiZGV2aWNlIjp7fSwiY3B1Ijp7ImFyY2hpdGVjdHVyZSI6ImFtZDY0In19LCJjbGllbnQiOnsicmlkIjoiYWNlNTA5N2EtMTNiOC00ZGVmLWIyOWEtM2ZlNGM3OWY5MGFkIiwic2lkIjoiMGUyOGYxMWMtMjA0NS00NDYxLWFiNjEtZGFkZDVlMmVkNmM5IiwiaXAiOiI5MS45MC40Mi4xNTQiLCJyZWYiOiIiLCJob3N0Ijoib3JjZC5jbyIsImxhbmciOiJlbi1VUyIsImlwQ291bnRyeSI6Ik5PIn0sImlzV2VicFN1cHBvcnRlZCI6dHJ1ZSwiaXNGcm9tRVUiOmZhbHNlLCJjb3VudHJ5Q29kZSI6Ik5PIiwidXNlQWZmIjoib3JpZ2luIiwiaWQiOiI2MjAyZGM4MTJiMDAwMDRmMDAwMjRhM2QiLCJ0em8iOjM2MCwiY2giOm51bGwsImFuIjpudWxsLCJkZXN0VXJsIjoidXBjOjE5NjYyNjExNTQxNiIsInZpZCI6IjZhMjZlN2UwLThjZDUtNGJkZS1iMjRjLWU4MDAyZTMzMTQ0MSIsInNydmMiOm51bGwsInByb2R1Y3QiOiJzbWFydGxpbmsiLCJzaG9ydElkIjoid2hpc2tleXdoaXNwZXJzeW91cm5hbWUiLCJpc0F1dGhvcml6YXRpb25SZXF1aXJlZCI6ZmFsc2UsIm93bmVyIjoiNjIwMmRjNmYyMzAwMDA1ZDAwNjI2ZGQzIiwidGVuYW50IjoiNWJkOWUzNDA3OGY0ZjAzZmE3MmE5ZmIxIiwiYXIiOiI1ZmZjYjkxODMwMDAwMDZjZDYzMDE3M2QiLCJpc1Nob3J0TGluayI6ZmFsc2V9
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /sl/e/i/whiskeywhispersyourname?cd=eyJ1YSI6eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiYnJvd3NlciI6eyJuYW1lIjoiRmlyZWZveCIsInZlcnNpb24iOiIxMDUuMCIsIm1ham9yIjoiMTA1In0sImVuZ2luZSI6eyJuYW1lIjoiR2Vja28iLCJ2ZXJzaW9uIjoiMTA1LjAifSwib3MiOnsibmFtZSI6IldpbmRvd3MiLCJ2ZXJzaW9uIjoiMTAifSwiZGV2aWNlIjp7fSwiY3B1Ijp7ImFyY2hpdGVjdHVyZSI6ImFtZDY0In19LCJjbGllbnQiOnsicmlkIjoiYWNlNTA5N2EtMTNiOC00ZGVmLWIyOWEtM2ZlNGM3OWY5MGFkIiwic2lkIjoiMGUyOGYxMWMtMjA0NS00NDYxLWFiNjEtZGFkZDVlMmVkNmM5IiwiaXAiOiI5MS45MC40Mi4xNTQiLCJyZWYiOiIiLCJob3N0Ijoib3JjZC5jbyIsImxhbmciOiJlbi1VUyIsImlwQ291bnRyeSI6Ik5PIn0sImlzV2VicFN1cHBvcnRlZCI6dHJ1ZSwiaXNGcm9tRVUiOmZhbHNlLCJjb3VudHJ5Q29kZSI6Ik5PIiwidXNlQWZmIjoib3JpZ2luIiwiaWQiOiI2MjAyZGM4MTJiMDAwMDRmMDAwMjRhM2QiLCJ0em8iOjM2MCwiY2giOm51bGwsImFuIjpudWxsLCJkZXN0VXJsIjoidXBjOjE5NjYyNjExNTQxNiIsInZpZCI6IjZhMjZlN2UwLThjZDUtNGJkZS1iMjRjLWU4MDAyZTMzMTQ0MSIsInNydmMiOm51bGwsInByb2R1Y3QiOiJzbWFydGxpbmsiLCJzaG9ydElkIjoid2hpc2tleXdoaXNwZXJzeW91cm5hbWUiLCJpc0F1dGhvcml6YXRpb25SZXF1aXJlZCI6ZmFsc2UsIm93bmVyIjoiNjIwMmRjNmYyMzAwMDA1ZDAwNjI2ZGQzIiwidGVuYW50IjoiNWJkOWUzNDA3OGY0ZjAzZmE3MmE5ZmIxIiwiYXIiOiI1ZmZjYjkxODMwMDAwMDZjZDYzMDE3M2QiLCJpc1Nob3J0TGluayI6ZmFsc2V9 HTTP/1.1
Host: api.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.15.8.1
date: Mon, 30 Jan 2023 22:44:45 GMT
content-type: image/gif
content-length: 35
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
cache-control: public, max-age=0
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
api.ffm.to/sl/e/r/whiskeywhispersyourname?cd=eyJ1YSI6eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiYnJvd3NlciI6eyJuYW1lIjoiRmlyZWZveCIsInZlcnNpb24iOiIxMDUuMCIsIm1ham9yIjoiMTA1In0sImVuZ2luZSI6eyJuYW1lIjoiR2Vja28iLCJ2ZXJzaW9uIjoiMTA1LjAifSwib3MiOnsibmFtZSI6IldpbmRvd3MiLCJ2ZXJzaW9uIjoiMTAifSwiZGV2aWNlIjp7fSwiY3B1Ijp7ImFyY2hpdGVjdHVyZSI6ImFtZDY0In19LCJjbGllbnQiOnsicmlkIjoiYWNlNTA5N2EtMTNiOC00ZGVmLWIyOWEtM2ZlNGM3OWY5MGFkIiwic2lkIjoiMGUyOGYxMWMtMjA0NS00NDYxLWFiNjEtZGFkZDVlMmVkNmM5IiwiaXAiOiI5MS45MC40Mi4xNTQiLCJyZWYiOiIiLCJob3N0Ijoib3JjZC5jbyIsImxhbmciOiJlbi1VUyIsImlwQ291bnRyeSI6Ik5PIn0sImlzV2VicFN1cHBvcnRlZCI6dHJ1ZSwiaXNGcm9tRVUiOmZhbHNlLCJjb3VudHJ5Q29kZSI6Ik5PIiwidXNlQWZmIjoib3JpZ2luIiwiaWQiOiI2MjAyZGM4MTJiMDAwMDRmMDAwMjRhM2QiLCJ0em8iOjM2MCwiY2giOm51bGwsImFuIjpudWxsLCJkZXN0VXJsIjoidXBjOjE5NjYyNjExNTQxNiIsInZpZCI6IjZhMjZlN2UwLThjZDUtNGJkZS1iMjRjLWU4MDAyZTMzMTQ0MSIsInNydmMiOm51bGwsInByb2R1Y3QiOiJzbWFydGxpbmsiLCJzaG9ydElkIjoid2hpc2tleXdoaXNwZXJzeW91cm5hbWUiLCJpc0F1dGhvcml6YXRpb25SZXF1aXJlZCI6ZmFsc2UsIm93bmVyIjoiNjIwMmRjNmYyMzAwMDA1ZDAwNjI2ZGQzIiwidGVuYW50IjoiNWJkOWUzNDA3OGY0ZjAzZmE3MmE5ZmIxIiwiYXIiOiI1ZmZjYjkxODMwMDAwMDZjZDYzMDE3M2QiLCJpc1Nob3J0TGluayI6ZmFsc2V9
