r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7469
Expires: Wed, 30 Nov 2022 05:39:28 GMT
Date: Wed, 30 Nov 2022 03:34:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4511
Cache-Control: max-age=115883
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:34:59 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:46:22 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 03:17:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1021
alt-svc: clear
X-Firefox-Spdy: h2
festivevilla.com/Navy/login.php
210.16.102.57200 OK 22 kB URL HTTP/1.1 festivevilla.com/Navy/login.php
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1050)
Hash 4797e4e7d87bb4f86b9fbacaf4bfd5e9
8a8f0167b1512f84a722e833f6e5d9fc38f7ea13
5b6f845fdcf1b9202f964e4062cb0c3574f3f66f3970448938820dc9e95adbdc
Analyzer Verdict Alert fortinet Phishing
GET /Navy/login.php HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:34:59 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12475
Expires: Wed, 30 Nov 2022 07:02:54 GMT
Date: Wed, 30 Nov 2022 03:34:59 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 03:34:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Hd8utHpAD7Cd7znKB6lDnFybb6465/uPsjfijj6Q3++T3CWCPVT018eVy6Zg4SWg+BI+UyTK/Dk=
x-amz-request-id: WHNP18X837MXF4MX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 02:45:03 GMT
age: 2996
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
festivevilla.com/Navy/assets/login_files/css
210.16.102.57200 OK 5.3 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/css
IP 210.16.102.57:0
Hash d4baea2811dfc8abb005b1f3ffd7ab99
a4625c458912603b4195cd50d355b397849fee8a
4ebc75845cc39caa3155ec67ecd91ca3f4953cd30821e38535c7b76e23f712c5
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/css HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 5330
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
festivevilla.com/Navy/assets/login_files/nfcu-icons-599150400912c8247ee1872211972b2a.css
210.16.102.57200 OK 10 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/nfcu-icons-599150400912c8247ee1872211972b2a.css
IP 210.16.102.57:0
File type ASCII text, with CRLF line terminators
Hash 8882106e8f2f1e901ae0adcd00c24a79
d098072915fd1bddd8d1024a5982bd55f3ddcd35
695b1960aa3a891a74a5d3f4d50bd79ddd0d128d5bdbadce1d30f2ded543c76e
GET /Navy/assets/login_files/nfcu-icons-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 10219
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
festivevilla.com/Navy/assets/login_files/nauth-599150400912c8247ee1872211972b2a.css
210.16.102.57200 OK 4.6 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/nauth-599150400912c8247ee1872211972b2a.css
IP 210.16.102.57:0
File type ASCII text, with CRLF line terminators
Hash b04b6db47acbe6e40dbfc82ea996e081
a70741b0d746d2fb628c8983574dbf7308dc78b4
8d1261ea1089c79204d3f242918c65890544b31155db024a2d23b01257015de2
GET /Navy/assets/login_files/nauth-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 4616
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
festivevilla.com/Navy/assets/login_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js.download
210.16.102.57200 OK 4.9 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js.download
IP 210.16.102.57:0
File type ASCII text, with CRLF line terminators
Hash 26c4780f6299ba4f720dab0845618646
938da0075c2184a7c6094246fce05e6e0b21cf2f
35e2381bb52cbaa02e75cad7884d790260ebc1f611b6b710e8df10762d577575
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js.download HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 4908
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
festivevilla.com/Navy/assets/login_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js.download
210.16.102.57200 OK 3.3 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js.download
IP 210.16.102.57:0
File type HTML document, ASCII text, with very long lines (1213), with CRLF line terminators
Hash 1ee2f1c1cd8b52aeec09ca0a463784c5
53c4238525f66141adce181c7fa6ea894d87faf0
a27ad080fba819c7944d8bec0b732a4435b08372b0830ea988e34d77383d7108
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js.download HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 3314
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
festivevilla.com/Navy/assets/login_files/common-ec401aee041a200e3dd94ec7982f0f2f.js.download
210.16.102.57200 OK 7.5 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/common-ec401aee041a200e3dd94ec7982f0f2f.js.download
IP 210.16.102.57:0
File type ASCII text, with CRLF line terminators
Hash 01b858916957e3870308909c7076f556
2473567555dcdca88b29fb8749124c682eeb889d
efabe5e66d3050a56038cc09a5ae655cc6636d6ccea5d0d87de0ce89d2bafee2
