Overview

URLmetamask.io.merge.camostory.com/secure.html
IP 15.206.78.113 (India)
ASN#16509 AMAZON-02
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-21 20:10:42 UTC
StatusLoading report..
IDS alerts0
Blocklist alert39
urlquery alerts No alerts detected
Tags None

Domain Summary (14)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-21 04:18:32 UTC 34.160.144.191
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-21 13:53:20 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-21 16:01:18 UTC 143.204.55.35
ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-21 04:20:12 UTC 142.250.74.3
fonts.googleapis.com (2) 8877 2014-07-21 13:19:55 UTC 2022-09-21 14:09:32 UTC 142.250.74.10
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-21 14:38:57 UTC 34.120.237.76
cdn.ethers.io (1) 459220 2020-06-20 01:47:24 UTC 2022-09-21 09:36:10 UTC 54.230.111.106
metamask.io.merge.camostory.com (22) 0 2022-09-20 23:12:49 UTC 2022-09-21 15:35:00 UTC 15.206.78.113 Unknown ranking
r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-21 04:18:22 UTC 23.36.76.226
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-21 04:20:37 UTC 34.117.237.239
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-21 15:45:34 UTC 93.184.220.29
fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-21 04:18:17 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-21 04:20:37 UTC 34.218.159.206

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-21 2 metamask.io.merge.camostory.com/secure.html Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet
2022-09-21 2 metamask.io.merge.camostory.com/ Crypto/Wallet

PhishTank
Scan Date Severity Indicator Comment
2022-09-21 2 metamask.io.merge.camostory.com/secure.html MyCrypto

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-21 2 metamask.io.merge.camostory.com/secure.html Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/plx.chock.js Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/webfont.js Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/css.html Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/enterprise.js Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/js Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/analytics.js Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/tag.js Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/storage.secure.min.js Phishing
2022-09-21 2 metamask.io.merge.camostory.com/script.js Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/mm-logo.svg Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/jquery-3.5.1.min.dc5e7f18c8.js Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/EuclidCircularB-Bold-WebXL.woff2 Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/EuclidCircularB-Regular-WebXL.woff2 Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/webflow.js Phishing
2022-09-21 2 metamask.io.merge.camostory.com/meta/bootstrap-tagsinput.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 15.206.78.113
Date UQ / IDS / BL URL IP
2023-01-02 07:11:39 +0000 0 - 0 - 42 www.camostory.com/ 15.206.78.113
2023-01-02 07:04:21 +0000 0 - 0 - 42 camostory.com/secure.html 15.206.78.113
2023-01-01 17:21:50 +0000 0 - 0 - 42 www.camostory.com/ 15.206.78.113
2023-01-01 17:13:39 +0000 0 - 0 - 42 camostory.com/secure.html 15.206.78.113
2022-12-16 01:09:51 +0000 0 - 0 - 17 metamask.io.merge.go-getter.in/secure.html 15.206.78.113


Last 5 reports on ASN: AMAZON-02
Date UQ / IDS / BL URL IP
2023-01-31 11:19:03 +0000 0 - 0 - 17 mailings.ingerverlag.de/c/79776094/42c0977ded (...) 52.211.153.20
2023-01-31 11:16:56 +0000 0 - 0 - 1 orallady.com/ 75.2.18.233
2023-01-31 11:15:44 +0000 0 - 0 - 1 ze.maxtablets.com/ 75.2.18.233
2023-01-31 11:07:11 +0000 0 - 0 - 0 181eightsand.com 13.112.187.226
2023-01-31 11:05:02 +0000 0 - 0 - 1 pointadhesive.com/footwear/recommended-grades (...) 54.169.79.115


