Overview

URL dreamfestival.org/
IP160.153.136.3
ASNHost Europe GmbH
Location Netherlands
Report completed2022-09-28 07:49:23 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-28 2 dreamfestival.org/ Phishing
2022-09-28 2 dreamfestival.org/how-you-save-money Phishing
2022-09-28 2 dreamfestival.org/about-us Phishing
2022-09-28 2 dreamfestival.org/sw.js Phishing
2022-09-28 2 dreamfestival.org/online-games Phishing
2022-09-28 2 dreamfestival.org/ Phishing
2022-09-28 2 dreamfestival.org/ Phishing
2022-09-28 2 dreamfestival.org/faq Phishing
2022-09-28 2 dreamfestival.org/sw.js Phishing
2022-09-28 2 dreamfestival.org/car-show Phishing
2022-09-28 2 dreamfestival.org/dream-festival Phishing
2022-09-28 2 dreamfestival.org/dream-store-app Phishing
2022-09-28 2 dreamfestival.org/ Phishing
2022-09-28 2 dreamfestival.org/marketing-competition Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (26)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS player.vimeo.com (1) 1858 2013-09-26 03:16:08 UTC 2022-09-28 04:50:55 UTC 162.159.138.60
mnemonic passive DNS 152vod-adaptive.akamaized.net (8) 130668 2019-09-17 09:18:58 UTC 2022-09-27 11:38:16 UTC 23.36.76.136
mnemonic passive DNS d1ziqjnl68gola.cloudfront.net (10) 0 2022-09-16 12:09:12 UTC 2022-09-28 02:58:47 UTC 143.204.42.13 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-09-28 06:28:23 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 05:04:09 UTC 143.204.55.115
mnemonic passive DNS dreamfestival.org (16) 0 2021-02-03 06:46:08 UTC 2022-09-27 07:49:31 UTC 160.153.136.3 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-09-28 04:36:20 UTC 142.250.74.3
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 54.187.146.10
mnemonic passive DNS cart-checkout.secureserver.net (1) 166014 2021-06-23 07:02:06 UTC 2022-09-27 17:27:40 UTC 52.32.66.201
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-28 04:42:17 UTC 142.250.74.72
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-28 04:37:32 UTC 157.240.200.14
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.25
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-09-27 04:52:31 UTC 192.124.249.41
mnemonic passive DNS img1.wsimg.com (49) 9893 2012-06-20 14:42:31 UTC 2022-09-28 04:57:39 UTC 23.36.79.43
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-28 04:19:13 UTC 93.184.220.29
mnemonic passive DNS api.ola.godaddy.com (1) 125394 2018-03-05 12:47:14 UTC 2022-09-27 17:27:39 UTC 198.71.248.123
mnemonic passive DNS fresnel.vimeocdn.com (1) 3128 2014-12-13 09:04:00 UTC 2022-09-28 05:17:35 UTC 34.120.202.204
mnemonic passive DNS events.api.secureserver.net (1) 125179 2020-06-23 03:18:34 UTC 2022-09-28 04:41:48 UTC 104.84.152.186
mnemonic passive DNS ocsp.starfieldtech.com (1) 6616 2012-06-22 18:08:50 UTC 2022-09-28 05:03:20 UTC 192.124.249.22
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:06:48 UTC 23.36.77.32
mnemonic passive DNS img6.wsimg.com (2) 15438 2020-02-20 07:56:58 UTC 2022-09-28 04:41:47 UTC 23.36.79.43
mnemonic passive DNS f.vimeocdn.com (4) 3234 2014-04-09 18:24:34 UTC 2022-09-28 06:00:22 UTC 151.101.86.109
mnemonic passive DNS i.vimeocdn.com (2) 3126 2014-03-27 22:24:57 UTC 2022-09-28 06:00:21 UTC 151.101.86.109
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS cdn.reamaze.com (1) 24072 2017-01-30 08:41:45 UTC 2022-09-27 23:24:18 UTC 104.22.9.8


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 160.153.136.3

Date UQ / IDS / BL URL IP
2022-10-16 08:59:57 +0000
0 - 0 - 2 oseldesigns.com/ 160.153.136.3
2022-10-16 07:50:01 +0000
0 - 0 - 14 dreamfestival.org/ 160.153.136.3
2022-10-13 01:21:24 +0000
0 - 0 - 3 paramountsite.com/wp-content/old/old-inner/ne (...) 160.153.136.3
2022-10-12 17:21:12 +0000
0 - 0 - 4 ihaveaheart.org/download/invoice.zip 160.153.136.3
2022-10-12 12:30:49 +0000
0 - 0 - 3 ihaveaheart.org/download/invoice.zip 160.153.136.3

Last 5 reports on ASN: Host Europe GmbH

Date UQ / IDS / BL URL IP
2022-12-01 16:38:20 +0000
128 - 0 - 47 www.alvibes.com/usps/verification/ 160.153.131.199
2022-12-01 09:04:48 +0000
0 - 0 - 1 bikezambia.org/ 160.153.129.226
2022-11-30 12:13:38 +0000
0 - 0 - 1 thealtuns.com.tr/ 160.153.128.47
2022-11-30 12:13:12 +0000
0 - 0 - 1 thealtuns.com.tr/ 160.153.128.47
2022-11-30 09:41:28 +0000
9 - 0 - 14 wapspro.com/ 160.153.133.193

Last 5 reports on domain: dreamfestival.org

Date UQ / IDS / BL URL IP
2022-11-22 08:53:14 +0000
0 - 0 - 11 dreamfestival.org/ 13.248.243.5
2022-11-16 09:29:52 +0000
0 - 0 - 14 dreamfestival.org/ 76.223.105.230
2022-11-09 08:52:38 +0000
0 - 0 - 8 dreamfestival.org/ 76.223.105.230
2022-10-27 07:48:08 +0000
0 - 0 - 12 dreamfestival.org/ 13.248.243.5
2022-10-16 07:50:01 +0000
0 - 0 - 14 dreamfestival.org/ 160.153.136.3

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-22 08:53:14 +0000
0 - 0 - 11 dreamfestival.org/ 13.248.243.5
2022-11-16 09:29:52 +0000
0 - 0 - 14 dreamfestival.org/ 76.223.105.230
2022-11-09 08:52:38 +0000
0 - 0 - 8 dreamfestival.org/ 76.223.105.230
2022-10-27 07:48:08 +0000
0 - 0 - 12 dreamfestival.org/ 13.248.243.5
2022-10-16 07:50:01 +0000
0 - 0 - 14 dreamfestival.org/ 160.153.136.3


JavaScript

Executed Scripts (56)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (127)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 07:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EuNRy9V3M1Hj2Y0rLINvSTyhbUSNBBo58KeghSI_ymRmoi9suGddRw==
Age: 2013


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5943
Expires: Wed, 28 Sep 2022 09:28:15 GMT
Date: Wed, 28 Sep 2022 07:49:12 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LnLNEZ8_9BiQI0v9gyxHrBncylWprazZMJJ6jIgewKwz3DBujbJSSA==
age: 80699
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET / HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         160.153.136.3
HTTP/1.1 301 Moved Permanently
                                        
location: https://dreamfestival.org/
Vary: Accept-Encoding
Server: DPS/1.13.2
X-SiteId: 4000
Set-Cookie: dps_site_id=4000; path=/
ETag: 3988647d0125a0ad832acc3a3bc1f1d1
Date: Wed, 28 Sep 2022 07:49:12 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 07:49:12 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 07:49:13 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 21:36:35 GMT
Expires: Wed, 28 Sep 2022 21:36:35 GMT
ETag: "b85154dd6d12d160d066a816c6755ed1c8768f76"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    4a89698f93979d8347859229bba37f06
Sha1:   b85154dd6d12d160d066a816c6755ed1c8768f76
Sha256: 117b427396fbe13f612d0da3bca6e52e2fc6eb1d51f4a3648155fae5b96c3e64
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 07:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 08:18:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kK2vvr3HY2FVPHhX3F1ODpTLM-4uxdDRD6zLZFd9qv2ekR5cr3KiAQ==
Age: 1180


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 24640
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:30:54 GMT
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 24640, version 1.0\012- data
Size:   24640
Md5:    8ac76036c09e8683710a9c667bcab8de
Sha1:   f8612cc6b0f7725c46edd65eebfd6aec446af226
Sha256: a898fbcc821f5d54f3491713c04dcb3434ebdc77ef9e6011df1eeb86b9255b56
                                        