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/common-ec401aee041a200e3dd94ec7982f0f2f.js.download HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 7484
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
festivevilla.com/Navy/assets/login_files/modal-ec401aee041a200e3dd94ec7982f0f2f.js.download
210.16.102.57200 OK 10 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/modal-ec401aee041a200e3dd94ec7982f0f2f.js.download
IP 210.16.102.57:0
File type ASCII text, with CRLF line terminators
Hash a5de96ee976ec4a3647903f3875d74d2
dba3fa7ec8f8d8dc4c560c28b7153d65a40bd1a6
91524af503d413292988cbd0f6745342c716d3efa5fe8090ed0d72b1f34fc1b3
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/modal-ec401aee041a200e3dd94ec7982f0f2f.js.download HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 10275
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
festivevilla.com/Navy/assets/login_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js.download
210.16.102.57200 OK 2.4 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js.download
IP 210.16.102.57:0
File type ASCII text, with CRLF line terminators
Hash 8f26ad6fa5294d8a49c7578811cc8a54
73561359c7e366898f25e578322322d52eb60d0f
bfd0527fd2725ac551051f5efeb3c0a79dc815fc727e311706840907134db819
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js.download HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 2394
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
festivevilla.com/Navy/assets/login_files/bootstrap-select.min-ec401aee041a200e3dd94ec7982f0f2f.js.download
210.16.102.57200 OK 31 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/bootstrap-select.min-ec401aee041a200e3dd94ec7982f0f2f.js.download
IP 210.16.102.57:0
File type ASCII text, with very long lines (31148), with CRLF, LF line terminators
Hash 76ee99405563373864c57f9093c526eb
75b2efebcdf0dc3ffcb3336204d3c3f9a7be39da
8d3acb616b3214c6f074d4540f95252a157b667d4018cd4c14241841bd11812f
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/bootstrap-select.min-ec401aee041a200e3dd94ec7982f0f2f.js.download HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 31418
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
festivevilla.com/Navy/assets/login_files/login-ec401aee041a200e3dd94ec7982f0f2f.js.download
210.16.102.57200 OK 3.4 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/login-ec401aee041a200e3dd94ec7982f0f2f.js.download
IP 210.16.102.57:0
File type ASCII text, with CRLF line terminators
Hash ddf9ee8c69c26f28ae9c9a025bf19b00
c3c5204a2eda0cfa8daee6640ae16923fa8d0a88
c091833941e2030950faf7805f27417bd6a685e715ba2b1245bd524486d8c30b
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/login-ec401aee041a200e3dd94ec7982f0f2f.js.download HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 3402
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 03:08:56 GMT
cache-control: public,max-age=3600
age: 1564
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
festivevilla.com/Navy/assets/login_files/all-599150400912c8247ee1872211972b2a.css
210.16.102.57200 OK 50 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/all-599150400912c8247ee1872211972b2a.css
IP 210.16.102.57:0
File type ASCII text, with very long lines (50194), with CRLF line terminators
Hash e3bda9651f4b0ab23aad888b9b0d1b58
c348bd0ed9cca0609a47147b8631f9e49b10473c
5c0e217f8f0944b5d1c7be730f25e0ae9fa51fd555d771fdc542655554923124
GET /Navy/assets/login_files/all-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 50383
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
festivevilla.com/Navy/assets/login_files/tag.js.download
210.16.102.57200 OK 19 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/tag.js.download
IP 210.16.102.57:0
File type ASCII text, with very long lines (18620), with no line terminators
Hash 4a184a8f1266663d5c1fc8a02c7e661a
550f2c816a000882a45b3d312754184c66bddb9e
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/tag.js.download HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 18620
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
festivevilla.com/Navy/assets/login_files/le2-mtagconfig.js.download
210.16.102.57200 OK 20 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/le2-mtagconfig.js.download
IP 210.16.102.57:0
File type ASCII text, with very long lines (1788)
Hash d1c10a4d0eb46eea9bc096a0ac839e86
e8e8a945aa8bf827c6d65e3a9e3796855db01254
922dcba31ffcce26f6f457bd0c08982fa134c32ac0d1bebe2366df18938ca645
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/le2-mtagconfig.js.download HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 20016
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4512
Cache-Control: max-age=110820
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:35:00 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:22:00 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
