dreamfestival.org/
160.153.136.3301 Moved Permanently 0 B IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
location: https://dreamfestival.org/
Vary: Accept-Encoding
Server: DPS/1.13.2
X-SiteId: 4000
Set-Cookie: dps_site_id=4000; path=/
ETag: 3988647d0125a0ad832acc3a3bc1f1d1
Date: Wed, 14 Sep 2022 07:48:21 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 07:09:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6o_mQFTRTiF7zzzhQ-nVfCfiK9ttVMyLKQTdXbBnw1hqOW-mPpUPFg==
Age: 2333
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3837
Expires: Wed, 14 Sep 2022 08:52:18 GMT
Date: Wed, 14 Sep 2022 07:48:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Usw6F9O6ku0LHz7arh18DDFziLR4oR_d6vDiyQu8Lpo1UqGnSdu-JQ==
age: 11586
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 07:48:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 89814993ae5e8e12c22aecd471e9ffe5
d64fd5b5c09688b675e8d83efd91740f56115592
dea4dc34d98c73edf0b7cc713e93aef75fa49462320e3f36f6ec1466d920cba1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 14 Sep 2022 07:48:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 13 Sep 2022 21:37:26 GMT
Expires: Wed, 14 Sep 2022 21:37:26 GMT
ETag: "d64fd5b5c09688b675e8d83efd91740f56115592"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
184.31.15.216302 Found 0 B URL HTTP/2 img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tcc/tcc_l.combined.1.0.6.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-length: 0
location: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
cache-control: max-age=1800
expires: Wed, 14 Sep 2022 08:18:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:365,h:365,cg:true,m,i:true/qt=q:1/ll=n:true
184.31.15.216200 OK 46 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:365,h:365,cg:true,m,i:true/qt=q:1/ll=n:true
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9639421c88c869682fcd0f6e2ced9e8c
e9df9ad8d3b5e501e21f7c25d4806e5c5418e0d6
cf29c206707eee5be29405df14018ecb8415048d6b02bb1b8d5fe45742cbc6e2
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:365,h:365,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 46
x-version: 0.4.4+sha-cbf667a
x-track-origin-referer: https://landeshomeimprovements.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 484315664
x-width: 365
x-height: 365
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1240,h:620,cg:true,m,i:true/qt=q:1/ll=n:true
184.31.15.216200 OK 72 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1240,h:620,cg:true,m,i:true/qt=q:1/ll=n:true
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash b226e47e9840c067ad4d3550da1bd609
97868c5cb3b54783f2821a8a55fec6ed675b8421
77d9e7cc94c36294d83521de8e1df2aaa7afcf46d8aecd7935d16fd6103e3a17
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1240,h:620,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 72
x-version: 0.4.4+sha-cbf667a
x-track-origin-referer: https://suromurchhana.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1456090515
x-width: 1240
x-height: 620
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2
184.31.15.216200 OK 17 kB URL HTTP/2 img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 16664, version 1.0\012- data
Hash 247f3761e787cb917d84b6beb4826113
a8376faed88a229491b529573007fe65dd818e01
4df2558618d59bf36dcdafac03f2a3d4b6fed61a7381558bff35a1b81675114a
GET /gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 16664
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:49:00 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:600,h:300,cg:true,m,i:true/qt=q:1/ll=n:true
184.31.15.216200 OK 48 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:600,h:300,cg:true,m,i:true/qt=q:1/ll=n:true
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4ba7e4cd4e8240b13f2fbaa46d839086
5f5d7fe9d036b2773e686a8ba6ee6080b1358cfa
d45bbd2f58cb3178433d9b4a002cf4bc445f26e5e2413d7457339cc45e40c6ca
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:600,h:300,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 48
x-version: 0.4.4+sha-cbf667a
x-track-origin-referer: https://avolta.us/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1252006860
x-width: 600
x-height: 300
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:388,h:194,cg:true,m,i:true/qt=q:1/ll=n:true
184.31.15.216200 OK 46 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:388,h:194,cg:true,m,i:true/qt=q:1/ll=n:true
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9e1a51caec448431afc865f81fe2ac54
29d4e030c450d4b9d0220d9f792547147ba1ec14
44336888428a2473c93fe0513b86d36568abb2108820740b5f7caa3dcec3774e
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:388,h:194,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 46
x-version: 0.4.4+sha-cbf667a
x-track-origin-referer: https://elitetechar.com.br/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1416184843
x-width: 388
x-height: 194
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js
184.31.15.216200 OK 92 kB URL HTTP/2 img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (63425)
Hash 94d4c1b5fb73adb29f4ff85b2c2b1538
ddb343f510168190aad3e22c9979aa52226ab068
7134cd57429b969269ac21ad5621f7c90b94287cb09595f932630fbfeb7aaf40
GET /ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 91698
x-version: 0.7.1+sha-f8fdc16
etag: "3947cc7865a2f348b434ec8595e21e02"
last-modified: Sat, 20 Aug 2022 00:16:24 GMT
x-amzn-trace-id: Root=1-630027d6-73a9e37f59b7ff1a4febc2b4
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
184.31.15.216200 OK 25 kB URL HTTP/2 img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 24640, version 1.0\012- data
Hash 8ac76036c09e8683710a9c667bcab8de
f8612cc6b0f7725c46edd65eebfd6aec446af226
a898fbcc821f5d54f3491713c04dcb3434ebdc77ef9e6011df1eeb86b9255b56
GET /gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 24640
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:30:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:836,cg:true,m,i:true/qt=q:1/ll=n:true
184.31.15.216200 OK 84 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:836,cg:true,m,i:true/qt=q:1/ll=n:true
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash ea669d0a28b700022fcb7457a5927c91
7dcea6bfea2da2048a8410e509406e6ae0f16e8d
177eab07a7af172e06bbea9a3df05ae6d3953a3f39c0d5e20cab39df26aa9a56
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:836,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 84
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://harmonylabradoodles.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 2002395724
x-width: 1254
x-height: 836
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
184.31.15.216200 OK 23 kB URL HTTP/2 img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 22840, version 1.0\012- data
Hash a02a7db3964dbc06013e1343042c2c75
9d69b2906f9c6bcda3197e3c0ba5542b1a57aab9
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
GET /gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 22840
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:31:27 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2
184.31.15.216200 OK 7.9 kB URL HTTP/2 img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 7908, version 1.0\012- data
Hash 15d9bbcfbc1d668a43c85d156d23262b
c436963710c58453c4ae27e66c051e85c084cd49
6db83475c4b6e3bcd2df60ca7afcedabc5140c3b55c9a6bb0ca636c5b6438e5f
GET /gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 7908
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:47:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2
184.31.15.216200 OK 8.5 kB URL HTTP/2 img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 8520, version 1.0\012- data
Hash ce1c0390731a3e14e25947beba4d7bc7
314391b4d88bf5d37826b2d8e15684ee24839151
a23cdc6f17ebaf9a49d2bd7f3723cf8a185f0cdfa4065e83490c9769b643a587
GET /gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 8520
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:47:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2
184.31.15.216200 OK 7.9 kB URL HTTP/2 img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 7920, version 1.0\012- data
Hash 797ad5f8d84a297ab16f9a9c983adfc2
af074543e3bbd78e086cefa983867e0936515c41
e0037277509761be84d1c44b520649c2363df89e00568561ebf015cb3cedc91a
GET /gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 7920
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:837,cg:true,m,i:true/qt=q:1/ll=n:true
184.31.15.216200 OK 84 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:837,cg:true,m,i:true/qt=q:1/ll=n:true
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 006afc1eecd55443718c376245fb4b5f
a81310d0b374eb1063d7b4a9c2db741070068ab7
9bc3aafdc9f876afa5e7927d92257a1db71fb360d9758e963eaf118da49bf131
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:837,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 84
x-version: 0.4.4+sha-cbf667a
