dreamfestival.org/
76.223.105.230301 Moved Permanently 0 B IP 76.223.105.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
location: https://dreamfestival.org/
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/
etag: 5cd97c85be11ee6c4d80f5288cc481a4
date: Tue, 22 Nov 2022 08:53:02 GMT
keep-alive: timeout=5
transfer-encoding: chunked
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5368
Expires: Tue, 22 Nov 2022 10:22:30 GMT
Date: Tue, 22 Nov 2022 08:53:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4843de3bf95411e6aa89834def44bb86
1f1882351ac63fba73a22014382f69df5e02ec96
1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6085
Cache-Control: max-age=98380
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:02 GMT
Etag: "637b5375-1d7"
Expires: Wed, 23 Nov 2022 12:12:42 GMT
Last-Modified: Mon, 21 Nov 2022 10:31:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a6c553d89cb6fd1de4787fee2a0e0dc
b974e022ea8675c0a09f58864cc99df05b5b1241
a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11160
Expires: Tue, 22 Nov 2022 11:59:02 GMT
Date: Tue, 22 Nov 2022 08:53:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 08:09:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2621
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 97rGtHKbCoDaggfsEqLskP/WaKFZFJuwUB487QUTMLheTGvvOs17A+ZqH0Gr8q5pxC3T+rsy3BI=
x-amz-request-id: BVJ89BW7PK2CDVHJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 08:42:30 GMT
age: 632
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 08:53:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 3004e886f7c5c90f32b7dda3f4927294
6306b9d5d5547bda7605161db674995e0283b701
9d64bfac3b8d3105d0b4dcf359bb87e1ed2b88f9cf0eda8ede2b1ea0e67930af
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 08:53:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 21 Nov 2022 20:13:42 GMT
Expires: Tue, 22 Nov 2022 20:13:42 GMT
ETag: "6306b9d5d5547bda7605161db674995e0283b701"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2
23.36.79.16200 OK 7.9 kB URL HTTP/2 img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 7908, version 1.0\012- data
Hash 15d9bbcfbc1d668a43c85d156d23262b
c436963710c58453c4ae27e66c051e85c084cd49
6db83475c4b6e3bcd2df60ca7afcedabc5140c3b55c9a6bb0ca636c5b6438e5f
GET /gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 7908
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:47:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2
23.36.79.16200 OK 7.9 kB URL HTTP/2 img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 7920, version 1.0\012- data
Hash 797ad5f8d84a297ab16f9a9c983adfc2
af074543e3bbd78e086cefa983867e0936515c41
e0037277509761be84d1c44b520649c2363df89e00568561ebf015cb3cedc91a
GET /gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 7920
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.5.js
23.36.79.16200 OK 95 kB URL HTTP/2 img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.5.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (63425)
Hash 7b0784f9587948fb060306ce7301e22a
99be4d4de2deb9e7f8ae65fcbe81c5551f88b3b7
c71edf34027fcb30a132716e8d5fe7c5a8ae11dcafb47fd48d3411a828bcb613
GET /ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.5.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 95285
x-version: 0.7.1+sha-f8fdc16
etag: "31e273e89fb56a44d86d206f1bcdcdb4"
last-modified: Wed, 09 Nov 2022 17:28:26 GMT
x-amzn-trace-id: Root=1-636be339-1e3f8f232a9278302e78dad0
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWzfAw0Y.woff2
23.36.79.16200 OK 10 kB URL HTTP/2 img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWzfAw0Y.woff2
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 10104, version 1.0\012- data
Hash 72df29d1383bbead26d53be1bb282b69
53b10c5e3ef3d5b4d10c7a714083c73bdf0ba5c1
b3650c96b4644df3c25b4facdf0338c460a08904779ddc76bb5bfcb26f308fa2
GET /gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWzfAw0Y.woff2 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 10104
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:45:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
23.36.79.16302 Found 0 B URL HTTP/2 img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tcc/tcc_l.combined.1.0.6.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-length: 0
location: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
cache-control: max-age=1800
expires: Tue, 22 Nov 2022 09:23:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/ffe4e5975bac7aa3/script.js
23.36.79.16200 OK 15 kB URL HTTP/2 img1.wsimg.com/blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/ffe4e5975bac7aa3/script.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (51229)
Hash cfd24d3afcdf24855f99d459b0ea89d8
df73bda877d746b3e883f4a4e0630bf370c1ab98
7f1641828b4f220a87bb26b86eaf1c14587d74c3f48753a712e4a97041cf7b4f
GET /blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/ffe4e5975bac7aa3/script.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 14790
x-version: 0.7.1+sha-f8fdc16
etag: "64af44a64e2498b989d17074d830d9b4"
last-modified: Mon, 14 Nov 2022 15:21:46 GMT
x-amzn-trace-id: Root=1-63725d09-3b423a80284ae758765ff27c
x-forwarded-port: 443
x-forwarded-for: 50.63.4.64
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/4cea807c24c6141c/script.js
23.36.79.16200 OK 10 kB URL HTTP/2 img1.wsimg.com/blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/4cea807c24c6141c/script.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (15581)
Hash 5967f3a1cb68efb5b3b03957fedd74d7
cf83e972bc40226e9fadff342bbe7b5c622b871d
1d1b6ba2e06eb986a3423d704f22c9e9500a12a48058ab6640e28c3901335c6a
GET /blobby/go/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/gpub/4cea807c24c6141c/script.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 10188
x-version: 0.7.1+sha-f8fdc16
etag: "a16155d4f8fecc923b93b07e0a6c3085"
last-modified: Mon, 14 Nov 2022 15:21:46 GMT
x-amzn-trace-id: Root=1-63725d09-27dc7b805a33a7dd4f6c1fa1
x-forwarded-port: 443
x-forwarded-for: 50.63.4.64
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
23.36.79.16200 OK 23 kB URL HTTP/2 img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 22840, version 1.0\012- data
Hash a02a7db3964dbc06013e1343042c2c75
9d69b2906f9c6bcda3197e3c0ba5542b1a57aab9
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
GET /gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 22840
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:31:27 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
dreamfestival.org/
13.248.243.5200 OK 51 kB IP 13.248.243.5:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (27608)
Hash 566cae5236dd28265c3abd4066f0897a
f21ce179d5fde5b35b267f5e1ade753beecf840b
a4f0b436728c07e7b6a69dac62abeda477f98509d3d451b6eb794e0ff90d936e
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWzfAw0Y.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
content-type: text/html;charset=utf-8
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/; secure
etag: 5cd97c85be11ee6c4d80f5288cc481a4
content-encoding: br
date: Tue, 22 Nov 2022 08:53:02 GMT
X-Firefox-Spdy: h2
img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2
23.36.79.16200 OK 8.5 kB URL HTTP/2 img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 8520, version 1.0\012- data
Hash ce1c0390731a3e14e25947beba4d7bc7
314391b4d88bf5d37826b2d8e15684ee24839151
a23cdc6f17ebaf9a49d2bd7f3723cf8a185f0cdfa4065e83490c9769b643a587
GET /gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 8520
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:47:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 72186a37148982e457c45ae45abed516
de8bc02f3bcf3ae5fc0bcbc7b8150ee6d8eea054
6bfc2f123c2b1173d6b878236240984efd8d246a206ee93c7af78c3de52f57be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 569
Cache-Control: max-age=114463
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:02 GMT
Etag: "637ba7d5-118"
Expires: Wed, 23 Nov 2022 16:40:45 GMT
Last-Modified: Mon, 21 Nov 2022 16:31:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:365,h:365,cg:true,m,i:true/qt=q:1/ll=n:true
23.36.79.16200 OK 46 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:365,h:365,cg:true,m,i:true/qt=q:1/ll=n:true
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9639421c88c869682fcd0f6e2ced9e8c
e9df9ad8d3b5e501e21f7c25d4806e5c5418e0d6
cf29c206707eee5be29405df14018ecb8415048d6b02bb1b8d5fe45742cbc6e2
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:365,h:365,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 46
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://christinaderosa.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 484315664
x-width: 365
x-height: 365
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:836,cg:true,m,i:true/qt=q:1/ll=n:true
23.36.79.16200 OK 84 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:836,cg:true,m,i:true/qt=q:1/ll=n:true
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash ea669d0a28b700022fcb7457a5927c91
7dcea6bfea2da2048a8410e509406e6ae0f16e8d
177eab07a7af172e06bbea9a3df05ae6d3953a3f39c0d5e20cab39df26aa9a56
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:836,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 84
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://kraken-skulls.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 2002395724
x-width: 1254
x-height: 836
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-BF2FDR6KMM
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-BF2FDR6KMM
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash 4303ae379b47e7a8201b811054b5812a
b36cc745348fa8ae12e1de29287fcf1f4d949bd0
618941e851d05c73ff4820591de1031772499bdf68855883e4a2f1ce57a54290
GET /gtag/js?id=G-BF2FDR6KMM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
access-control-allow-origin: https://dreamfestival.org
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
date: Tue, 22 Nov 2022 08:53:02 GMT
expires: Tue, 22 Nov 2022 08:53:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1240,h:620,cg:true,m,i:true/qt=q:1/ll=n:true
23.36.79.16200 OK 72 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1240,h:620,cg:true,m,i:true/qt=q:1/ll=n:true
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash b226e47e9840c067ad4d3550da1bd609
97868c5cb3b54783f2821a8a55fec6ed675b8421
77d9e7cc94c36294d83521de8e1df2aaa7afcf46d8aecd7935d16fd6103e3a17
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1240,h:620,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 72