festivevilla.com/Navy/assets/login_files/responsivemain-599150400912c8247ee1872211972b2a.css
210.16.102.57200 OK 138 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/responsivemain-599150400912c8247ee1872211972b2a.css
IP 210.16.102.57:0
File type assembler source, ASCII text, with very long lines (384), with CRLF line terminators
Size 138 kB (138460 bytes)
Hash f9ed5ec5cf7814afa29a9d342e17de0d
70144b726800efc547e0bb28eb71a051a18cb80a
204f780a43b4ba083a9794e7c2d5af400a6abd5454f50ebb215c26e7dc158331
GET /Navy/assets/login_files/responsivemain-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 138460
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
festivevilla.com/Navy/assets/login_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js.download
210.16.102.57200 OK 298 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js.download
IP 210.16.102.57:0
File type ASCII text, with CRLF line terminators
Size 298 kB (298502 bytes)
Hash fb1817b96c65b6477cb55fedf53e86d9
5597fac79205084e13cce359229b070ae2638171
a28d76c983b06d87eb2c6d6deaff7e1d4faf32f12794a92bd5e21c754c06ed9b
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js.download HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 298502
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
44.238.202.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.202.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e7kh+C9kk/EjCeElCai0jA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kXOJdOIwT3F6Nl1HDbASb0RbXyQ=
festivevilla.com/Navy/assets/login_files/jsonp
210.16.102.57200 OK 264 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/jsonp
IP 210.16.102.57:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 264 kB (263858 bytes)
Hash 4c83600db8393e63181d47be39f5b2e7
f15254bd4e5d49e8a041ce13f2abcda01c887f4f
46692762eb985bb12d0bd7d5dbf6d97447380b13753a0c5b2375695f7ae00fce
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/jsonp HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:00 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 263858
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
festivevilla.com/Navy/assets/login_files/NFCU_Mob_Logo-1d62888b4b662af9142e3c385f423f32.svg
210.16.102.57200 OK 3.7 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/NFCU_Mob_Logo-1d62888b4b662af9142e3c385f423f32.svg
IP 210.16.102.57:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3660), with no line terminators
Hash a2b0e2d6d5de371a89f40e78fc6f6368
a4e3dc8ff731e09f9bf6e384891033efd106fe5c
2cca552b4d48760fdce1fb2c0a21e6bf09b6ada1f7e70f5b1f4b7b810367c630
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/NFCU_Mob_Logo-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 3660
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
festivevilla.com/Navy/assets/login_files/Group5159-1d62888b4b662af9142e3c385f423f32.svg
210.16.102.57200 OK 5.0 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/Group5159-1d62888b4b662af9142e3c385f423f32.svg
IP 210.16.102.57:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash f80a5f4423323524e8c1e6234c895e01
18875cf32d53ae8de0f026483cb0174d426e7636
d3c66738cff7fddc343adf5eed0f1ace982866d8beacbd1d699c45ce7cde17d8
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/Group5159-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 5018
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
festivevilla.com/Navy/img/toolTip.svg
210.16.102.57200 OK 638 B URL HTTP/1.1 festivevilla.com/Navy/img/toolTip.svg
IP 210.16.102.57:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 61073cd14d56f28c5aefdf1baeb199e4
eab0c82382d5d0d3fdb99cff30dd01fa6a5cda96
268da56a37c709c0b403a3c7b4cf116d4c302ae685cc741b2bab7f29c6b5700f
Analyzer Verdict Alert fortinet Phishing
GET /Navy/img/toolTip.svg HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 638
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
festivevilla.com/Navy/options.png
210.16.102.57404 Not Found 315 B URL HTTP/1.1 festivevilla.com/Navy/options.png
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /Navy/options.png HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
festivevilla.com/Navy/assets/login_files/Group5166-1d62888b4b662af9142e3c385f423f32.svg
210.16.102.57200 OK 2.0 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/Group5166-1d62888b4b662af9142e3c385f423f32.svg
IP 210.16.102.57:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (314), with CRLF line terminators
Hash aff5c48480cee49314b12b1469e11380
a95cd4ba713db9e4247e3b61edead9631100e534
89a821c2c4f26ce58357c1e2fe213e58de98e7a7dd0ddc17e2b3aedeb3a1beae
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/Group5166-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 2016
