r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14114
Expires: Wed, 25 Jan 2023 23:37:05 GMT
Date: Wed, 25 Jan 2023 19:41:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7058
Expires: Wed, 25 Jan 2023 21:39:29 GMT
Date: Wed, 25 Jan 2023 19:41:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12689
Expires: Wed, 25 Jan 2023 23:13:20 GMT
Date: Wed, 25 Jan 2023 19:41:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 18:42:49 GMT
content-type: application/json
age: 3542
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LcKj4WjDVH254v/GvrVl4VejGRc+d3O0zOTrEbrDIhoprX0koj81h59IPJhzfuQk9xtLIfXJ3eo=
x-amz-request-id: AKC497YNKH6BYG4E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 19:19:47 GMT
age: 1324
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eb4ccb863cebe6485e9395518851153f
52f16d2b71f4986c0f11c156beacd1c6c2e21d70
1cf8ab9f1bd35f692fdeecc1f602b3427513cb1ca50112f5dc26d1f126e1e2bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CF8AB9F1BD35F692FDEECC1F602B3427513CB1CA50112F5DC26D1F126E1E2BC"
Last-Modified: Tue, 24 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4618
Expires: Wed, 25 Jan 2023 20:58:49 GMT
Date: Wed, 25 Jan 2023 19:41:51 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:41:51 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
soulneedsens.line.pm/authen
185.223.93.160302 Found 0 B URL HTTP/1.1 soulneedsens.line.pm/authen
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /authen HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 25 Jan 2023 19:41:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t; expires=Wed, 25-Jan-2023 21:41:52 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://soulneedsens.line.pm/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 19:41:40 GMT
age: 12
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
soulneedsens.line.pm/
185.223.93.160302 Found 0 B IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 25 Jan 2023 19:41:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://soulneedsens.line.pm/authen
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16672
Expires: Thu, 26 Jan 2023 00:19:44 GMT
Date: Wed, 25 Jan 2023 19:41:52 GMT
Connection: keep-alive
soulneedsens.line.pm/authen
185.223.93.160200 OK 5.8 kB URL HTTP/1.1 soulneedsens.line.pm/authen
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (523)
Hash 59cdb7cd2623609ceb780902fb100f66
a0b2eeb71337a00587a77638b32cb574693b8fe4
6ca705455383ea58bb32d6cd2f553212b73bb0dab7cd8c7e75f7ccab9d7ac0a9
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /authen HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5824
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
soulneedsens.line.pm/meta/normalize.css
185.223.93.160200 OK 2.7 kB URL HTTP/1.1 soulneedsens.line.pm/meta/normalize.css
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
Hash b165f8d0baec3b8976de14634861b941
f7eabfa6844712979ef5e274f275c5be39fdc86f
91404eaa9c2b59e842d6694c3bb2128e21253a1780a4a75e33571ed659bd4d8e
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
quad9 Sinkholed
GET /meta/normalize.css HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:52 GMT
Content-Type: text/css
Last-Modified: Tue, 24 Jan 2023 16:11:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63d00315-1e5c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:41:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.166.82.242101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.82.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iIU6CdOb7/a6tWXZ6L3ANA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MZoBjh+OaJicqCy0KI1JmMdgzBs=
soulneedsens.line.pm/meta/webflow.css
185.223.93.160200 OK 9.3 kB URL HTTP/1.1 soulneedsens.line.pm/meta/webflow.css
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type Unicode text, UTF-8 text, with very long lines (2587)
Hash df537de16df2e7abb3a9474300085194
19823a9c07322292173a31cbb15faed3cb97855a
c808edb13043989f1d4f886fa1f0e1a3aaa472f0d8a229f74429b04c13c08813
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
quad9 Sinkholed
GET /meta/webflow.css HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:52 GMT
Content-Type: text/css
Last-Modified: Tue, 24 Jan 2023 16:11:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63d0031a-98c5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
soulneedsens.line.pm/meta/metamask-staging-2.webflow.css
185.223.93.160200 OK 18 kB URL HTTP/1.1 soulneedsens.line.pm/meta/metamask-staging-2.webflow.css