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://melissaleapman.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1456090515
x-width: 1240
x-height: 620
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:388,h:194,cg:true,m,i:true/qt=q:1/ll=n:true
23.36.79.16200 OK 46 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:388,h:194,cg:true,m,i:true/qt=q:1/ll=n:true
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9e1a51caec448431afc865f81fe2ac54
29d4e030c450d4b9d0220d9f792547147ba1ec14
44336888428a2473c93fe0513b86d36568abb2108820740b5f7caa3dcec3774e
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:388,h:194,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 46
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://ithacapublishingcompany.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1416184843
x-width: 388
x-height: 194
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:600,h:300,cg:true,m,i:true/qt=q:1/ll=n:true
23.36.79.16200 OK 48 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:600,h:300,cg:true,m,i:true/qt=q:1/ll=n:true
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4ba7e4cd4e8240b13f2fbaa46d839086
5f5d7fe9d036b2773e686a8ba6ee6080b1358cfa
d45bbd2f58cb3178433d9b4a002cf4bc445f26e5e2413d7457339cc45e40c6ca
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:600,h:300,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 48
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://trekkspillservice.no/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1252006860
x-width: 600
x-height: 300
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:125,h:125,cg:true,m/cr=w:125,h:125/qt=q:95
23.36.79.16200 OK 7.0 kB URL HTTP/2 img1.wsimg.com/isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:125,h:125,cg:true,m/cr=w:125,h:125/qt=q:95
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash cbfcb6c00122613fe9618ab0bc06ec2a
114d6e21d623e42a35d5ef6c5c9f443177e768c3
bd6a67e8cc9f3ab4c053caa9e2c94b5c3ed1d95fbfe6332e2b32cd6f771ff59d
GET /isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:125,h:125,cg:true,m/cr=w:125,h:125/qt=q:95 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 7034
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 138634133
x-width: 125
x-height: 125
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
edge-cache-tag: /isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:125,h:125,cg:true,m/cr=w:125,h:125/qt=q:95
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1246,h:1128,cg:true,m,i:true/qt=q:1/ll=n:true
23.36.79.16200 OK 310 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1246,h:1128,cg:true,m,i:true/qt=q:1/ll=n:true
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1648c025ecef97d1d50ea521ba8451f7
47b1ed01d508083744e7a4b884907c443878cd74
b52ac354827a6ced0253396c73d4d90a23156ac9b16b675c38e72fa4bdc465bf
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1246,h:1128,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 310
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 2188000504
x-width: 1246
x-height: 1128
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 08:08:53 GMT
cache-control: public,max-age=3600
age: 2649
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1294,h:810,cg:true,m,i:true/qt=q:1/ll=n:true
23.36.79.16200 OK 296 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1294,h:810,cg:true,m,i:true/qt=q:1/ll=n:true
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1cc9e1a01abab65dc9cac9b08d82663f
79e92dd6195feed734dd15eda1125b0f5d5c34df
f7b83c6b942e988949490faa1c98e1e605d432d57cf4a4457b8f27630895d46b
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1294,h:810,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 296
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 3684691647
x-width: 1294
x-height: 810
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-layout27-Theme-publish-Theme-e304cff4.js
23.36.79.16200 OK 4.6 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-layout27-Theme-publish-Theme-e304cff4.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (16777)
Hash fbb1a3f04fc0fab42927bc633273bb94
cddfaea0887322fec88317daec298e89eece5c97
aa8a52a2decb9999398b6c0c607b9fb6bc3d1952c0da3799061fe6c379b53ef2
GET /blobby/go/static/radpack/@widget/LAYOUT/bs-layout27-Theme-publish-Theme-e304cff4.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4561
x-version: 0.7.1+sha-f8fdc16
etag: "8afdfae63291b13c1c6f10b671cffb3b"
last-modified: Tue, 18 Oct 2022 15:47:51 GMT
x-amzn-trace-id: Root=1-634ecaa6-3db699587d861e7854ee4716
x-forwarded-port: 443
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/MESSAGING/bs-Component-3fa47963.js
23.36.79.16200 OK 3.9 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/MESSAGING/bs-Component-3fa47963.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13449)
Hash ef73a2ad26978dc129780e9fa8b56fbf
a27b1e38a9b0a8a64eadac394393b44c34514433
31a27befad2953d262687734a98ecef2a590a1871ac87e093360ef29735381d2
GET /blobby/go/static/radpack/@widget/MESSAGING/bs-Component-3fa47963.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3876
x-version: 0.7.1+sha-f8fdc16
etag: "e135455abac1e365c75acb29427be2bd"
last-modified: Wed, 30 Mar 2022 21:06:30 GMT
x-amzn-trace-id: Root=1-6244c654-23bec5f97d8cb44d046c9a3f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e83be766.js
23.36.79.16200 OK 379 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e83be766.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (516)
Hash da1ba55bba78d7565f76b67f7268e7ea
89fd587d56184ab4e8b0568c1aedb6dfbddb3e40
3f23ed8407c24850c2175ff84e5c68ce52060ce61e7452b774e9b9f441c38b0a
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e83be766.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 379
x-version: 0.7.1+sha-f8fdc16
etag: "0d42ffb998a9cf7c25824cf365c7d0c9"
last-modified: Tue, 18 Oct 2022 15:47:48 GMT
x-amzn-trace-id: Root=1-634ecaa3-5959a1ba44b2faaf1233fe85
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-humanisticFilled-91edd0e1.js
23.36.79.16200 OK 4.8 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-humanisticFilled-91edd0e1.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12251)
Hash 7e5c5cc5ccbbad5939f4932d03015d18
8042c421ca49bc1528b921413ccd73547d6fb40d
2c5f2cd53331780aedb0e47f2845f9e92f1291104f2d9d18510ca4a60cb25381
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-humanisticFilled-91edd0e1.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4753
x-version: 0.7.1+sha-f8fdc16
etag: "dfb4bee7c6378574342cdfce62fdd1d7"
last-modified: Tue, 18 Oct 2022 15:47:53 GMT
x-amzn-trace-id: Root=1-634ecaa8-43c1f78d71be10d7594cdd7f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-4e26cd6b.js
23.36.79.16200 OK 578 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-4e26cd6b.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (829)
Hash 6a25354061824b15b41a9523319330cf
243e6ba535e4d116c7843abf7c1714e16a5a5ca4
057df002b57498050de8d8b8ace31862e38cdcc1e7b2f6cb473a1f7f252a592a
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-4e26cd6b.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 578
x-version: 0.7.1+sha-f8fdc16
etag: "9219cf782ed219bd3929a51e99503bc2"
last-modified: Tue, 18 Oct 2022 15:47:49 GMT
x-amzn-trace-id: Root=1-634ecaa4-01886e4b7a7aeb6259ec4241
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-55bc27af.js
23.36.79.16200 OK 58 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-55bc27af.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash f94c381cbe1c66e875912e4d40fbccf9
0fb1dfe0a3a56f4177a73da123b7f89b64002d96
73c665c51ba4c14fe138bcb8241e228be6ea52503ac63855c54d6e112332ef87
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-55bc27af.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 58312
x-version: 0.7.1+sha-f8fdc16
etag: "55baf821a59fad53aa754c85ae19d0ea"
last-modified: Tue, 18 Oct 2022 15:47:52 GMT
x-amzn-trace-id: Root=1-634ecaa7-2d56acd4525839f224b33503
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js
23.36.79.16200 OK 740 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3043)
Hash ef933bdbde5407473165c8076c400033
a4ed7ffc21e649f1a7463021892a1f7d7ef8275b
c7a5729828eef458dec3177ba83479f77c11ef943d44d407fa8d82067d3afb83
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 740
x-version: 0.7.1+sha-f8fdc16
etag: "852cbc5322260e00b44f2c682f88b2c7"
last-modified: Thu, 14 Oct 2021 23:04:41 GMT
x-amzn-trace-id: Root=1-6168b788-04e31f272fd746490d747855
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-minimalSocialIconPack-367b65a4.js
23.36.79.16200 OK 6.7 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-minimalSocialIconPack-367b65a4.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (19615)
Hash 4ce2ee26b7bfd92534ac48544ac05330
76ac71090fcbe1f2192fab56a5a312c2ea4b7f72
b7faa0c6048431108b5c1ec65a3cb7c674e3618f16fbd0c39318307a3137ad41
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-minimalSocialIconPack-367b65a4.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 6724
x-version: 0.7.1+sha-f8fdc16
etag: "5fd30bb38eba06e3522ae28610ac8c74"
last-modified: Thu, 14 Oct 2021 23:04:38 GMT
x-amzn-trace-id: Root=1-6168b785-0155fcbf6cbeb78d408f219e
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js
23.36.79.16200 OK 335 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (383)
Hash 21f75a3937961a662b8d8879193c440c
4b1ed44a75627896d16fa62b335c445470b014a7
84559c119581a7d097957055082a3d95fb9af3043cd3237f27756d3332eeba76
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 335
x-version: 0.7.1+sha-f8fdc16
etag: "21ad22788e6caa18a4e9e57f7372b108"
last-modified: Mon, 13 Dec 2021 22:59:02 GMT
x-amzn-trace-id: Root=1-61b7d035-018188ae176241301ebce646
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-99523055.js
23.36.79.16200 OK 325 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-99523055.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (367)
Hash f31b6f6a702caf7d1d2eb4632ad5385c
90fd56f538a9b0f1658d45675187e5558a2396ab
3c7691cfa2f90a9250efd6a6fa9582ffdebf7decc2f9d138323aa0fc3b5485fa
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-99523055.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 325
x-version: 0.7.1+sha-f8fdc16
etag: "401821742def46c40d4cf5f0121c8bec"
last-modified: Tue, 13 Sep 2022 20:51:09 GMT
x-amzn-trace-id: Root=1-6320ed3c-430e12160fc2f40b0d81c36b
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/traffic2-0a7e72c6.js