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
festivevilla.com/Navy/assets/login_files/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg
210.16.102.57200 OK 22 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg
IP 210.16.102.57:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2618), with CRLF line terminators
Hash e9412a7e111241810e74c5cf267fb64a
cae22fc983a55384e31ad2a4e43f812bc68efbfc
3e700f9ff93a023fcaee00daeb83062c9492803afc78643532d41d369133f991
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 21962
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:35:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:35:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16112, version 1.0\012- data
Hash 899c8f78ce650d4009d42443897aa723
d2e2faa9780b7fca5a5cb20a853dd7df55b3101e
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
GET /s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://festivevilla.com
Connection: keep-alive
Referer: http://festivevilla.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 14:39:02 GMT
expires: Sun, 26 Nov 2023 14:39:02 GMT
cache-control: public, max-age=31536000
age: 305759
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15948, version 1.0\012- data
Hash c85615b296302af51e683eecb5e371d4
ff7c20b0947804c607759aa46eab666d94cf12ea
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
GET /s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://festivevilla.com
Connection: keep-alive
Referer: http://festivevilla.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:43:15 GMT
expires: Wed, 29 Nov 2023 15:43:15 GMT
cache-control: public, max-age=31536000
age: 42706
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:35:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
festivevilla.com/Navy/assets/fonts/nfcu-icons.woff
210.16.102.57404 Not Found 315 B URL HTTP/1.1 festivevilla.com/Navy/assets/fonts/nfcu-icons.woff
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/fonts/nfcu-icons.woff HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://festivevilla.com/Navy/assets/login_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
festivevilla.com/Navy/assets/images/css/bg_globe.png
210.16.102.57404 Not Found 315 B URL HTTP/1.1 festivevilla.com/Navy/assets/images/css/bg_globe.png
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /Navy/assets/images/css/bg_globe.png HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/assets/login_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
festivevilla.com/Navy/assets/login_files/contact-us-1d62888b4b662af9142e3c385f423f32.svg
210.16.102.57200 OK 1.1 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/contact-us-1d62888b4b662af9142e3c385f423f32.svg
IP 210.16.102.57:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (451), with CRLF line terminators
Hash 2bda1ec8eebf853afd05e28a099389f2
43e29c838883eaa45b40ced10e67b863b2e70a97
16eb10aacb5be4e997453d0d2501d49e7d3a236828ee90f22cd3f913951a6d67
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/contact-us-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 1144
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
festivevilla.com/Navy/assets/images/css/img-billboard-BG.svg
210.16.102.57404 Not Found 315 B URL HTTP/1.1 festivevilla.com/Navy/assets/images/css/img-billboard-BG.svg
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/images/css/img-billboard-BG.svg HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/assets/login_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
festivevilla.com/Navy/toolTip.svg
210.16.102.57404 Not Found 315 B URL HTTP/1.1 festivevilla.com/Navy/toolTip.svg
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Navy/toolTip.svg HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
festivevilla.com/Navy/assets/images/css/icons.png
210.16.102.57404 Not Found 315 B URL HTTP/1.1 festivevilla.com/Navy/assets/images/css/icons.png
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /Navy/assets/images/css/icons.png HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/assets/login_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
festivevilla.com/Navy/assets/fonts/sourcesanspro-semibold-webfont.woff2
210.16.102.57404 Not Found 315 B URL HTTP/1.1 festivevilla.com/Navy/assets/fonts/sourcesanspro-semibold-webfont.woff2
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/fonts/sourcesanspro-semibold-webfont.woff2 HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://festivevilla.com/Navy/assets/login_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
festivevilla.com/Navy/assets/login_files/saved_resource(1).html
210.16.102.57200 OK 152 B URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/saved_resource(1).html