200 OK 35 B URL HTTP/2 api.ffm.to/sl/e/r/whiskeywhispersyourname?cd=eyJ1YSI6eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiYnJvd3NlciI6eyJuYW1lIjoiRmlyZWZveCIsInZlcnNpb24iOiIxMDUuMCIsIm1ham9yIjoiMTA1In0sImVuZ2luZSI6eyJuYW1lIjoiR2Vja28iLCJ2ZXJzaW9uIjoiMTA1LjAifSwib3MiOnsibmFtZSI6IldpbmRvd3MiLCJ2ZXJzaW9uIjoiMTAifSwiZGV2aWNlIjp7fSwiY3B1Ijp7ImFyY2hpdGVjdHVyZSI6ImFtZDY0In19LCJjbGllbnQiOnsicmlkIjoiYWNlNTA5N2EtMTNiOC00ZGVmLWIyOWEtM2ZlNGM3OWY5MGFkIiwic2lkIjoiMGUyOGYxMWMtMjA0NS00NDYxLWFiNjEtZGFkZDVlMmVkNmM5IiwiaXAiOiI5MS45MC40Mi4xNTQiLCJyZWYiOiIiLCJob3N0Ijoib3JjZC5jbyIsImxhbmciOiJlbi1VUyIsImlwQ291bnRyeSI6Ik5PIn0sImlzV2VicFN1cHBvcnRlZCI6dHJ1ZSwiaXNGcm9tRVUiOmZhbHNlLCJjb3VudHJ5Q29kZSI6Ik5PIiwidXNlQWZmIjoib3JpZ2luIiwiaWQiOiI2MjAyZGM4MTJiMDAwMDRmMDAwMjRhM2QiLCJ0em8iOjM2MCwiY2giOm51bGwsImFuIjpudWxsLCJkZXN0VXJsIjoidXBjOjE5NjYyNjExNTQxNiIsInZpZCI6IjZhMjZlN2UwLThjZDUtNGJkZS1iMjRjLWU4MDAyZTMzMTQ0MSIsInNydmMiOm51bGwsInByb2R1Y3QiOiJzbWFydGxpbmsiLCJzaG9ydElkIjoid2hpc2tleXdoaXNwZXJzeW91cm5hbWUiLCJpc0F1dGhvcml6YXRpb25SZXF1aXJlZCI6ZmFsc2UsIm93bmVyIjoiNjIwMmRjNmYyMzAwMDA1ZDAwNjI2ZGQzIiwidGVuYW50IjoiNWJkOWUzNDA3OGY0ZjAzZmE3MmE5ZmIxIiwiYXIiOiI1ZmZjYjkxODMwMDAwMDZjZDYzMDE3M2QiLCJpc1Nob3J0TGluayI6ZmFsc2V9
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /sl/e/r/whiskeywhispersyourname?cd=eyJ1YSI6eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiYnJvd3NlciI6eyJuYW1lIjoiRmlyZWZveCIsInZlcnNpb24iOiIxMDUuMCIsIm1ham9yIjoiMTA1In0sImVuZ2luZSI6eyJuYW1lIjoiR2Vja28iLCJ2ZXJzaW9uIjoiMTA1LjAifSwib3MiOnsibmFtZSI6IldpbmRvd3MiLCJ2ZXJzaW9uIjoiMTAifSwiZGV2aWNlIjp7fSwiY3B1Ijp7ImFyY2hpdGVjdHVyZSI6ImFtZDY0In19LCJjbGllbnQiOnsicmlkIjoiYWNlNTA5N2EtMTNiOC00ZGVmLWIyOWEtM2ZlNGM3OWY5MGFkIiwic2lkIjoiMGUyOGYxMWMtMjA0NS00NDYxLWFiNjEtZGFkZDVlMmVkNmM5IiwiaXAiOiI5MS45MC40Mi4xNTQiLCJyZWYiOiIiLCJob3N0Ijoib3JjZC5jbyIsImxhbmciOiJlbi1VUyIsImlwQ291bnRyeSI6Ik5PIn0sImlzV2VicFN1cHBvcnRlZCI6dHJ1ZSwiaXNGcm9tRVUiOmZhbHNlLCJjb3VudHJ5Q29kZSI6Ik5PIiwidXNlQWZmIjoib3JpZ2luIiwiaWQiOiI2MjAyZGM4MTJiMDAwMDRmMDAwMjRhM2QiLCJ0em8iOjM2MCwiY2giOm51bGwsImFuIjpudWxsLCJkZXN0VXJsIjoidXBjOjE5NjYyNjExNTQxNiIsInZpZCI6IjZhMjZlN2UwLThjZDUtNGJkZS1iMjRjLWU4MDAyZTMzMTQ0MSIsInNydmMiOm51bGwsInByb2R1Y3QiOiJzbWFydGxpbmsiLCJzaG9ydElkIjoid2hpc2tleXdoaXNwZXJzeW91cm5hbWUiLCJpc0F1dGhvcml6YXRpb25SZXF1aXJlZCI6ZmFsc2UsIm93bmVyIjoiNjIwMmRjNmYyMzAwMDA1ZDAwNjI2ZGQzIiwidGVuYW50IjoiNWJkOWUzNDA3OGY0ZjAzZmE3MmE5ZmIxIiwiYXIiOiI1ZmZjYjkxODMwMDAwMDZjZDYzMDE3M2QiLCJpc1Nob3J0TGluayI6ZmFsc2V9 HTTP/1.1
Host: api.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.15.8.1
date: Mon, 30 Jan 2023 22:44:45 GMT
content-type: image/gif
content-length: 35
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
cache-control: public, max-age=0
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
api.ffm.to/sl/e/v/whiskeywhispersyourname?cd=eyJ1YSI6eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiYnJvd3NlciI6eyJuYW1lIjoiRmlyZWZveCIsInZlcnNpb24iOiIxMDUuMCIsIm1ham9yIjoiMTA1In0sImVuZ2luZSI6eyJuYW1lIjoiR2Vja28iLCJ2ZXJzaW9uIjoiMTA1LjAifSwib3MiOnsibmFtZSI6IldpbmRvd3MiLCJ2ZXJzaW9uIjoiMTAifSwiZGV2aWNlIjp7fSwiY3B1Ijp7ImFyY2hpdGVjdHVyZSI6ImFtZDY0In19LCJjbGllbnQiOnsicmlkIjoiYWNlNTA5N2EtMTNiOC00ZGVmLWIyOWEtM2ZlNGM3OWY5MGFkIiwic2lkIjoiMGUyOGYxMWMtMjA0NS00NDYxLWFiNjEtZGFkZDVlMmVkNmM5IiwiaXAiOiI5MS45MC40Mi4xNTQiLCJyZWYiOiIiLCJob3N0Ijoib3JjZC5jbyIsImxhbmciOiJlbi1VUyIsImlwQ291bnRyeSI6Ik5PIn0sImlzV2VicFN1cHBvcnRlZCI6dHJ1ZSwiaXNGcm9tRVUiOmZhbHNlLCJjb3VudHJ5Q29kZSI6Ik5PIiwidXNlQWZmIjoib3JpZ2luIiwiaWQiOiI2MjAyZGM4MTJiMDAwMDRmMDAwMjRhM2QiLCJ0em8iOjM2MCwiY2giOm51bGwsImFuIjpudWxsLCJkZXN0VXJsIjoidXBjOjE5NjYyNjExNTQxNiIsInZpZCI6IjZhMjZlN2UwLThjZDUtNGJkZS1iMjRjLWU4MDAyZTMzMTQ0MSIsInNydmMiOm51bGwsInByb2R1Y3QiOiJzbWFydGxpbmsiLCJzaG9ydElkIjoid2hpc2tleXdoaXNwZXJzeW91cm5hbWUiLCJpc0F1dGhvcml6YXRpb25SZXF1aXJlZCI6ZmFsc2UsIm93bmVyIjoiNjIwMmRjNmYyMzAwMDA1ZDAwNjI2ZGQzIiwidGVuYW50IjoiNWJkOWUzNDA3OGY0ZjAzZmE3MmE5ZmIxIiwiYXIiOiI1ZmZjYjkxODMwMDAwMDZjZDYzMDE3M2QiLCJpc1Nob3J0TGluayI6ZmFsc2V9