x-track-origin-referer: https://sonaltechdata.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 508945408
x-width: 1254
x-height: 837
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 07:48:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-BF2FDR6KMM
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-BF2FDR6KMM
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash 3ad8ac48c254004af37350d89aba1212
a0ddbf45dede26ffa3c38afc9110669650009922
1c66356fd3c6eeb8fed2e7d0e0ab328ecbad2297967d06f9c6454bdc4357f358
GET /gtag/js?id=G-BF2FDR6KMM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
access-control-allow-origin: https://dreamfestival.org
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
date: Wed, 14 Sep 2022 07:48:22 GMT
expires: Wed, 14 Sep 2022 07:48:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1246,h:1128,cg:true,m,i:true/qt=q:1/ll=n:true
184.31.15.216200 OK 310 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1246,h:1128,cg:true,m,i:true/qt=q:1/ll=n:true
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1648c025ecef97d1d50ea521ba8451f7
47b1ed01d508083744e7a4b884907c443878cd74
b52ac354827a6ced0253396c73d4d90a23156ac9b16b675c38e72fa4bdc465bf
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1246,h:1128,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 310
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 2188000504
x-width: 1246
x-height: 1128
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 07:48:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img1.wsimg.com/isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:125,h:125,cg:true,m/cr=w:125,h:125/qt=q:95
184.31.15.216200 OK 7.0 kB URL HTTP/2 img1.wsimg.com/isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:125,h:125,cg:true,m/cr=w:125,h:125/qt=q:95
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash cbfcb6c00122613fe9618ab0bc06ec2a
114d6e21d623e42a35d5ef6c5c9f443177e768c3
bd6a67e8cc9f3ab4c053caa9e2c94b5c3ed1d95fbfe6332e2b32cd6f771ff59d
GET /isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:125,h:125,cg:true,m/cr=w:125,h:125/qt=q:95 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 7034
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 138634133
x-width: 125
x-height: 125
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
edge-cache-tag: /isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:125,h:125,cg:true,m/cr=w:125,h:125/qt=q:95
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/traffic-assets/js/tccl.min.js
184.31.15.216302 Found 0 B URL HTTP/2 img1.wsimg.com/traffic-assets/js/tccl.min.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
cache-control: max-age=1800
expires: Wed, 14 Sep 2022 08:18:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/1da07418202e940c/script.js
184.31.15.216200 OK 10 kB URL HTTP/2 img1.wsimg.com/blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/1da07418202e940c/script.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (15604)
Hash 5416c190c65e7bbf4fbf4d5175cc4b53
3a8e1485a40bd1f2b829a107820fa91745ea2dae
5174a1b30cdd098e97d16a5d48a1354fb552e6616338deafdce2dc3f1a3962bb
GET /blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/1da07418202e940c/script.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 10195
x-version: 0.7.1+sha-f8fdc16
etag: "9292b7dc7a91c52a0eb18aa3c8a7907a"
last-modified: Thu, 25 Aug 2022 19:09:01 GMT
x-amzn-trace-id: Root=1-6307c8cc-4ff570e46bec6987156015e9
x-forwarded-port: 443
x-forwarded-for: 50.63.4.64
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 07:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 07:27:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HGil30qy5064VFwujxX5r8trA5Lt37al5AH-jUzuFtw5rPaj4W-O6Q==
Age: 2700
img1.wsimg.com/blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/532356f793015be3/script.js
184.31.15.216200 OK 15 kB URL HTTP/2 img1.wsimg.com/blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/532356f793015be3/script.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (50909)
Hash 381c2e5e060f0537452db72e8bbe29e0
c6f0cc1f99aa5d3d0a5fbf4504a529f165748b81
de714b7fe9e27644b6d5314b836a4543863eb84610b38c05aa8a927115ffa163
GET /blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/532356f793015be3/script.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 14720
x-version: 0.7.1+sha-f8fdc16
etag: "02dd630f1cc9398fa8c8e735dc349cea"
last-modified: Thu, 25 Aug 2022 19:09:01 GMT
x-amzn-trace-id: Root=1-6307c8cc-4f09330124390e22354f60cb
x-forwarded-port: 443
x-forwarded-for: 50.63.4.64
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
184.31.15.216200 OK 11 kB URL HTTP/2 img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (45500)
Hash 1ac00b5d5abfa64175a140de3f29a8e2
c07c5611cfff3ec4c7034134e4148f177242908c
65198366099c4eea2ed8a4dbe30fbb7896435a3505c5265260715d3385058378
GET /wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "362d20193a8fed115f99b16a157b7fc4"
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
vary: Accept-Encoding
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
x-amz-request-id: N5JSXGJTVEFZM8E9
x-amz-server-side-encryption: AES256
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-length: 11155
x-edgeconnect-midmile-rtt: 15, 15
x-edgeconnect-origin-mex-latency: 135, 135
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Wed, 14 Sep 2022 07:48:22 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1294,h:810,cg:true,m,i:true/qt=q:1/ll=n:true
184.31.15.216200 OK 296 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1294,h:810,cg:true,m,i:true/qt=q:1/ll=n:true
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1cc9e1a01abab65dc9cac9b08d82663f
79e92dd6195feed734dd15eda1125b0f5d5c34df
f7b83c6b942e988949490faa1c98e1e605d432d57cf4a4457b8f27630895d46b
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1294,h:810,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 296
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 3684691647
x-width: 1294
x-height: 810
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
player.vimeo.com/video/740479387?h=32a29ded65&autoplay=1&loop=1&autopause=0&muted=1&title=0&byline=0&portrait=0&controls=0
162.159.128.61200 OK 4.9 kB URL HTTP/1.1 player.vimeo.com/video/740479387?h=32a29ded65&autoplay=1&loop=1&autopause=0&muted=1&title=0&byline=0&portrait=0&controls=0
IP 162.159.128.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14572)
Hash f8260b70c91109bf0d8ce026e1b6a0a0
afd8e19bcdf950d4fdd927f0803355b5735f085d
225a9abacb70d7abe7cb3f1937dae9e06f6c626200dd61d50766666238b546f5
GET /video/740479387?h=32a29ded65&autoplay=1&loop=1&autopause=0&muted=1&title=0&byline=0&portrait=0&controls=0 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 07:48:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Wed, 14 Sep 2022 07:58:22 GMT
x-host: player-5cc7f5c747-vfknr
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-4
x-backend-proxy: playproxy5
x-bapp-server: player-5cc7f5c747-vfknr
Age: 0
X-Served-By: cache-bma1634-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1663141702.392766,VS0,VE304
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=vzm5ZocIErRsQ_llqWu4hJOyjRsjZ0C_GPV4f8c4DZE-1663141702-0-AUPNiGBPeuO1wqI1N0iYJSyePIQjnUmn39JV5gBVWkZEVn1BdG39F4LSJPfS8gQPYeDR6JqdLfdxB2pezpysS8w=; path=/; expires=Wed, 14-Sep-22 08:18:22 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 74a78517dcbbb51e-OSL
Content-Encoding: gzip
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-layout27-Theme-publish-Theme-426a6752.js
184.31.15.216200 OK 4.6 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-layout27-Theme-publish-Theme-426a6752.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (16777)
Hash d63329ea260c74b51c21180eb99adae7
162e672cc76f510dba865c985957b2b3044a9e36
b6fe328b6e558265a5451ff68b42104fc106b99d42bc53589b8fb2c93e7f710d
GET /blobby/go/static/radpack/@widget/LAYOUT/bs-layout27-Theme-publish-Theme-426a6752.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4562
x-version: 0.7.1+sha-f8fdc16
etag: "44e335030da6dc3f098e688fdf6829bb"
last-modified: Tue, 01 Feb 2022 21:21:58 GMT
x-amzn-trace-id: Root=1-61f9a475-1478ed6f223e1f061bde1bf3
x-forwarded-port: 443
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/stock/103790/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:1160,h:774
184.31.15.216200 OK 181 kB URL HTTP/2 img1.wsimg.com/isteam/stock/103790/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:1160,h:774
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Size 181 kB (181060 bytes)
Hash be7b1332654b6b991208c71db96c1c8a
aa19f3150d980ce898c80ad8720d37f90f24c932
ae052a3e53d44546e2fd04d193d747a41f8457c0c86ccbf75993119a06bf8a4d
GET /isteam/stock/103790/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:1160,h:774 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 181060