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/saved_resource(1).html HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 152
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html
festivevilla.com/Navy/assets/login_files/logout.html
210.16.102.57200 OK 334 B URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/logout.html
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash b3cee307336a8cc92f93e4710ed78ce6
fbdbb10abea2545365241abd024f9892852bedc4
9eadc1c707aeaa4ecc543b1552840390c99dd6bc855d5aa0a16ee14ab9cbf9ad
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/logout.html HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 334
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html
festivevilla.com/Navy/assets/login_files/saved_resource(2).html
210.16.102.57200 OK 152 B URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/saved_resource(2).html
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/saved_resource(2).html HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 152
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html
festivevilla.com/Navy/assets/login_files/img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg
210.16.102.57200 OK 186 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg
IP 210.16.102.57:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x500, components 3\012- data
Size 186 kB (185745 bytes)
Hash 71bb90e5a3fb345196f166e4389c4ac1
5687c3c6f0146d9094d49cc6fe4cd5390a170672
ee4321efb356cf875dacf07419eb2649351e5907c159754a94b7b3be02479fe9
GET /Navy/assets/login_files/img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 185745
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e7de49da8836d1221462d949e6d9c902
f7bfa20592de96814622531d659c742de0c50edf
4e8405233bb5e4b03a04b6045987670a6e6cd651eafbe3af8378811113f68541
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:31:52 GMT
Expires: Tue, 06 Dec 2022 04:31:51 GMT
Etag: "f7bfa20592de96814622531d659c742de0c50edf"
Cache-Control: max-age=521209,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772087d9af491c0a-OSL
festivevilla.com/Navy/assets/fonts/nfcu-icons.ttf
210.16.102.57404 Not Found 315 B URL HTTP/1.1 festivevilla.com/Navy/assets/fonts/nfcu-icons.ttf
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/fonts/nfcu-icons.ttf HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/assets/login_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
festivevilla.com/Navy/assets/login_files/Group5158-1d62888b4b662af9142e3c385f423f32.svg
210.16.102.57200 OK 4.0 kB URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/Group5158-1d62888b4b662af9142e3c385f423f32.svg
IP 210.16.102.57:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 98a314ff48520ca333827348c37abb33
af59fc08a2832c095e38d8ce9154fbe4b6acdaa9
137f34c69c07dd3f6c1caf23bf0611cff6fe684b58ce75b22677abc149643001
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/login_files/Group5158-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 4048
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e7de49da8836d1221462d949e6d9c902
f7bfa20592de96814622531d659c742de0c50edf
4e8405233bb5e4b03a04b6045987670a6e6cd651eafbe3af8378811113f68541
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:31:52 GMT
Expires: Tue, 06 Dec 2022 04:31:51 GMT
Etag: "f7bfa20592de96814622531d659c742de0c50edf"
Cache-Control: max-age=521209,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772087d9ad36b511-OSL
festivevilla.com/Navy/assets/fonts/sourcesanspro-semibold-webfont.woff
210.16.102.57404 Not Found 315 B URL HTTP/1.1 festivevilla.com/Navy/assets/fonts/sourcesanspro-semibold-webfont.woff
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/fonts/sourcesanspro-semibold-webfont.woff HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://festivevilla.com/Navy/assets/login_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
festivevilla.com/Navy/assets/login_files/spacer.gif
210.16.102.57200 OK 43 B URL HTTP/1.1 festivevilla.com/Navy/assets/login_files/spacer.gif
IP 210.16.102.57:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /Navy/assets/login_files/spacer.gif HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/assets/login_files/logout.html
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 20:18:02 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
festivevilla.com/Navy/login.php
210.16.102.57200 OK 22 kB URL HTTP/1.1 festivevilla.com/Navy/login.php
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1050)
Hash 4797e4e7d87bb4f86b9fbacaf4bfd5e9
8a8f0167b1512f84a722e833f6e5d9fc38f7ea13
5b6f845fdcf1b9202f964e4062cb0c3574f3f66f3970448938820dc9e95adbdc
Analyzer Verdict Alert fortinet Phishing
GET /Navy/login.php HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