Last 5 reports on domain: camostory.com
Date UQ / IDS / BL URL IP
2023-01-02 07:11:39 +0000 0 - 0 - 42 www.camostory.com/ 15.206.78.113
2023-01-02 07:04:21 +0000 0 - 0 - 42 camostory.com/secure.html 15.206.78.113
2023-01-01 17:21:50 +0000 0 - 0 - 42 www.camostory.com/ 15.206.78.113
2023-01-01 17:13:39 +0000 0 - 0 - 42 camostory.com/secure.html 15.206.78.113
2022-12-15 21:34:34 +0000 0 - 0 - 44 metamask.io.merge.camostory.com/ 15.206.78.113


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-12 20:49:10 +0000 24 - 0 - 38 metamask.io.pjbtecnologias.co.mz/ 51.38.118.179
2023-01-09 21:01:35 +0000 0 - 0 - 38 metamask.io.merge.educadorxavier.com.br/secur (...) 162.214.88.34
2022-12-31 06:27:04 +0000 0 - 0 - 38 metamask.io.merge.hpmsolutions.ca/secure.html 162.55.1.104
2022-12-27 05:06:49 +0000 0 - 0 - 17 metamask.io.merge.origraffes.com.br/secure.html 192.111.158.153
2022-12-26 17:21:04 +0000 0 - 0 - 42 metamask.io.merge.hpmsolutions.ca/ 162.55.1.104

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (52)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 19:13:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -U35GepPZrxVwi9RVe4ns0f_t9NUnz7uGaDuDetVIOAn9y802v_00Q==
Age: 3408


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /secure.html HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 21 Sep 2022 20:10:30 GMT
Server: Apache
Last-Modified: Mon, 19 Sep 2022 20:30:40 GMT
Accept-Ranges: bytes
Content-Length: 12944
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   12944
Md5:    7ecbb50cd662f83832808bf4d8ac6014
Sha1:   098b554b0fc9ee88d069601c2e8b7f5c86926639
Sha256: d63ddfa6cc7a24221084f64c8b85b9163c2e77a2a7eaae8107b688c5f7d345be

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - phishtank: MyCrypto
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4781
Expires: Wed, 21 Sep 2022 21:30:12 GMT
Date: Wed, 21 Sep 2022 20:10:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10749
Expires: Wed, 21 Sep 2022 23:09:40 GMT
Date: Wed, 21 Sep 2022 20:10:31 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: uNLh3XsKkleAKbmBmrw4PVKOTh5eHIzm9AgZlVt6YEoWwyPTCzDge/gWrRz3buiI/43NTK86c1g=
x-amz-request-id: TER8E9WDQJH2G3JP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 21 Sep 2022 19:45:46 GMT
age: 1485
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 21 Sep 2022 20:10:31 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /meta/normalize.css HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:38 GMT
Accept-Ranges: bytes
Content-Length: 7772
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   7772
Md5:    4951cc88307c632cf285d3ba988ab283
Sha1:   031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
Sha256: 5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 20:10:31 GMT
Last-Modified: Wed, 21 Sep 2022 18:51:09 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cNKzNAo_frsQrUfcwFf64YarS795kwvi35klgQE4qdYo0ZfWGqSBtg==
Age: 4762