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
Hash 86ed5c43bcc35cee708393d812a5c842
ac66037f44aa618e88099322852936d3e1318afe
df01bd9c7ea82c575f395792b2e5e2b898afc72609cbd067a47144576964ea2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
quad9 Sinkholed
GET /meta/metamask-staging-2.webflow.css HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:52 GMT
Content-Type: text/css
Last-Modified: Tue, 24 Jan 2023 16:11:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63d00315-22adb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
soulneedsens.line.pm/meta/plx.chock.js
185.223.93.160200 OK 311 B URL HTTP/1.1 soulneedsens.line.pm/meta/plx.chock.js
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
Hash bc6a4fa1a731b1746c1d21f104bd6064
865b9fd0868954c03f838366eb2449bab5d388d6
d88bca135a10c80b24a4185a4a08f209c151d82c946a9327ef58590fa12e211b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/plx.chock.js HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Jan 2023 16:11:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63d00316-d41"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
soulneedsens.line.pm/meta/css.html
185.223.93.160200 OK 684 B URL HTTP/1.1 soulneedsens.line.pm/meta/css.html
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
Hash 147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/css.html HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:52 GMT
Content-Type: text/html
Content-Length: 684
Last-Modified: Tue, 24 Jan 2023 16:10:56 GMT
Connection: keep-alive
ETag: "63d00310-2ac"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:41:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221674674893783%22
35.241.9.150200 OK 21 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221674674893783%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (20973), with no line terminators
Hash f77df154fc7d86f817860a56d770c395
dd78c9c011fcedc6fcbbd08262e3235df72833bc
7d5d099a7b0914806de6c5a0adb2d17729eae61b6e8c1513a558d052379a8d26
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221674674893783%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 20973
via: 1.1 google
date: Wed, 25 Jan 2023 19:31:59 GMT
last-modified: Wed, 25 Jan 2023 19:28:13 GMT
content-type: application/json
age: 593
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
soulneedsens.line.pm/meta/webfont.js.download
185.223.93.160200 OK 5.4 kB URL HTTP/1.1 soulneedsens.line.pm/meta/webfont.js.download
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type ASCII text, with very long lines (2134)
Hash 3fce8a085ab686f338e296d255f36db1
2da74358f4d36675c1bfa6ee5ee489e6e54bf401
9f9bbf22ba311465b6bb4c6944f94e2b97caea58227fafef64cf18b9181099c6
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/webfont.js.download HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:52 GMT
Content-Type: application/javascript
Content-Length: 5415
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 16:11:06 GMT
ETag: "3384-5f304c36128a5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
soulneedsens.line.pm/meta/enterprise.js.download
185.223.93.160200 OK 614 B URL HTTP/1.1 soulneedsens.line.pm/meta/enterprise.js.download
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type ASCII text, with very long lines (1008), with no line terminators
Hash 533554dfe842696d43cbbe1be26c9d4b
4bc96c1c9afdca5fddb20c7b172a13afa5cb46e4
f480ee9ffad021062c3251c62acf39842c0fa7e71c7dccdd91ee30524fccb84d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/enterprise.js.download HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:52 GMT
Content-Type: application/javascript
Content-Length: 614
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 16:10:56 GMT
ETag: "3f0-5f304c2c9e9a3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
soulneedsens.line.pm/meta/js
185.223.93.160200 OK 35 kB URL HTTP/1.1 soulneedsens.line.pm/meta/js
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type ASCII text, with very long lines (1815)
Hash 538830958289d9161b34e9b6f0f72488
c516269bf9a738cef82ace7c0525f41a93b2fb75
c0662c29101a79a0c5d62b273cb34b4fa830081d61722e32ec32205f2defd190
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/js HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:52 GMT
Content-Length: 35327
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 16:11:00 GMT
ETag: "168a5-5f304c2fcc159-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