23.36.79.16200 OK 452 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/traffic2-0a7e72c6.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (651)
Hash 582e93084be0ac7f720e4d4b874cc195
8813eccb87743ecd51eebbafdc0fb2b933a0a9e6
44f247c5fc7c56df19acae00ab5f3229e7a191008a3c3d73b05c067201226c5a
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/traffic2-0a7e72c6.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 452
x-version: 0.7.1+sha-f8fdc16
etag: "7b01fcdf2048e82f4df741791cd44f61"
last-modified: Tue, 13 Sep 2022 20:51:09 GMT
x-amzn-trace-id: Root=1-6320ed3c-2f850b862d74447a4a1271b3
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/badge-e542c4f1.js
23.36.79.16200 OK 339 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/badge-e542c4f1.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (442)
Hash 320385db6d5452e7799b989dff95542a
088f16d910d9f1b01de12ff745b798ed2eaaec46
e88105633682f07e840f568782948160e41f5b851a71a82f3b70fdbb816cc9f2
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/badge-e542c4f1.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 339
x-version: 0.7.1+sha-f8fdc16
etag: "5f10df611c856f376981be4dfbd17753"
last-modified: Tue, 13 Sep 2022 20:51:09 GMT
x-amzn-trace-id: Root=1-6320ed3c-3176c5fb6e5c8db903759317
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js
23.36.79.16200 OK 7.4 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (20947)
Hash a26261197e090f79831923f5782261b0
5d70da81ca7f5cc9896345d5f693f95d5cace68d
b4699c5bda40f69eaf66ff7ac61096b67f7c818d4f60e09a53caaae43da6162f
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 7371
x-version: 0.7.1+sha-f8fdc16
etag: "753cb19ee1a756e46faa0f118b1b4e01"
last-modified: Tue, 13 Sep 2022 20:51:07 GMT
x-amzn-trace-id: Root=1-6320ed3a-63510b321c43bb775186e613
x-forwarded-port: 443
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js
23.36.79.16200 OK 645 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1211)
Hash 308e5d07deeecf43d8424fb8bb23b585
6080c959f72e6a6b86128b205a452642787438ac
b40c4d01f2d3325f366059c5d2fd632823d6c3d4c70e0b7ef91d284df2e69a83
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 645
x-version: 0.7.1+sha-f8fdc16
etag: "cb9bfa0fbdd957fbe7f4841b70341db2"
last-modified: Tue, 13 Sep 2022 20:51:08 GMT
x-amzn-trace-id: Root=1-6320ed3b-6c5c5f0d6dd6c2ec69a41ad3
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js
23.36.79.16200 OK 626 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1824)
Hash 11370164b73124ea595098d2ecbe6d0b
bcc349130116ef2aee6ed77984b7726b43af8576
d2a8fc6601e5e3b7c457e6c56f225547618fb5b454ba5dd37082cfa67ab4453e
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 626
x-version: 0.7.1+sha-f8fdc16
etag: "edc15ad5daac3cfa744bffdb1e0174be"
last-modified: Mon, 13 Dec 2021 22:59:00 GMT
x-amzn-trace-id: Root=1-61b7d033-2da3a4b6382be71e0d8c5ecb
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-87bd33e6.js
23.36.79.16200 OK 714 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-87bd33e6.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1352)
Hash c9bf76a27fe91eca6917c337928781ad
e7f9959787fb6cc1db5d8abf6deeb6e31697955e
4b8d4566442e35f4f8d631bad06db22eb7a6464e300f29f0176f9f74be51f790
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-87bd33e6.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 714
x-version: 0.7.1+sha-f8fdc16
etag: "5cc6b93d41889c0a55c6c4fcd2d89713"
last-modified: Tue, 18 Oct 2022 15:47:53 GMT
x-amzn-trace-id: Root=1-634ecaa8-5441fae57a8929061baf3c6b
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js
23.36.79.16200 OK 191 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash cec9b0814a648933ea94f34556da96ab
b1633975363116ff254ad319b033a1022d483922
cb8d0e2233b2d495612d7644089dec2bcb7b3d02d7ccb775df3b8ca4a995a9f8
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 191
x-version: 0.7.1+sha-f8fdc16
etag: "8f12765eb30fbdcfcdc116d13f7fc272"
last-modified: Thu, 28 Jul 2022 17:59:29 GMT
x-amzn-trace-id: Root=1-62e2ce80-4ef8fc4a33c151912970138f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js
23.36.79.16200 OK 244 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash 835256b0b1680833155abf0f7420cca2
1d7eca7af4c7fdc66cfe34c1796ce7c3376d21b3
b876ca1181efb3e0c9eac5384578fe015bc322c2a5407f4a86826374c86e4187
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 244
x-version: 0.7.1+sha-f8fdc16
etag: "daa79ad7558674f6a12d962abf47f2f6"
last-modified: Thu, 14 Oct 2021 23:04:37 GMT
x-amzn-trace-id: Root=1-6168b784-1438c006715eea557e6c9f7f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js
23.36.79.16200 OK 520 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (905)
Hash 0d96832a511b8084e26c9ab3c4113ee4
1c974cbf9c4ab33938651224ed4efffb54c805a1
d102bff521ce660e38c0d0c9ac12c90beec4662b216df3e6957fc6ab8fc92b2a
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 520
x-version: 0.7.1+sha-f8fdc16
etag: "62a914b2c847d4d02b76164d7a2a54c6"
last-modified: Tue, 13 Sep 2022 20:51:08 GMT
x-amzn-trace-id: Root=1-6320ed3b-3de8a43b0cf7990c68d55390
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js
23.36.79.16200 OK 212 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash b7a722d87376fba46c53778c978eaa2f
28e5ddf87609f53a3bfb97de182692f56af3225e
b45e399438c804bfdfdc651173ca1665840919de192aa186fe0519b74e855520
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 212
x-version: 0.7.1+sha-f8fdc16
etag: "8578a331ad09bb2ef6359fec3916befc"
last-modified: Tue, 13 Sep 2022 20:51:08 GMT
x-amzn-trace-id: Root=1-6320ed3b-311ca1193326a1db522ca4d2
x-forwarded-port: 443
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js
23.36.79.16200 OK 380 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (522)
Hash 8cd52ce279347ad60ff4fc7af72deb2c
ff739775085ffdbb84cd820ec6364d870cfa0939
03f4ce2fa2cf258c23b63028975cbc39dd3f69cb9c1dc21f942ffd3a4badb817
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 380
x-version: 0.7.1+sha-f8fdc16
etag: "fadb3719ffa2a9e96cdc64ffea0220fa"
last-modified: Tue, 13 Sep 2022 20:51:07 GMT
x-amzn-trace-id: Root=1-6320ed3a-239be6cd0632f6776811c293
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js
23.36.79.16200 OK 270 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (330)
Hash 540d87b49f631e492f25e1c423a1cf96
96bee6e25b9a99e9ff3d538da7cc00489bb0f948
dbd812387f08b7955e990dab286f417b0fb19099873923be25bf5bc45a373c6c
GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 270
x-version: 0.7.1+sha-f8fdc16
etag: "c86b7f8224fa45fb1682ac94d8f75ac6"
last-modified: Tue, 13 Sep 2022 20:51:07 GMT
x-amzn-trace-id: Root=1-6320ed3a-044169b84eb7e18f3216950e
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/traffic-assets/js/tccl.min.js
23.36.79.16302 Found 0 B URL HTTP/2 img1.wsimg.com/traffic-assets/js/tccl.min.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
cache-control: max-age=1800
expires: Tue, 22 Nov 2022 09:23:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-229d1624.js
23.36.79.16200 OK 1.3 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-229d1624.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3283)
Hash 79528e8ed0d5e61c9f1c7afa0ab84919
f969f965c6f228ad0b3940b084f036a7e140285d
74d8189bbe76b6bf19fab1103c9b33cef500c49a326d21381439e36308889c0c
GET /blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-229d1624.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1272
x-version: 0.7.1+sha-f8fdc16
etag: "1e4c3172663ad2acc0cec9723e93d39f"
last-modified: Tue, 18 Oct 2022 15:47:48 GMT
x-amzn-trace-id: Root=1-634ecaa3-136b09c8384cc9f7782c2932
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-84648e01.js
23.36.79.16200 OK 892 B URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-84648e01.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1875)
Hash a982c4c8dbe005745ba5b3bb3fc1094b
7aa1755e60f626eb9a1b2bd8e36f66c649b31a90
5b60357acee61a2b0dcc27aaab6142d866aa61b1cd1a29488cf2a7144096ac1b
GET /blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-84648e01.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 892
x-version: 0.7.1+sha-f8fdc16
etag: "42a956f14f8e89c314fa201ab5fc9388"
last-modified: Tue, 18 Oct 2022 15:47:50 GMT
x-amzn-trace-id: Root=1-634ecaa5-615fb3556213a50d4867fb1b
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-ComponentPropTypes-39236c19.js
23.36.79.16200 OK 1.5 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-ComponentPropTypes-39236c19.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4534)
Hash ec5ecd590818f261dee6ca57fb0baf42
4c499210db68a00848cd9adf9d69eafa5917c75d
d794294b304901d336205c7b22083bfada3bc225607efe6aa66f09a49c83f723
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-ComponentPropTypes-39236c19.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1507
x-version: 0.7.1+sha-f8fdc16
etag: "51b3db71fe49008adbcd4716f4272e44"
last-modified: Tue, 18 Oct 2022 15:47:51 GMT
x-amzn-trace-id: Root=1-634ecaa6-3b6a91231e39fb4f3a8336f4
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-37f740c7.js
23.36.79.16200 OK 1.0 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-37f740c7.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2368)
Hash 35a569a8f234dd0e9dc95d30b59bc4b7
2adbea56ede3b78b58b42755e0a5581af8e21da3
5e1f27bc346180b3c83e4ad6136f98f371b6b80d7b7fdec9d53fc8cdc51eaba4
GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-37f740c7.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1022
x-version: 0.7.1+sha-f8fdc16
etag: "abfd2ada44521989f7c040fc3eaef6c9"
last-modified: Tue, 18 Oct 2022 15:47:52 GMT
x-amzn-trace-id: Root=1-634ecaa7-75a8716f2a05bb6823206f27
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-ComponentGoPay-4c036f32.js
23.36.79.16200 OK 1.3 kB URL HTTP/2 img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-ComponentGoPay-4c036f32.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3167)
Hash bf2a2d806981623f3c4224342e568871
6b0e005b6c861f7aaddad003b2cbcd62d80c8985
1200c3b898098cf4c4eb996c73fc0f6fc93a972dc21e61e99a91c130f5b9b681
GET /blobby/go/static/radpack/@widget/LAYOUT/bs-ComponentGoPay-4c036f32.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1273
x-version: 0.7.1+sha-f8fdc16
etag: "227368a75513a269baaf8ab44d3f8b75"
last-modified: Tue, 18 Oct 2022 15:47:49 GMT
x-amzn-trace-id: Root=1-634ecaa4-7706d69f714cbe357b761d6f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2db0ebb9efcf3be3c92f23b61de5c065
dd830565723f18a7944c26d24b0fb142d06a71a5
8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3703
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:03 GMT