                                            GET /tcc/tcc_l.combined.1.0.6.min.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 302 Found
                                        
content-length: 0
location: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
cache-control: max-age=1800
expires: Wed, 28 Sep 2022 08:19:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 16664
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:49:00 GMT
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16664, version 1.0\012- data
Size:   16664
Md5:    247f3761e787cb917d84b6beb4826113
Sha1:   a8376faed88a229491b529573007fe65dd818e01
Sha256: 4df2558618d59bf36dcdafac03f2a3d4b6fed61a7381558bff35a1b81675114a
                                        
                                            GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:365,h:365,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 46
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://albanydentist.com.au/
access-control-request-method: GET
access-control-max-age: 864000
etag: 484315664
x-width: 365
x-height: 365
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   46
Md5:    9639421c88c869682fcd0f6e2ced9e8c
Sha1:   e9df9ad8d3b5e501e21f7c25d4806e5c5418e0d6
Sha256: cf29c206707eee5be29405df14018ecb8415048d6b02bb1b8d5fe45742cbc6e2
                                        
                                            GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:600,h:300,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 48
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://npccoin.io/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1252006860
x-width: 600
x-height: 300
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   48
Md5:    4ba7e4cd4e8240b13f2fbaa46d839086
Sha1:   5f5d7fe9d036b2773e686a8ba6ee6080b1358cfa
Sha256: d45bbd2f58cb3178433d9b4a002cf4bc445f26e5e2413d7457339cc45e40c6ca
                                        
                                            GET /ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 91698
x-version: 0.7.1+sha-f8fdc16
etag: "3947cc7865a2f348b434ec8595e21e02"
last-modified: Sat, 20 Aug 2022 00:16:24 GMT
x-amzn-trace-id: Root=1-630027d6-73a9e37f59b7ff1a4febc2b4
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (63425)
Size:   91698
Md5:    94d4c1b5fb73adb29f4ff85b2c2b1538
Sha1:   ddb343f510168190aad3e22c9979aa52226ab068
Sha256: 7134cd57429b969269ac21ad5621f7c90b94287cb09595f932630fbfeb7aaf40
                                        
                                            GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1240,h:620,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 72
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://karunanicolsyoga.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1456090515
x-width: 1240
x-height: 620
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   72
Md5:    b226e47e9840c067ad4d3550da1bd609
Sha1:   97868c5cb3b54783f2821a8a55fec6ed675b8421
Sha256: 77d9e7cc94c36294d83521de8e1df2aaa7afcf46d8aecd7935d16fd6103e3a17
                                        
                                            GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:388,h:194,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 46
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://parispartyrentals.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1416184843
x-width: 388
x-height: 194
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   46
Md5:    9e1a51caec448431afc865f81fe2ac54
Sha1:   29d4e030c450d4b9d0220d9f792547147ba1ec14
Sha256: 44336888428a2473c93fe0513b86d36568abb2108820740b5f7caa3dcec3774e
                                        
                                            GET /gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 22840
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:31:27 GMT
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22840, version 1.0\012- data
Size:   22840
Md5:    a02a7db3964dbc06013e1343042c2c75
Sha1:   9d69b2906f9c6bcda3197e3c0ba5542b1a57aab9
Sha256: b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
                                        
                                            GET /gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 8520
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:47:55 GMT
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 8520, version 1.0\012- data
Size:   8520
Md5:    ce1c0390731a3e14e25947beba4d7bc7
Sha1:   314391b4d88bf5d37826b2d8e15684ee24839151
Sha256: a23cdc6f17ebaf9a49d2bd7f3723cf8a185f0cdfa4065e83490c9769b643a587
                                        
                                            GET /gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 7920
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:59 GMT
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7920, version 1.0\012- data
Size:   7920
Md5:    797ad5f8d84a297ab16f9a9c983adfc2
Sha1:   af074543e3bbd78e086cefa983867e0936515c41
Sha256: e0037277509761be84d1c44b520649c2363df89e00568561ebf015cb3cedc91a
                                        
                                            GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:837,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 84
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://otvengeholding.no/
access-control-request-method: GET
access-control-max-age: 864000
etag: 508945408
x-width: 1254
x-height: 837
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   84
Md5:    006afc1eecd55443718c376245fb4b5f
Sha1:   a81310d0b374eb1063d7b4a9c2db741070068ab7
Sha256: 9bc3aafdc9f876afa5e7927d92257a1db71fb360d9758e963eaf118da49bf131
                                        
                                            GET /gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 7908
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:47:58 GMT
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7908, version 1.0\012- data
Size:   7908
Md5:    15d9bbcfbc1d668a43c85d156d23262b
Sha1:   c436963710c58453c4ae27e66c051e85c084cd49
Sha256: 6db83475c4b6e3bcd2df60ca7afcedabc5140c3b55c9a6bb0ca636c5b6438e5f
                                        
                                            GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:836,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 84
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://medi-flora.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 2002395724
x-width: 1254
x-height: 836
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   84
Md5:    ea669d0a28b700022fcb7457a5927c91
Sha1:   7dcea6bfea2da2048a8410e509406e6ae0f16e8d
Sha256: 177eab07a7af172e06bbea9a3df05ae6d3953a3f39c0d5e20cab39df26aa9a56
                                        
                                            GET /isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:125,h:125,cg:true,m/cr=w:125,h:125/qt=q:95 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 7034
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 138634133
x-width: 125
x-height: 125
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
edge-cache-tag: /isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:125,h:125,cg:true,m/cr=w:125,h:125/qt=q:95
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   7034
Md5:    cbfcb6c00122613fe9618ab0bc06ec2a
Sha1:   114d6e21d623e42a35d5ef6c5c9f443177e768c3
Sha256: bd6a67e8cc9f3ab4c053caa9e2c94b5c3ed1d95fbfe6332e2b32cd6f771ff59d
                                        
                                            GET /traffic-assets/js/tccl.min.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 302 Found
                                        
content-length: 0
location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
cache-control: max-age=1800
expires: Wed, 28 Sep 2022 08:19:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 07:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4232
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 07:49:13 GMT
Last-Modified: Wed, 28 Sep 2022 06:38:41 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/532356f793015be3/script.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 14720
x-version: 0.7.1+sha-f8fdc16
etag: "02dd630f1cc9398fa8c8e735dc349cea"
last-modified: Thu, 25 Aug 2022 19:09:01 GMT
x-amzn-trace-id: Root=1-6307c8cc-4f09330124390e22354f60cb
x-forwarded-port: 443
x-forwarded-for: 50.63.4.64
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (50909)
Size:   14720
Md5:    381c2e5e060f0537452db72e8bbe29e0
Sha1:   c6f0cc1f99aa5d3d0a5fbf4504a529f165748b81
Sha256: de714b7fe9e27644b6d5314b836a4543863eb84610b38c05aa8a927115ffa163
                                        
                                            GET /blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/1da07418202e940c/script.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 10195
x-version: 0.7.1+sha-f8fdc16
etag: "9292b7dc7a91c52a0eb18aa3c8a7907a"
last-modified: Thu, 25 Aug 2022 19:09:01 GMT
x-amzn-trace-id: Root=1-6307c8cc-4ff570e46bec6987156015e9
x-forwarded-port: 443
x-forwarded-for: 50.63.4.64
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15604)
Size:   10195
Md5:    5416c190c65e7bbf4fbf4d5175cc4b53
Sha1:   3a8e1485a40bd1f2b829a107820fa91745ea2dae
Sha256: 5174a1b30cdd098e97d16a5d48a1354fb552e6616338deafdce2dc3f1a3962bb
                                        
                                            GET /wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js HTTP/1.1 
Host: img6.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
accept-ranges: bytes
content-encoding: br
etag: "362d20193a8fed115f99b16a157b7fc4"
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 15
x-edgeconnect-origin-mex-latency: 135
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
x-amz-request-id: N5JSXGJTVEFZM8E9
x-amz-server-side-encryption: AES256
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-length: 11155
cache-control: max-age=31536000
date: Wed, 28 Sep 2022 07:49:13 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (45500)
Size:   11155
Md5:    1ac00b5d5abfa64175a140de3f29a8e2
Sha1:   c07c5611cfff3ec4c7034134e4148f177242908c
Sha256: 65198366099c4eea2ed8a4dbe30fbb7896435a3505c5265260715d3385058378
                                        
                                            GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1246,h:1128,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 310
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 2188000504
x-width: 1246
x-height: 1128
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   310
Md5:    1648c025ecef97d1d50ea521ba8451f7
Sha1:   47b1ed01d508083744e7a4b884907c443878cd74
Sha256: b52ac354827a6ced0253396c73d4d90a23156ac9b16b675c38e72fa4bdc465bf
                                        