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1946494739
x-width: 1160
x-height: 774
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
edge-cache-tag: /isteam/stock/103790
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/MESSAGING/bs-Component-3fa47963.js
184.31.15.216200 OK 3.9 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/MESSAGING/bs-Component-3fa47963.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13449)
Hash ef73a2ad26978dc129780e9fa8b56fbf
a27b1e38a9b0a8a64eadac394393b44c34514433
31a27befad2953d262687734a98ecef2a590a1871ac87e093360ef29735381d2
GET /blobby/go/static/radpack/@widget/MESSAGING/bs-Component-3fa47963.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3876
x-version: 0.7.1+sha-f8fdc16
etag: "e135455abac1e365c75acb29427be2bd"
last-modified: Wed, 30 Mar 2022 21:06:30 GMT
x-amzn-trace-id: Root=1-6244c654-23bec5f97d8cb44d046c9a3f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-5f52e4cb.js
184.31.15.216200 OK 377 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-5f52e4cb.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (516)
Hash be5e2df437d04bbce03ff30557c0aa95
8ca469e5c8909868faa643aaa2b5219408de5775
1aa251af840640b303d7ec6f283cd279a270f4e0e383bb20d00bcc261f8b0170
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-5f52e4cb.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 377
x-version: 0.7.1+sha-f8fdc16
etag: "4a37f23cb638c625fc8451584283e359"
last-modified: Mon, 08 Aug 2022 18:52:52 GMT
x-amzn-trace-id: Root=1-62f15b83-003dc2ab5af787e05b944251
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-humanisticFilled-231afaba.js
184.31.15.216200 OK 4.8 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-humanisticFilled-231afaba.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12251)
Hash 073844563d47ee85e1c4cd973e49fb82
773fb31946c4b8b47eabaf2a0f16232707558b26
6c9f13042a7ab9ef9cde2b670910c4cf83d3c3f4ef0003ed12575ed6869c8c87
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-humanisticFilled-231afaba.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4754
x-version: 0.7.1+sha-f8fdc16
etag: "9f94046aea26739ac8888a6d3ed17e16"
last-modified: Thu, 14 Oct 2021 23:04:37 GMT
x-amzn-trace-id: Root=1-6168b784-518004aa22c71fe9760b296c
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-d15d4cb0.js
184.31.15.216200 OK 579 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-d15d4cb0.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (829)
Hash a35fc2506c2f855bb96a61b6699268e7
b70a15c22c5bb0f41deba263468e5ffd462a2ec7
3957ccba82ae77c1f4b8241fdd2b10eb226d001b9280b5a928581c7e38cd3267
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-d15d4cb0.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 579
x-version: 0.7.1+sha-f8fdc16
etag: "f806faab29346709aa36f154927b3ac6"
last-modified: Thu, 14 Oct 2021 23:04:34 GMT
x-amzn-trace-id: Root=1-6168b781-363fae662be9e06319f5a063
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
184.31.15.216302 Found 0 B URL HTTP/2 img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /traffic-assets/js/tccl-tti.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
cache-control: max-age=1800
expires: Wed, 14 Sep 2022 08:18:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js
184.31.15.216200 OK 740 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3043)
Hash ef933bdbde5407473165c8076c400033
a4ed7ffc21e649f1a7463021892a1f7d7ef8275b
c7a5729828eef458dec3177ba83479f77c11ef943d44d407fa8d82067d3afb83
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 740
x-version: 0.7.1+sha-f8fdc16
etag: "852cbc5322260e00b44f2c682f88b2c7"
last-modified: Thu, 14 Oct 2021 23:04:41 GMT
x-amzn-trace-id: Root=1-6168b788-04e31f272fd746490d747855
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-minimalSocialIconPack-367b65a4.js
184.31.15.216200 OK 6.7 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-minimalSocialIconPack-367b65a4.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (19615)
Hash 4ce2ee26b7bfd92534ac48544ac05330
76ac71090fcbe1f2192fab56a5a312c2ea4b7f72
b7faa0c6048431108b5c1ec65a3cb7c674e3618f16fbd0c39318307a3137ad41
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-minimalSocialIconPack-367b65a4.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 6724
x-version: 0.7.1+sha-f8fdc16
etag: "5fd30bb38eba06e3522ae28610ac8c74"
last-modified: Thu, 14 Oct 2021 23:04:38 GMT
x-amzn-trace-id: Root=1-6168b785-0155fcbf6cbeb78d408f219e
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js
184.31.15.216200 OK 335 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (383)
Hash 21f75a3937961a662b8d8879193c440c
4b1ed44a75627896d16fa62b335c445470b014a7
84559c119581a7d097957055082a3d95fb9af3043cd3237f27756d3332eeba76
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 335
x-version: 0.7.1+sha-f8fdc16
etag: "21ad22788e6caa18a4e9e57f7372b108"
last-modified: Mon, 13 Dec 2021 22:59:02 GMT
x-amzn-trace-id: Root=1-61b7d035-018188ae176241301ebce646
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-8d1eb835.js
184.31.15.216200 OK 324 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-8d1eb835.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (367)
Hash 782912a843de912c919a44d1df9da02c
de61b203330dc65b194cb1713147dafac47ecef4
11d76cdfc038467e7e856419d8e7367eb40a2af1c518c17c724b9120786a79e5
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-8d1eb835.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 324
x-version: 0.7.1+sha-f8fdc16
etag: "ec47357ab58887161e840b985bc1cc3f"
last-modified: Fri, 30 Apr 2021 14:43:26 GMT
x-amzn-trace-id: Root=1-608c178d-0826f8bc5e97bb3f00eba013
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/traffic2-f4096148.js
184.31.15.216200 OK 430 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/traffic2-f4096148.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (651)
Hash 2bd483e0e1dbe2726d090c9581c8ca85
95fa1b87ddf4027b4223b06e86932d788aba2636
205d0e1c2faf95cb7b22234abcad7abae243b799ea1d790288ddfee6e46a6ad9
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/traffic2-f4096148.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 430
x-version: 0.7.1+sha-f8fdc16
etag: "56b37779e560b1f33dae335fcdf417e5"
last-modified: Tue, 01 Dec 2020 17:54:55 GMT
x-amzn-trace-id: Root=1-5fc6836e-274d6c4c70fec5b058af7bae
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/badge-a479b038.js
184.31.15.216200 OK 367 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/badge-a479b038.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
Hash a5c6e41c09faadb3c1c61691d2095174
aad16c94df292aa072454c6fdc55e1774153229b
cb15a1744276298a8303612901f1b85d9d773663c5c591cb128b98e2bb25166f
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/badge-a479b038.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 367
x-version: 0.7.1+sha-f8fdc16
etag: "8857679c4bd7c2c9238416f452bed34f"
last-modified: Wed, 21 Oct 2020 02:55:22 GMT
x-amzn-trace-id: Root=1-5f8fa319-4467925d4bc512bd5d8610c2
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-d4bbd8a7.js
184.31.15.216200 OK 7.1 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-d4bbd8a7.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (19989)
Hash 61db91671b34870b2a22649bae7a75e5
e2394e915aeb66badba97fa50307e74ad5769daa
4ffb98b3cecca59fc757b51e44016322380bd6bc56c37cb350a54bee6e5894dc
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-d4bbd8a7.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 7054
x-version: 0.7.1+sha-f8fdc16
etag: "e579cd3f9ea8e112675b529fc85417c3"
last-modified: Tue, 26 Jul 2022 18:34:15 GMT
x-amzn-trace-id: Root=1-62e033a6-2a4cf0c1004db6f253765cdc
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-fad18f03.js
184.31.15.216200 OK 640 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-fad18f03.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1206)
Hash d8559c34c802e249732729dc2e3e4d67
8b350b4fddfbf8a93bf924693b74da1461c18d38
16cb67f04c24caa52d02cbf94e9e97080262edba721871e3e2a5482c54392dcd
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-fad18f03.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 640
x-version: 0.7.1+sha-f8fdc16
etag: "54f17c61775c71ad74e89f6ca7d47649"
last-modified: Fri, 10 Dec 2021 22:26:46 GMT
x-amzn-trace-id: Root=1-61b3d425-4196caee6b9445880f09a33c
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js
184.31.15.216200 OK 626 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1824)
Hash 11370164b73124ea595098d2ecbe6d0b
bcc349130116ef2aee6ed77984b7726b43af8576
d2a8fc6601e5e3b7c457e6c56f225547618fb5b454ba5dd37082cfa67ab4453e
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 626
x-version: 0.7.1+sha-f8fdc16
etag: "edc15ad5daac3cfa744bffdb1e0174be"
last-modified: Mon, 13 Dec 2021 22:59:00 GMT
x-amzn-trace-id: Root=1-61b7d033-2da3a4b6382be71e0d8c5ecb