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /meta/webflow.css HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:46 GMT
Accept-Ranges: bytes
Content-Length: 39109
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2587)
Size:   39109
Md5:    13fc860cb6eddbf469d986e1a6b6480b
Sha1:   6bb85ecdc704734f59d4984d202f75b02048a58d
Sha256: ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            GET /meta/plx.chock.js HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:38 GMT
Accept-Ranges: bytes
Content-Length: 3393
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   3393
Md5:    5acfeead7d13511cdef767305b87e3f8
Sha1:   ec5337e62f1e64d3aaba3bf41a41b5f876964922
Sha256: b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /meta/webfont.js HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:46 GMT
Accept-Ranges: bytes
Content-Length: 13188
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2134)
Size:   13188
Md5:    7c96a5f11d9741541d5e3c42ff6380d7
Sha1:   d3fa2564c021cf730e58ffddb138cf6b57ed126e
Sha256: 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /meta/css.html HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:22 GMT
Accept-Ranges: bytes
Content-Length: 684
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   684
Md5:    147429fb2ddc3861e2ae0f473f17d78e
Sha1:   f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
Sha256: 25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /meta/enterprise.js HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:24 GMT
Accept-Ranges: bytes
Content-Length: 1008
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1008), with no line terminators
Size:   1008
Md5:    d07e7630bc23cbdd7520d0a4f086c922
Sha1:   b50685923a96d55109959fdf21f369d902971b2a
Sha256: 15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /meta/js HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:32 GMT
Accept-Ranges: bytes
Content-Length: 92325
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1815)
Size:   92325
Md5:    fb2ab9b8632250b0d7aa50c08150cfe1
Sha1:   73b3f266ac08c9fb07e1de1664fed384ccd5bc86
Sha256: 5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /meta/analytics.js HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:22 GMT
Accept-Ranges: bytes
Content-Length: 50205
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   50205
Md5:    d40531c5e99a6f84e42535859476fe35
Sha1:   a901817d77b2fe5259c298c91bc65c54d7f8a1a9
Sha256: a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /meta/tag.js HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:44 GMT
Accept-Ranges: bytes
Content-Length: 21652
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (21652), with no line terminators
Size:   21652
Md5:    e2ee8a9cd68c3d310a4c62fdb4b5c93a
Sha1:   67eb5f9547f1d9de0a8b143c3b50511c26281399
Sha256: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 20:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 20:55:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1jYbseHV30yu8az3Sj7SvB5s6rhqvFQHUg2ej_0QvNm4EWOhgrNF8g==
Age: 429


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /meta/metamask-staging-2.webflow.css HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:36 GMT
Accept-Ranges: bytes
Content-Length: 142043
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   142043
Md5:    d4ede0f1d47b3b9aac92ea8a29c2ec85
Sha1:   135c44809f03ce1360c7e74da033e4b4f5cfb87c
Sha256: 98489ee303fa850e7c3185248b30d64dfb6c7c55aa8726a98efb037525988e5a

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            GET /meta/storage.secure.min.js HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:42 GMT
Accept-Ranges: bytes
Content-Length: 38562
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (38562), with no line terminators
Size:   38562
Md5:    3386ec5559f1ba569cf0ab6acab436cc
Sha1:   e98e11d37c5172ee128a85f68447efb3cb0e853c
Sha256: 996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /script.js HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Mon, 19 Sep 2022 22:05:50 GMT
Accept-Ranges: bytes
Content-Length: 1787
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1787
Md5:    95041d8e26437ef7b3ca40ae3094dcdd
Sha1:   340ca828b2ed266decd7dcf4b6051c611de2d312
Sha256: c199bbab045ec14588e007762db438195981e0356d6e83d82b82e3c95eed41f1

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /css?family=Changa+One:400,400italic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/

search
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 21 Sep 2022 20:10:31 GMT
Date: Wed, 21 Sep 2022 20:10:31 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   301
Md5:    7fb212f619185f162769684274cb1dfe
Sha1:   414b678cfcbcd25c44569e72369a8218bea8756d
Sha256: d53161ae9523414449dd0f7083f66fda679084bac2cb18a92b884a43616c1fd5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4949
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 20:10:32 GMT
Last-Modified: Wed, 21 Sep 2022 18:48:03 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /meta/mm-logo.svg HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:36 GMT
Accept-Ranges: bytes
Content-Length: 12019
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size:   12019
Md5:    51bcea2625eb2c6e9268a7377a792c86
Sha1:   5eeb306e6584eed1747c36c11724f193711d430e
Sha256: 5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://metamask.io.merge.camostory.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8404
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 09:46:49 GMT
Expires: Thu, 21 Sep 2023 09:46:49 GMT
Cache-Control: public, max-age=31536000
Age: 37423
Last-Modified: Thu, 21 Apr 2022 17:15:41 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Size:   8404
Md5:    141119ae119bf7ca75e10ef82f66e442
Sha1:   adebf435aa078db3c116cb9faae15f2ad81d3ac5
Sha256: c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
                                        