200 OK 35 B URL HTTP/2 api.ffm.to/sl/e/v/whiskeywhispersyourname?cd=eyJ1YSI6eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiYnJvd3NlciI6eyJuYW1lIjoiRmlyZWZveCIsInZlcnNpb24iOiIxMDUuMCIsIm1ham9yIjoiMTA1In0sImVuZ2luZSI6eyJuYW1lIjoiR2Vja28iLCJ2ZXJzaW9uIjoiMTA1LjAifSwib3MiOnsibmFtZSI6IldpbmRvd3MiLCJ2ZXJzaW9uIjoiMTAifSwiZGV2aWNlIjp7fSwiY3B1Ijp7ImFyY2hpdGVjdHVyZSI6ImFtZDY0In19LCJjbGllbnQiOnsicmlkIjoiYWNlNTA5N2EtMTNiOC00ZGVmLWIyOWEtM2ZlNGM3OWY5MGFkIiwic2lkIjoiMGUyOGYxMWMtMjA0NS00NDYxLWFiNjEtZGFkZDVlMmVkNmM5IiwiaXAiOiI5MS45MC40Mi4xNTQiLCJyZWYiOiIiLCJob3N0Ijoib3JjZC5jbyIsImxhbmciOiJlbi1VUyIsImlwQ291bnRyeSI6Ik5PIn0sImlzV2VicFN1cHBvcnRlZCI6dHJ1ZSwiaXNGcm9tRVUiOmZhbHNlLCJjb3VudHJ5Q29kZSI6Ik5PIiwidXNlQWZmIjoib3JpZ2luIiwiaWQiOiI2MjAyZGM4MTJiMDAwMDRmMDAwMjRhM2QiLCJ0em8iOjM2MCwiY2giOm51bGwsImFuIjpudWxsLCJkZXN0VXJsIjoidXBjOjE5NjYyNjExNTQxNiIsInZpZCI6IjZhMjZlN2UwLThjZDUtNGJkZS1iMjRjLWU4MDAyZTMzMTQ0MSIsInNydmMiOm51bGwsInByb2R1Y3QiOiJzbWFydGxpbmsiLCJzaG9ydElkIjoid2hpc2tleXdoaXNwZXJzeW91cm5hbWUiLCJpc0F1dGhvcml6YXRpb25SZXF1aXJlZCI6ZmFsc2UsIm93bmVyIjoiNjIwMmRjNmYyMzAwMDA1ZDAwNjI2ZGQzIiwidGVuYW50IjoiNWJkOWUzNDA3OGY0ZjAzZmE3MmE5ZmIxIiwiYXIiOiI1ZmZjYjkxODMwMDAwMDZjZDYzMDE3M2QiLCJpc1Nob3J0TGluayI6ZmFsc2V9
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /sl/e/v/whiskeywhispersyourname?cd=eyJ1YSI6eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwiYnJvd3NlciI6eyJuYW1lIjoiRmlyZWZveCIsInZlcnNpb24iOiIxMDUuMCIsIm1ham9yIjoiMTA1In0sImVuZ2luZSI6eyJuYW1lIjoiR2Vja28iLCJ2ZXJzaW9uIjoiMTA1LjAifSwib3MiOnsibmFtZSI6IldpbmRvd3MiLCJ2ZXJzaW9uIjoiMTAifSwiZGV2aWNlIjp7fSwiY3B1Ijp7ImFyY2hpdGVjdHVyZSI6ImFtZDY0In19LCJjbGllbnQiOnsicmlkIjoiYWNlNTA5N2EtMTNiOC00ZGVmLWIyOWEtM2ZlNGM3OWY5MGFkIiwic2lkIjoiMGUyOGYxMWMtMjA0NS00NDYxLWFiNjEtZGFkZDVlMmVkNmM5IiwiaXAiOiI5MS45MC40Mi4xNTQiLCJyZWYiOiIiLCJob3N0Ijoib3JjZC5jbyIsImxhbmciOiJlbi1VUyIsImlwQ291bnRyeSI6Ik5PIn0sImlzV2VicFN1cHBvcnRlZCI6dHJ1ZSwiaXNGcm9tRVUiOmZhbHNlLCJjb3VudHJ5Q29kZSI6Ik5PIiwidXNlQWZmIjoib3JpZ2luIiwiaWQiOiI2MjAyZGM4MTJiMDAwMDRmMDAwMjRhM2QiLCJ0em8iOjM2MCwiY2giOm51bGwsImFuIjpudWxsLCJkZXN0VXJsIjoidXBjOjE5NjYyNjExNTQxNiIsInZpZCI6IjZhMjZlN2UwLThjZDUtNGJkZS1iMjRjLWU4MDAyZTMzMTQ0MSIsInNydmMiOm51bGwsInByb2R1Y3QiOiJzbWFydGxpbmsiLCJzaG9ydElkIjoid2hpc2tleXdoaXNwZXJzeW91cm5hbWUiLCJpc0F1dGhvcml6YXRpb25SZXF1aXJlZCI6ZmFsc2UsIm93bmVyIjoiNjIwMmRjNmYyMzAwMDA1ZDAwNjI2ZGQzIiwidGVuYW50IjoiNWJkOWUzNDA3OGY0ZjAzZmE3MmE5ZmIxIiwiYXIiOiI1ZmZjYjkxODMwMDAwMDZjZDYzMDE3M2QiLCJpc1Nob3J0TGluayI6ZmFsc2V9 HTTP/1.1
Host: api.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.15.8.1
date: Mon, 30 Jan 2023 22:44:45 GMT
content-type: image/gif
content-length: 35
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
cache-control: public, max-age=0
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC7HUHBC77U2G64PMP90&lib=ttq
200 OK 1.3 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC7HUHBC77U2G64PMP90&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2741)
Hash c46a3094c28a9d5f8d565bbc852dc229
e96bd721ca4c8b79d7bc56b121d5c662af777d3b
fb3bbe1c34c4bd3af0f271fcef88f3306639a8a988df4cddffc5f1896cf08b4d
GET /i18n/pixel/events.js?sdkid=CC7HUHBC77U2G64PMP90&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230130224445662C5BBB531B6CA43124
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60fa52c5d1c57f3b77a3dac2d549caf6cffd3dc05b443d1512180b0b45bfc5de8108b47eaa2b700e20d81cd42518f5d68d0dfa81268412f5d3e7a3ec04cea983063b781de9f240825cc9b4db0dc009e8eac602ceb1b25e3720d2dec81721aa3960
content-encoding: gzip
content-length: 1348
x-origin-response-time: 10,23.194.131.20
x-akamai-request-id: cb6a7c6d.5d50c383
expires: Mon, 30 Jan 2023 22:44:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Jan 2023 22:44:45 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2L47phasOhIxymF3QWNKuR9NDp3; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-194-131-20.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=10, inner; dur=1
x-parent-response-time: 115,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=BSC3AMO16HBE43RL04F0&lib=ttq
200 OK 1.6 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=BSC3AMO16HBE43RL04F0&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (6173)
Hash af5fddf4e53a99f36d570dc34c88468b
c9f566005edc2391acb41b683576459d7dc0cd08
9b5d337ebbfc834cd31878404cb5f617459bf639b4d3f91c9b942bf3368c8164
GET /i18n/pixel/events.js?sdkid=BSC3AMO16HBE43RL04F0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230130224445F7D16A4111EE47AAF968