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-5a810c82.js
184.31.15.216200 OK 713 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-5a810c82.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1352)
Hash bd42473bb0a3a779c914acfc4f145dc8
6387121e6d129824962b8eceb8d87164860129fe
e75a09ece643bd3d554ff8f6aa8939a64e48da7f355be43760ea7149bf4b9049
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-5a810c82.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 713
x-version: 0.7.1+sha-f8fdc16
etag: "da82f14f261b7847fc0bc55dac30a9b3"
last-modified: Mon, 13 Dec 2021 22:59:04 GMT
x-amzn-trace-id: Root=1-61b7d037-31e2e89a06b12bc27efaa2ca
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js
184.31.15.216200 OK 244 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
Hash 835256b0b1680833155abf0f7420cca2
1d7eca7af4c7fdc66cfe34c1796ce7c3376d21b3
b876ca1181efb3e0c9eac5384578fe015bc322c2a5407f4a86826374c86e4187
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 244
x-version: 0.7.1+sha-f8fdc16
etag: "daa79ad7558674f6a12d962abf47f2f6"
last-modified: Thu, 14 Oct 2021 23:04:37 GMT
x-amzn-trace-id: Root=1-6168b784-1438c006715eea557e6c9f7f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2475
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 07:48:22 GMT
Last-Modified: Wed, 14 Sep 2022 07:07:07 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-758665cc.js
184.31.15.216200 OK 518 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-758665cc.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (905)
Hash 45e169dc10f78234504ee292d5fbc13c
6ce99366de7d5a6aa2d72870696c10dec16d56e9
b4bf979d5e9ca93f7c5e1736d1c90d0662d37a6c360c7e30ed0f06e65b080694
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-758665cc.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 518
x-version: 0.7.1+sha-f8fdc16
etag: "894d1fecf13beb6804e454d74bab4fc5"
last-modified: Thu, 20 May 2021 16:49:33 GMT
x-amzn-trace-id: Root=1-60a6931c-2dfc069918f926cb337de793
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-3d5a31a2.js
184.31.15.216200 OK 212 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-3d5a31a2.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
Hash 83df0b1b683dfb124c68705dfc76fcee
5cc0c7157c31f32d14cb1b4b1da6b1a824c2d112
7a4f6de8c05928fa839dd4bca96e2c2088c92d942f1a9f285832edea5580ef48
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-3d5a31a2.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 212
x-version: 0.7.1+sha-f8fdc16
etag: "889d83416d141ae9c1e8e3eb5c4f68c0"
last-modified: Wed, 24 Feb 2021 19:34:55 GMT
x-amzn-trace-id: Root=1-6036aa5e-4e3aabaf2f33643a300f2279
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-92db7618.js
184.31.15.216200 OK 376 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-92db7618.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (501)
Hash 59ae8ad50c2d5a071cf77710bd85bfdf
2ee00b76c41a0d13f258d9dc44484fbe0a3b8524
f439a3d1fc52de6c8049f20077eba81e70489d73bd117253d6e06755fb368aff
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-92db7618.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 376
x-version: 0.7.1+sha-f8fdc16
etag: "95e155e942e2f3d810d854bd7baf8f04"
last-modified: Wed, 24 Feb 2021 19:34:54 GMT
x-amzn-trace-id: Root=1-6036aa5d-248bcb407aeca8241d304317
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-112e3bdc.js
184.31.15.216200 OK 255 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-112e3bdc.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
Hash c193577695c55a6d01f99c001d244ae9
f5bfc578e3b68fa149e0ec505036883dde2e2182
5960984c09db3ab6275b0c5f58fbaa9423d07e95b248630115506387428f03f8
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-112e3bdc.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 255
x-version: 0.7.1+sha-f8fdc16
etag: "11ccc819361ff3f58653d84601c90234"
last-modified: Tue, 09 Mar 2021 21:39:32 GMT
x-amzn-trace-id: Root=1-6047eb13-42a9ed893514533d651f3c03
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-ComponentGoPay-2d231fbf.js
184.31.15.216200 OK 1.3 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-ComponentGoPay-2d231fbf.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3167)
Hash 3e167001b87901b72326b74427a8f2c6
6e6fde1728bea3a9cf00695ac9f386910ac72958
57904b9b0bc40ea5d73f237c39c459a5ccb5f359af44c141819c2c3ff03ed982
GET /blobby/go/static/radpack/@widget/LAYOUT/bs-ComponentGoPay-2d231fbf.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1273
x-version: 0.7.1+sha-f8fdc16
etag: "deb327250b64a5b6e86bfd1145426c41"
last-modified: Thu, 14 Oct 2021 23:04:35 GMT
x-amzn-trace-id: Root=1-6168b782-0884d226182e4e7712e6b97a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-266b929e.js
184.31.15.216200 OK 1.3 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-266b929e.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3283)
Hash 15588eb49730af3f92b29fa295d0a216
eb61fae6f935f037beebca9f2557ce05a32212b6
acce03ab4359514251cfe658c86746d82f01160cf1fb6d779a264410fa8d5e7c
GET /blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-266b929e.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1272
x-version: 0.7.1+sha-f8fdc16
etag: "d2f3f3bb13567c7c3ba8c50de05a8272"
last-modified: Mon, 13 Dec 2021 22:59:00 GMT
x-amzn-trace-id: Root=1-61b7d033-2b00d29f0bf8ee864a58d40c
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-c879a9d1.js
184.31.15.216200 OK 891 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-c879a9d1.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1875)
Hash 44a9beb87d40f6145cb908a9b1c71c00
a6f805ddcc53b7cb5ab774de344c30c41d4d5ce0
aaad2d68eb5062983443ff7a7d607dff5035cfd75a719742d2a0d95af37b89e0
GET /blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-c879a9d1.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 891
x-version: 0.7.1+sha-f8fdc16
etag: "db9b98d640eba155278db0bbaa83050d"
last-modified: Tue, 08 Mar 2022 16:16:57 GMT
x-amzn-trace-id: Root=1-62278178-78898aaa78d117a566634235
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-ComponentPropTypes-13af9972.js
184.31.15.216200 OK 1.5 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-ComponentPropTypes-13af9972.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4534)
Hash 93c5eeb39031dd17b5fab7087d743e8b
f11187fa120996e2b7d92f7250bde289b966b56e
f1e7878115f0027f044053e779e3a16bc163b9176147386ace46ae9b8b7eb54d
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-ComponentPropTypes-13af9972.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1506
x-version: 0.7.1+sha-f8fdc16
etag: "04d11575d4b0b90e2b216173bae444a8"
last-modified: Mon, 13 Dec 2021 22:59:03 GMT
x-amzn-trace-id: Root=1-61b7d036-4f8963fa6da48e2155141249
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-bde2cb32.js
184.31.15.216200 OK 1.0 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-bde2cb32.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2368)
Hash f781ac203e2b685fc34dff85b2e11b50
43f27a48b1b29ea644e6a4da46aca1dc0c4cd794
fac7178c58b529a9e5f2af5ce88aeb912245e1f39fa39a877116cbf75da0ff2f
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-bde2cb32.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1020
x-version: 0.7.1+sha-f8fdc16
etag: "70bc240b39fd393f6e3003cc69e4fe73"
last-modified: Fri, 29 Jul 2022 16:58:40 GMT
x-amzn-trace-id: Root=1-62e411bf-092c235955a8dd6b4bde9a5a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
184.31.15.216200 OK 7.5 kB URL HTTP/2 img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (24676)
Hash b8a5a228a358454084c34dd1cf431c61
37aa5fe6e083b8147156ca66a1993a7bd74e8a61
06fae5ccf58a27a8e2ae6a0e7722f42db507c1873751f587cddd090810d94492
GET /wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
last-modified: Tue, 18 Jan 2022 02:54:27 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 1
x-edgeconnect-origin-mex-latency: 148
x-amz-id-2: 1p573ITy0o0T0ufkOZkP/+OCkgNr0sxd/pCUSQaWmdftOrsA/CN9I7heKTs2+rnywAcwGtmX76o=
x-amz-request-id: 836GEDG87AEEPZ3V
x-amz-server-side-encryption: AES256
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-length: 7498
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Wed, 14 Sep 2022 07:48:22 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.10.0/css/player.css
151.101.86.109200 OK 20 kB URL HTTP/2 f.vimeocdn.com/p/4.10.0/css/player.css
IP 151.101.86.109:0
File type ASCII text, with very long lines (65495)
Hash 4004ba0e2bb66b9aeaa32a8544f6eeab
5bf81fc199d0a7fcc805d154e33cdfc992a9689b
1bb8fbd867ab8d696b7ca95485fa59d154afb14213041f9d4d12bbff398da7fd
GET /p/4.10.0/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 07:48:22 GMT
age: 479215
x-served-by: cache-iad-kcgs7200157-IAD, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 92917
x-timer: S1663141703.868699,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20291
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d