142.250.74.35200 OK 8.4 kB URL HTTP/2 fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Hash 141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://soulneedsens.line.pm
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:12:30 GMT
expires: Tue, 23 Jan 2024 18:12:30 GMT
cache-control: public, max-age=31536000
age: 178163
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
142.250.74.35200 OK 8.2 kB URL HTTP/2 fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP 142.250.74.35:0
File type gzip compressed data, max compression\012- data
Hash 2261f7dba002a37b8fa144a32e31a8dd
95d7c38679bd810c9fb18778e6e6dc02f25b3b5f
d1f6e0422e52bb13d4ad90667f979f9f1a3ee9f2f2c03c2e6332c0179373a53b
GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://soulneedsens.line.pm
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 14:51:21 GMT
expires: Fri, 19 Jan 2024 14:51:21 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
content-type: font/woff2
age: 535832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
soulneedsens.line.pm/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
185.223.93.160200 OK 31 kB URL HTTP/1.1 soulneedsens.line.pm/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type ASCII text, with very long lines (65451)
Hash 888c5fa4504182a0224b264a1fda0e73
65f058a7dead59a8063362241865526eb0148f16
7d757e510b1f0c4d44fd98cc0121da8ca4f44793f8583debdef300fb1dbd3715
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Content-Type: application/javascript
Content-Length: 30910
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 16:10:59 GMT
ETag: "15d84-5f304c2f05d74-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
soulneedsens.line.pm/meta/jsonp
185.223.93.160200 OK 87 kB URL HTTP/1.1 soulneedsens.line.pm/meta/jsonp
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type ASCII text, with very long lines (65536), with no line terminators
Hash b8763d07178c652db17cb681eb21cbf8
e2c34d4bfbd1fb7515ac879781deffb638ad9cad
415f8c95aabc4f7af332ae9060179be3606991c2832a4f442d4c746ff1c80740
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/jsonp HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 16:11:00 GMT
ETag: "43f6e-5f304c2fee43a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
soulneedsens.line.pm/meta/storage.secure.min.js.download
185.223.93.160200 OK 13 kB URL HTTP/1.1 soulneedsens.line.pm/meta/storage.secure.min.js.download
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type ASCII text, with very long lines (38562), with no line terminators
Hash 79e7d68549291cc082c85f94b73ee13c
e065402b005d2fd7105c9a12adf961a58a4deb96
0adedf6a93b53bc365a213c28a4b10d8af539d8fe55c283cbd3c532a0bc0875a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/storage.secure.min.js.download HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Content-Type: application/javascript
Content-Length: 13194
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 16:11:04 GMT
ETag: "96a2-5f304c3363092-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
soulneedsens.line.pm/meta/mm-logo.svg
185.223.93.160200 OK 3.4 kB URL HTTP/1.1 soulneedsens.line.pm/meta/mm-logo.svg
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Hash fe5cd5ed43a0fad22921e5ccf7f227e1
700b6b72c9bf320bb0412e17de6d7bc0b8d55888
2043092e404254e6b01d4ba210ae0b703c5364d0c7404c5f0dd4853b58bc2872
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/mm-logo.svg HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 24 Jan 2023 16:11:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63d00315-2ef3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
soulneedsens.line.pm/meta/wpp.gif
185.223.93.160200 OK 3.9 kB URL HTTP/1.1 soulneedsens.line.pm/meta/wpp.gif
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type GIF image data, version 87a, 470 x 40\012- data
Hash 941648b845842a709da73e24652cf8a4
099e5f97e602d026c51537c9b45328dc99261d7c
2a7344e607a878f0acac7f5c9c3a65fc8a4423f00e21d3fb7a814cae051631d9
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
quad9 Sinkholed
GET /meta/wpp.gif HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Content-Type: image/gif
Content-Length: 3877
Last-Modified: Tue, 24 Jan 2023 16:11:07 GMT
Connection: keep-alive
ETag: "63d0031b-f25"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
soulneedsens.line.pm/meta/hero2.4.png
185.223.93.160200 OK 590 kB URL HTTP/1.1 soulneedsens.line.pm/meta/hero2.4.png
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data
Size 590 kB (589568 bytes)
Hash d0ec70f4c666fbf6ad0d30a52d08c5c9