                                            GET /meta/jquery-3.5.1.min.dc5e7f18c8.js HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:32 GMT
Accept-Ranges: bytes
Content-Length: 89476
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   89476
Md5:    dc5e7f18c8d36ac1d3d4753a87c98d0a
Sha1:   c8e1c8b386dc5b7a9184c763c88d19a346eb3342
Sha256: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://metamask.io.merge.camostory.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7900
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 17 Sep 2022 19:33:54 GMT
Expires: Sun, 17 Sep 2023 19:33:54 GMT
Cache-Control: public, max-age=31536000
Age: 347798
Last-Modified: Thu, 21 Apr 2022 17:15:19 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size:   7900
Md5:    61e86e7a20ecf3ba181ca4b9a9a1cdbd
Sha1:   482a65cffc69109af26669d64accbef71db3b836
Sha256: fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 20:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://metamask.io.merge.camostory.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 20:36:08 GMT
expires: Fri, 15 Sep 2023 20:36:08 GMT
cache-control: public, max-age=31536000
age: 516864
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size:   128352
Md5:    53436aca8627a49f4deaaa44dc9e3c05
Sha1:   0bc0c675480d94ec7e8609dda6227f88c5d08d2c
Sha256: 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
                                        
                                            GET /meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/meta/metamask-staging-2.webflow.css

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Wed, 21 Sep 2022 20:10:32 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:26 GMT
Accept-Ranges: bytes
Content-Length: 44544
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Size:   44544
Md5:    9024d0bf73943172297c4628d0054e20
Sha1:   36c3795e7b297d06589e15ef59592683d9ed0974
Sha256: 88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 20:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/meta/metamask-staging-2.webflow.css

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Wed, 21 Sep 2022 20:10:32 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:26 GMT
Accept-Ranges: bytes
Content-Length: 45196
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Size:   45196
Md5:    2d75957df3bb3aa6ed84f6591b0d5a1a
Sha1:   906424e75625f63b0188471067065794d0348536
Sha256: 8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /meta/webflow.js HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:46 GMT
Accept-Ranges: bytes
Content-Length: 601104
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (50020)
Size:   601104
Md5:    9758f7e3aa0c79ea7a3cadb16d10087b
Sha1:   07f3c4e552e28eba6172f53d6dcf981a55f42031
Sha256: 0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6eekzzboyFAyMp8+QTkZWg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.218.159.206
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: k3ZWP7uAlP1oRBjzLzKCFETDVjA=

                                        
                                            GET /meta/Institutional-Illustration.png HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/meta/metamask-staging-2.webflow.css

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 21 Sep 2022 20:10:32 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 13:00:30 GMT
Accept-Ranges: bytes
Content-Length: 289564
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 876 x 1040, 8-bit/color RGBA, non-interlaced\012- data
Size:   289564
Md5:    85607339bb7e3cc70e1b7568ed4d29b2
Sha1:   7c6301d70e1ab599857be6e9795b94418cef6079
Sha256: 5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            GET /images/favicon.png HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 21 Sep 2022 20:10:32 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 18:33:30 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://metamask.io.merge.camostory.com
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 20:10:32 GMT
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size:   1621
Md5:    c90524d6a02b27addb56c350fe6fbb2d
Sha1:   d713d1b53323c0169ffe0649be8c9d04a189f999
Sha256: 4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0
                                        