151.101.86.109200 OK 54 kB URL HTTP/2 i.vimeocdn.com/video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Hash 833869bbcbed271326a98075cca27dac
576ea0a40b6123beb4331a0c13321ed8ba151ea2
eb175b3925e3a2957a24350c2ea17306676df157335787031b5d6a6fff1e736a
GET /video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 833869bbcbed271326a98075cca27dac
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-x47h
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Wed, 14 Sep 2022 07:48:22 GMT
age: 1832132
x-served-by: cache-dfw-kdfw8210071-DFW, cache-bma1662-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663141703.883572,VS0,VE1
vary: Accept
content-length: 53463
X-Firefox-Spdy: h2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.86.109200 OK 997 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (1839)
Hash 0ad074ceab68348048a8100a67d36d2c
2a35d9429a411fd87aafd7e6c7fafe51cca82345
0445c9738353c896284236d8c98b5c8b5d7954621d4c4d2bd5cf138660d247aa
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 07:48:22 GMT
age: 2125863
x-served-by: cache-iad-kiad7000127-IAD, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 201034
x-timer: S1663141703.888740,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.10.0/js/player.js
151.101.86.109200 OK 212 kB URL HTTP/2 f.vimeocdn.com/p/4.10.0/js/player.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (64649)
Size 212 kB (212200 bytes)
Hash 1bf1cd7e4980bdcf6fc5f33823b2280e
3f9724f4a224915506d6ef7c96dc0564f2c51466
13d45c1b32674b0f6d60248713b74d4845ccbef7714b97799f76b3be286ca1d2
GET /p/4.10.0/js/player.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 07:48:22 GMT
age: 479215
x-served-by: cache-iad-kcgs7200061-IAD, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 71313
x-timer: S1663141703.887358,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
content-length: 212200
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 950526447441749ff9aeea01a5eb6c86
a1b93fd37508a8e29092bd3ea3b70badc5f39289
4413eab24fa6020944731573ebb4ec45827878c13b17f6fdeb791875533505d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3280
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 07:48:22 GMT
Last-Modified: Wed, 14 Sep 2022 06:53:42 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 32467f00836af5caa433834a3ef51007
45df10dc08d27cbb3beadf5169cd05fe46277ff3
619f2aefc17466e58cbcf33a8fae8ca4c1372fb0c37a1772c6e2289929a9413e
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: M9qH4wrh9DVh1LfgK7yL7w2LcjoRiKnwq09ZYDXTJU0NF+BVHt8BXwbOgH4AloXwy+CZ9JQ/jAlonHJ0NGtFqA==
priority: u=3,i
content-length: 26756
x-fb-trip-id: 1679558926
date: Wed, 14 Sep 2022 07:48:22 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:180,h:180,m
184.31.15.216200 OK 9.6 kB URL HTTP/2 img1.wsimg.com/isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:180,h:180,m
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 071d7185793bfb633ebd1d48ec5a8dee
ad64b355eec103a787e2651021ba5ddae90e6ca8
67ee2be03fea9234a0b03f747598539c43e82c93eb1d80d8f32a8cee6a18e62c
GET /isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:180,h:180,m HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 9588
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 3894661116
x-width: 180
x-height: 180
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
edge-cache-tag: /isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:180,h:180,m
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 950526447441749ff9aeea01a5eb6c86
a1b93fd37508a8e29092bd3ea3b70badc5f39289
4413eab24fa6020944731573ebb4ec45827878c13b17f6fdeb791875533505d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3280
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 07:48:22 GMT
Last-Modified: Wed, 14 Sep 2022 06:53:42 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.160.51.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.51.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gJ99P7zm9SHSqS6xxEARgQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2NkRiXHbCI87a1WhNZGj5CSoT/g=
i.vimeocdn.com/video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d?mw=600&mh=600
151.101.86.109200 OK 27 kB URL HTTP/2 i.vimeocdn.com/video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d?mw=600&mh=600
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Hash 140be940791c15d6efe44ace8a07b819
a37c41b20a97f32dc55b5a311f2613fb373e155a
79b2bf3e86de199d5cf926a29287cf171ca6a65985c9d50b776a88ec044ba7f5
GET /video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d?mw=600&mh=600 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 140be940791c15d6efe44ace8a07b819
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-bk2n
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Wed, 14 Sep 2022 07:48:23 GMT
age: 1118764
x-served-by: cache-dfw-kdfw8210038-DFW, cache-bma1662-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663141703.290107,VS0,VE1
vary: Accept
content-length: 27142
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.10.0/js/module/sentry.js
151.101.86.109200 OK 19 kB URL HTTP/2 f.vimeocdn.com/p/4.10.0/js/module/sentry.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (50848)
Hash 4dc70b9b557ca8c79f297fbfba442427
d96ad931b8f34a3af61241a7c8ecb18d42467658
c8820405ee78804703fb058593abd91c3b9182efd4598d263f4235bb5140295b
GET /p/4.10.0/js/module/sentry.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 07:48:23 GMT
age: 479209
x-served-by: cache-iad-kiad7000062-IAD, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 11728
x-timer: S1663141703.349926,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
content-length: 18787
X-Firefox-Spdy: h2
events.api.secureserver.net/t/1/tl/event?cts=1663141689652&dh=dreamfestival.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=2040596374&cv=2.0.0&z=804793599&vg=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b&vtg=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b&dp=%2F&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22aa1fb9b2-896f-4ef9-be21-3bae706e78f6%22%2C%22pd%22%3A%222022-08-25T19%3A08%3A58.275Z%22%2C%22meta.numWidgets%22%3A21%2C%22meta.theme%22%3A%22layout27%22%2C%22meta.headerMediaType%22%3A%22Video%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Atrue%2C%22meta.isMembership%22%3Atrue%7D&hit_id=e72738ed-0a0c-51b5-a509-90a02df6bda5&ht=perf&tce=1663141688275&tcs=1663141688098&tdc=1663141689594&tdclee=1663141688945&tdcles=1663141688941&tdi=1663141688894&tdl=1663141688355&tdle=1663141688097&tdls=1663141688097&tfs=1663141688091&tns=1663141687770&trqs=1663141688275&tre=1663141688368&trps=1663141688339&tles=1663141689594&tlee=0&nt=navigate&nav_type=hard
104.84.152.58200 OK 43 B URL HTTP/2 events.api.secureserver.net/t/1/tl/event?cts=1663141689652&dh=dreamfestival.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=2040596374&cv=2.0.0&z=804793599&vg=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b&vtg=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b&dp=%2F&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22aa1fb9b2-896f-4ef9-be21-3bae706e78f6%22%2C%22pd%22%3A%222022-08-25T19%3A08%3A58.275Z%22%2C%22meta.numWidgets%22%3A21%2C%22meta.theme%22%3A%22layout27%22%2C%22meta.headerMediaType%22%3A%22Video%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Atrue%2C%22meta.isMembership%22%3Atrue%7D&hit_id=e72738ed-0a0c-51b5-a509-90a02df6bda5&ht=perf&tce=1663141688275&tcs=1663141688098&tdc=1663141689594&tdclee=1663141688945&tdcles=1663141688941&tdi=1663141688894&tdl=1663141688355&tdle=1663141688097&tdls=1663141688097&tfs=1663141688091&tns=1663141687770&trqs=1663141688275&tre=1663141688368&trps=1663141688339&tles=1663141689594&tlee=0&nt=navigate&nav_type=hard
IP 104.84.152.58:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /t/1/tl/event?cts=1663141689652&dh=dreamfestival.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=2040596374&cv=2.0.0&z=804793599&vg=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b&vtg=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b&dp=%2F&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22aa1fb9b2-896f-4ef9-be21-3bae706e78f6%22%2C%22pd%22%3A%222022-08-25T19%3A08%3A58.275Z%22%2C%22meta.numWidgets%22%3A21%2C%22meta.theme%22%3A%22layout27%22%2C%22meta.headerMediaType%22%3A%22Video%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Atrue%2C%22meta.isMembership%22%3Atrue%7D&hit_id=e72738ed-0a0c-51b5-a509-90a02df6bda5&ht=perf&tce=1663141688275&tcs=1663141688098&tdc=1663141689594&tdclee=1663141688945&tdcles=1663141688941&tdi=1663141688894&tdl=1663141688355&tdle=1663141688097&tdls=1663141688097&tfs=1663141688091&tns=1663141687770&trqs=1663141688275&tre=1663141688368&trps=1663141688339&tles=1663141689594&tlee=0&nt=navigate&nav_type=hard HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://dreamfestival.org
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Wed, 14 Sep 2022 07:48:23 GMT