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60fa52c5d1c57f3b77a3dac2d549caf6cf96f314f322e3704fa2055ef525c42ca0f9e601389079b34f1f0f8118ff587e6068a04b3ccdf6264f59387b3b477db83bb78ee7e7439079f64ba9724faf9fe0fd01abc5c13bb96d16074b7569293a5eff
content-encoding: gzip
content-length: 1550
x-origin-response-time: 24,23.194.131.15
x-akamai-request-id: dc9dc2a0.5d50c37e
expires: Mon, 30 Jan 2023 22:44:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Jan 2023 22:44:45 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2L47piBYEDPTcTvf7vK7sI24ilL; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-194-131-15.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=24, inner; dur=3
x-parent-response-time: 128,23.36.79.28
X-Firefox-Spdy: h2
fast-cdn.ffm.to/b6d4a34.modern.js
200 OK 76 kB URL HTTP/2 fast-cdn.ffm.to/b6d4a34.modern.js
IP
File type ASCII text, with very long lines (39070)
Hash f1155134e793fec349c443ea326bae43
8a30435ea5e45cbb5f229c90c694e2f250a76e0d
a8b7edfac6d96f0d5ce2593e9656cc207234bd7a78fee69aa0cbe7cf657eee81
GET /b6d4a34.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Sat, 21 Jan 2023 01:25:11 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"549c-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m4xWe-bAorIe4YNhVpIaC4FOSXa_iS5JSC2VqohryIB7wtjvp8pZkw==
age: 854374
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDIHSBBC77U5MH0KCOL0&lib=ttq
200 OK 1.4 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDIHSBBC77U5MH0KCOL0&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3228)
Hash 0fdffaf3f3ae94224bb56fa1810462d7
534f34089a6a780d3a1ba2e50a6b0195f5f0cb7e
fbb69f05fc8f611ecb00227423f0c1a51006895798c8f503301b01d5c9eaf367
GET /i18n/pixel/events.js?sdkid=CDIHSBBC77U5MH0KCOL0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202301302244452146C80D89299A89DFF8
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60fa52c5d1c57f3b77a3dac2d549caf6cf0d00e5ccf317ca7a301ea6a430349af8610b78345e99c59ff9b18492c584efda090062b9a6dc2cf7028dcdcb07b4547224f004f9c95637a3190d8eca882935098e35af4f6b54fb835c25f9ac40534932
content-encoding: gzip
content-length: 1439
x-origin-response-time: 91,23.194.131.13
x-akamai-request-id: c61c2822.5d50c37f
expires: Mon, 30 Jan 2023 22:44:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Jan 2023 22:44:45 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2L47pi0untLpRN2AY9lekjgH173; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-194-131-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=91, inner; dur=4
x-parent-response-time: 196,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 85bd96a56a6a7f09e3e7dadc7980152e
37590c595abeb315046a293a9e53632ae2128ac4
c27be18eef006f48310fb2b0c456d6bcb1f3b0298dcb6e580724923323cb48a7
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Cookie: _ttp=2L47pi0untLpRN2AY9lekjgH173
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825D19F86481431D6BBCCFF
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f827e6bc0806bd5a24cf0439744099e1e4bba0637571d8edb56c6009f69fe5018b8e38bd5b93708ee64c377fa97874d18ceefbea8a477a7fa2bec40c3b56c69b1
content-encoding: gzip
date: Mon, 30 Jan 2023 22:44:45 GMT
content-length: 30917
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 5d50c4f4
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 068b99770dbe915df78d29b83e82e6b4
4377189fd27feab4924b0e33e735755c00830c9b
538d56c75e0213f3dfa3f49859c796f6f53246699cd7335139a78dddc1f1f5e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3844
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Last-Modified: Mon, 30 Jan 2023 21:40:41 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.ads-twitter.com/uwt.js
200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Mon, 30 Jan 2023 22:44:45 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
200 OK 15 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
IP
ASN #20940 Akamai International B.V.