festivevilla.com/Navy/options.png
210.16.102.57404 Not Found 315 B URL HTTP/1.1 festivevilla.com/Navy/options.png
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /Navy/options.png HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/login.php
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
festivevilla.com/Navy/assets/fonts/sourcesanspro-semibold-webfont.ttf
210.16.102.57404 Not Found 315 B URL HTTP/1.1 festivevilla.com/Navy/assets/fonts/sourcesanspro-semibold-webfont.ttf
IP 210.16.102.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Navy/assets/fonts/sourcesanspro-semibold-webfont.ttf HTTP/1.1
Host: festivevilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://festivevilla.com/Navy/assets/login_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 03:35:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f700a34fbaa5509fc98fa3e192f57174
1c2a4dbc974d066d387f71087f112dabf702be66
2fa1bb4c30ef1a1b899997a8038f2a4a4320117ce3c42e81475d143d5f110250
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:43:25 GMT
Expires: Sat, 03 Dec 2022 15:43:24 GMT
Etag: "1c2a4dbc974d066d387f71087f112dabf702be66"
Cache-Control: max-age=302302,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772087dbdde4b511-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f700a34fbaa5509fc98fa3e192f57174
1c2a4dbc974d066d387f71087f112dabf702be66
2fa1bb4c30ef1a1b899997a8038f2a4a4320117ce3c42e81475d143d5f110250
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:43:25 GMT
Expires: Sat, 03 Dec 2022 15:43:24 GMT
Etag: "1c2a4dbc974d066d387f71087f112dabf702be66"
Cache-Control: max-age=302302,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772087dbd8151c0a-OSL
accdn.lpsnmedia.net/api/account/11478817/configuration/setting/accountproperties/?cb=lpCb75463x69071
178.249.97.99200 OK 9.2 kB URL HTTP/2 accdn.lpsnmedia.net/api/account/11478817/configuration/setting/accountproperties/?cb=lpCb75463x69071
IP 178.249.97.99:0
File type ASCII text, with very long lines (28009), with no line terminators
Hash 7a943b5d3347414c284229672054b9a7
a1ec59ce017d9eea388b7df5f521fc890e9903ca
a792a9c644c9189053ef4e785b365e17156df67dd276db1f718d0c9ba7703f5c
GET /api/account/11478817/configuration/setting/accountproperties/?cb=lpCb75463x69071 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://festivevilla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:35:01 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:72e498a6-f244-431f-936e-612967fe60a1; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
ADRUM_BTa=R:24|g:72e498a6-f244-431f-936e-612967fe60a1|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241648; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
ADRUM_BT1=R:24|i:2241648|e:5; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
vary: Accept
expires: Wed, 30 Nov 2022 03:36:01 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13276
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 03:35:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13276
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 03:35:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtfl896JX35oFFEVmqyH9Nm62iSY6rqwzkLwZMcM45p_ySF6J2QwEQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:47 GMT
age: 21015
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:51 GMT
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
age: 20291
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 536cd283dee06cf1ceb9e15e4850db92
47aafca572d34f9726a0174ac902178556e581d8
63a5acf87962da6656f828422545af0ccc0888f0a2a15ebd2160ffb3714e6241
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7658
x-amzn-requestid: e729e5b6-0c92-4ed3-b449-4a30d5bb4b89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEyEQSIAMFWsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1e-1bba7e9a2d15d66779b1896c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AuN9hTb4YydNZjvpnTGyE313wl-O3F_p4jC_NUSe8kr3RB_4AjOEMw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:09 GMT
age: 20333
etag: "47aafca572d34f9726a0174ac902178556e581d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33ee67e62c49fc8d51f18df313002aac
3d8c927b6945d880f92d4e7a686cad5a9985e8ad
ba6e66e07cd93219926927fd2b468a92b8d02cc9bf1da0b3b9a3c48da160bbdc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9670
x-amzn-requestid: d9a529ac-9dc6-4e12-80c5-3250dc97e7bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcFiAoAMF0nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-116ddf09265d51523c3638b3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dTu4TnkeBj5Jm6nU8CA37pptq4F43BUYXcAJPcXro47W1MJriiVrcw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
etag: "3d8c927b6945d880f92d4e7a686cad5a9985e8ad"
content-type: image/jpeg
age: 21027