                                            GET /gtag/js?id=G-BF2FDR6KMM HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
vary: Origin, Accept-Encoding
access-control-allow-origin: https://dreamfestival.org
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
date: Wed, 28 Sep 2022 07:49:13 GMT
expires: Wed, 28 Sep 2022 07:49:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74805
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17807)
Size:   74805
Md5:    75abed2b1e6a9c8add27693548510413
Sha1:   432a2a5cbcb4d1bfd1303190ef5b4d05111ec017
Sha256: c46157793cd70a275276e9514217b4419399341d03cf6b84677270c094b1b93f
                                        
                                            GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1294,h:810,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 296
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 3684691647
x-width: 1294
x-height: 810
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   296
Md5:    1cc9e1a01abab65dc9cac9b08d82663f
Sha1:   79e92dd6195feed734dd15eda1125b0f5d5c34df
Sha256: f7b83c6b942e988949490faa1c98e1e605d432d57cf4a4457b8f27630895d46b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 07:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /isteam/stock/103790/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:1160,h:774 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 181060
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1946494739
x-width: 1160
x-height: 774
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
edge-cache-tag: /isteam/stock/103790
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   181060
Md5:    be7b1332654b6b991208c71db96c1c8a
Sha1:   aa19f3150d980ce898c80ad8720d37f90f24c932
Sha256: ae052a3e53d44546e2fd04d193d747a41f8457c0c86ccbf75993119a06bf8a4d
                                        
                                            GET /traffic-assets/js/tccl-tti.min.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 302 Found
                                        
content-length: 0
location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
cache-control: max-age=1800
expires: Wed, 28 Sep 2022 08:19:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uKmXbKrCNc/UajljzcpWuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.187.146.10
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /B6/fQaWQmZ/QsUfueYwCSMaAjQ=

                                        
                                            GET /video/740479387?h=32a29ded65&autoplay=1&loop=1&autopause=0&muted=1&title=0&byline=0&portrait=0&controls=0 HTTP/1.1 
Host: player.vimeo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         162.159.138.60
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 28 Sep 2022 07:49:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Wed, 28 Sep 2022 07:59:13 GMT
x-host: player-74cdb576d6-2qmkr
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-4
x-backend-proxy: playproxy5
x-bapp-server: player-74cdb576d6-2qmkr
Age: 0
X-Served-By: cache-bma1645-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664351354.605253,VS0,VE299
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=fYFruMQeGqsiFH9H7cYmo3DOPMWE7gPsK0YQJKXdKtA-1664351353-0-AYV6PDaqe93JM01s5/cCQJ17/FKyKz9QLjozKz9wgfGvyvufQZr1MNk2EM1LJ6WODpZS67rJ/S3CDc+66SYw94E=; path=/; expires=Wed, 28-Sep-22 08:19:13 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 751ae197ef70b4e8-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14571)
Size:   4865
Md5:    5281b7126ac613d3a623a1925c5e3531
Sha1:   954071d48d56afbb1224da0b0377b3e9716b2195
Sha256: a5b11630168f397eaa51d3c180b83d9787f88eab9c23f8bc1000abf8a84fefc4
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-layout27-Theme-publish-Theme-426a6752.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4562
x-version: 0.7.1+sha-f8fdc16
etag: "44e335030da6dc3f098e688fdf6829bb"
last-modified: Tue, 01 Feb 2022 21:21:58 GMT
x-amzn-trace-id: Root=1-61f9a475-1478ed6f223e1f061bde1bf3
x-forwarded-port: 443
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16777)
Size:   4562
Md5:    d63329ea260c74b51c21180eb99adae7
Sha1:   162e672cc76f510dba865c985957b2b3044a9e36
Sha256: b6fe328b6e558265a5451ff68b42104fc106b99d42bc53589b8fb2c93e7f710d
                                        
                                            GET /blobby/go/static/radpack/@widget/MESSAGING/bs-Component-3fa47963.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3876
x-version: 0.7.1+sha-f8fdc16
etag: "e135455abac1e365c75acb29427be2bd"
last-modified: Wed, 30 Mar 2022 21:06:30 GMT
x-amzn-trace-id: Root=1-6244c654-23bec5f97d8cb44d046c9a3f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13449)
Size:   3876
Md5:    ef73a2ad26978dc129780e9fa8b56fbf
Sha1:   a27b1e38a9b0a8a64eadac394393b44c34514433
Sha256: 31a27befad2953d262687734a98ecef2a590a1871ac87e093360ef29735381d2
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-5f52e4cb.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 377
x-version: 0.7.1+sha-f8fdc16
etag: "4a37f23cb638c625fc8451584283e359"
last-modified: Mon, 08 Aug 2022 18:52:52 GMT
x-amzn-trace-id: Root=1-62f15b83-003dc2ab5af787e05b944251
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:13 GMT
date: Wed, 28 Sep 2022 07:49:13 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (516)
Size:   377
Md5:    be5e2df437d04bbce03ff30557c0aa95
Sha1:   8ca469e5c8909868faa643aaa2b5219408de5775
Sha256: 1aa251af840640b303d7ec6f283cd279a270f4e0e383bb20d00bcc261f8b0170
                                        
                                            GET /p/4.10.1/css/player.css HTTP/1.1 
Host: f.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.109
HTTP/2 200 OK
content-type: text/css
                                        
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Sep 2022 07:49:13 GMT
age: 648701
x-served-by: cache-iad-kjyo7100154-IAD, cache-bma1634-BMA
x-cache: HIT, HIT
x-cache-hits: 61, 3510
x-timer: S1664351354.991371,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20284
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65495)
Size:   20284
Md5:    674ea13d207a5c2820c92eb236796548
Sha1:   439a3a05f926e21e43ed043e47197aec6c02358f
Sha256: 99105d0c1f2a3eee4823bc2f2151f1747c3f7fa45df401596bc2273328abc22f
                                        