Hash 22eaa6491556c40c984bed61ff9892b5
253ec7921f896fab2d49656208b10d2a227c82de
f690af44bc7bb9724442c2f52648ce1c8365cc6010cc0af574f5e0dcddf7ee7f
GET /i18n/pixel/static/main.MWE2YWY2YTgzMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Cookie: _ttp=2L47piBYEDPTcTvf7vK7sI24ilL
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023011217582238FCAA3D419588756972
x-tt-trace-host: 01e57b2566233939c0b7a614d728f3c137bda4b6e8ffed077a25e96861feda11fa551f058721a274fc4605886b55ca626730a56b385a942b4129028dfc561d0b618d751524aad0a4ae27ef533e55d2e8e40a3ad2aaa7ba995375ace641e8e6ae3a
content-encoding: gzip
date: Mon, 30 Jan 2023 22:44:45 GMT
content-length: 68605
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
x-akamai-request-id: 5d50c45d
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/971960849/?random=1675118699386&cv=11&fst=1675118699386&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=GXZmCITJkIwCEJHku88D&hn=www.google.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&value=0&bttype=purchase&auid=1382898013.1675118699&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/971960849/?random=1675118699386&cv=11&fst=1675118699386&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=GXZmCITJkIwCEJHku88D&hn=www.google.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&value=0&bttype=purchase&auid=1382898013.1675118699&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/971960849/?random=1675118699386&cv=11&fst=1675118699386&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=GXZmCITJkIwCEJHku88D&hn=www.google.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&value=0&bttype=purchase&auid=1382898013.1675118699&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 22:44:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/971960849/?random=1675118699386&cv=11&fst=1675118699386&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=GXZmCITJkIwCEJHku88D&hn=www.google.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&value=0&bttype=purchase&auid=1382898013.1675118699&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: fJ9m8gmZLNrSYH9vUD8LQb5tHPKA8jau5s/rpo4JRxDxqTQHRiXd1lImFreWcisEMV+sD62URVDT9gS7Z+49vQ==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 22:44:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/971960849/?random=1675118699386&cv=11&fst=1675118699386&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=GXZmCITJkIwCEJHku88D&hn=www.google.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&value=0&bttype=purchase&auid=1382898013.1675118699&gcp=1&ct_cookie_present=1
200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/971960849/?random=1675118699386&cv=11&fst=1675118699386&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=GXZmCITJkIwCEJHku88D&hn=www.google.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&value=0&bttype=purchase&auid=1382898013.1675118699&gcp=1&ct_cookie_present=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/971960849/?random=1675118699386&cv=11&fst=1675118699386&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=GXZmCITJkIwCEJHku88D&hn=www.google.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&value=0&bttype=purchase&auid=1382898013.1675118699&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 22:44:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 22:59:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/971960849/?random=1675118699393&cv=11&fst=1675118699393&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&auid=1382898013.1675118699&rfmt=3&fmt=4
200 OK 870 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/971960849/?random=1675118699393&cv=11&fst=1675118699393&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&auid=1382898013.1675118699&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (1831), with no line terminators
Hash 72df49d9ac9e7ab2414677e2eb0cb34e
d6aa0ddc589da5dbeb92f67261b0144191b96dd5
8f85fcf0f713b082466104a28550f7add6d567c2867703db0a1f6f25696f0c4b
GET /pagead/viewthroughconversion/971960849/?random=1675118699393&cv=11&fst=1675118699393&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&auid=1382898013.1675118699&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 22:44:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 870
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 22:59:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6VTRLSCR4X&cid=2067686971.1675118700>m=2oe1p0&aip=1&z=1812569792
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6VTRLSCR4X&cid=2067686971.1675118700>m=2oe1p0&aip=1&z=1812569792
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6VTRLSCR4X&cid=2067686971.1675118700>m=2oe1p0&aip=1&z=1812569792 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 22:44:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/992293137/?random=1675118699378&cv=11&fst=1675118699378&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&auid=1382898013.1675118699&rfmt=3&fmt=4
200 OK 870 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/992293137/?random=1675118699378&cv=11&fst=1675118699378&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&auid=1382898013.1675118699&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (1831), with no line terminators
Hash 930ad004203636a7e43155ab2d522792
ccfdf65c8457ad6c00d8b6abeecc724c5d250103
84f3a206747ed383923b20d395d9ea5644aa421410fdcc5dd8ac56082ecd1ff8
GET /pagead/viewthroughconversion/992293137/?random=1675118699378&cv=11&fst=1675118699378&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tiba=Whiskey%20Whispers%20Your%20Name&auid=1382898013.1675118699&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 22:44:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 870
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 22:59:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3844
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Last-Modified: Mon, 30 Jan 2023 21:40:41 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1b05a0b3c19155ff38f58b7dd4606775
ef6a909125ff3c1e9ea077163a86df4028ff490e
b0708b95554274b9cf8bced7a8668069a39b99a5e216c11b6c277bb912dcecf7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 796
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Cookie: _ttp=2L47pi0untLpRN2AY9lekjgH173
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202301302244453D3A160C6BFD9D96739E
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60fa52c5d1c57f3b77a3dac2d549caf6cf1942d5e4cfbe29e2f50fe5a0b3c2b4a7660157b7cebc70c8ff3241254fbbd67d671a4175697697a4a2ac3123a85bdea0754ed407e2ba95558381e2f1f822f64b95c5c3445698ae8b56f911d607c81f94
x-origin-response-time: 38,23.194.131.85
x-akamai-request-id: 6d5b78ca.5d50c51c
expires: Mon, 30 Jan 2023 22:44:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Jan 2023 22:44:45 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-194-131-85.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=38, inner; dur=23
x-parent-response-time: 134,23.36.79.28
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 6061660d0c8c8a3292454cb1c819259e
54ac533237acc8ff7624f460b91d50657322bdcf