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffcc0013-bfb7-45fa-bdf2-4b7a90daae54.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffcc0013-bfb7-45fa-bdf2-4b7a90daae54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7c72c70f2b8be44dd384abb4b4a6fdd
eed94c5cb2a5810e985894af5d5f73238a83e136
49a560a81471ad567067dfa4be4bc02d592eeac9ac5bf5376e67f8c93d2ef0d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffcc0013-bfb7-45fa-bdf2-4b7a90daae54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 65d5d2d4-62aa-4d5b-abd4-1aa52eb3550f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhXeFPgoAMFojw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c2f-6eaf6ebe4bb408d51abe0660;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:39:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DqSVagVTQVJm7gZyiBIQP-X113XjRI5tHxaxLRFD1b7aQQiRyKoPZA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:45 GMT
age: 21017
etag: "eed94c5cb2a5810e985894af5d5f73238a83e136"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fb14804c284e300f976848e30396e9c
6004b4b7afd22dded903f026d245bc90a6706767
1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13195
x-amzn-requestid: 1303b72c-fe18-46a3-b3c1-06f3b8550d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvHW6oAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1b3dbbb005a238117076d1f3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pw2Wm8mI8MxRAOVsdvvWLEuxPN5ffcgWBZ_KecuuS5stoTHF4hxECg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:49 GMT
age: 21013
etag: "6004b4b7afd22dded903f026d245bc90a6706767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6c84ab982b44868fab9bd9cb08e76b88
238cddf556720f5ea7e30e2c1da69fb00a7b9ce6
cb5f0ca9270b8c6ca217526228f4ef5d9539e2a5f7edcb7d731326407b2523ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4509
Cache-Control: max-age=169168
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:35:03 GMT
Etag: "6386af9a-1d7"
Expires: Fri, 02 Dec 2022 02:34:31 GMT
Last-Modified: Wed, 30 Nov 2022 01:19:22 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6c84ab982b44868fab9bd9cb08e76b88
238cddf556720f5ea7e30e2c1da69fb00a7b9ce6
cb5f0ca9270b8c6ca217526228f4ef5d9539e2a5f7edcb7d731326407b2523ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4509
Cache-Control: max-age=169168
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:35:03 GMT
Etag: "6386af9a-1d7"
Expires: Fri, 02 Dec 2022 02:34:31 GMT
Last-Modified: Wed, 30 Nov 2022 01:19:22 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a47682d261a8ab974c49567043ed2437
ccc285e9f17109ada124cfb5b4b5816641d4d1f0
fbde08fb6e1d66ff5108038499ad4980c9cf829d300c68c7ab1838229fb9a324
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5586
Cache-Control: max-age=110452
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:35:03 GMT
Etag: "6385c609-1d7"
Expires: Thu, 01 Dec 2022 10:15:55 GMT
Last-Modified: Tue, 29 Nov 2022 08:42:49 GMT
Server: ECS (amb/6BA3)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a47682d261a8ab974c49567043ed2437
ccc285e9f17109ada124cfb5b4b5816641d4d1f0
fbde08fb6e1d66ff5108038499ad4980c9cf829d300c68c7ab1838229fb9a324
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=104866
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:35:03 GMT
Etag: "6385c609-1d7"
Expires: Thu, 01 Dec 2022 08:42:49 GMT
Last-Modified: Tue, 29 Nov 2022 08:42:49 GMT
Server: nginx
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b64c8a7f1e9d4cb019ee4ea089710921
6e298681df130e8720f09168528040e4165434d6
0d8c8eeb26713f8f158b0602f67a06b7baa452936cf8af5b98ca0f02cd815eec
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 23:37:43 GMT
Expires: Mon, 05 Dec 2022 23:37:42 GMT
Etag: "6e298681df130e8720f09168528040e4165434d6"
Cache-Control: max-age=503557,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772087ed0bf11c0a-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b64c8a7f1e9d4cb019ee4ea089710921
6e298681df130e8720f09168528040e4165434d6
0d8c8eeb26713f8f158b0602f67a06b7baa452936cf8af5b98ca0f02cd815eec
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:35:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 23:37:43 GMT
Expires: Mon, 05 Dec 2022 23:37:42 GMT
Etag: "6e298681df130e8720f09168528040e4165434d6"
Cache-Control: max-age=503557,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772087ed0c65b511-OSL
accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
178.249.97.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 178.249.97.99:0
GET /api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://festivevilla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:35:01 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:2668a42a-1881-48f6-a18c-f214374009e1; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