                                            GET /js_opt/modules/utils/vuid.min.js HTTP/1.1 
Host: f.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.86.109
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Sep 2022 07:49:14 GMT
age: 743514
x-served-by: cache-iad-kiad7000169-IAD, cache-bma1634-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3016
x-timer: S1664351354.003134,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1839)
Size:   997
Md5:    a726e1c270a0429ccce67d981a12ac33
Sha1:   7319cca36fa04ee8d74ea677a0bb5dd113649011
Sha256: 2601818bf89176145a614b0d50b1ef1cd95272a5bc6be5526d54c464f6172dbf
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-humanisticFilled-231afaba.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4754
x-version: 0.7.1+sha-f8fdc16
etag: "9f94046aea26739ac8888a6d3ed17e16"
last-modified: Thu, 14 Oct 2021 23:04:37 GMT
x-amzn-trace-id: Root=1-6168b784-518004aa22c71fe9760b296c
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12251)
Size:   4754
Md5:    073844563d47ee85e1c4cd973e49fb82
Sha1:   773fb31946c4b8b47eabaf2a0f16232707558b26
Sha256: 6c9f13042a7ab9ef9cde2b670910c4cf83d3c3f4ef0003ed12575ed6869c8c87
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-d15d4cb0.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 579
x-version: 0.7.1+sha-f8fdc16
etag: "f806faab29346709aa36f154927b3ac6"
last-modified: Thu, 14 Oct 2021 23:04:34 GMT
x-amzn-trace-id: Root=1-6168b781-363fae662be9e06319f5a063
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (829)
Size:   579
Md5:    a35fc2506c2f855bb96a61b6699268e7
Sha1:   b70a15c22c5bb0f41deba263468e5ffd462a2ec7
Sha256: 3957ccba82ae77c1f4b8241fdd2b10eb226d001b9280b5a928581c7e38cd3267
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-98b416a8.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 58295
x-version: 0.7.1+sha-f8fdc16
etag: "e0201f84421293da324b0057e86fe74a"
last-modified: Thu, 28 Jul 2022 19:30:36 GMT
x-amzn-trace-id: Root=1-62e2e3db-723b36273c4dfffd08f32895
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   58295
Md5:    30e057d7f362544072a7e35362837c34
Sha1:   077e2d7cc1698cb80211ed8546c93d1aa9000dbc
Sha256: 1de499780b54db25dfd9fc1d77202d511a5175ea63c8aa17037cb5556750ad22
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-minimalSocialIconPack-367b65a4.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 6724
x-version: 0.7.1+sha-f8fdc16
etag: "5fd30bb38eba06e3522ae28610ac8c74"
last-modified: Thu, 14 Oct 2021 23:04:38 GMT
x-amzn-trace-id: Root=1-6168b785-0155fcbf6cbeb78d408f219e
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19615)
Size:   6724
Md5:    4ce2ee26b7bfd92534ac48544ac05330
Sha1:   76ac71090fcbe1f2192fab56a5a312c2ea4b7f72
Sha256: b7faa0c6048431108b5c1ec65a3cb7c674e3618f16fbd0c39318307a3137ad41
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 335
x-version: 0.7.1+sha-f8fdc16
etag: "21ad22788e6caa18a4e9e57f7372b108"
last-modified: Mon, 13 Dec 2021 22:59:02 GMT
x-amzn-trace-id: Root=1-61b7d035-018188ae176241301ebce646
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (383)
Size:   335
Md5:    21f75a3937961a662b8d8879193c440c
Sha1:   4b1ed44a75627896d16fa62b335c445470b014a7
Sha256: 84559c119581a7d097957055082a3d95fb9af3043cd3237f27756d3332eeba76
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-8d1eb835.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 324
x-version: 0.7.1+sha-f8fdc16
etag: "ec47357ab58887161e840b985bc1cc3f"
last-modified: Fri, 30 Apr 2021 14:43:26 GMT
x-amzn-trace-id: Root=1-608c178d-0826f8bc5e97bb3f00eba013
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (367)
Size:   324
Md5:    782912a843de912c919a44d1df9da02c
Sha1:   de61b203330dc65b194cb1713147dafac47ecef4
Sha256: 11d76cdfc038467e7e856419d8e7367eb40a2af1c518c17c724b9120786a79e5
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/traffic2-f4096148.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 430
x-version: 0.7.1+sha-f8fdc16
etag: "56b37779e560b1f33dae335fcdf417e5"
last-modified: Tue, 01 Dec 2020 17:54:55 GMT
x-amzn-trace-id: Root=1-5fc6836e-274d6c4c70fec5b058af7bae
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (651)
Size:   430
Md5:    2bd483e0e1dbe2726d090c9581c8ca85
Sha1:   95fa1b87ddf4027b4223b06e86932d788aba2636
Sha256: 205d0e1c2faf95cb7b22234abcad7abae243b799ea1d790288ddfee6e46a6ad9
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/badge-a479b038.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 367
x-version: 0.7.1+sha-f8fdc16
etag: "8857679c4bd7c2c9238416f452bed34f"
last-modified: Wed, 21 Oct 2020 02:55:22 GMT
x-amzn-trace-id: Root=1-5f8fa319-4467925d4bc512bd5d8610c2
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   367
Md5:    a5c6e41c09faadb3c1c61691d2095174
Sha1:   aad16c94df292aa072454c6fdc55e1774153229b
Sha256: cb15a1744276298a8303612901f1b85d9d773663c5c591cb128b98e2bb25166f
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-d4bbd8a7.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 7054
x-version: 0.7.1+sha-f8fdc16
etag: "e579cd3f9ea8e112675b529fc85417c3"
last-modified: Tue, 26 Jul 2022 18:34:15 GMT
x-amzn-trace-id: Root=1-62e033a6-2a4cf0c1004db6f253765cdc
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19989)
Size:   7054
Md5:    61db91671b34870b2a22649bae7a75e5
Sha1:   e2394e915aeb66badba97fa50307e74ad5769daa
Sha256: 4ffb98b3cecca59fc757b51e44016322380bd6bc56c37cb350a54bee6e5894dc
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-fad18f03.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 640
x-version: 0.7.1+sha-f8fdc16
etag: "54f17c61775c71ad74e89f6ca7d47649"
last-modified: Fri, 10 Dec 2021 22:26:46 GMT
x-amzn-trace-id: Root=1-61b3d425-4196caee6b9445880f09a33c
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1206)
Size:   640
Md5:    d8559c34c802e249732729dc2e3e4d67
Sha1:   8b350b4fddfbf8a93bf924693b74da1461c18d38
Sha256: 16cb67f04c24caa52d02cbf94e9e97080262edba721871e3e2a5482c54392dcd
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 626
x-version: 0.7.1+sha-f8fdc16
etag: "edc15ad5daac3cfa744bffdb1e0174be"
last-modified: Mon, 13 Dec 2021 22:59:00 GMT
x-amzn-trace-id: Root=1-61b7d033-2da3a4b6382be71e0d8c5ecb
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1824)
Size:   626
Md5:    11370164b73124ea595098d2ecbe6d0b
Sha1:   bcc349130116ef2aee6ed77984b7726b43af8576
Sha256: d2a8fc6601e5e3b7c457e6c56f225547618fb5b454ba5dd37082cfa67ab4453e
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-5a810c82.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 713
x-version: 0.7.1+sha-f8fdc16
etag: "da82f14f261b7847fc0bc55dac30a9b3"
last-modified: Mon, 13 Dec 2021 22:59:04 GMT
x-amzn-trace-id: Root=1-61b7d037-31e2e89a06b12bc27efaa2ca
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1352)
Size:   713
Md5:    bd42473bb0a3a779c914acfc4f145dc8
Sha1:   6387121e6d129824962b8eceb8d87164860129fe
Sha256: e75a09ece643bd3d554ff8f6aa8939a64e48da7f355be43760ea7149bf4b9049
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 191
x-version: 0.7.1+sha-f8fdc16
etag: "8f12765eb30fbdcfcdc116d13f7fc272"
last-modified: Thu, 28 Jul 2022 17:59:29 GMT
x-amzn-trace-id: Root=1-62e2ce80-4ef8fc4a33c151912970138f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   191
Md5:    cec9b0814a648933ea94f34556da96ab
Sha1:   b1633975363116ff254ad319b033a1022d483922
Sha256: cb8d0e2233b2d495612d7644089dec2bcb7b3d02d7ccb775df3b8ca4a995a9f8
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 244
x-version: 0.7.1+sha-f8fdc16
etag: "daa79ad7558674f6a12d962abf47f2f6"
last-modified: Thu, 14 Oct 2021 23:04:37 GMT
x-amzn-trace-id: Root=1-6168b784-1438c006715eea557e6c9f7f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   244
Md5:    835256b0b1680833155abf0f7420cca2
Sha1:   1d7eca7af4c7fdc66cfe34c1796ce7c3376d21b3
Sha256: b876ca1181efb3e0c9eac5384578fe015bc322c2a5407f4a86826374c86e4187
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-758665cc.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 518
x-version: 0.7.1+sha-f8fdc16
etag: "894d1fecf13beb6804e454d74bab4fc5"
last-modified: Thu, 20 May 2021 16:49:33 GMT
x-amzn-trace-id: Root=1-60a6931c-2dfc069918f926cb337de793
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (905)
Size:   518
Md5:    45e169dc10f78234504ee292d5fbc13c
Sha1:   6ce99366de7d5a6aa2d72870696c10dec16d56e9
Sha256: b4bf979d5e9ca93f7c5e1736d1c90d0662d37a6c360c7e30ed0f06e65b080694
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-3d5a31a2.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 212
x-version: 0.7.1+sha-f8fdc16
etag: "889d83416d141ae9c1e8e3eb5c4f68c0"
last-modified: Wed, 24 Feb 2021 19:34:55 GMT
x-amzn-trace-id: Root=1-6036aa5e-4e3aabaf2f33643a300f2279
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   212
Md5:    83df0b1b683dfb124c68705dfc76fcee
Sha1:   5cc0c7157c31f32d14cb1b4b1da6b1a824c2d112
Sha256: 7a4f6de8c05928fa839dd4bca96e2c2088c92d942f1a9f285832edea5580ef48
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-92db7618.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 376
x-version: 0.7.1+sha-f8fdc16
etag: "95e155e942e2f3d810d854bd7baf8f04"
last-modified: Wed, 24 Feb 2021 19:34:54 GMT
x-amzn-trace-id: Root=1-6036aa5d-248bcb407aeca8241d304317
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (501)
Size:   376
Md5:    59ae8ad50c2d5a071cf77710bd85bfdf
Sha1:   2ee00b76c41a0d13f258d9dc44484fbe0a3b8524
Sha256: f439a3d1fc52de6c8049f20077eba81e70489d73bd117253d6e06755fb368aff
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-112e3bdc.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 255
x-version: 0.7.1+sha-f8fdc16
etag: "11ccc819361ff3f58653d84601c90234"
last-modified: Tue, 09 Mar 2021 21:39:32 GMT
x-amzn-trace-id: Root=1-6047eb13-42a9ed893514533d651f3c03
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   255
Md5:    c193577695c55a6d01f99c001d244ae9
Sha1:   f5bfc578e3b68fa149e0ec505036883dde2e2182
Sha256: 5960984c09db3ab6275b0c5f58fbaa9423d07e95b248630115506387428f03f8
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-ComponentGoPay-2d231fbf.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 1273
x-version: 0.7.1+sha-f8fdc16
etag: "deb327250b64a5b6e86bfd1145426c41"
last-modified: Thu, 14 Oct 2021 23:04:35 GMT
x-amzn-trace-id: Root=1-6168b782-0884d226182e4e7712e6b97a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3167)
Size:   1273
Md5:    3e167001b87901b72326b74427a8f2c6
Sha1:   6e6fde1728bea3a9cf00695ac9f386910ac72958
Sha256: 57904b9b0bc40ea5d73f237c39c459a5ccb5f359af44c141819c2c3ff03ed982
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-266b929e.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 1272
x-version: 0.7.1+sha-f8fdc16
etag: "d2f3f3bb13567c7c3ba8c50de05a8272"
last-modified: Mon, 13 Dec 2021 22:59:00 GMT
x-amzn-trace-id: Root=1-61b7d033-2b00d29f0bf8ee864a58d40c
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3283)
Size:   1272
Md5:    15588eb49730af3f92b29fa295d0a216
Sha1:   eb61fae6f935f037beebca9f2557ce05a32212b6
Sha256: acce03ab4359514251cfe658c86746d82f01160cf1fb6d779a264410fa8d5e7c
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-c879a9d1.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 891
x-version: 0.7.1+sha-f8fdc16
etag: "db9b98d640eba155278db0bbaa83050d"
last-modified: Tue, 08 Mar 2022 16:16:57 GMT
x-amzn-trace-id: Root=1-62278178-78898aaa78d117a566634235
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1875)
Size:   891
Md5:    44a9beb87d40f6145cb908a9b1c71c00
Sha1:   a6f805ddcc53b7cb5ab774de344c30c41d4d5ce0
Sha256: aaad2d68eb5062983443ff7a7d607dff5035cfd75a719742d2a0d95af37b89e0
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-ComponentPropTypes-13af9972.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 1506
x-version: 0.7.1+sha-f8fdc16
etag: "04d11575d4b0b90e2b216173bae444a8"
last-modified: Mon, 13 Dec 2021 22:59:03 GMT
x-amzn-trace-id: Root=1-61b7d036-4f8963fa6da48e2155141249
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4534)
Size:   1506
Md5:    93c5eeb39031dd17b5fab7087d743e8b
Sha1:   f11187fa120996e2b7d92f7250bde289b966b56e
Sha256: f1e7878115f0027f044053e779e3a16bc163b9176147386ace46ae9b8b7eb54d
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-bde2cb32.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 1020
x-version: 0.7.1+sha-f8fdc16
etag: "70bc240b39fd393f6e3003cc69e4fe73"
last-modified: Fri, 29 Jul 2022 16:58:40 GMT
x-amzn-trace-id: Root=1-62e411bf-092c235955a8dd6b4bde9a5a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2368)
Size:   1020
Md5:    f781ac203e2b685fc34dff85b2e11b50
Sha1:   43f27a48b1b29ea644e6a4da46aca1dc0c4cd794
Sha256: fac7178c58b529a9e5f2af5ce88aeb912245e1f39fa39a877116cbf75da0ff2f
                                        