X-Firefox-Spdy: h2
events.api.secureserver.net/t/1/tl/event?cts=1663141688934&dh=dreamfestival.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=2040596374&cv=2.0.0&z=1599494454&vg=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b&vtg=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b&dp=%2F&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22aa1fb9b2-896f-4ef9-be21-3bae706e78f6%22%2C%22pd%22%3A%222022-08-25T19%3A08%3A58.275Z%22%2C%22meta.numWidgets%22%3A21%2C%22meta.theme%22%3A%22layout27%22%2C%22meta.headerMediaType%22%3A%22Video%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Atrue%2C%22meta.isMembership%22%3Atrue%7D&hit_id=8198d685-aed5-5c64-b0af-1940e742a383&ht=pageview
104.84.152.58200 OK 43 B URL HTTP/2 events.api.secureserver.net/t/1/tl/event?cts=1663141688934&dh=dreamfestival.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=2040596374&cv=2.0.0&z=1599494454&vg=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b&vtg=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b&dp=%2F&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22aa1fb9b2-896f-4ef9-be21-3bae706e78f6%22%2C%22pd%22%3A%222022-08-25T19%3A08%3A58.275Z%22%2C%22meta.numWidgets%22%3A21%2C%22meta.theme%22%3A%22layout27%22%2C%22meta.headerMediaType%22%3A%22Video%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Atrue%2C%22meta.isMembership%22%3Atrue%7D&hit_id=8198d685-aed5-5c64-b0af-1940e742a383&ht=pageview
IP 104.84.152.58:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /t/1/tl/event?cts=1663141688934&dh=dreamfestival.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=2040596374&cv=2.0.0&z=1599494454&vg=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b&vtg=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b&dp=%2F&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22aa1fb9b2-896f-4ef9-be21-3bae706e78f6%22%2C%22pd%22%3A%222022-08-25T19%3A08%3A58.275Z%22%2C%22meta.numWidgets%22%3A21%2C%22meta.theme%22%3A%22layout27%22%2C%22meta.headerMediaType%22%3A%22Video%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Atrue%2C%22meta.isMembership%22%3Atrue%7D&hit_id=8198d685-aed5-5c64-b0af-1940e742a383&ht=pageview HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://dreamfestival.org
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Wed, 14 Sep 2022 07:48:23 GMT
X-Firefox-Spdy: h2
152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/video/70366016,5a47ab70,dcf74872,66d1d3c3,251efe5d/audio/9e845806,1c364d6f,3c4bdfd7/master.json?query_string_ranges=1&base64_init=1
104.123.68.185200 OK 3.8 kB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/video/70366016,5a47ab70,dcf74872,66d1d3c3,251efe5d/audio/9e845806,1c364d6f,3c4bdfd7/master.json?query_string_ranges=1&base64_init=1
IP 104.123.68.185:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (16499)
Hash 0e13b98157af7a6aa943a4098b66c3dd
7e18abcac4e63431c63f16129639e81edc05613c
cca7d4d7e377b635175992ced22e71162133e16fcb54739cf97b20d04b96a81a
GET /exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/video/70366016,5a47ab70,dcf74872,66d1d3c3,251efe5d/audio/9e845806,1c364d6f,3c4bdfd7/master.json?query_string_ranges=1&base64_init=1 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
origin-retrieved-hour: 1660759200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Content-Encoding: gzip
Content-Length: 3778
Aka-c-hit: cache-hit
Cache-Control: max-age=31536000
Date: Wed, 14 Sep 2022 07:48:23 GMT
Connection: keep-alive
Vary: Accept-Encoding
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.b5447b68.1663141703.371f5bf
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.185
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/audio/66d1d3c3/chop/segment-1.m4s?r=dXM%3D
104.123.68.185200 OK 97 kB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/audio/66d1d3c3/chop/segment-1.m4s?r=dXM%3D
IP 104.123.68.185:0
ASN #20940 Akamai International B.V.
Hash 82d6d9ace0a02b537d568f0f54942048
f607c5b9b222c34a84f55c3a906e992a1f7c8edb
7c28152f1da3f808588bf5ff476db4b7ef67d34cf262eabffcd10243b066ff9b
GET /exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/audio/66d1d3c3/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 96783
ETag: 04046ffd7138c89629f8cdb1543ef6c4
using-starlord: true
origin-retrieved-hour: 1660770000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31536000
Date: Wed, 14 Sep 2022 07:48:23 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.b5447b68.1663141703.371f5df
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.185
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
IP 142.250.74.3:0
Hash 06d126403650b4707e840c86ccfbbc62
e52b7e84ece6262402488b1fedebab08b8fd6e1d
66304841c3c9b4abdae463f79f8e909494deafc92c61f122592b31895180aa5c
POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 07:48:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dreamfestival.org/open-new-bank-account
160.153.136.3200 OK 20 kB URL HTTP/2 dreamfestival.org/open-new-bank-account
IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
Hash d2559fbf374b58754627be8ebd63af8a
2e5acefe6f4d42ea6ed7e40839d3755b3401fc9a
ad36763445a301f32e864db02fd37a1ea5adc418a75d58708976b6e0c725cb92
Analyzer Verdict Alert fortinet Phishing
GET /open-new-bank-account HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b; _tccl_visit=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: d8160e3ca3b611d3e88acd4b8eb6b159
date: Wed, 14 Sep 2022 07:48:23 GMT
X-Firefox-Spdy: h2
dreamfestival.org/marketing-competition
160.153.136.3200 OK 257 kB URL HTTP/2 dreamfestival.org/marketing-competition
IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
Size 257 kB (257347 bytes)
Hash aa70f88452624ef0eab7ede971f0f694
a5e46141976f8d66a300ad26f7279533ff3b2475
ff14fcea6f9a08df6539635a4b9741cb4bdd25a448275c93eb1886397a865900
Analyzer Verdict Alert fortinet Phishing
GET /marketing-competition HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b; _tccl_visit=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 21db9715dc46771a6cb0a0b1cb3a598b
date: Wed, 14 Sep 2022 07:48:23 GMT
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Wed, 14 Sep 2022 07:48:24 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dreamfestival.org/dream-store-app
160.153.136.3200 OK 18 kB URL HTTP/2 dreamfestival.org/dream-store-app
IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (34429)
Hash cef62cdbf97064f211ea5e9c0be77a41
86483e4698be0118fe3cd5234d753ebe290496f1
8637eb90568d0f8ca22546a8170e4ae061dbc6b0268896f2266967e7c7e4ecb5
Analyzer Verdict Alert fortinet Phishing
GET /dream-store-app HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b; _tccl_visit=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: b80b5b63daadcfc685581bd432699379
date: Wed, 14 Sep 2022 07:48:23 GMT
X-Firefox-Spdy: h2
player-telemetry.vimeo.com/player-events/log/play
34.120.202.204200 OK 0 B URL HTTP/2 player-telemetry.vimeo.com/player-events/log/play
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /player-events/log/play HTTP/1.1
Host: player-telemetry.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 657
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 07:48:24 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dreamfestival.org/how-you-save-money
160.153.136.3200 OK 18 kB URL HTTP/2 dreamfestival.org/how-you-save-money
IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (34423)
Hash cc840f404f49f816c2e1f084b84f9028
ec5026c34f3539b3437c9100433a305e1c8ea221
63153e00303652015b7157572c497e2ff1f1fe47c2eac7c2d9938755e401655d
Analyzer Verdict Alert fortinet Phishing
GET /how-you-save-money HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b; _tccl_visit=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 5245d1cebfe470d6e61a2472ffd67b44
date: Wed, 14 Sep 2022 07:48:23 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
IP 142.250.74.3:0
Hash 06d126403650b4707e840c86ccfbbc62
e52b7e84ece6262402488b1fedebab08b8fd6e1d
66304841c3c9b4abdae463f79f8e909494deafc92c61f122592b31895180aa5c
POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 07:48:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dreamfestival.org/
160.153.136.3200 OK 30 kB IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
Hash 80ead557fdce1fcfdb22b601a140ada3
f7ab77aba807fae43b75d44c358f51bd171a8c16
e7c0ae2ff3ffa3ad636e6447aa9da06362aa4baba4883374f6406826148d4825
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b; _tccl_visit=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 3988647d0125a0ad832acc3a3bc1f1d1
date: Wed, 14 Sep 2022 07:48:24 GMT
X-Firefox-Spdy: h2
152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=790-144146
104.123.68.185200 OK 143 kB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=790-144146
IP 104.123.68.185:0
ASN #20940 Akamai International B.V.