ADRUM_BTa=R:24|g:2668a42a-1881-48f6-a18c-f214374009e1|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241648; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
ADRUM_BT1=R:24|i:2241648|e:4; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
vary: Accept
expires: Wed, 30 Nov 2022 03:36:01 GMT
x-envoy-upstream-service-time: 2
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
liveengage.navyfederal.org/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=http%3A%2F%2Ffestivevilla.com&site=11478817&env=prod
178.249.101.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=http%3A%2F%2Ffestivevilla.com&site=11478817&env=prod
IP 178.249.101.98:0
GET /le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=http%3A%2F%2Ffestivevilla.com&site=11478817&env=prod HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://festivevilla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:35:03 GMT
content-type: text/html
last-modified: Mon, 30 Mar 2020 14:49:28 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 30 Nov 2023 03:35:03 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/11478817/configuration/setting/accountproperties/?cb=lpCb50404x95607
178.249.97.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/11478817/configuration/setting/accountproperties/?cb=lpCb50404x95607
IP 178.249.97.99:0
GET /api/account/11478817/configuration/setting/accountproperties/?cb=lpCb50404x95607 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://festivevilla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:35:01 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:97e2f8e3-e862-42ea-b40a-7d3d4257b8ff; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
ADRUM_BTa=R:24|g:97e2f8e3-e862-42ea-b40a-7d3d4257b8ff|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241648; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
ADRUM_BT1=R:24|i:2241648|e:5; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
vary: Accept
expires: Wed, 30 Nov 2022 03:36:01 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
178.249.97.23200 OK 0 B URL HTTP/2 lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP 178.249.97.23:0
GET /lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://festivevilla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:35:01 GMT
content-type: application/x-javascript
set-cookie: ADRUM_BTa=R:24|g:57a3e3d2-9f94-4cf4-b40f-c63f4716cf17; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
ADRUM_BTa=R:24|g:57a3e3d2-9f94-4cf4-b40f-c63f4716cf17|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:1758181; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
ADRUM_BT1=R:24|i:1758181|e:1; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
ADRUM_BT1=R:24|i:1758181|e:1|d:1; Max-Age=30; Expires=Wed, 30-Nov-2022 03:35:31 GMT; Path=/
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
liveengage.navyfederal.org/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=http%3A%2F%2Ffestivevilla.com&site=11478817&env=prod
178.249.101.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=http%3A%2F%2Ffestivevilla.com&site=11478817&env=prod
IP 178.249.101.98:0
GET /le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=http%3A%2F%2Ffestivevilla.com&site=11478817&env=prod HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://festivevilla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:35:03 GMT
content-type: text/html
last-modified: Mon, 30 Mar 2020 14:49:28 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 30 Nov 2023 03:35:03 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/11478817?&cb=lpCb29526x57370&t=sp&ts=1669779302833&pid=4768860361&tid=4015033449&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission&u=http%3A%2F%2Ffestivevilla.com%2FNavy%2Flogin.php%23&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
208.89.12.87200 OK 0 B URL HTTP/2 va.v.liveperson.net/api/js/11478817?&cb=lpCb29526x57370&t=sp&ts=1669779302833&pid=4768860361&tid=4015033449&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission&u=http%3A%2F%2Ffestivevilla.com%2FNavy%2Flogin.php%23&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP 208.89.12.87:0
GET /api/js/11478817?&cb=lpCb29526x57370&t=sp&ts=1669779302833&pid=4768860361&tid=4015033449&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission&u=http%3A%2F%2Ffestivevilla.com%2FNavy%2Flogin.php%23&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://festivevilla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:35:04 GMT
content-type: application/javascript
set-cookie: LPVisitorID=ExZDkxMDcwZDZjNjQ5MGY4; Expires=Thu, 30-Nov-2023 03:35:04 GMT; Path=/; HttpOnly
LPSessionID=d7rdcxB7SzK7xR5oHgqgiA; Path=/api/js/11478817; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2