                                            GET /wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js HTTP/1.1 
Host: img6.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
accept-ranges: bytes
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
last-modified: Mon, 17 Jan 2022 17:21:37 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 8
x-edgeconnect-origin-mex-latency: 357
x-amz-id-2: nldPfdb2FYbpxPRfMYRSd83AOL7ZmlBdZQSm5hguJELKdfn8+sza0oLEpTYjiKd2JeD3gDplFHw=
x-amz-request-id: RJ3J3PMANG6125DE
x-amz-server-side-encryption: AES256
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-length: 7498
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Wed, 28 Sep 2022 07:49:14 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24676)
Size:   7498
Md5:    b8a5a228a358454084c34dd1cf431c61
Sha1:   37aa5fe6e083b8147156ca66a1993a7bd74e8a61
Sha256: 06fae5ccf58a27a8e2ae6a0e7722f42db507c1873751f587cddd090810d94492
                                        
                                            GET /video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d HTTP/1.1 
Host: i.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.86.109
HTTP/2 200 OK
content-type: image/avif
                                        
etag: 833869bbcbed271326a98075cca27dac
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-pcns
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Wed, 28 Sep 2022 07:49:14 GMT
age: 600122
x-served-by: cache-dfw-kdfw8210100-DFW, cache-bma1634-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664351354.220281,VS0,VE1
vary: Accept
content-length: 53463
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, AVIF Image\012- data
Size:   53463
Md5:    833869bbcbed271326a98075cca27dac
Sha1:   576ea0a40b6123beb4331a0c13321ed8ba151ea2
Sha256: eb175b3925e3a2957a24350c2ea17306676df157335787031b5d6a6fff1e736a
                                        
                                            GET /video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d?mw=600&mh=600 HTTP/1.1 
Host: i.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.86.109
HTTP/2 200 OK
content-type: image/avif
                                        
etag: 140be940791c15d6efe44ace8a07b819
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-bk2n
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Wed, 28 Sep 2022 07:49:14 GMT
age: 2328415
x-served-by: cache-dfw-kdfw8210038-DFW, cache-bma1634-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664351354.268075,VS0,VE1
vary: Accept
content-length: 27142
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, AVIF Image\012- data
Size:   27142
Md5:    140be940791c15d6efe44ace8a07b819
Sha1:   a37c41b20a97f32dc55b5a311f2613fb373e155a
Sha256: 79b2bf3e86de199d5cf926a29287cf171ca6a65985c9d50b776a88ec044ba7f5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2627
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 07:49:14 GMT
Last-Modified: Wed, 28 Sep 2022 07:05:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:180,h:180,m HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 9588
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 3894661116
x-width: 180
x-height: 180
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 28 Sep 2023 07:49:14 GMT
date: Wed, 28 Sep 2022 07:49:14 GMT
edge-cache-tag: /isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:180,h:180,m
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   9588
Md5:    071d7185793bfb633ebd1d48ec5a8dee
Sha1:   ad64b355eec103a787e2651021ba5ddae90e6ca8
Sha256: 67ee2be03fea9234a0b03f747598539c43e82c93eb1d80d8f32a8cee6a18e62c
                                        
                                            GET /p/4.10.1/js/module/sentry.js HTTP/1.1 
Host: f.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.86.109
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Sep 2022 07:49:14 GMT
age: 648700
x-served-by: cache-iad-kiad7000124-IAD, cache-bma1634-BMA
x-cache: HIT, HIT
x-cache-hits: 43, 490
x-timer: S1664351354.313834,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
content-length: 18774
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (50848)
Size:   18774
Md5:    012ac958edf8f2e92c2f76db40d37e75
Sha1:   44565591d569c2578e26708514d1b7837d14ac68
Sha256: b0fba5c93c6c156971ec9af04d6c6e011f4a028d351d68cf16b19d425e6a7f35
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: g8cNm4Llp7mDurzylrRl+L1rmD4kmrkYye9vOfsZKMyC8UfmxqqErGHX6QI9kg+FJroMe/94zjpSGnvQqUPnZA==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Wed, 28 Sep 2022 07:49:14 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26840
Md5:    e1327a02d76346c7e23d114e4e508b30
Sha1:   195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
Sha256: 331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2627
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 07:49:14 GMT
Last-Modified: Wed, 28 Sep 2022 07:05:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 07:49:14 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 22:51:28 GMT
Expires: Wed, 28 Sep 2022 22:51:28 GMT
ETag: "dba467279e9e4d76bf23848771994889d23b0e89"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    268c5e984d462fa5e3a029b098ffcbdd
Sha1:   dba467279e9e4d76bf23848771994889d23b0e89
Sha256: 72c9d2aea5fa22d0de22e13ae97ce1846328a6e2caed3a78e74f7d46df09c3d0
                                        
                                            POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 07:49:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /accounts/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/config?fields[]=cart HTTP/1.1 
Host: api.ola.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Origin: https://dreamfestival.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         198.71.248.123
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 28 Sep 2022 07:49:14 GMT
access-control-allow-origin: https://dreamfestival.org
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers:
access-control-max-age: 1728000
access-control-allow-credentials: true
etag: W/"f994dc730afcd7847410c04a263025af"
cache-control: max-age=0, private, must-revalidate
x-request-id: 1ed83ef9f835206421ae07a7331939f5
x-runtime: 0.018316
vary: Accept-Encoding, Origin
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20203
Md5:    a4ee4ce28de4b88b17f8f8c4d1212e35
Sha1:   23a935c762b42ed169ecb622e3e292cd772ef544
Sha256: 9f7ce9ffd0a0f75c5b20e39580383d33f062758b32a307250e7c6848222bc60b
                                        