Last-Modified: Tue, 22 Nov 2022 07:51:20 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
23.36.79.16302 Found 0 B URL HTTP/2 img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /traffic-assets/js/tccl-tti.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
cache-control: max-age=1800
expires: Tue, 22 Nov 2022 09:23:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
player.vimeo.com/video/740479387?h=32a29ded65&autoplay=1&loop=1&autopause=0&muted=1&title=0&byline=0&portrait=0&controls=0
162.159.138.60200 OK 5.6 kB URL HTTP/1.1 player.vimeo.com/video/740479387?h=32a29ded65&autoplay=1&loop=1&autopause=0&muted=1&title=0&byline=0&portrait=0&controls=0
IP 162.159.138.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (16670), with no line terminators
Hash f64d501de40e1642306e24540e7d6aa1
1bdb0663a761cdd7a8964bef5b079a1c814bce01
5e31e525f38461de7bebb9ba15894c22ade58e494fd69cc4ab8accf5f3a11412
GET /video/740479387?h=32a29ded65&autoplay=1&loop=1&autopause=0&muted=1&title=0&byline=0&portrait=0&controls=0 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 08:53:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Tue, 22 Nov 2022 09:03:03 GMT
x-host: player-cf8886bdd-q9zlm
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-6
x-backend-proxy: playproxy7
x-bapp-server: player-cf8886bdd-q9zlm
Age: 0
X-Served-By: cache-bma1681-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669107183.897745,VS0,VE327
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=hc2qMrcimaDiwM3WYVo4vbqEEEn_v.Do74SWisyqd9I-1669107183-0-AcqCxP0eA4IlBBG6gABZE6CKKhRowjZGKDYl+DoFIQRljCE5UOuGXl0Hpitm1qFqC486Sq7BkfaRJgP8XVV3Evw=; path=/; expires=Tue, 22-Nov-22 09:23:03 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 76e06eb50cac0b69-OSL
Content-Encoding: gzip
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:837,cg:true,m,i:true/qt=q:1/ll=n:true
23.36.79.16200 OK 84 B URL HTTP/2 img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:837,cg:true,m,i:true/qt=q:1/ll=n:true
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 006afc1eecd55443718c376245fb4b5f
a81310d0b374eb1063d7b4a9c2db741070068ab7
9bc3aafdc9f876afa5e7927d92257a1db71fb360d9758e963eaf118da49bf131
GET /isteam/ip/static/transparent_placeholder.png/:/rs=w:1254,h:837,cg:true,m,i:true/qt=q:1/ll=n:true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 84
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 508945408
x-width: 1254
x-height: 837
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
edge-cache-tag: /isteam/ip/static
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 6953444a6e9e998aa4e33548c954896b
b7e7a7f4e01204bdb705f19a55d22166308ca59b
6d5c032e6d9c422167b750e52485507e86e1ae0afbc3be6f9bfb2120f2a6cb60
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 08:53:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 21 Nov 2022 19:08:54 GMT
Expires: Tue, 22 Nov 2022 19:08:54 GMT
ETag: "b7e7a7f4e01204bdb705f19a55d22166308ca59b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
23.36.79.16200 OK 11 kB URL HTTP/2 img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (45500)
Hash 1ac00b5d5abfa64175a140de3f29a8e2
c07c5611cfff3ec4c7034134e4148f177242908c
65198366099c4eea2ed8a4dbe30fbb7896435a3505c5265260715d3385058378
GET /wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "362d20193a8fed115f99b16a157b7fc4"
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
vary: Accept-Encoding
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
x-amz-request-id: N5JSXGJTVEFZM8E9
x-amz-server-side-encryption: AES256
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-length: 11155
x-edgeconnect-midmile-rtt: 15, 15
x-edgeconnect-origin-mex-latency: 135, 135
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Tue, 22 Nov 2022 08:53:03 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
23.36.79.16200 OK 7.5 kB URL HTTP/2 img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (24676)
Hash b8a5a228a358454084c34dd1cf431c61
37aa5fe6e083b8147156ca66a1993a7bd74e8a61
06fae5ccf58a27a8e2ae6a0e7722f42db507c1873751f587cddd090810d94492
GET /wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
last-modified: Mon, 17 Jan 2022 17:21:37 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 8
x-edgeconnect-origin-mex-latency: 357
x-amz-id-2: nldPfdb2FYbpxPRfMYRSd83AOL7ZmlBdZQSm5hguJELKdfn8+sza0oLEpTYjiKd2JeD3gDplFHw=
x-amz-request-id: RJ3J3PMANG6125DE
x-amz-server-side-encryption: AES256
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-length: 7498
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Tue, 22 Nov 2022 08:53:03 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:180,h:180,m
23.36.79.16200 OK 9.6 kB URL HTTP/2 img1.wsimg.com/isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:180,h:180,m
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 071d7185793bfb633ebd1d48ec5a8dee
ad64b355eec103a787e2651021ba5ddae90e6ca8
67ee2be03fea9234a0b03f747598539c43e82c93eb1d80d8f32a8cee6a18e62c
GET /isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:180,h:180,m HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 9588
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 3894661116
x-width: 180
x-height: 180
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:03 GMT
date: Tue, 22 Nov 2022 08:53:03 GMT
edge-cache-tag: /isteam/ip/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/blob-0001.png/:/rs=w:180,h:180,m
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.14.0/css/player.css
151.101.86.109200 OK 21 kB URL HTTP/2 f.vimeocdn.com/p/4.14.0/css/player.css
IP 151.101.86.109:0
File type ASCII text, with very long lines (65495)
Hash 2d2e645881b269e2f7e863df2b4a951e
c10b8c524d12b53ccbeed6bbfa11cfe6b6cf98a7
b51f8a976cc1e7b0e9c9027f4261bcf14ae72058567efdee91a8223f797e1d8e
GET /p/4.14.0/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 22 Nov 2022 08:53:03 GMT
age: 50627
x-served-by: cache-iad-kcgs7200036-IAD, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 46, 10119
x-timer: S1669107183.475576,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20765
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.36.24.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.24.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WII5sT0sXRlG1w8x4yRAuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UNqF2PcrkBRy+MWbaxNuwdJnoN8=
f.vimeocdn.com/p/4.14.0/js/player.module.js
151.101.86.109200 OK 115 kB URL HTTP/2 f.vimeocdn.com/p/4.14.0/js/player.module.js
IP 151.101.86.109:0
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 115 kB (114989 bytes)
Hash c3037aabbcc11d25c8e611fb7fe52f9f
ec2fa5198178721d79aaae25fdea12409fa39f0d
511fccd343ff53395f1793ba1576b28f83dcbb8a3d4092282179cf4f753e68cc
GET /p/4.14.0/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 22 Nov 2022 08:53:03 GMT
age: 50628
x-served-by: cache-iad-kcgs7200026-IAD, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 38, 7394
x-timer: S1669107183.487424,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 114989
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d
151.101.86.109200 OK 52 kB URL HTTP/2 i.vimeocdn.com/video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Hash d968d6659e6a30a4c186c4aadfe9717e
b9b08154535c30be60077a06e213f6ab043dc473
120e0b0ef65d5c2e2b0e7b684aaa429266913975a595b2f6116cac69b462b0f5
GET /video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/avif
etag: d968d6659e6a30a4c186c4aadfe9717e
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-mq2k
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 22 Nov 2022 08:53:03 GMT
age: 1032894
x-served-by: cache-dfw-kdfw8210091-DFW, cache-bma1630-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 3, 1
x-timer: S1669107183.487053,VS0,VE1
vary: Accept
content-length: 51612
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: NC4hYTNntSv0lH91d7MtScw1d5xZdmT49tBjTTVqmlTS/+nMEk+vRYU6cwqouJXzeFy9fcf4Ut9ZCeDLy82CPg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Tue, 22 Nov 2022 08:53:03 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72d50acad831beb6384250b4be217004
4c63b5d7120df90dce65d1d9a449e0779916cd86
948ea04f802c71a04d3a7f3e5a056b195b99d7e4b346b1b2e8afb53fd537b642
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4258
Cache-Control: max-age=144791
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:03 GMT
Etag: "637c0fe4-1d7"
Expires: Thu, 24 Nov 2022 01:06:14 GMT
Last-Modified: Mon, 21 Nov 2022 23:55:16 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
f.vimeocdn.com/p/4.14.0/js/vendor.module.js
151.101.86.109200 OK 118 kB URL HTTP/2 f.vimeocdn.com/p/4.14.0/js/vendor.module.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (65457)
Size 118 kB (118147 bytes)
Hash 6df341c7023ab3581c5a6e723bd113ba
dea9159cd90862d3fb42ebf43a364760bb7c208e
84699875bb308a075916fae257f949e4274f92e3f2e12334b33443a5139b0c52
GET /p/4.14.0/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 22 Nov 2022 08:53:03 GMT
age: 50628
x-served-by: cache-iad-kjyo7100086-IAD, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 47, 9528
x-timer: S1669107184.610583,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 118147
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 109ecd1b5fc69a0e36770508fc4740d7
b554dfd7fcf1cc25da86b117e42f2a98a963a8d7
7e4c2bd77c57b130c46f3570afc9b4cf5c0828df3d21abf56f260ae32463ba1d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 08:53:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 21 Nov 2022 20:58:36 GMT
Expires: Tue, 22 Nov 2022 20:58:36 GMT
ETag: "b554dfd7fcf1cc25da86b117e42f2a98a963a8d7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.86.109200 OK 997 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (1839)
Hash b81408535edef4b73951fa7683a0ecb4
2be1041a686c8d5130ce96600bc7ec68538b4cd9
7b68a0f94a2376708329d7fabc0000c92eb45755267bde5dc8983184b77f3ec7
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 22 Nov 2022 08:53:03 GMT
age: 315344
x-served-by: cache-iad-kiad7000106-IAD, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 51166
x-timer: S1669107184.744025,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d?mw=600&mh=600
151.101.86.109200 OK 25 kB URL HTTP/2 i.vimeocdn.com/video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d?mw=600&mh=600
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Hash 8c80335a45c166c302ce4909a70236f6
1b6a584ddcea103c934fd660358303e15a737c90
c22aa28e0681277a311406a3ba4c065fa30372b6a6948f2e900eaa48c71537f0