e48f0688bc4f592824840478d12c05df0dd12002
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
quad9 Sinkholed
GET /meta/hero2.4.png HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/meta/metamask-staging-2.webflow.css
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Content-Type: image/png
Content-Length: 589568
Last-Modified: Tue, 24 Jan 2023 16:10:58 GMT
Connection: keep-alive
ETag: "63d00312-8ff00"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
soulneedsens.line.pm/meta/bframe.html
185.223.93.160200 OK 4.1 kB URL HTTP/1.1 soulneedsens.line.pm/meta/bframe.html
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Hash 2f10cabca6c2651a48e260c0d202396c
ab25f083f7bb312f750fd2a372d0e2990bdf9525
7a7ff60899394d6467d0904d3c0cb7be8979f1ee27fe46e1749653b19648b74a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/bframe.html HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Content-Type: text/html
Last-Modified: Tue, 24 Jan 2023 16:10:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63d0030f-2e07"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
soulneedsens.line.pm/meta/webflow.js.download
185.223.93.160200 OK 45 kB URL HTTP/1.1 soulneedsens.line.pm/meta/webflow.js.download
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
Hash 2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/webflow.js.download HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 16:11:07 GMT
ETag: "92c10-5f304c36752c8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
soulneedsens.line.pm/meta/EuclidCircularB-Bold-WebXL.woff2
185.223.93.160200 OK 44 kB URL HTTP/1.1 soulneedsens.line.pm/meta/EuclidCircularB-Bold-WebXL.woff2
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Hash 9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://soulneedsens.line.pm/meta/metamask-staging-2.webflow.css
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Content-Length: 44544
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 16:10:57 GMT
ETag: "ae00-5f304c2d53448"
Accept-Ranges: bytes
Vary: Accept-Encoding
soulneedsens.line.pm/meta/styles__ltr.css
185.223.93.160200 OK 24 kB URL HTTP/1.1 soulneedsens.line.pm/meta/styles__ltr.css
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type ASCII text, with very long lines (52368), with no line terminators
Hash ebdf18f77541c94124d305c6995475cb
7d3de2b58de6e2aeb9ab5a73254829544e7fe24d
db4b6017d7f9a8c675bfa68021f3eeb0246016de004efc8e28a23b97df0da71e
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
quad9 Sinkholed
GET /meta/styles__ltr.css HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/meta/bframe.html
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Content-Type: text/css
Last-Modified: Tue, 24 Jan 2023 16:11:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63d00318-cc90"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
142.250.74.3404 Not Found 1.6 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP 142.250.74.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash c90524d6a02b27addb56c350fe6fbb2d
d713d1b53323c0169ffe0649be8c9d04a189f999
4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0
GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://soulneedsens.line.pm
Connection: keep-alive
Referer: https://soulneedsens.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Wed, 25 Jan 2023 19:41:53 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
soulneedsens.line.pm/metamask.io/images/favicon.png
185.223.93.160404 Not Found 557 B URL HTTP/1.1 soulneedsens.line.pm/metamask.io/images/favicon.png
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d7b7d0cdc7f50d4028b970a4adc1a42d
2b3f25b5de65feee879d8da596250f55d050163b
4d78f11501b99f3ea1d0a1079bba04b9da57ef67ebd82d1da726723eaf875614
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
quad9 Sinkholed
GET /metamask.io/images/favicon.png HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 557
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
soulneedsens.line.pm/metamask.io/images/webclip.png
185.223.93.160404 Not Found 557 B URL HTTP/1.1 soulneedsens.line.pm/metamask.io/images/webclip.png
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d7b7d0cdc7f50d4028b970a4adc1a42d
2b3f25b5de65feee879d8da596250f55d050163b
4d78f11501b99f3ea1d0a1079bba04b9da57ef67ebd82d1da726723eaf875614
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
quad9 Sinkholed
GET /metamask.io/images/webclip.png HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/authen