                                            GET /exp=1664355253~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=e7ffcea082f7d5817e9736bac21ab3b86dca0873994bf1c5836d7fd4a1c5428d/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/video/5a47ab70,dcf74872,70366016,66d1d3c3,251efe5d/audio/9e845806,1c364d6f,3c4bdfd7/master.json?query_string_ranges=1&base64_init=1 HTTP/1.1 
Host: 152vod-adaptive.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.136
HTTP/1.1 200 OK
Content-Type: application/json
                                        
origin-retrieved-hour: 1660870800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Content-Encoding: gzip
Content-Length: 3807
Aka-c-hit: cache-hit
Cache-Control: max-age=31536000
Date: Wed, 28 Sep 2022 07:49:14 GMT
Connection: keep-alive
Vary: Accept-Encoding
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.844c2417.1664351354.c161c5
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (16499)
Size:   3807
Md5:    713dfc2e1e8a660c3f98e17a3748b03b
Sha1:   b7915bd85a8da8394ad24f9fbe2de1e02042892e
Sha256: 96cd4e158aed4507722cab9246ac1090b72d921f2b8b218400bf0ce8082646ba
                                        
                                            GET /how-you-save-money HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 5245d1cebfe470d6e61a2472ffd67b44
date: Wed, 28 Sep 2022 07:49:14 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (34423)
Size:   18260
Md5:    cc840f404f49f816c2e1f084b84f9028
Sha1:   ec5026c34f3539b3437c9100433a305e1c8ea221
Sha256: 63153e00303652015b7157572c497e2ff1f1fe47c2eac7c2d9938755e401655d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /add/player-stats?beacon=1&session-id=5f2284edb513881b6730d0bac4ffd7ebb749554b1664351353 HTTP/1.1 
Host: fresnel.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1458
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.202.204
HTTP/2 200 OK
                                        
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Wed, 28 Sep 2022 07:49:15 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 07:49:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /t/1/tl/event?cts=1664351352089&dh=dreamfestival.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=1172435186&cv=2.0.0&z=641918159&vg=2ae2821d-afc9-57cd-b855-687d25daa9ad&vtg=2ae2821d-afc9-57cd-b855-687d25daa9ad&dp=%2F&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22aa1fb9b2-896f-4ef9-be21-3bae706e78f6%22%2C%22pd%22%3A%222022-08-25T19%3A08%3A58.275Z%22%2C%22meta.numWidgets%22%3A21%2C%22meta.theme%22%3A%22layout27%22%2C%22meta.headerMediaType%22%3A%22Video%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Atrue%2C%22meta.isMembership%22%3Atrue%7D&hit_id=4f98aa5f-3506-53d1-acc9-51d1e877e183&ht=perf&tce=1664351350783&tcs=1664351350615&tdc=1664351352072&tdclee=1664351351390&tdcles=1664351351383&tdi=1664351351364&tdl=1664351350856&tdle=1664351350614&tdls=1664351350613&tfs=1664351350612&tns=1664351350127&trqs=1664351350783&tre=1664351350876&trps=1664351350846&tles=1664351352072&tlee=0&nt=navigate&nav_type=hard HTTP/1.1 
Host: events.api.secureserver.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.84.152.186
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
access-control-allow-origin: https://dreamfestival.org
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Wed, 28 Sep 2022 07:49:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /p/4.10.1/js/player.js HTTP/1.1 
Host: f.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.86.109
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Sep 2022 07:49:14 GMT
age: 648701
x-served-by: cache-iad-kcgs7200127-IAD, cache-bma1634-BMA
x-cache: HIT, HIT
x-cache-hits: 52, 2688
x-timer: S1664351354.002851,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
content-length: 212091
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4245
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 07:49:15 GMT
Connection: keep-alive

                                        
                                            GET /about-us HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 82151246535e029a090b9821f9184dd3
date: Wed, 28 Sep 2022 07:49:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25191
Md5:    c96ef213e2bace2c016b4f4c7b276f98
Sha1:   77783612cc09834a00057f4eb95257d06fa2ae51
Sha256: 63cf7e3f8e19286c9997f1b9db585e940f2ea39ffd7956e49758f383bf7f3ade

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4245
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 07:49:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4245
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 07:49:15 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TlEcmqE03c_aVOwGbXRCTsU5MOTiUF4C93U3zcIVqzg6NCGJJGup7A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:10 GMT
age: 34805
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6721
Md5:    c4a66beda24621e812a929933c52025d
Sha1:   e951f6b11e473b68d2fdd95b822cef120d37b1eb
Sha256: 28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6
                                        
                                            GET /exp=1664355253~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=e7ffcea082f7d5817e9736bac21ab3b86dca0873994bf1c5836d7fd4a1c5428d/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/audio/66d1d3c3/chop/segment-1.m4s?r=dXM%3D HTTP/1.1 
Host: 152vod-adaptive.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.136
HTTP/1.1 200 OK
Content-Type: video/mp4
                                        
Content-Length: 96783
ETag: 04046ffd7138c89629f8cdb1543ef6c4
using-starlord: true
origin-retrieved-hour: 1660770000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31536000
Date: Wed, 28 Sep 2022 07:49:15 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.844c2417.1664351355.c161e5
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  data
Size:   96783
Md5:    82d6d9ace0a02b537d568f0f54942048
Sha1:   f607c5b9b222c34a84f55c3a906e992a1f7c8edb
Sha256: 7c28152f1da3f808588bf5ff476db4b7ef67d34cf262eabffcd10243b066ff9b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F838bed0c-c665-42d6-8c20-1decd709953c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9314
x-amzn-requestid: 0639452b-7f17-4513-aeb1-20b465ed3e93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HzCIAMF-vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-52afa1da17c4557c5e8c3564;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4mjt2-5F0Chu1G7jShI6rXfTuBMd6JOYxFMtla-EgL7i82SThJnp5w==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:38:41 GMT
age: 36634
etag: "60c873f097c85376797fed366804119f7e9c445e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9314
Md5:    3c58fdf09a7d552be0c8666522a29de7
Sha1:   60c873f097c85376797fed366804119f7e9c445e
Sha256: 24569f084d3fd428526503bde8b3da64152911934cd5e0e9140c06d954e4bcd9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14e2acf-9d43-48bc-ab80-1dc73fa7dfc8.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5377
x-amzn-requestid: 28ddd5cd-c299-4b36-98be-b6dbeaadc1ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI4KRGo7oAMFUiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d74-27ebe6e974ee5b7d06227fca;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _yH8kTWHHDU-LcnNz0fjoHkPhf6dRP7p7QydoE3DNu4fJhDpEkxPrg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:17 GMT
age: 35938
etag: "2afdfb716192540a61327137706462c53588bf23"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5377
Md5:    c301dff6ddda16fd64692c19173cfa8c
Sha1:   2afdfb716192540a61327137706462c53588bf23
Sha256: fd0f33a778fec87dbfa323ffa6b24ca5f94aa16d102e62683ad54b759208058b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 36132
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8500
Md5:    6139c878a7d2bd32c61fc8287996eb5b
Sha1:   9c4692ea64832895fbd107d91f879728b6a440c7
Sha256: 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 36506
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11314
Md5:    ee83d08d024d127fad5918e1ffacb78b
Sha1:   8ad289a77705358ab660b6123e9d90de991b6c13
Sha256: aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:24:38 GMT
age: 1477
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6157
Md5:    b255b252ceed088d6f505e7e9acfcb55
Sha1:   a6b1c3e0d506ac1c66405e061e9910fafb176a7d
Sha256: b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7
                                        
                                            GET /exp=1664355253~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=e7ffcea082f7d5817e9736bac21ab3b86dca0873994bf1c5836d7fd4a1c5428d/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/70366016.mp4?r=dXM%3D&range=912-239530 HTTP/1.1 
Host: 152vod-adaptive.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.136
HTTP/1.1 200 OK
Content-Type: video/mp4
                                        
Accept-Ranges: bytes
Content-Length: 238619
Last-Modified: Wed, 17 Aug 2022 18:49:05 GMT
Server: parcel
origin-retrieved-hour: 1660759200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31536000
Expires: Thu, 28 Sep 2023 07:49:15 GMT
Date: Wed, 28 Sep 2022 07:49:15 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.844c2417.1664351355.c1620b
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:c1620b~time:1664351355~ghostforwardip:2.21.242.219~edgecache:cache-miss~rtt:1~region:NO-; path=/; domain=.akamaized.net;


--- Additional Info ---
Magic:  data
Size:   238619
Md5:    604ef9e9393769ecacf0281b8521fd72
Sha1:   fcea7aa1e6e1e3ff38446f6338d7eaf20f3e81b5
Sha256: 3effa24d63ffa16e9bb0d738210fdca21ae98ebdc174a4b3454dd3f0fccd6dd1
                                        
                                            GET /exp=1664355253~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=e7ffcea082f7d5817e9736bac21ab3b86dca0873994bf1c5836d7fd4a1c5428d/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=790-144146 HTTP/1.1 
Host: 152vod-adaptive.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.136
HTTP/1.1 200 OK
Content-Type: video/mp4
                                        