GET /video/1490016355-339217ef49ceec2cf74eaaed09f92c8625692e727b3a5f5a7ffcd1f51c179b3c-d?mw=600&mh=600 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 8c80335a45c166c302ce4909a70236f6
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-jj26
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 22 Nov 2022 08:53:03 GMT
age: 1813864
x-served-by: cache-dfw-kdfw8210100-DFW, cache-bma1630-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1669107184.754377,VS0,VE2
vary: Accept
content-length: 25282
X-Firefox-Spdy: h2
img1.wsimg.com/isteam/stock/103790/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:1160,h:774
23.36.79.16200 OK 43 B URL HTTP/2 img1.wsimg.com/isteam/stock/103790/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:1160,h:774
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /isteam/stock/103790/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:1160,h:774 HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 181060
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://dreamfestival.org/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1946494739
x-width: 1160
x-height: 774
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 08:53:02 GMT
date: Tue, 22 Nov 2022 08:53:02 GMT
edge-cache-tag: /isteam/stock/103790
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/video/5a47ab70,dcf74872,70366016,66d1d3c3,251efe5d/audio/9e845806,1c364d6f,3c4bdfd7/master.json?query_string_ranges=1&base64_init=1
23.36.76.136200 OK 3.8 kB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/video/5a47ab70,dcf74872,70366016,66d1d3c3,251efe5d/audio/9e845806,1c364d6f,3c4bdfd7/master.json?query_string_ranges=1&base64_init=1
IP 23.36.76.136:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (16499)
Hash 713dfc2e1e8a660c3f98e17a3748b03b
b7915bd85a8da8394ad24f9fbe2de1e02042892e
96cd4e158aed4507722cab9246ac1090b72d921f2b8b218400bf0ce8082646ba
GET /exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/video/5a47ab70,dcf74872,70366016,66d1d3c3,251efe5d/audio/9e845806,1c364d6f,3c4bdfd7/master.json?query_string_ranges=1&base64_init=1 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
origin-retrieved-hour: 1660870800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Content-Encoding: gzip
Content-Length: 3807
Aka-c-hit: cache-hit
Cache-Control: max-age=31533102
Date: Tue, 22 Nov 2022 08:53:04 GMT
Connection: keep-alive
Vary: Accept-Encoding
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.844c2417.1669107184.3fa560b
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
events.api.secureserver.net/t/1/tl/event?cts=1669107183295&dh=dreamfestival.org&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1509342786&cv=2.0.0&z=1047719098&vg=ff360328-eae2-557a-81c2-78ee23a8de00&vtg=ff360328-eae2-557a-81c2-78ee23a8de00&dp=%2F&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22aa1fb9b2-896f-4ef9-be21-3bae706e78f6%22%2C%22pd%22%3A%222022-11-14T15%3A21%3A42.123Z%22%2C%22meta.numWidgets%22%3A21%2C%22meta.theme%22%3A%22layout27%22%2C%22meta.headerMediaType%22%3A%22Video%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Atrue%2C%22meta.isMembership%22%3Atrue%7D&hit_id=6194cf5e-250a-5de6-b8ce-2baa5384f23d&ht=pageview
23.72.139.72200 OK 43 B URL HTTP/2 events.api.secureserver.net/t/1/tl/event?cts=1669107183295&dh=dreamfestival.org&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1509342786&cv=2.0.0&z=1047719098&vg=ff360328-eae2-557a-81c2-78ee23a8de00&vtg=ff360328-eae2-557a-81c2-78ee23a8de00&dp=%2F&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22aa1fb9b2-896f-4ef9-be21-3bae706e78f6%22%2C%22pd%22%3A%222022-11-14T15%3A21%3A42.123Z%22%2C%22meta.numWidgets%22%3A21%2C%22meta.theme%22%3A%22layout27%22%2C%22meta.headerMediaType%22%3A%22Video%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Atrue%2C%22meta.isMembership%22%3Atrue%7D&hit_id=6194cf5e-250a-5de6-b8ce-2baa5384f23d&ht=pageview
IP 23.72.139.72:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /t/1/tl/event?cts=1669107183295&dh=dreamfestival.org&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1509342786&cv=2.0.0&z=1047719098&vg=ff360328-eae2-557a-81c2-78ee23a8de00&vtg=ff360328-eae2-557a-81c2-78ee23a8de00&dp=%2F&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22aa1fb9b2-896f-4ef9-be21-3bae706e78f6%22%2C%22pd%22%3A%222022-11-14T15%3A21%3A42.123Z%22%2C%22meta.numWidgets%22%3A21%2C%22meta.theme%22%3A%22layout27%22%2C%22meta.headerMediaType%22%3A%22Video%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Atrue%2C%22meta.isMembership%22%3Atrue%7D&hit_id=6194cf5e-250a-5de6-b8ce-2baa5384f23d&ht=pageview HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://dreamfestival.org
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Tue, 22 Nov 2022 08:53:04 GMT
X-Firefox-Spdy: h2
152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/audio/66d1d3c3/chop/segment-1.m4s?r=dXM%3D
23.36.76.136200 OK 97 kB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/audio/66d1d3c3/chop/segment-1.m4s?r=dXM%3D
IP 23.36.76.136:0
ASN #20940 Akamai International B.V.
Hash 82d6d9ace0a02b537d568f0f54942048
f607c5b9b222c34a84f55c3a906e992a1f7c8edb
7c28152f1da3f808588bf5ff476db4b7ef67d34cf262eabffcd10243b066ff9b
GET /exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/sep/audio/66d1d3c3/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 96783
ETag: 04046ffd7138c89629f8cdb1543ef6c4
using-starlord: true
origin-retrieved-hour: 1660770000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31512680
Date: Tue, 22 Nov 2022 08:53:04 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.844c2417.1669107184.3fa561b
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
ocsp.starfieldtech.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 354979353c4da59101b3d69fff7f7974
eba0ea13cdb4518a60c322ff492a94c03782f083
c2e5aef553554affe7b3b96aa38b9d1b290e45cdf4a55334b289994c90822a75
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 08:53:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 21 Nov 2022 20:10:20 GMT
Expires: Tue, 22 Nov 2022 20:10:20 GMT
ETag: "eba0ea13cdb4518a60c322ff492a94c03782f083"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.3:0
Hash 2da5dce37570dfb4dce7a8763e6e1847
76082633c448907b102ed1bbc8408dddc4852f91
d8ae08acd44c9158314a46977fb7eda97e9c339f0e7222fc473e5ca61023e6df
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.3:0
Hash 2da5dce37570dfb4dce7a8763e6e1847
76082633c448907b102ed1bbc8408dddc4852f91
d8ae08acd44c9158314a46977fb7eda97e9c339f0e7222fc473e5ca61023e6df
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/70366016.mp4?r=dXM%3D&range=912-239530
23.36.76.136200 OK 239 kB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/70366016.mp4?r=dXM%3D&range=912-239530
IP 23.36.76.136:0
ASN #20940 Akamai International B.V.
Size 239 kB (238619 bytes)
Hash 604ef9e9393769ecacf0281b8521fd72
fcea7aa1e6e1e3ff38446f6338d7eaf20f3e81b5
3effa24d63ffa16e9bb0d738210fdca21ae98ebdc174a4b3454dd3f0fccd6dd1
GET /exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/70366016.mp4?r=dXM%3D&range=912-239530 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 238619
Last-Modified: Wed, 17 Aug 2022 18:49:05 GMT
Server: parcel
origin-retrieved-hour: 1660759200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31535945
Expires: Wed, 22 Nov 2023 08:52:09 GMT
Date: Tue, 22 Nov 2022 08:53:04 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.844c2417.1669107184.3fa562e
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:3fa562e~time:1669107184~ghostforwardip:2.19.98.17~edgecache:cache-miss~rtt:0~region:NO-; path=/; domain=.akamaized.net;
dreamfestival.org/online-games
13.248.243.5200 OK 18 kB URL HTTP/2 dreamfestival.org/online-games
IP 13.248.243.5:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (34378)
Hash e6165c0429f5c2e29df9fe1bf9fd1d6c
4a4582cbe1f7eeb35166cc5e51b58f96283d2c5c
54239b20b4b57cda1935ea0cb6c010fd01c49e06d2d12aa1400c741ffee26b07
Analyzer Verdict Alert fortinet Phishing
GET /online-games HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=eu-central-1; _tccl_visitor=ff360328-eae2-557a-81c2-78ee23a8de00; _tccl_visit=ff360328-eae2-557a-81c2-78ee23a8de00
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWzfAw0Y.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
content-type: text/html;charset=utf-8
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/; secure
etag: eb5613d158d2245376254809b8399009
content-encoding: br
date: Tue, 22 Nov 2022 08:53:04 GMT
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=c9fc2eec1f0c40ec1bbb35f7f7d80a8c8787b69a1669107183
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=c9fc2eec1f0c40ec1bbb35f7f7d80a8c8787b69a1669107183
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=c9fc2eec1f0c40ec1bbb35f7f7d80a8c8787b69a1669107183 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1751
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 22 Nov 2022 08:53:04 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
player-telemetry.vimeo.com/player-events/log/play
34.120.202.204200 OK 0 B URL HTTP/2 player-telemetry.vimeo.com/player-events/log/play
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /player-events/log/play HTTP/1.1
Host: player-telemetry.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 657
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
content-type: text/html; charset=UTF-8
date: Tue, 22 Nov 2022 08:53:04 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=c9fc2eec1f0c40ec1bbb35f7f7d80a8c8787b69a1669107183
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=c9fc2eec1f0c40ec1bbb35f7f7d80a8c8787b69a1669107183
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=c9fc2eec1f0c40ec1bbb35f7f7d80a8c8787b69a1669107183 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1459
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 22 Nov 2022 08:53:04 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.3:0
Hash 2da5dce37570dfb4dce7a8763e6e1847
76082633c448907b102ed1bbc8408dddc4852f91
d8ae08acd44c9158314a46977fb7eda97e9c339f0e7222fc473e5ca61023e6df
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.3:0
Hash 2da5dce37570dfb4dce7a8763e6e1847
76082633c448907b102ed1bbc8408dddc4852f91
d8ae08acd44c9158314a46977fb7eda97e9c339f0e7222fc473e5ca61023e6df
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=790-144146
23.36.76.136200 OK 143 kB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=790-144146
IP 23.36.76.136:0
ASN #20940 Akamai International B.V.