                                            GET /images/webclip.png HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 21 Sep 2022 20:10:32 GMT
Server: Apache
Last-Modified: Wed, 22 Dec 2021 18:33:30 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3035
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 20:10:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3035
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 20:10:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3035
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 20:10:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3035
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 20:10:33 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:09:43 GMT
age: 79250
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11832
Md5:    2ed7323b395e757f7766ea0045efdaca
Sha1:   8b91bc3069a3217bc719c27959d578b353b5d9dc
Sha256: 8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9271
x-amzn-requestid: b8139dfc-8f24-41e0-9948-56bad215416c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0Q-EkZoAMF_sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a3406-4365026f7f832cee0c12e4d7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rUeMyRv1DxHKmRAc4s-8GkQELQtAO-_lKHB2tjRYSQUSBMJMmDAZcQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:56:09 GMT
age: 80064
etag: "4183102af1963e1edb3aa572c43aeda7d855e9f5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9271
Md5:    267173c6b4e4e6ae4a84dc08df92f82f
Sha1:   4183102af1963e1edb3aa572c43aeda7d855e9f5
Sha256: 20487bb2e59f2e6afcaaac3e3c4f1dfec9a8ef761403a44f7f92a6b57d143714
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12545
x-amzn-requestid: 6720348a-0245-486b-a978-2df18eb4bd43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7YKHayIAMFo1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6325729a-2601f775219651777cba839c;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:09:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Nt3mRgr_39Swi_PGRPYPgg7xxljKMuklB9PIfC_auuvS_R_Z7bxwuQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 06:16:30 GMT
age: 50043
etag: "9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12545
Md5:    1976af26c5d4a671c8298bffafc90ce3
Sha1:   9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8
Sha256: 2349b9e1233d43cf8d0ff273f8bf6147dda00314fd631a81cb278ce0b8e32684
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 12:08:27 GMT
age: 28926
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10244
Md5:    14e6ddceb639a5f4875aecb796f95c79
Sha1:   b1cd04a66852694284eeef16a1cde38896e33c03
Sha256: 4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19a7100-8d4f-4c0a-8865-191670cb2db4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6667
x-amzn-requestid: 1798057c-208d-471e-8d5c-602631418afd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1nHvsoAMF23A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-121c21f710767cde77a06945;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zZPZeGnp4EKeaTyl_Fx3IRaJECuCDzwDFb5nxrA9GYY9muCLPWrILg==
via: 1.1 e71753cf85369390852fdcb22bf59aa8.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:40:47 GMT
age: 80986
etag: "65886e11d9f792452cceea23444722ff4028b081"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6667
Md5:    9c4ba493d60a12accc1dc9c3299fa01d
Sha1:   65886e11d9f792452cceea23444722ff4028b081
Sha256: b287b0bf2b3dc834a657dc98a9eef006577554306fa481bbc9de5a16943129f1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 80835
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9201
Md5:    a692964324dbb9c460a1b855808d02e6
Sha1:   1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
Sha256: 3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
                                        
                                            GET /meta/bootstrap-tagsinput.js HTTP/1.1 
Host: metamask.io.merge.camostory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/secure.html

search
                                         15.206.78.113
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 21 Sep 2022 20:10:31 GMT
Server: Apache
Last-Modified: Tue, 03 Nov 2015 05:56:42 GMT
Accept-Ranges: bytes
Content-Length: 21104
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /scripts/ethers-v4.min.js HTTP/1.1 
Host: cdn.ethers.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.106
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Fri, 23 Oct 2020 03:52:54 GMT
x-amz-version-id: 1vIDD7850l9p1Juv2dxP72RhnSV02NFY
server: AmazonS3
content-encoding: gzip
date: Wed, 21 Sep 2022 02:59:43 GMT
etag: W/"0e66b864a27c5961a702e18683961608"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mXGzrzG3S3ZrJOdNjGbMGI3ws00dxJf2TinfuM7bgZi5t7MMcVJ5zw==
age: 61849
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /icon?family=Material+Icons HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamask.io.merge.camostory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 20:10:31 GMT
date: Wed, 21 Sep 2022 20:10:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---