Accept-Ranges: bytes
Content-Length: 143357
Last-Modified: Wed, 17 Aug 2022 18:48:56 GMT
Server: parcel
origin-retrieved-hour: 1660770000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31535949
Expires: Thu, 28 Sep 2023 07:48:24 GMT
Date: Wed, 28 Sep 2022 07:49:15 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.844c2417.1664351355.c1622a
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:c1622a~time:1664351355~ghostforwardip:2.21.242.219~edgecache:cache-miss~rtt:0~region:NO-; path=/; domain=.akamaized.net;


--- Additional Info ---
Magic:  data
Size:   143357
Md5:    172c580f1e70c83faf31fb7c439f3a15
Sha1:   04f677e204cc8ac39229f373312d359ee1457a47
Sha256: f8b8d548a8f93f6d0655e5c1cb187ce3b1c05bfdc4d761a4fa59db34506ee0ce
                                        
                                            GET /exp=1664355253~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=e7ffcea082f7d5817e9736bac21ab3b86dca0873994bf1c5836d7fd4a1c5428d/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=914-2723138 HTTP/1.1 
Host: 152vod-adaptive.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.136
HTTP/1.1 200 OK
Content-Type: video/mp4
                                        
Accept-Ranges: bytes
Content-Length: 2722225
Last-Modified: Wed, 17 Aug 2022 18:49:42 GMT
Server: parcel
origin-retrieved-hour: 1660759200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31536000
Expires: Thu, 28 Sep 2023 07:49:15 GMT
Date: Wed, 28 Sep 2022 07:49:15 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.844c2417.1664351355.c16246
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:c16246~time:1664351355~ghostforwardip:2.21.242.219~edgecache:cache-miss~rtt:2~region:NO-; path=/; domain=.akamaized.net;


--- Additional Info ---
Magic:  data
Size:   2722225
Md5:    b21074f72142a32819ed6afd1daebe2c
Sha1:   9d9335a955687bff55f302b06cd6f8e91a61e8e0
Sha256: f5a328143c4016b0138cdda90a7a28d27ad1cdcd137850ac5f3685e4e2f57ab6
                                        
                                            GET /exp=1664355253~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=e7ffcea082f7d5817e9736bac21ab3b86dca0873994bf1c5836d7fd4a1c5428d/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=144147-287689&CMCD=bl%3D5995%2Cbr%3D0%2Ccid%3D%22740479387%22%2Cot%3Da%2Cpr%3D1%2Csf%3D%22dash%22%2Csid%3D%225f2284edb513881b6730d0bac4ffd7ebb749554b1664351353%22%2Cst%3Dv HTTP/1.1 
Host: 152vod-adaptive.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.136
HTTP/1.1 200 OK
Content-Type: video/mp4
                                        
Accept-Ranges: bytes
Content-Length: 143543
Last-Modified: Wed, 17 Aug 2022 18:48:56 GMT
Server: parcel
origin-retrieved-hour: 1664348400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Cache-Control: private, max-age=31535952
Expires: Thu, 28 Sep 2023 07:48:28 GMT
Date: Wed, 28 Sep 2022 07:49:16 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.844c2417.1664351356.c16269
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,CW:m,TD2:m
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:c16269~time:1664351356~ghostforwardip:2.21.242.219~edgecache:cache-miss~rtt:1~region:NO-; path=/; domain=.akamaized.net;
Aka-c-hit: cache-miss


--- Additional Info ---
Magic:  data
Size:   143543
Md5:    9ddfbf15970096c628a9f0ed7567c2a1
Sha1:   611850569aa5bb875acac5686dc7836bc62791b2
Sha256: 860fd8e6106d5a3dfcd68cce90a28fc669c3666d64aa8c792caac5d08f096ce2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.starfieldtech.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 07:49:17 GMT
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 23:44:48 GMT
Expires: Wed, 28 Sep 2022 23:44:48 GMT
ETag: "b82005f8db5acce9fd05f4dc692ccc0e1aa3dda6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1845
Md5:    adacf781602b9c5f7117917ea01c6dc2
Sha1:   b82005f8db5acce9fd05f4dc692ccc0e1aa3dda6
Sha256: 283cd6ec9db378135db1686f10d728e7f29b2a338a49da9b8af8d2680eb76430
                                        
                                            GET /exp=1664355253~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=e7ffcea082f7d5817e9736bac21ab3b86dca0873994bf1c5836d7fd4a1c5428d/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=2723139-4677552&CMCD=bl%3D6067%2Cbr%3D0%2Ccid%3D%22740479387%22%2Cot%3Dv%2Cpr%3D1%2Csf%3D%22dash%22%2Csid%3D%225f2284edb513881b6730d0bac4ffd7ebb749554b1664351353%22%2Cst%3Dv HTTP/1.1 
Host: 152vod-adaptive.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.136
HTTP/1.1 200 OK
Content-Type: video/mp4
                                        
Accept-Ranges: bytes
Content-Length: 1954414
Last-Modified: Wed, 17 Aug 2022 18:49:42 GMT
Server: parcel
origin-retrieved-hour: 1664348400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Cache-Control: private, max-age=31535863
Expires: Thu, 28 Sep 2023 07:47:00 GMT
Date: Wed, 28 Sep 2022 07:49:17 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.844c2417.1664351357.c16330
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,CW:m,TD2:m
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:c16330~time:1664351357~ghostforwardip:2.21.242.219~edgecache:cache-miss~rtt:0~region:NO-; path=/; domain=.akamaized.net;
Aka-c-hit: cache-miss


--- Additional Info ---
Magic:  data
Size:   1954414
Md5:    e15d2d570da030f8ca485299f97812b3
Sha1:   57a7a2eb80dd6ff4c33fea371ab6f975f2e67e70
Sha256: fa2346aacd2be7a89f0fad42c7a23f0ca0f400d551564bb647ca0986ca8902dd
                                        
                                            GET /g/api/cart/cart?cartNotifyTimeout=5000&websiteId=aa1fb9b2-896f-4ef9-be21-3bae706e78f6&env=production&cartUrl=https://dreamfestival.org/g/api/cart&websiteUrl=https://dreamfestival.org HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Wed, 28 Sep 2022 07:49:18 GMT
set-cookie: commerce_cart_aa1fb9b2-896f-4ef9-be21-3bae706e78f6_locale=%22en-US%22; Max-Age=86400; Path=/; Secure; SameSite=None dps_site_id=4000; path=/; secure
etag: "4f31-eWb5+2qZFZ5lW0hOG8Agh6Aark4"
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   149321
Md5:    f1cd7bd80fbfd6e71aa9c723e284d9d6
Sha1:   702a74870cdf097c77dbd0c40b32d92099cfb78b
Sha256: 2b484ef09c74dc62350244c996c326c8358436e4b4eb148e822abe4c0a1098b8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 07:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_next/static/XFua26c4wbn3xQEBMtx26/_buildManifest.js HTTP/1.1 
Host: d1ziqjnl68gola.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.13
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
content-length: 283
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 26 Sep 2022 17:00:33 GMT
date: Wed, 28 Sep 2022 07:49:19 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"11b-1837abe4368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DPonwBHhkDAq8jGrnCCH9FFog3RuYmWuvISDuXr_2-nwn9OijPW-CQ==
age: 174
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   283
Md5:    fe44dc18694b1ef5b52ecb91d48fd101
Sha1:   71e4df6b0a0abcf33d7fcc8bc48da5852dfed8a1
Sha256: 0374db01830a296334e93cb31818b14ff359f656e10b5cbb363f5924fd02dd28
                                        
                                            GET /_next/static/chunks/03bceb0a72953a67ff9eaa2ebbeb59fb7bef6b1d.f9e255de928cbbe19980.js HTTP/1.1 
Host: d1ziqjnl68gola.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.13
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 26 Sep 2022 17:00:33 GMT
content-encoding: gzip
date: Wed, 28 Sep 2022 07:44:46 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"4252f-1837abe4368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XjNZUfwB3XFFYis1MXlfRnb2yqD617jpGH41G-fhuMHR3pNXea-u3A==
age: 382
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   78300
Md5:    16c734a456c8c5e89f6580fe465a27be
Sha1:   65f92e7591faa165c459bbe85c15b7f876de2d09
Sha256: 0da7232fcbd2e66bec218ee5b77358e55db0a7798f04ae588c64c147ecab44db
                                        
                                            GET /_next/static/runtime/webpack-4c6eb53bbd2b196b706b.js HTTP/1.1 
Host: d1ziqjnl68gola.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.13
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 26 Sep 2022 17:00:33 GMT
content-encoding: gzip
date: Wed, 28 Sep 2022 07:49:19 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"b14-1837abe4368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PoT9KG2KBaUMlczcYv6o8hAzDqskKHt5hCkuRinSLb4Pkq5AIyLNcw==
age: 238
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2002
Md5:    f44d35e4ddcbdb0990df28a23a75fef5
Sha1:   01c3543eb8b82ec63e0012ab56d8efa60c77830b
Sha256: 39565089be15b0228bec5f0feb2b1df31bea205c9663226723b2f5068ef030e2
                                        