Size 143 kB (143357 bytes)
Hash 172c580f1e70c83faf31fb7c439f3a15
04f677e204cc8ac39229f373312d359ee1457a47
f8b8d548a8f93f6d0655e5c1cb187ce3b1c05bfdc4d761a4fa59db34506ee0ce
GET /exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=790-144146 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 143357
Last-Modified: Wed, 17 Aug 2022 18:48:56 GMT
Server: parcel
origin-retrieved-hour: 1660770000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=30063463
Expires: Sun, 05 Nov 2023 07:50:47 GMT
Date: Tue, 22 Nov 2022 08:53:04 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.844c2417.1669107184.3fa5638
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:3fa5638~time:1669107184~ghostforwardip:2.19.98.17~edgecache:cache-miss~rtt:3~region:NO-; path=/; domain=.akamaized.net;
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5674
Expires: Tue, 22 Nov 2022 10:27:38 GMT
Date: Tue, 22 Nov 2022 08:53:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5674
Expires: Tue, 22 Nov 2022 10:27:38 GMT
Date: Tue, 22 Nov 2022 08:53:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5674
Expires: Tue, 22 Nov 2022 10:27:38 GMT
Date: Tue, 22 Nov 2022 08:53:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42393be4-96e6-4fee-afa8-60cac6e267b3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42393be4-96e6-4fee-afa8-60cac6e267b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5bb00c9b254742a11d702be8af57119
e8969b4e036498b7b2de1c12e3b9181e7443afe8
6577c4bf05ebde80d47002fb4630c145a8220b81aa9d69790b1e0182b9c99c02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42393be4-96e6-4fee-afa8-60cac6e267b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10955
x-amzn-requestid: 455b2a98-a843-424d-92fe-13cea7aaa426
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-JLvGMvoAMFgQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bef17-02c2af195b3088e8781f7d65;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGKctwdD4oSZt8YfYIgU_CYD1HN0aK6FOnTVoEvlTCabkciD5dgK6w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:59:36 GMT
age: 39208
etag: "e8969b4e036498b7b2de1c12e3b9181e7443afe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ba1792-f86a-406e-8e1c-f133f0fb8d73.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ba1792-f86a-406e-8e1c-f133f0fb8d73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253593d1b3f90aa54d0748688fbb09ac
470c54ca28e1e5c56828c8c7f9849374061f501e
d8d331519f526b1117e4f67b0fb5fb46f400a63d1cb5757a3f22201ea70301ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ba1792-f86a-406e-8e1c-f133f0fb8d73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9598
x-amzn-requestid: a713ce94-2441-4288-b6d8-cd6b638274b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IqVGgJoAMFz5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee41-5ed8e45c664203e137f8c92b;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nFfq7s1220lni0ZvVlfHyEHo9IzXlySilW-uCgLVC1nnjo4jOaHDPw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:34:52 GMT
age: 37092
etag: "470c54ca28e1e5c56828c8c7f9849374061f501e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd770f2a4-df6c-467f-9831-3297f524941e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd770f2a4-df6c-467f-9831-3297f524941e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 296559cb68d1f42b8b9e5d5e5a8167bc
a4b04d0296539fa5063b1f464d2c461be37491a5
eeab74cba5a5a12453a831f9d7e002999c6752576f8a2f31a7040158a7f57bee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd770f2a4-df6c-467f-9831-3297f524941e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11343
x-amzn-requestid: 5af18795-3668-4174-a2cf-47a020d665f2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6pEjEIAMF3pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-26f7d1cd340cb8ab3ab6c81b;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H6tjj0BtgHgcETfLkgynpkUp4BHwPlJq91XFrzdImb-nOJx1hGPQOA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:34:53 GMT
age: 37091
etag: "a4b04d0296539fa5063b1f464d2c461be37491a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 06:05:40 GMT
age: 10044
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F359c7e24-81c9-4605-bf89-c3a58f4c72b2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F359c7e24-81c9-4605-bf89-c3a58f4c72b2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3675a1c1e9e3bfc3d16d71644b4c7ab1
c09ea0df36485d017a0fea2c992f5a5676d42d7c
6771ed9a8f8fbcc5c822f261c71018296febd92463c56662f3af6fe793248227
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F359c7e24-81c9-4605-bf89-c3a58f4c72b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11088
x-amzn-requestid: 3a42e1ee-d63c-4a40-8122-22ea5775bd5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6nFpMoAMF3gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-01b48ea07786649b466b9b29;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QDkzifM71KejjNwstX70B3QktoK01Nfq7tcoHuC5EqOqELF6z0sHfQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:47:01 GMT
etag: "c09ea0df36485d017a0fea2c992f5a5676d42d7c"
content-type: image/jpeg
age: 39963
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1372997b-0a59-409c-abfc-e43335bb3c99.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1372997b-0a59-409c-abfc-e43335bb3c99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9966de3441666a87569e1035e7849a5d
537e1122532b97637319252662d25be5edcd8009
032f9fd899993bde783fee0123a1568e65fb6dd3810666813fc878263d5b6387
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1372997b-0a59-409c-abfc-e43335bb3c99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6574
x-amzn-requestid: fd74522d-9523-48da-a94a-72ff65e6a15b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I61E_pIAMFnfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeab-6f916e413d39bea94b0e137f;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VuPgTium3lWMOuUdkZ50LFGHdpuAaiHusb2fkYQNw4FgB_MkNVO0Zw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:05:17 GMT
age: 38867
etag: "537e1122532b97637319252662d25be5edcd8009"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=914-2723138
23.36.76.136200 OK 2.7 MB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=914-2723138
IP 23.36.76.136:0
ASN #20940 Akamai International B.V.
Size 2.7 MB (2722225 bytes)
Hash b21074f72142a32819ed6afd1daebe2c
9d9335a955687bff55f302b06cd6f8e91a61e8e0
f5a328143c4016b0138cdda90a7a28d27ad1cdcd137850ac5f3685e4e2f57ab6
GET /exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=914-2723138 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 2722225
Last-Modified: Wed, 17 Aug 2022 18:49:42 GMT
Server: parcel
origin-retrieved-hour: 1660759200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31535957
Expires: Wed, 22 Nov 2023 08:52:21 GMT
Date: Tue, 22 Nov 2022 08:53:04 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.844c2417.1669107184.3fa563f
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:3fa563f~time:1669107184~ghostforwardip:2.19.98.17~edgecache:cache-miss~rtt:0~region:NO-; path=/; domain=.akamaized.net;
dreamfestival.org/about-us
13.248.243.5200 OK 185 kB URL HTTP/2 dreamfestival.org/about-us
IP 13.248.243.5:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30801)
Size 185 kB (184977 bytes)
Hash 06db80dc51d51200b5d8be2534d84582
0c64fd7a80643c2c768531277c40f5e6cc25f59d
b5c191899cbcdd4befae9b347128599e7b4925472ae568f3f6a9c07c0ffb0fdc
Analyzer Verdict Alert fortinet Phishing
GET /about-us HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=eu-central-1; _tccl_visitor=ff360328-eae2-557a-81c2-78ee23a8de00; _tccl_visit=ff360328-eae2-557a-81c2-78ee23a8de00
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWzfAw0Y.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
content-type: text/html;charset=utf-8
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/; secure
etag: ae7629e8d448b79c46c1b12d87a39ecd
content-encoding: br
date: Tue, 22 Nov 2022 08:53:05 GMT
X-Firefox-Spdy: h2
152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=2723139-4677552
23.36.76.136200 OK 2.0 MB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=2723139-4677552
IP 23.36.76.136:0
ASN #20940 Akamai International B.V.
Size 2.0 MB (1954414 bytes)
Hash e15d2d570da030f8ca485299f97812b3
57a7a2eb80dd6ff4c33fea371ab6f975f2e67e70
fa2346aacd2be7a89f0fad42c7a23f0ca0f400d551564bb647ca0986ca8902dd
GET /exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=2723139-4677552 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1954414
Last-Modified: Wed, 17 Aug 2022 18:49:42 GMT
Server: parcel
origin-retrieved-hour: 1660759200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=29631436
Expires: Tue, 31 Oct 2023 07:50:21 GMT
Date: Tue, 22 Nov 2022 08:53:05 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.844c2417.1669107185.3fa566a
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:3fa566a~time:1669107185~ghostforwardip:2.19.98.17~edgecache:cache-miss~rtt:5~region:NO-; path=/; domain=.akamaized.net;
152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=287690-430587
23.36.76.136200 OK 143 kB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=287690-430587
IP 23.36.76.136:0
ASN #20940 Akamai International B.V.
Size 143 kB (142898 bytes)
Hash d84e3a707f43f95415377490c5704b50
d80482839e69e9b4f46f0e996802e3eab7d9760b
03063aa2d0c06ccef18edfb4b073b9a464680fbe5329f902ba5e7538aba2d673
GET /exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=287690-430587 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 142898
ETag: "-CIrLzonFzvkCEAI="
Last-Modified: Wed, 17 Aug 2022 18:48:56 GMT
Server: parcel
origin-retrieved-hour: 1665216000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31535994
Date: Tue, 22 Nov 2022 08:53:06 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.844c2417.1669107186.3fa568b
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:3fa568b~time:1669107186~ghostforwardip:2.19.98.17~edgecache:cache-miss~rtt:0~region:NO-; path=/; domain=.akamaized.net;
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1ziqjnl68gola.cloudfront.net/_next/static/g5AmJuCJETe0AWHq7toVS/_buildManifest.js
143.204.42.173200 OK 283 B URL HTTP/2 d1ziqjnl68gola.cloudfront.net/_next/static/g5AmJuCJETe0AWHq7toVS/_buildManifest.js
IP 143.204.42.173:0
File type ASCII text, with no line terminators
Hash c46f314d02fb61945ddf38571e6f8825
abeb6d5ecb6131cfaa9693b377bb16b79493412e
c3ebf7fe18038764820fa71bbfd7c6e9a8d482bf005d8ae3b04b96114a756e7c
GET /_next/static/g5AmJuCJETe0AWHq7toVS/_buildManifest.js HTTP/1.1
Host: d1ziqjnl68gola.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 283
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 31 Oct 2022 19:10:06 GMT
date: Tue, 22 Nov 2022 08:53:06 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"11b-1842f7372b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xiCjIDPcD3jgOKm_BmFPvnAE67ndwYUkjdlCC9oFZar3jnQ23FG_tg==
age: 369
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 08:53:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=4677553-6398121
23.36.76.136200 OK 1.7 MB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=4677553-6398121
IP 23.36.76.136:0
ASN #20940 Akamai International B.V.