Size 143 kB (143357 bytes)
Hash 172c580f1e70c83faf31fb7c439f3a15
04f677e204cc8ac39229f373312d359ee1457a47
f8b8d548a8f93f6d0655e5c1cb187ce3b1c05bfdc4d761a4fa59db34506ee0ce
GET /exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=790-144146 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 143357
Last-Modified: Wed, 17 Aug 2022 18:48:56 GMT
Server: parcel
origin-retrieved-hour: 1660770000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31536000
Expires: Thu, 14 Sep 2023 07:48:24 GMT
Date: Wed, 14 Sep 2022 07:48:24 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.b5447b68.1663141704.371f612
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.185
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:104.123.68.185~requestid:371f612~time:1663141704~ghostforwardip:104.96.0.64~edgecache:cache-miss~rtt:7~region:NO-; path=/; domain=.akamaized.net;
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7289
Expires: Wed, 14 Sep 2022 09:49:53 GMT
Date: Wed, 14 Sep 2022 07:48:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7289
Expires: Wed, 14 Sep 2022 09:49:53 GMT
Date: Wed, 14 Sep 2022 07:48:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7289
Expires: Wed, 14 Sep 2022 09:49:53 GMT
Date: Wed, 14 Sep 2022 07:48:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7289
Expires: Wed, 14 Sep 2022 09:49:53 GMT
Date: Wed, 14 Sep 2022 07:48:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 019416755742a78ddf35671ba5eaccc7
ec2e96359ef3a236514cab21af80ea5b9420e9c3
a6b0e0ec56c2ce2f94dae8032e0deb297236c35f7a8928a14a254e3fdb2a255a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10245
x-amzn-requestid: 25331636-a1cd-4ceb-84cc-fd85cfd8a861
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG23AGLIoAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631904f9-6fbb23ec3dc9d55e344bc6d7;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 20:54:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6rK3xzw-3wH6O2TCotqsmazLOzUWUbWtgxpVYxm5YQAmVVf4IcPLMA==
via: 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 23:47:28 GMT
age: 28856
etag: "ec2e96359ef3a236514cab21af80ea5b9420e9c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dreamfestival.org/car-show
160.153.136.3200 OK 26 kB URL HTTP/2 dreamfestival.org/car-show
IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
Hash 5909beef5b0df410f9de555534121de9
4cccabf1ddca7172ab0087e5da6f0d05bc48605d
a2abf170a17df77d6b01f18ef174c6fcb4fb09eb0a059f30ac6c4442225e4a47
Analyzer Verdict Alert fortinet Phishing
GET /car-show HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b; _tccl_visit=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 164d2d77c9f42f89b066893fcacc4805
date: Wed, 14 Sep 2022 07:48:24 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0789404fdbe3613d465d8fa89a63d7b8
0617d2e513097ca415a1d07cd39b1cb64d832ecf
80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM9K72ukk0cuyR1ZcV5xWXnEd8U9OgeQi7bkCe0Pzn3BfdLMvSdSXg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 03:02:44 GMT
age: 17140
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e7ebee-3326-460f-b5ca-02aae140968c.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e7ebee-3326-460f-b5ca-02aae140968c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash de3f5f47acb69d9c4fa6721b5283404a
895f8e58be471d713557a1318b3d050429cfe419
396f97609adc2f1cdf7e241f8b164ae89e0d353cc26e48184977a1c684c544cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e7ebee-3326-460f-b5ca-02aae140968c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6154
x-amzn-requestid: 3341eb6d-9787-470e-aceb-dd722af36716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GVwIAMFSzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-4e79b8594d68a9c504e33a25;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0ig7ITAeZj5ypLK25XtmhEQIR_pz-P96ZUgOA0Q4OgwVtAF5pmo4sA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:49:32 GMT
etag: "895f8e58be471d713557a1318b3d050429cfe419"
content-type: image/jpeg
age: 35932
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b20499b3b8ef7b8ee73bd8b27e8c0c16
744a852e9357455d55e72809841411258fec44a9
457c8a9e4974a9529fa852b37f7ffc083e0eac987fe47aaebda808bf9f9f2941
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9270
x-amzn-requestid: bba505a1-bbba-4d14-ad3a-1f72c028cc43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLj-YGaOIAMFeOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae6c2-08d743cc73070f6653991180;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:09:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N0iUxQripFCaFLbMsp-lsFOMHDKzQUW3AHaWMyzOK9NGyAz5weDbvg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 23:28:34 GMT
age: 29990
etag: "744a852e9357455d55e72809841411258fec44a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yP22CSG5x3BVfq29UMdw30TZcvuaL-kUDgjBZDUEMpRVDWqlZrCgdQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:42:05 GMT
age: 36379
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=914-2723138
104.123.68.185200 OK 2.7 MB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=914-2723138
IP 104.123.68.185:0
ASN #20940 Akamai International B.V.
Size 2.7 MB (2722225 bytes)
Hash b21074f72142a32819ed6afd1daebe2c
9d9335a955687bff55f302b06cd6f8e91a61e8e0
f5a328143c4016b0138cdda90a7a28d27ad1cdcd137850ac5f3685e4e2f57ab6
GET /exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=914-2723138 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 2722225
Last-Modified: Wed, 17 Aug 2022 18:49:42 GMT
Server: parcel
origin-retrieved-hour: 1660759200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31535993
Expires: Thu, 14 Sep 2023 07:48:17 GMT
Date: Wed, 14 Sep 2022 07:48:24 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.b5447b68.1663141704.371f62c
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.185
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:104.123.68.185~requestid:371f62c~time:1663141704~ghostforwardip:104.96.0.64~edgecache:cache-miss~rtt:8~region:NO-; path=/; domain=.akamaized.net;
152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=144147-287689
104.123.68.185200 OK 144 kB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=144147-287689
IP 104.123.68.185:0
ASN #20940 Akamai International B.V.
Size 144 kB (143543 bytes)
Hash 9ddfbf15970096c628a9f0ed7567c2a1
611850569aa5bb875acac5686dc7836bc62791b2
860fd8e6106d5a3dfcd68cce90a28fc669c3666d64aa8c792caac5d08f096ce2
GET /exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=144147-287689 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 143543
Last-Modified: Wed, 17 Aug 2022 18:48:56 GMT
Server: parcel
origin-retrieved-hour: 1660770000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31536000
Expires: Thu, 14 Sep 2023 07:48:24 GMT
Date: Wed, 14 Sep 2022 07:48:24 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.b5447b68.1663141704.371f661
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.185
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:104.123.68.185~requestid:371f661~time:1663141704~ghostforwardip:104.96.0.64~edgecache:cache-miss~rtt:7~region:NO-; path=/; domain=.akamaized.net;
152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=2723139-4677552
104.123.68.185200 OK 2.0 MB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=2723139-4677552
IP 104.123.68.185:0
ASN #20940 Akamai International B.V.
Size 2.0 MB (1954414 bytes)
Hash e15d2d570da030f8ca485299f97812b3
57a7a2eb80dd6ff4c33fea371ab6f975f2e67e70
fa2346aacd2be7a89f0fad42c7a23f0ca0f400d551564bb647ca0986ca8902dd
GET /exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=2723139-4677552 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1954414
Last-Modified: Wed, 17 Aug 2022 18:49:42 GMT
Server: parcel
origin-retrieved-hour: 1660759200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31535967
Expires: Thu, 14 Sep 2023 07:47:51 GMT
Date: Wed, 14 Sep 2022 07:48:24 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.b5447b68.1663141704.371f68c
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.185
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:104.123.68.185~requestid:371f68c~time:1663141704~ghostforwardip:104.96.0.64~edgecache:cache-miss~rtt:7~region:NO-; path=/; domain=.akamaized.net;
152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=287690-430587
104.123.68.185200 OK 143 kB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=287690-430587
IP 104.123.68.185:0
ASN #20940 Akamai International B.V.
Size 143 kB (142898 bytes)
Hash d84e3a707f43f95415377490c5704b50
d80482839e69e9b4f46f0e996802e3eab7d9760b
03063aa2d0c06ccef18edfb4b073b9a464680fbe5329f902ba5e7538aba2d673
GET /exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=287690-430587 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 142898
Last-Modified: Wed, 17 Aug 2022 18:48:56 GMT
Server: parcel
origin-retrieved-hour: 1660770000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31535947
Expires: Thu, 14 Sep 2023 07:47:32 GMT
Date: Wed, 14 Sep 2022 07:48:25 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.b5447b68.1663141705.371f6a5
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.185
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:104.123.68.185~requestid:371f6a5~time:1663141705~ghostforwardip:104.96.0.64~edgecache:cache-miss~rtt:10~region:NO-; path=/; domain=.akamaized.net;
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash f5d8f98b94488372a6e86372665e36ca
494f083e5e3be72d2c8b39812d96619301e9238d
2bda2d2884cfd1ac75d05fd577b961ba33a6e02eb414e3dbf1f2df505875ffcb
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 14 Sep 2022 07:48:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 14 Sep 2022 00:03:59 GMT
Expires: Thu, 15 Sep 2022 00:03:59 GMT
ETag: "494f083e5e3be72d2c8b39812d96619301e9238d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=4677553-6398121
104.123.68.185200 OK 1.7 MB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=4677553-6398121
IP 104.123.68.185:0
ASN #20940 Akamai International B.V.