2d7e1e8fe3615783905c47576f05b5cd9189a3cc4e15996dbe66e4388dac190c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5475
Cache-Control: max-age=139270
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:45 GMT
Etag: "63d7b000-13a"
Expires: Wed, 01 Feb 2023 13:25:55 GMT
Last-Modified: Mon, 30 Jan 2023 11:54:40 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 780
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Cookie: _ttp=2L47pi0untLpRN2AY9lekjgH173
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202301302244459866883947E8ADAEA705
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60fa52c5d1c57f3b77a3dac2d549caf6cf6a77486b99e0e44481e9b133e191c9611723ca8849bcf916e4a2df5f985183d43c9b48471c99c001a07a806987b31f4798406b76264b685200b7000f3e6d40eb6ebddf65667032a54a68fdb52012225c
x-origin-response-time: 31,23.194.131.7
x-akamai-request-id: 8c2fe02d.5d50c542
expires: Mon, 30 Jan 2023 22:44:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Jan 2023 22:44:45 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-194-131-7.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=31, inner; dur=18
x-parent-response-time: 127,23.36.79.28
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1675118699476&id=t2_5eroavy6&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=3c211873-7f58-475d-86eb-0efa58ab93e4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1675118699476&id=t2_5eroavy6&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=3c211873-7f58-475d-86eb-0efa58ab93e4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1675118699476&id=t2_5eroavy6&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=3c211873-7f58-475d-86eb-0efa58ab93e4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Mon, 30 Jan 2023 22:44:45 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
fast-cdn.ffm.to/4fece43.modern.js
200 OK 4.8 kB URL HTTP/2 fast-cdn.ffm.to/4fece43.modern.js
IP
File type ASCII text, with very long lines (12316)
Hash d9658d705c679001f02a2273d499b18e
5a127367168869e98a3936e3b43f2811a4bf1dc7
55836a224c537917e7a58b9b8a2a314e68ec4b67cbad3f73127d4d673fa4c8cd
GET /4fece43.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Tue, 10 Jan 2023 10:07:47 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"304f-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JpgAJwYC2_XVEbFA2OwxShQnJFXARSucvRgIHFGG1nV5b9rj2ksthw==
age: 1773417
X-Firefox-Spdy: h2
orcd.co/whiskeywhispersyourname
200 OK 23 kB URL HTTP/2 orcd.co/whiskeywhispersyourname
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22168)
Hash 896cecc78bd6870d360943a6bb94d15b
1cf6c47b286ed4c83c939e1d4bdd5d4e22064f04
7f31f833381d11b10c2576fabedaa8b249e47be87d8e5e15e6e38e3486288825
GET /whiskeywhispersyourname HTTP/1.1
Host: orcd.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty/1.15.8.1
date: Mon, 30 Jan 2023 22:44:44 GMT
content-type: text/html; charset=utf-8
vary: User-Agent, Accept-Encoding
set-cookie: ffmId=0e28f11c-2045-4461-ab61-dadd5e2ed6c9; Max-Age=31557600
etag: "1ef24-xvKKHBvwnKofTlOFpcb2Khz+KpE"
accept-ranges: none
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4656
Expires: Tue, 31 Jan 2023 00:02:22 GMT
Date: Mon, 30 Jan 2023 22:44:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4656
Expires: Tue, 31 Jan 2023 00:02:22 GMT
Date: Mon, 30 Jan 2023 22:44:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefbec1f8-74c9-424a-88f1-a90a7ff35701.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefbec1f8-74c9-424a-88f1-a90a7ff35701.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac9e49e19b226b271d1a6f29d7159e64
df578148d224d67fb6e098da3eeb1d86c233cb73
1e065f356fe4ae535ec6fa40ddbad8a2ddad1fa1a053bedceb25c90fa3620ad4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefbec1f8-74c9-424a-88f1-a90a7ff35701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12154
x-amzn-requestid: 0ba17a3e-c78c-4634-8706-eedd20d8e3c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk303H-mIAMFelA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b8-1d7f813471bcbd3341f06e86;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3FK_njK19r3IK-kJpLm1VMHiXJrZnOvjrxDh5YPl9hY-F_2vZ5KNcA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:44:52 GMT
age: 3594
etag: "df578148d224d67fb6e098da3eeb1d86c233cb73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f9938c0cf6a0073ade7aa5fbe63ee
10b2c53728e16614bc96fbce22e98a135e8fdc16
25c6402614ad4f04d35ea2512b613a5c239609ce03886a22b1a89d62ddf344f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6660
x-amzn-requestid: d1b88b8f-d5c5-4da3-b93a-ade94338e746
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRa8DFMaIAMF2Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d071e6-1fa8a996195c9b3406399769;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:03:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Fv1ghBaLh1tZCjCKJYBmZmWVBAsxZCQ5XPZK6KEUXc-iH0Y5dSFVw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:05 GMT
age: 3401
etag: "10b2c53728e16614bc96fbce22e98a135e8fdc16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5beaead015b2b4fb6d36009926ba0378
67e7c49ea7648fc6d1dffc22588862c993b785b7
6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 0ce16b38-ae58-4cfc-9a7e-0cfd68c3114b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxH0pIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-4c58f0a54d3eb51357dc4bfc;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w8GlkEben5frqo5Zwm4oV9tUVoHhkhln-VmACCIrN0-ttz2_7bJcfg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:44:50 GMT
age: 3596
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 146cb1c622ae62d62090dcaf81709056
c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e
d1a2caf59c5bfb3fd66c804217c60705de91e5beebd006cffab1d712a5aef85b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8755
x-amzn-requestid: 18054ad3-92df-4a07-b7d1-643293ba4a5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1hDGZfoAMFsFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c6c-7aae5ef32459231c25465b1b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:05:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5GkQA5AcFOFc2Wn5rdaX7nH5F4wfy52vtlpbI8Qlai-jQE77inKzqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:50:53 GMT
age: 3233
etag: "c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZKuBcZgC6yolu1QcaXZKAIIDynG3Zywq1d7sWI8Jlq3ULwlr6XlhWQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 13:04:11 GMT
age: 34835
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T5CaUojMEG8x8vki59UdIhI8IbbBRY_7w3xgiW3RCZlHTyeHPLIy2Q==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:47:13 GMT
age: 3453
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=8bc13f39-f36e-49cc-aacf-884a3ed7de85&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=64ffedcf-fd98-460d-befd-14c4c091259d&tw_document_href=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=test1&type=javascript&version=2.3.29
200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=8bc13f39-f36e-49cc-aacf-884a3ed7de85&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=64ffedcf-fd98-460d-befd-14c4c091259d&tw_document_href=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=test1&type=javascript&version=2.3.29