Size 1.7 MB (1720569 bytes)
Hash 4d3fdb919d0dbbd9dfffc03064fb6e4f
5510f8d2940d51f1b7b700d428af0292a7957f20
d886cb8c09f61149cbe4f4df7ba4b2f6fb321b326f0523a9d4b6c0e577830663
GET /exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/video/dcf74872.mp4?r=dXM%3D&range=4677553-6398121 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1720569
Last-Modified: Wed, 17 Aug 2022 18:49:42 GMT
Server: parcel
origin-retrieved-hour: 1660759200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=31536000
Expires: Wed, 22 Nov 2023 08:53:06 GMT
Date: Tue, 22 Nov 2022 08:53:06 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.844c2417.1669107186.3fa5691
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:3fa5691~time:1669107186~ghostforwardip:2.19.98.17~edgecache:cache-miss~rtt:1~region:NO-; path=/; domain=.akamaized.net;
152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=430588-582977
23.36.76.136200 OK 152 kB URL HTTP/1.1 152vod-adaptive.akamaized.net/exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=430588-582977
IP 23.36.76.136:0
ASN #20940 Akamai International B.V.
Size 152 kB (152390 bytes)
Hash cc636d9e8839dd870164269b498724f1
64aadf9816cc88973dee50f7b419a9b33ada56f2
831d461e3cc7dcbda1dea7129e6ee0144015775f6747fafa8825d8a417d4c155
GET /exp=1669111083~acl=%2F201b5170-d05f-44c5-8071-f79aab5a6fa7%2F%2A~hmac=d7af661b041cf83caea202383f0d70f3065a02ae7bfe3beb0d5c05367e6f9500/201b5170-d05f-44c5-8071-f79aab5a6fa7/parcel/audio/3c4bdfd7.mp4?r=dXM%3D&range=430588-582977 HTTP/1.1
Host: 152vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 152390
ETag: "-CIrLzonFzvkCEAI="
Last-Modified: Wed, 17 Aug 2022 18:48:56 GMT
Server: parcel
origin-retrieved-hour: 1665216000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31536000
Date: Tue, 22 Nov 2022 08:53:06 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.844c2417.1669107186.3fa56ad
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.136
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.136~requestid:3fa56ad~time:1669107186~ghostforwardip:2.19.98.17~edgecache:cache-miss~rtt:0~region:NO-; path=/; domain=.akamaized.net;
cart-checkout.secureserver.net/api/websites/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/tax-settings
34.213.22.94200 OK 2 B URL HTTP/2 cart-checkout.secureserver.net/api/websites/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/tax-settings
IP 34.213.22.94:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /api/websites/aa1fb9b2-896f-4ef9-be21-3bae706e78f6/tax-settings HTTP/1.1
Host: cart-checkout.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 08:53:06 GMT
content-type: application/json; charset=utf-8
content-length: 2
x-powered-by: Express
access-control-allow-origin: https://dreamfestival.org
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash b512022166f076b4f637d730c1de561e
77b80c7a829d3ea1d2edf0027c102b079cd5a61f
a659909c4f05243badd830ebc3443c1a8cac06253c3c5783645cf5eb71afb05b
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 08:53:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 21 Nov 2022 20:47:37 GMT
Expires: Tue, 22 Nov 2022 20:47:37 GMT
ETag: "77b80c7a829d3ea1d2edf0027c102b079cd5a61f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
dreamfestival.org/g/api/checkout/v2/cart?websiteId=aa1fb9b2-896f-4ef9-be21-3bae706e78f6
13.248.243.5200 OK 232 B URL HTTP/2 dreamfestival.org/g/api/checkout/v2/cart?websiteId=aa1fb9b2-896f-4ef9-be21-3bae706e78f6
IP 13.248.243.5:0
File type JSON data\012- , ASCII text, with no line terminators
Hash caf540aa02af551e83f153cd0ff0bf9f
09fb3205f470d0cca5653080cbf08e3c3eeb9fc7
2eb20eacf0db4ef0d04c95fbd32fc4dc34915de1d380948aec66f43c194cf9da
Analyzer Verdict Alert fortinet Phishing
POST /g/api/checkout/v2/cart?websiteId=aa1fb9b2-896f-4ef9-be21-3bae706e78f6 HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
traceparent: 00-c9569aa56300c93a2008a454b3399e93-6ce72ffd48d92b6b-01
Content-Length: 375
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/g/api/cart/cart?cartNotifyTimeout=5000&websiteId=aa1fb9b2-896f-4ef9-be21-3bae706e78f6&env=production&cartUrl=https://dreamfestival.org/g/api/cart&websiteUrl=https://dreamfestival.org
Cookie: dps_site_id=eu-central-1; _tccl_visitor=ff360328-eae2-557a-81c2-78ee23a8de00; _tccl_visit=ff360328-eae2-557a-81c2-78ee23a8de00; commerce_cart_aa1fb9b2-896f-4ef9-be21-3bae706e78f6_locale=%22en-US%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 08:53:07 GMT
content-type: application/json; charset=utf-8
content-length: 232
access-control-allow-credentials: true
etag: W/"e8-CfsyBfRw0MylZTCAy/COPD7rn8c"
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/; secure
X-Firefox-Spdy: h2
gopay-checkout-settings.secureserver.net/v1/settings/public/aa1fb9b2-896f-4ef9-be21-3bae706e78f6
34.211.93.225200 OK 138 B URL HTTP/2 gopay-checkout-settings.secureserver.net/v1/settings/public/aa1fb9b2-896f-4ef9-be21-3bae706e78f6
IP 34.211.93.225:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0ea1f5f2fcdc2eddc663c8555ed3d631
9aa43d51894fa4f6549bae7c7c0cb9d104252c40
bda6b5cc35d3c4c591df1bf9026e7a501e0731337e82d6d68d4f8652557e413d
GET /v1/settings/public/aa1fb9b2-896f-4ef9-be21-3bae706e78f6 HTTP/1.1
Host: gopay-checkout-settings.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamfestival.org
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 08:53:07 GMT
content-type: application/json; charset=utf-8
content-length: 138
x-powered-by: Express
access-control-allow-origin: https://dreamfestival.org
vary: Origin
access-control-allow-credentials: true
x-trace-id: df191e607161e1e102755c26b5e5d4a2
etag: W/"8a-mqQ9UYlPpPZUm658fAy50QQlLEA"
X-Firefox-Spdy: h2
d1ziqjnl68gola.cloudfront.net/_next/static/chunks/c78d26b1.772e4c14fa5edbdbb4d3.js
143.204.42.173200 OK 0 B URL HTTP/2 d1ziqjnl68gola.cloudfront.net/_next/static/chunks/c78d26b1.772e4c14fa5edbdbb4d3.js
IP 143.204.42.173:0
GET /_next/static/chunks/c78d26b1.772e4c14fa5edbdbb4d3.js HTTP/1.1
Host: d1ziqjnl68gola.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 31 Oct 2022 19:10:06 GMT
content-encoding: gzip
date: Tue, 22 Nov 2022 08:53:06 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"11945-1842f7372b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ewb7wVGsHJoD3iM3uAh0vcGiT3C06e9xJqrkJfFB56L2LJVoKk5oHQ==
age: 482
X-Firefox-Spdy: h2
d1ziqjnl68gola.cloudfront.net/_next/static/chunks/839fa7979652a41bbca1971fa5212d8c22a21c69.acd111164c723ce9d955.js
143.204.42.173200 OK 0 B URL HTTP/2 d1ziqjnl68gola.cloudfront.net/_next/static/chunks/839fa7979652a41bbca1971fa5212d8c22a21c69.acd111164c723ce9d955.js
IP 143.204.42.173:0
GET /_next/static/chunks/839fa7979652a41bbca1971fa5212d8c22a21c69.acd111164c723ce9d955.js HTTP/1.1
Host: d1ziqjnl68gola.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 31 Oct 2022 19:10:06 GMT
content-encoding: gzip
date: Tue, 22 Nov 2022 08:53:06 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"18219-1842f7372b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mTO5TpL60_Ly_4zM96EJbfx-SoLHBolRltcTChU3X_C_mIwE9Rqsiw==
age: 367
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Gudea:400,400i,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Gudea:400,400i,700&display=swap
IP 142.250.74.10:0
GET /css?family=Gudea:400,400i,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 08:53:06 GMT
date: Tue, 22 Nov 2022 08:53:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dreamfestival.org/open-new-bank-account
13.248.243.5200 OK 0 B URL HTTP/2 dreamfestival.org/open-new-bank-account
IP 13.248.243.5:0
Analyzer Verdict Alert fortinet Phishing
GET /open-new-bank-account HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=eu-central-1; _tccl_visitor=ff360328-eae2-557a-81c2-78ee23a8de00; _tccl_visit=ff360328-eae2-557a-81c2-78ee23a8de00
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWzfAw0Y.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
content-type: text/html;charset=utf-8
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/; secure
etag: 5a827c944d5baee42f88fc99e2ff06ec
content-encoding: br
date: Tue, 22 Nov 2022 08:53:04 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Old+Standard+TT:400,400i&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Old+Standard+TT:400,400i&display=swap
IP 142.250.74.10:0
GET /css?family=Old+Standard+TT:400,400i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 08:53:06 GMT
date: Tue, 22 Nov 2022 08:53:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d1ziqjnl68gola.cloudfront.net/_next/static/runtime/main-c571f3fc3c8603f2a35f.js
143.204.42.173200 OK 0 B URL HTTP/2 d1ziqjnl68gola.cloudfront.net/_next/static/runtime/main-c571f3fc3c8603f2a35f.js
IP 143.204.42.173:0
GET /_next/static/runtime/main-c571f3fc3c8603f2a35f.js HTTP/1.1
Host: d1ziqjnl68gola.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 31 Oct 2022 19:10:06 GMT
content-encoding: gzip
date: Tue, 22 Nov 2022 08:53:06 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"aa2e-1842f7372b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c2QAfVny2Zji7_qGbzMQl8ILKOCsMvSXazJ2gAxIqMCUF5aFjLIaXw==
age: 366
X-Firefox-Spdy: h2
dreamfestival.org/sw.js
13.248.243.5200 OK 0 B IP 13.248.243.5:0
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: dps_site_id=eu-central-1; _tccl_visitor=ff360328-eae2-557a-81c2-78ee23a8de00; _tccl_visit=ff360328-eae2-557a-81c2-78ee23a8de00