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 557
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
soulneedsens.line.pm/meta/recaptcha__nl.js.download
185.223.93.160200 OK 138 kB URL HTTP/1.1 soulneedsens.line.pm/meta/recaptcha__nl.js.download
IP 185.223.93.160:0
ASN #14576 HOSTING-SOLUTIONS
File type ASCII text, with very long lines (820)
Size 138 kB (137504 bytes)
Hash 2128869002ee143c12253efdafd190a4
9781a8b2fa7342367a7ef81a70ad7234ad6505bb
bb787fc0dfa0c02a27b4e75825e9c4e0839637f02fda1b60b645719bbfad663b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /meta/recaptcha__nl.js.download HTTP/1.1
Host: soulneedsens.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/meta/bframe.html
Cookie: cazanova=7949ese977ebqa3ohjekg89sv35thn8t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:41:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 16:11:03 GMT
ETag: "56577-5f304c3277aec-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7865
Expires: Wed, 25 Jan 2023 21:52:58 GMT
Date: Wed, 25 Jan 2023 19:41:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7865
Expires: Wed, 25 Jan 2023 21:52:58 GMT
Date: Wed, 25 Jan 2023 19:41:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7865
Expires: Wed, 25 Jan 2023 21:52:58 GMT
Date: Wed, 25 Jan 2023 19:41:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7865
Expires: Wed, 25 Jan 2023 21:52:58 GMT
Date: Wed, 25 Jan 2023 19:41:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 22:06:36 GMT
age: 77717
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:33:54 GMT
age: 43679
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.106200 OK 10 kB URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.106:0
Hash db5f0a414e8586523559baeadf1d2216
e1b49d9f37befddaf68c190b42a019ae4a5908bb
340f10e5e5f972133d4a5d3f4f92b1d42e276f823b38ceb36c8968d17b9e6b56
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soulneedsens.line.pm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 25 Jan 2023 19:41:52 GMT
date: Wed, 25 Jan 2023 19:41:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccf5342f-6184-4859-b154-9913ddd9b112.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccf5342f-6184-4859-b154-9913ddd9b112.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af3ceda828750acf5ac7c837612a6e0f
f6364de0805cf3cfe66d19293085da16a2c2f832
baa0cb6e3cec7f840477dfdcea518968f5b72a828dbd346abb09e2d3e3aa3bee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccf5342f-6184-4859-b154-9913ddd9b112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9091
x-amzn-requestid: c5849f51-8fc6-40c0-a1e3-9deb74e06c59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRE7TEzxoAMFmuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d04eae-22d80a0c3e6485dd62f420ef;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 21:33:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JlD-eXZtA8-dDqRe6gMZSyNbPuksroMQ4J_L2g_NjPQB8KQGgZWpXA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:36:12 GMT
age: 79541
etag: "f6364de0805cf3cfe66d19293085da16a2c2f832"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d76c1b1126a3e1b51dcca652cb6727b
b199a381ccac4628f2bfa626b44c71954713ca98
3a34f2b7f79cb925c73d2c17197418004e4acf63a6eb69e471320069978f8282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10921
x-amzn-requestid: 7b8849e6-b52d-4165-b456-b200ddbb993b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtkGThIAMFb7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-1ed4803112d97956419b299e;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FUbNMfYy8ci6d78p6LCu0Gxs3jw824ZzVp6drAbl8HCDBpghlZFP7g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:19:27 GMT
age: 55346
etag: "b199a381ccac4628f2bfa626b44c71954713ca98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d10114508bd40d76f497fc5b9c064350
c9b86b2b27063e0a58b0f237d451f9cf05b2122d
a156bd21bee2fca1d82940fb172a695044321ed432786ae100a7baf3b5e12b3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8252
x-amzn-requestid: c7064a36-7bb0-42c7-9ee8-9ee798ce8cbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEq3UEjVoAMFipg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb582e-5be2ad2a217f9b4b6834a278;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: b4EbiS-go4Yy-UcA4CbKj10TbS6qKgQd6ZgqB3XVyd9ieBPszfx_jw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:47:57 GMT
age: 78836
etag: "c9b86b2b27063e0a58b0f237d451f9cf05b2122d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2