                                            GET /css?family=Old+Standard+TT:400,400i&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 07:49:19 GMT
date: Wed, 28 Sep 2022 07:49:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   583
Md5:    09d4d86eefc8f997ceeee6094011804d
Sha1:   9bea1b00d2e4e3d7ae8b1088298fe3bdeda065a6
Sha256: d4d5ffd662fe74c32eff0ce9e8ee0c41e354db4513611cb274a46ba70f755a3b
                                        
                                            GET /api/websites/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/tax-settings HTTP/1.1 
Host: cart-checkout.secureserver.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Origin: https://dreamfestival.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.32.66.201
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 28 Sep 2022 07:49:19 GMT
content-length: 2
x-powered-by: Express
access-control-allow-origin: https://dreamfestival.org
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    d751713988987e9331980363e24189ce
Sha1:   97d170e1550eee4afc0af065b78cda302a97674c
Sha256: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
                                        
                                            GET /_next/static/chunks/framework.7c3134b4fff25e0e0b1b.js HTTP/1.1 
Host: d1ziqjnl68gola.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.13
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 26 Sep 2022 17:00:33 GMT
content-encoding: gzip
date: Wed, 28 Sep 2022 07:49:19 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"1fd8f-1837abe4368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gT31vvcLNCp6Qj1Iaan-fQW0KC9ugeAEjxdlLKiTyfnjiJrIAgFy9A==
age: 207
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   194799
Md5:    dd49795f7b47244d76431ce259fe86ae
Sha1:   b2a349e686f2b118b32ca93464e89ac14d22a0ae
Sha256: 976a3c8108db823047a41303ff0795a87272763e6c60f7f8099b2bef6b388407
                                        
                                            GET /sw.js HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad; commerce_cart_aa1fb9b2-896f-4ef9-be21-3bae706e78f6_locale=%22en-US%22
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: ed4ecce48d39de01119114a419c3b9ec
Cache-Control: max-age=0
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 304 Not Modified
                                        
vary: Accept-Encoding
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: ed4ecce48d39de01119114a419c3b9ec
date: Wed, 28 Sep 2022 07:49:20 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css?family=Gudea:400,400i,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 07:49:19 GMT
date: Wed, 28 Sep 2022 07:49:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /online-games HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 02194fd21da68ca2f553da290e837cf3
date: Wed, 28 Sep 2022 07:49:14 GMT
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 3988647d0125a0ad832acc3a3bc1f1d1
date: Wed, 28 Sep 2022 07:49:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         160.153.136.3
HTTP/1.1 302 Found
                                        
Connection: close
Pragma: no-cache
cache-control: no-cache
Location: /


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
date: Wed, 28 Sep 2022 07:49:14 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /faq HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: bb6db22321f3fcd6a5cb2278aeafc375
date: Wed, 28 Sep 2022 07:49:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /_next/static/chunks/fae41d7e33c3a275a0e68c67e03336bfb42cea1b.9b844b8467120fda5e40.js HTTP/1.1 
Host: d1ziqjnl68gola.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.13
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 26 Sep 2022 17:00:33 GMT
content-encoding: gzip
date: Wed, 28 Sep 2022 07:49:19 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"18219-1837abe4368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PCQmVxmWq5LbbU6D-lmI6EDg4DyDQl2X5yK1wx2KskLBoh_FVBNYrQ==
age: 96
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_next/static/chunks/c8b05f54.171267e02d8683b21e5e.js HTTP/1.1 
Host: d1ziqjnl68gola.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.13
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 26 Sep 2022 17:00:33 GMT
content-encoding: gzip
date: Wed, 28 Sep 2022 07:49:19 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"c35c-1837abe4368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5OlWusfVfFS6AEM9MjPb4XpwgXYw6gNDQa1BbPBqoyTmfEpuFCISUA==
age: 207
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_next/static/chunks/c78d26b1.1e776d679b02d0f1979b.js HTTP/1.1 
Host: d1ziqjnl68gola.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.13
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 26 Sep 2022 17:00:33 GMT
content-encoding: gzip
date: Wed, 28 Sep 2022 07:49:19 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"11945-1837abe4368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Grd_FbQl_hYrUsLZvmbY0mf9LQz_nR2u1Wc1gRfxjUnZCYCP1f-wUQ==
age: 215
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sw.js HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: application/javascript
                                        
link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: ed4ecce48d39de01119114a419c3b9ec
date: Wed, 28 Sep 2022 07:49:14 GMT
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /car-show HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 164d2d77c9f42f89b066893fcacc4805
date: Wed, 28 Sep 2022 07:49:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/reamaze-godaddy-loader.js HTTP/1.1 
Host: cdn.reamaze.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.9.8
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 07:49:14 GMT
last-modified: Tue, 27 Sep 2022 20:03:43 GMT
etag: W/"22e-5e9ae241cc5c0"
cache-control: public, max-age=600, s-maxage=604800
cf-cache-status: HIT
age: 39634
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ae19ceb64b509-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dream-festival HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: f760da319b0f3d4974e27445425a029d
date: Wed, 28 Sep 2022 07:49:14 GMT
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /dream-store-app HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: b80b5b63daadcfc685581bd432699379
date: Wed, 28 Sep 2022 07:49:14 GMT
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /_next/static/chunks/commons.f97544ffa7cfed0a353c.js HTTP/1.1 
Host: d1ziqjnl68gola.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.13
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 26 Sep 2022 17:00:33 GMT
content-encoding: gzip
date: Wed, 28 Sep 2022 07:44:46 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"831f-1837abe4368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F2XPu1cTHNaW4enXhfm5b3Ty6-Yczhl4rfakgu4miIXjZUXZcL-qZA==
age: 382
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_next/static/XFua26c4wbn3xQEBMtx26/pages/cart.js HTTP/1.1 
Host: d1ziqjnl68gola.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.13
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 26 Sep 2022 17:00:33 GMT
content-encoding: gzip
date: Wed, 28 Sep 2022 07:49:19 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"40c50-1837abe4368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LPGp_EQA7lLhqkeMgtLPmWBetuxAcRqdQSiN_nv23JJnQofINO57Pg==
age: 206
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 3988647d0125a0ad832acc3a3bc1f1d1
date: Wed, 28 Sep 2022 07:49:13 GMT
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /exp=1664355253~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=e7ffcea082f7d5817e9736bac21ab3b86dca0873994bf1c5836d7fd4a1c5428d/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=4677553-6398121&CMCD=bl%3D6033%2Cbr%3D0%2Ccid%3D%22740479387%22%2Cot%3Dv%2Cpr%3D1%2Csf%3D%22dash%22%2Csid%3D%225f2284edb513881b6730d0bac4ffd7ebb749554b1664351353%22%2Cst%3Dv HTTP/1.1 
Host: 152vod-adaptive.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.136
HTTP/1.1 200 OK
Content-Type: video/mp4
                                        
Accept-Ranges: bytes
Content-Length: 1720569
Last-Modified: Wed, 17 Aug 2022 18:49:42 GMT
Server: parcel
origin-retrieved-hour: 1664348400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Cache-Control: private, max-age=31535967
Expires: Thu, 28 Sep 2023 07:48:46 GMT
Date: Wed, 28 Sep 2022 07:49:19 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.844c2417.1664351359.c164b8
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,CW:m,TD2:m
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:c164b8~time:1664351359~ghostforwardip:2.21.242.219~edgecache:cache-miss~rtt:0~region:NO-; path=/; domain=.akamaized.net;
Aka-c-hit: cache-miss


--- Additional Info ---
                                        
                                            GET /marketing-competition HTTP/1.1 
Host: dreamfestival.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2ae2821d-afc9-57cd-b855-687d25daa9ad; _tccl_visit=2ae2821d-afc9-57cd-b855-687d25daa9ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 21db9715dc46771a6cb0a0b1cb3a598b
date: Wed, 28 Sep 2022 07:49:14 GMT
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /_next/static/runtime/main-c571f3fc3c8603f2a35f.js HTTP/1.1 
Host: d1ziqjnl68gola.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.13
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 26 Sep 2022 17:00:33 GMT
content-encoding: gzip
date: Wed, 28 Sep 2022 07:44:46 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"aa2e-1837abe4368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f_uQQqeDa15FJoJTEsigTqJbKci_zAEmmWmBdpbheR0faAvWaZs4Lw==
age: 506
X-Firefox-Spdy: h2


--- Additional Info ---