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
content-type: application/javascript
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/; secure
etag: 3ea1725e55af437697a89909a242b593
content-encoding: br
date: Tue, 22 Nov 2022 08:53:03 GMT
X-Firefox-Spdy: h2
dreamfestival.org/
13.248.243.5200 OK 0 B IP 13.248.243.5:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=eu-central-1; _tccl_visitor=ff360328-eae2-557a-81c2-78ee23a8de00; _tccl_visit=ff360328-eae2-557a-81c2-78ee23a8de00
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWzfAw0Y.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
content-type: text/html;charset=utf-8
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/; secure
etag: 5cd97c85be11ee6c4d80f5288cc481a4
content-encoding: br
date: Tue, 22 Nov 2022 08:53:05 GMT
X-Firefox-Spdy: h2
d1ziqjnl68gola.cloudfront.net/_next/static/chunks/a8b3f4232d5ec0009e311cd4f41ef141abb8a748.a691e46e20343de5cd49.js
143.204.42.173200 OK 0 B URL HTTP/2 d1ziqjnl68gola.cloudfront.net/_next/static/chunks/a8b3f4232d5ec0009e311cd4f41ef141abb8a748.a691e46e20343de5cd49.js
IP 143.204.42.173:0
GET /_next/static/chunks/a8b3f4232d5ec0009e311cd4f41ef141abb8a748.a691e46e20343de5cd49.js HTTP/1.1
Host: d1ziqjnl68gola.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 31 Oct 2022 19:10:06 GMT
content-encoding: gzip
date: Tue, 22 Nov 2022 08:53:06 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"c7c7-1842f7372b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g_jkUKiG0ebrMMgEi2fUFs_cYyRsRAHubfhN0FSW2J9Y8_g8izHsGQ==
age: 366
X-Firefox-Spdy: h2
d1ziqjnl68gola.cloudfront.net/_next/static/chunks/commons.f97544ffa7cfed0a353c.js
143.204.42.173200 OK 0 B URL HTTP/2 d1ziqjnl68gola.cloudfront.net/_next/static/chunks/commons.f97544ffa7cfed0a353c.js
IP 143.204.42.173:0
GET /_next/static/chunks/commons.f97544ffa7cfed0a353c.js HTTP/1.1
Host: d1ziqjnl68gola.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 31 Oct 2022 19:10:06 GMT
content-encoding: gzip
date: Tue, 22 Nov 2022 08:53:06 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"831f-1842f7372b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Gf0iz_j4rM1WVN35W3OhBpmKA4-Oh-pb7lEADHxx8L0D8Kz_DCCb9A==
age: 341
X-Firefox-Spdy: h2
d1ziqjnl68gola.cloudfront.net/_next/static/chunks/framework.7c3134b4fff25e0e0b1b.js
143.204.42.173200 OK 0 B URL HTTP/2 d1ziqjnl68gola.cloudfront.net/_next/static/chunks/framework.7c3134b4fff25e0e0b1b.js
IP 143.204.42.173:0
GET /_next/static/chunks/framework.7c3134b4fff25e0e0b1b.js HTTP/1.1
Host: d1ziqjnl68gola.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 31 Oct 2022 19:10:06 GMT
content-encoding: gzip
date: Tue, 22 Nov 2022 08:53:06 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"1fd8f-1842f7372b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sfkOJ5D9YEfKEvYmYYbRcNDlgpuz5TTXs5EigmIPY1eEhn4WjoQ0Kg==
age: 366
X-Firefox-Spdy: h2
dreamfestival.org/marketing-competition
13.248.243.5200 OK 0 B URL HTTP/2 dreamfestival.org/marketing-competition
IP 13.248.243.5:0
Analyzer Verdict Alert fortinet Phishing
GET /marketing-competition HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=eu-central-1; _tccl_visitor=ff360328-eae2-557a-81c2-78ee23a8de00; _tccl_visit=ff360328-eae2-557a-81c2-78ee23a8de00
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWzfAw0Y.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
content-type: text/html;charset=utf-8
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/; secure
etag: 9b783e32a68a43b5c0563a27a8076dc3
content-encoding: br
date: Tue, 22 Nov 2022 08:53:04 GMT
X-Firefox-Spdy: h2
dreamfestival.org/favicon.ico
13.248.243.5404 Not Found 0 B URL HTTP/2 dreamfestival.org/favicon.ico
IP 13.248.243.5:0
GET /favicon.ico HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Cookie: dps_site_id=eu-central-1; _tccl_visitor=ff360328-eae2-557a-81c2-78ee23a8de00; _tccl_visit=ff360328-eae2-557a-81c2-78ee23a8de00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWzfAw0Y.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
content-type: text/html;charset=utf-8
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/; secure
content-encoding: br
date: Tue, 22 Nov 2022 08:53:03 GMT
X-Firefox-Spdy: h2
cart-checkout.secureserver.net/dist/embed.js
34.213.22.94200 OK 0 B URL HTTP/2 cart-checkout.secureserver.net/dist/embed.js
IP 34.213.22.94:0
GET /dist/embed.js HTTP/1.1
Host: cart-checkout.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 08:53:04 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Mon, 31 Oct 2022 19:10:06 GMT
etag: W/"24c4-1842f7372b0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dreamfestival.org/dream-store-app
13.248.243.5200 OK 0 B URL HTTP/2 dreamfestival.org/dream-store-app
IP 13.248.243.5:0
Analyzer Verdict Alert fortinet Phishing
GET /dream-store-app HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=eu-central-1; _tccl_visitor=ff360328-eae2-557a-81c2-78ee23a8de00; _tccl_visit=ff360328-eae2-557a-81c2-78ee23a8de00
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWzfAw0Y.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
content-type: text/html;charset=utf-8
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/; secure
etag: 1c92e3a4e94e3d7e8c08f2d1952bb393
content-encoding: br
date: Tue, 22 Nov 2022 08:53:05 GMT
X-Firefox-Spdy: h2
dreamfestival.org/car-show
13.248.243.5200 OK 0 B URL HTTP/2 dreamfestival.org/car-show
IP 13.248.243.5:0
Analyzer Verdict Alert fortinet Phishing
GET /car-show HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamfestival.org/sw.js
Connection: keep-alive
Cookie: dps_site_id=eu-central-1; _tccl_visitor=ff360328-eae2-557a-81c2-78ee23a8de00; _tccl_visit=ff360328-eae2-557a-81c2-78ee23a8de00
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWzfAw0Y.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
content-type: text/html;charset=utf-8
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/; secure
etag: eb2017b176d36cacca39c14296e743ad
content-encoding: br
date: Tue, 22 Nov 2022 08:53:05 GMT
X-Firefox-Spdy: h2
dreamfestival.org/g/api/cart/cart?cartNotifyTimeout=5000&websiteId=aa1fb9b2-896f-4ef9-be21-3bae706e78f6&env=production&cartUrl=https://dreamfestival.org/g/api/cart&websiteUrl=https://dreamfestival.org
13.248.243.5200 OK 0 B URL HTTP/2 dreamfestival.org/g/api/cart/cart?cartNotifyTimeout=5000&websiteId=aa1fb9b2-896f-4ef9-be21-3bae706e78f6&env=production&cartUrl=https://dreamfestival.org/g/api/cart&websiteUrl=https://dreamfestival.org
IP 13.248.243.5:0
GET /g/api/cart/cart?cartNotifyTimeout=5000&websiteId=aa1fb9b2-896f-4ef9-be21-3bae706e78f6&env=production&cartUrl=https://dreamfestival.org/g/api/cart&websiteUrl=https://dreamfestival.org HTTP/1.1
Host: dreamfestival.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Cookie: dps_site_id=eu-central-1; _tccl_visitor=ff360328-eae2-557a-81c2-78ee23a8de00; _tccl_visit=ff360328-eae2-557a-81c2-78ee23a8de00
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 08:53:06 GMT
content-type: text/html; charset=utf-8
set-cookie: commerce_cart_aa1fb9b2-896f-4ef9-be21-3bae706e78f6_locale=%22en-US%22; Max-Age=86400; Path=/; Secure; SameSite=None
dps_site_id=eu-central-1; path=/; secure
etag: "4f35-5Q2rSkZEZzny844wME2R0Hvj/L0"
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
content-encoding: br
X-Firefox-Spdy: h2
d1ziqjnl68gola.cloudfront.net/_next/static/chunks/c8b05f54.171267e02d8683b21e5e.js
143.204.42.173200 OK 0 B URL HTTP/2 d1ziqjnl68gola.cloudfront.net/_next/static/chunks/c8b05f54.171267e02d8683b21e5e.js
IP 143.204.42.173:0
GET /_next/static/chunks/c8b05f54.171267e02d8683b21e5e.js HTTP/1.1
Host: d1ziqjnl68gola.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 31 Oct 2022 19:10:06 GMT
content-encoding: gzip
date: Tue, 22 Nov 2022 08:53:06 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"c35c-1842f7372b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HsgxzvtPbIBD9zWSQDDxHFOCq31Yr5aXI-p9imvwdTepSpT-qIkVqg==
age: 366
X-Firefox-Spdy: h2
cdn.reamaze.com/assets/reamaze-godaddy-loader.js
104.22.8.8200 OK 0 B URL HTTP/2 cdn.reamaze.com/assets/reamaze-godaddy-loader.js
IP 104.22.8.8:0
GET /assets/reamaze-godaddy-loader.js HTTP/1.1
Host: cdn.reamaze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 08:53:03 GMT
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 21:19:30 GMT
etag: W/"22e-5ed9d07333c80"
cache-control: public, max-age=600, s-maxage=604800
cf-cache-status: HIT
age: 388700
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e06eb87933b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1ziqjnl68gola.cloudfront.net/_next/static/chunks/74eb32b5fe5799c2534ceb48c67a8a4b86f65737.544dddc35fc6eb0935e7.js
143.204.42.173200 OK 0 B URL HTTP/2 d1ziqjnl68gola.cloudfront.net/_next/static/chunks/74eb32b5fe5799c2534ceb48c67a8a4b86f65737.544dddc35fc6eb0935e7.js
IP 143.204.42.173:0
GET /_next/static/chunks/74eb32b5fe5799c2534ceb48c67a8a4b86f65737.544dddc35fc6eb0935e7.js HTTP/1.1
Host: d1ziqjnl68gola.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dreamfestival.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
last-modified: Mon, 31 Oct 2022 19:10:06 GMT
content-encoding: gzip
date: Tue, 22 Nov 2022 08:53:06 GMT
cache-control: public, max-age=31536000, immutable
etag: W/"41f5e-1842f7372b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zp9mrwGJ8S61FJkson_MCSg-ZWMX0itfxne-Fz7Q5FniTyXvoBUZEg==
age: 188
X-Firefox-Spdy: h2