Size 1.7 MB (1720569 bytes)
Hash 4d3fdb919d0dbbd9dfffc03064fb6e4f
5510f8d2940d51f1b7b700d428af0292a7957f20
d886cb8c09f61149cbe4f4df7ba4b2f6fb321b326f0523a9d4b6c0e577830663
GET /exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=4677553-6398121 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1720569
Last-Modified: Wed, 17 Aug 2022 18:49:42 GMT
Server: parcel
origin-retrieved-hour: 1660759200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31535971
Expires: Thu, 14 Sep 2023 07:47:56 GMT
Date: Wed, 14 Sep 2022 07:48:25 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.b5447b68.1663141705.371f6c2
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.185
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:104.123.68.185~requestid:371f6c2~time:1663141705~ghostforwardip:104.96.0.64~edgecache:cache-miss~rtt:9~region:NO-; path=/; domain=.akamaized.net;
152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=430588-582977
104.123.68.185200 OK 152 kB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=430588-582977
IP 104.123.68.185:0
ASN #20940 Akamai International B.V.
Size 152 kB (152390 bytes)
Hash cc636d9e8839dd870164269b498724f1
64aadf9816cc88973dee50f7b419a9b33ada56f2
831d461e3cc7dcbda1dea7129e6ee0144015775f6747fafa8825d8a417d4c155
GET /exp=1663145602~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=0da9020b86932c0b25dacb2847a16cb9cea6c518116349417b82e26a4dd64ce1/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=430588-582977 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 152390
Last-Modified: Wed, 17 Aug 2022 18:48:56 GMT
Server: parcel
origin-retrieved-hour: 1660770000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31535997
Expires: Thu, 14 Sep 2023 07:48:22 GMT
Date: Wed, 14 Sep 2022 07:48:25 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.b5447b68.1663141705.371f702
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.185
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:104.123.68.185~requestid:371f702~time:1663141705~ghostforwardip:104.96.0.64~edgecache:cache-miss~rtt:8~region:NO-; path=/; domain=.akamaized.net;
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 41921075707673469db75290f6c5fb56
910b0b7bce3cebd1876118c0df4628340ad5b1bf
bac283aacce54e276a03983fe0f18adfb8ee77f737c0917118a631e02da05a95
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 14 Sep 2022 07:48:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 14 Sep 2022 03:16:00 GMT
Expires: Thu, 15 Sep 2022 03:16:00 GMT
ETag: "910b0b7bce3cebd1876118c0df4628340ad5b1bf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
dreamfestival.org/
160.153.136.3200 OK 0 B IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 3988647d0125a0ad832acc3a3bc1f1d1
date: Wed, 14 Sep 2022 07:48:22 GMT
X-Firefox-Spdy: h2
dreamfestival.org/favicon.ico
160.153.136.3404 Not Found 0 B URL HTTP/2 dreamfestival.org/favicon.ico
IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
GET /favicon.ico HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Cookie: dps_site_id=4000; _tccl_visitor=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b; _tccl_visit=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
date: Wed, 14 Sep 2022 07:48:22 GMT
X-Firefox-Spdy: h2
dreamfestival.org/sw.js
160.153.136.3200 OK 0 B IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b; _tccl_visit=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: ed4ecce48d39de01119114a419c3b9ec
date: Wed, 14 Sep 2022 07:48:23 GMT
X-Firefox-Spdy: h2
dreamfestival.org/about-us
160.153.136.3200 OK 0 B URL HTTP/2 dreamfestival.org/about-us
IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /about-us HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b; _tccl_visit=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 82151246535e029a090b9821f9184dd3
date: Wed, 14 Sep 2022 07:48:24 GMT
X-Firefox-Spdy: h2
dreamfestival.org/faq
160.153.136.3200 OK 0 B IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /faq HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b; _tccl_visit=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: bb6db22321f3fcd6a5cb2278aeafc375
date: Wed, 14 Sep 2022 07:48:24 GMT
X-Firefox-Spdy: h2
cart-checkout.secureserver.net/dist/embed.js
52.10.132.186200 OK 0 B URL HTTP/2 cart-checkout.secureserver.net/dist/embed.js
IP 52.10.132.186:0
GET /dist/embed.js HTTP/1.1
Host: cart-checkout.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 07:48:26 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Fri, 02 Sep 2022 18:00:59 GMT
etag: W/"24b0-182ff5cf778"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dreamfestival.org/g/api/cart/cart?cartNotifyTimeout=5000&websiteId=aa1fb9b2-896f-4ef9-be21-3bae706e78f6&env=production&cartUrl=https://dreamfestival.org/g/api/cart&websiteUrl=https://dreamfestival.org
160.153.136.3200 OK 0 B URL HTTP/2 dreamfestival.org/g/api/cart/cart?cartNotifyTimeout=5000&websiteId=aa1fb9b2-896f-4ef9-be21-3bae706e78f6&env=production&cartUrl=https://dreamfestival.org/g/api/cart&websiteUrl=https://dreamfestival.org
IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
GET /g/api/cart/cart?cartNotifyTimeout=5000&websiteId=aa1fb9b2-896f-4ef9-be21-3bae706e78f6&env=production&cartUrl=https://dreamfestival.org/g/api/cart&websiteUrl=https://dreamfestival.org HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b; _tccl_visit=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 07:48:29 GMT
content-type: text/html; charset=utf-8
set-cookie: commerce_cart_aa1fb9b2-896f-4ef9-be21-3bae706e78f6_locale=%22en-US%22; Max-Age=86400; Path=/; Secure; SameSite=None
dps_site_id=4000; path=/; secure
etag: "4dd3-byFu/QJd0VGrSuMpz7UM/61pK0E"
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-98b416a8.js
184.31.15.216200 OK 0 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-98b416a8.js
IP 184.31.15.216:0
ASN #20940 Akamai International B.V.
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-98b416a8.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 58295
x-version: 0.7.1+sha-f8fdc16
etag: "e0201f84421293da324b0057e86fe74a"
last-modified: Thu, 28 Jul 2022 19:30:36 GMT
x-amzn-trace-id: Root=1-62e2e3db-723b36273c4dfffd08f32895
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 07:48:22 GMT
date: Wed, 14 Sep 2022 07:48:22 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.reamaze.com/assets/reamaze-godaddy-loader.js
104.22.8.8200 OK 0 B URL HTTP/2 cdn.reamaze.com/assets/reamaze-godaddy-loader.js
IP 104.22.8.8:0
GET /assets/reamaze-godaddy-loader.js HTTP/1.1
Host: cdn.reamaze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 07:48:23 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 21:29:55 GMT
etag: W/"22e-5e81d038fbac0"
cache-control: public, max-age=600, s-maxage=604800
cf-cache-status: HIT
age: 544266
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a7851c28141c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
dreamfestival.org/online-games
160.153.136.3200 OK 0 B URL HTTP/2 dreamfestival.org/online-games
IP 160.153.136.3:0
ASN #21501 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /online-games HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b; _tccl_visit=1f2eb987-d5ea-5b0b-a2dc-021da0b93b9b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 02194fd21da68ca2f553da290e837cf3
date: Wed, 14 Sep 2022 07:48:23 GMT
X-Firefox-Spdy: h2
api.ola.godaddy.com/accounts/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/config?fields[]=cart
198.71.248.123200 OK 0 B URL HTTP/2 api.ola.godaddy.com/accounts/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/config?fields[]=cart
IP 198.71.248.123:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /accounts/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/config?fields[]=cart HTTP/1.1
Host: api.ola.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Origin: https://dreamfestival.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 07:48:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dreamfestival.org
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers:
access-control-max-age: 1728000
access-control-allow-credentials: true
etag: W/"f994dc730afcd7847410c04a263025af"
cache-control: max-age=0, private, must-revalidate
x-request-id: fcac9e215012d2ad5d9213151f97faf6
x-runtime: 0.018565
vary: Accept-Encoding, Origin
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2