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=8bc13f39-f36e-49cc-aacf-884a3ed7de85&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=64ffedcf-fd98-460d-befd-14c4c091259d&tw_document_href=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=test1&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:44:45 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=258ec323-ceac-410b-b3e2-b7a4090d18d1; Max-Age=63072000; Expires=Wed, 29 Jan 2025 22:44:46 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: f27ef1c4d452be3e
strict-transport-security: max-age=0
x-response-time: 104
x-connection-hash: c633370db67000486c9f6fa67c291b8cbd32a69b07705aca37ed2d2b90d5878e
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 6d2677a268c46fe7437bc9ba7f1933f0
c4c8338d86338480d15172e8691dc9b25c9c25bf
0709a1fe6bd9156d9e98f2c986bcb486031947ce2412744efd1e0ff52f7929d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2391
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:44:46 GMT
Last-Modified: Mon, 30 Jan 2023 22:04:56 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
region1.analytics.google.com/g/collect?v=2&tid=G-6VTRLSCR4X>m=2oe1p0&_p=1823212593&_gaz=1&cid=2067686971.1675118700&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675118699&sct=1&seg=0&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&dt=Whiskey%20Whispers%20Your%20Name&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-6VTRLSCR4X>m=2oe1p0&_p=1823212593&_gaz=1&cid=2067686971.1675118700&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675118699&sct=1&seg=0&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&dt=Whiskey%20Whispers%20Your%20Name&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6VTRLSCR4X>m=2oe1p0&_p=1823212593&_gaz=1&cid=2067686971.1675118700&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675118699&sct=1&seg=0&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&dt=Whiskey%20Whispers%20Your%20Name&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://orcd.co
date: Mon, 30 Jan 2023 22:44:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-6VTRLSCR4X&cid=2067686971.1675118700>m=2oe1p0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-6VTRLSCR4X&cid=2067686971.1675118700>m=2oe1p0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6VTRLSCR4X&cid=2067686971.1675118700>m=2oe1p0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://orcd.co
date: Mon, 30 Jan 2023 22:44:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=683127435041827&ev=DSP_Button_Click&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&rl=&if=false&ts=1675118700181&sw=1280&sh=1024&v=2.9.92&r=stable&ec=3&o=30&fbp=fb.1.1675118700173.818755732&it=1675118699909&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=683127435041827&ev=DSP_Button_Click&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&rl=&if=false&ts=1675118700181&sw=1280&sh=1024&v=2.9.92&r=stable&ec=3&o=30&fbp=fb.1.1675118700173.818755732&it=1675118699909&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=683127435041827&ev=DSP_Button_Click&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&rl=&if=false&ts=1675118700181&sw=1280&sh=1024&v=2.9.92&r=stable&ec=3&o=30&fbp=fb.1.1675118700173.818755732&it=1675118699909&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 22:44:46 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=683127435041827&ev=PageView&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&rl=&if=false&ts=1675118700174&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675118700173.818755732&it=1675118699909&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=683127435041827&ev=PageView&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&rl=&if=false&ts=1675118700174&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675118700173.818755732&it=1675118699909&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=683127435041827&ev=PageView&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&rl=&if=false&ts=1675118700174&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675118700173.818755732&it=1675118699909&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 22:44:46 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=683127435041827&ev=Outbound_Link_Click&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&rl=&if=false&ts=1675118700183&sw=1280&sh=1024&v=2.9.92&r=stable&ec=4&o=30&fbp=fb.1.1675118700173.818755732&it=1675118699909&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=683127435041827&ev=Outbound_Link_Click&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&rl=&if=false&ts=1675118700183&sw=1280&sh=1024&v=2.9.92&r=stable&ec=4&o=30&fbp=fb.1.1675118700173.818755732&it=1675118699909&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=683127435041827&ev=Outbound_Link_Click&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&rl=&if=false&ts=1675118700183&sw=1280&sh=1024&v=2.9.92&r=stable&ec=4&o=30&fbp=fb.1.1675118700173.818755732&it=1675118699909&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 22:44:46 GMT
X-Firefox-Spdy: h2
fast-cdn.ffm.to/464545f.modern.js
200 OK 5.3 kB URL HTTP/2 fast-cdn.ffm.to/464545f.modern.js
IP
File type Unicode text, UTF-8 text, with very long lines (13184), with NEL line terminators
Hash f58aa2a3b297f0c1af06ae59bed82bcc
c34504adef069183db1469d4d839842593b9d600
271710ef4a2f83124c5b23981cb6f9b92bdccbf63e5a440d027df99d9ec3bdee
GET /464545f.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Fri, 20 Jan 2023 04:13:58 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"1061-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eipL9MfafEsxStP9HQ1UiBXlULGdKB-3rvfNA-VSclXkSEUb5E1h7Q==
age: 930647
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8bc13f39-f36e-49cc-aacf-884a3ed7de85&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=64ffedcf-fd98-460d-befd-14c4c091259d&tw_document_href=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=test1&type=javascript&version=2.3.29
200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8bc13f39-f36e-49cc-aacf-884a3ed7de85&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=64ffedcf-fd98-460d-befd-14c4c091259d&tw_document_href=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=test1&type=javascript&version=2.3.29
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=8bc13f39-f36e-49cc-aacf-884a3ed7de85&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=64ffedcf-fd98-460d-befd-14c4c091259d&tw_document_href=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=test1&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:44:45 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_GfdZAhXKHRnn31mNJKKVbA=="; Max-Age=63072000; Expires=Wed, 29 Jan 2025 22:44:46 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 76711acfc3d0adc0
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: 99f765fd2c1eedac6f32358a550470b9bfa1a743ec119d6e7d87cc887728b0ff
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=683127435041827&ev=FeatureFM&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&rl=&if=false&ts=1675118700176&cd[action]=pageview&cd[tags]=%5B%22Country%22%5D&cd[artists]=%5B%22Karissa%20Ella%22%5D&cd[artist_id]=5ffcb9183000006cd630173d&cd[song_name]=&cd[album_name]=Whiskey%20Whispers%20Your%20Name%20-%20Single&sw=1280&sh=1024&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1675118700173.818755732&it=1675118699909&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=683127435041827&ev=FeatureFM&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&rl=&if=false&ts=1675118700176&cd[action]=pageview&cd[tags]=%5B%22Country%22%5D&cd[artists]=%5B%22Karissa%20Ella%22%5D&cd[artist_id]=5ffcb9183000006cd630173d&cd[song_name]=&cd[album_name]=Whiskey%20Whispers%20Your%20Name%20-%20Single&sw=1280&sh=1024&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1675118700173.818755732&it=1675118699909&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=683127435041827&ev=FeatureFM&dl=https%3A%2F%2Forcd.co%2Fwhiskeywhispersyourname&rl=&if=false&ts=1675118700176&cd[action]=pageview&cd[tags]=%5B%22Country%22%5D&cd[artists]=%5B%22Karissa%20Ella%22%5D&cd[artist_id]=5ffcb9183000006cd630173d&cd[song_name]=&cd[album_name]=Whiskey%20Whispers%20Your%20Name%20-%20Single&sw=1280&sh=1024&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1675118700173.818755732&it=1675118699909&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 22:44:46 GMT
X-Firefox-Spdy: h2
fast-cdn.ffm.to/4c4b4d2.modern.js
200 OK 0 B URL HTTP/2 fast-cdn.ffm.to/4c4b4d2.modern.js
IP
GET /4c4b4d2.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Tue, 10 Jan 2023 10:08:12 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"ed3-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P2bY2Yrl_HdYnGNDKrKRoiBMLYQlDdda8QxbC_b4q-hxArYSlxZQPw==
age: 1773392
X-Firefox-Spdy: h2
fast-cdn.ffm.to/668f598.modern.js
200 OK 0 B URL HTTP/2 fast-cdn.ffm.to/668f598.modern.js
IP
GET /668f598.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Tue, 24 Jan 2023 01:57:37 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"df57-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fffm3gZx8Xzd2aYhHD4HIhCtQYDVfFk7TNUFUln2I0h61tFBGTd5dw==
age: 593229
X-Firefox-Spdy: h2
fast-cdn.ffm.to/d30286c.modern.js
200 OK 0 B URL HTTP/2 fast-cdn.ffm.to/d30286c.modern.js
IP
GET /d30286c.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Fri, 20 Jan 2023 01:10:59 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"7c2d-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KDK1PzrVKd1xQxI1yEJ8o8UuZ7SLoRMCEcpvlLxC3hM072sbGFwf7w==
age: 941625
X-Firefox-Spdy: h2
fast-cdn.ffm.to/a631a70.modern.js
200 OK 0 B URL HTTP/2 fast-cdn.ffm.to/a631a70.modern.js
IP
GET /a631a70.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Mon, 16 Jan 2023 22:01:39 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"18bdc-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S71Te-z6rJsIIoYBk55wOThvvsT0LR2OFYU6IMbRTBo49kGtT3HAQA==
age: 1212185
X-Firefox-Spdy: h2
orcd.co/global.css
200 OK 0 B IP
GET /global.css HTTP/1.1
Host: orcd.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/whiskeywhispersyourname
Cookie: ffmId=0e28f11c-2045-4461-ab61-dadd5e2ed6c9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.15.8.1
date: Mon, 30 Jan 2023 22:44:44 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 10 Jan 2023 09:57:31 GMT
etag: W/"3f67-1859b1d0ef8"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
fast-cdn.ffm.to/850384c.modern.js
200 OK 0 B URL HTTP/2 fast-cdn.ffm.to/850384c.modern.js
IP
GET /850384c.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Wed, 11 Jan 2023 01:54:31 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"27df-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y_PTb57KD1R-Q_3AGDHj8pdrBicp1eQbKgpD89rbknLNJ0dl6jhz6g==
age: 1716614
X-Firefox-Spdy: h2
fast-cdn.ffm.to/53a9bc3.modern.js
200 OK 0 B URL HTTP/2 fast-cdn.ffm.to/53a9bc3.modern.js
IP
GET /53a9bc3.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Tue, 10 Jan 2023 10:08:12 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"668d-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qtmFKYpvLfxYr6BsziDu0l26TndVauXnBTM2KvIgl2XK2frTkQ6yLg==
age: 1773392
X-Firefox-Spdy: h2
fast-cdn.ffm.to/05ed5b9.modern.js
200 OK 0 B URL HTTP/2 fast-cdn.ffm.to/05ed5b9.modern.js
IP
GET /05ed5b9.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Mon, 23 Jan 2023 02:42:18 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"190c-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PvkiMF4Ny4OHJZytTS8_sWuGOBReK5LTLfNNmQARlPTEEhXPPFtZ6Q==
age: 676945
X-Firefox-Spdy: h2
fast-cdn.ffm.to/d5b411e.modern.js
200 OK 0 B URL HTTP/2 fast-cdn.ffm.to/d5b411e.modern.js
IP
GET /d5b411e.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Sun, 22 Jan 2023 20:28:25 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"518e-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4mjCbaPen3JMCqHen9OoKl9BiGfijaFOvq8ElJT9ONi0Uxky_WwCiQ==
age: 699379
X-Firefox-Spdy: h2
fast-cdn.ffm.to/a736d30.modern.js
200 OK 0 B URL HTTP/2 fast-cdn.ffm.to/a736d30.modern.js
IP
GET /a736d30.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Tue, 10 Jan 2023 10:07:58 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"20c70-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WF21CV7zTAzb4m8_P8MAifimHQ2zh-MoSoj7chMyT9h4OomUH_pO2w==
age: 1773406
X-Firefox-Spdy: h2
fast-cdn.ffm.to/68a8224.modern.js
200 OK 0 B URL HTTP/2 fast-cdn.ffm.to/68a8224.modern.js
IP
GET /68a8224.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orcd.co
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Tue, 10 Jan 2023 10:07:47 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"37e6c-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TuwAJiJeHG-S6yKktI2Fs2kiAZ61yl6ZZL8kty0UogMLcGvBDzZeqA==
age: 1773417
X-Firefox-Spdy: h2
orcd.co/orchard-icon.ico
200 OK 0 B IP
GET /orchard-icon.ico HTTP/1.1
Host: orcd.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/whiskeywhispersyourname
Cookie: ffmId=0e28f11c-2045-4461-ab61-dadd5e2ed6c9; _gcl_au=1.1.1382898013.1675118699; _rdt_uuid=1675118699475.3c211873-7f58-475d-86eb-0efa58ab93e4; _ga_6VTRLSCR4X=GS1.1.1675118699.1.0.1675118699.60.0.0; _ga=GA1.1.2067686971.1675118700
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.15.8.1
date: Mon, 30 Jan 2023 22:44:45 GMT
content-type: image/x-icon
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 10 Jan 2023 09:57:31 GMT
etag: W/"47e-1859b1d0ef8"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
fast-cdn.ffm.to/db8b58e.modern.js
200 OK 0 B URL HTTP/2 fast-cdn.ffm.to/db8b58e.modern.js
IP
GET /db8b58e.modern.js HTTP/1.1
Host: fast-cdn.ffm.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orcd.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: openresty/1.15.8.1
date: Sat, 14 Jan 2023 04:20:29 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 10 Jan 2023 10:00:23 GMT
etag: W/"1879-1859b1faed8"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: atK0aDycMmWPUyuqspsNC8zg3Yw-43uJCFhatwF5s-EqSLOw-o2vyQ==
age: 1448656
X-Firefox-Spdy: h2
35.165.192.112
151.101.244.157
23.36.76.226
31.13.72.36
93.184.220.29
0.0.0.0