firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 22:08:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dgI5lGtXAnR2Cwtq-cn-_toXOqSDwZGV5ilv-gbsyqyz9di1snZTjg==
Age: 1216
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Tue, 13 Sep 2022 00:47:46 GMT
Date: Mon, 12 Sep 2022 22:28:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5n56Fh4bQahYlgK-ZzkHGThxtoKZTVjXW6efATC069mZ_mCUSNiwZA==
age: 54695
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:28:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 21:56:07 GMT
Expires: Mon, 12 Sep 2022 22:37:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F6vROqWIlrTeXuvvd7xfiG5fVsz7niEscEj_lVdTAlRb3wAgyxZU7g==
Age: 1960
claim.mythicseason.com/
104.21.12.23200 OK 6.0 kB IP 104.21.12.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 17acd088fee81e3a623525d3edea6efd
e340dcf90629614fcdca96bbbd5e382ca4fe9e3e
df172ac652efc0eb0971a1d683bf67925940c1ea5bcbab3a874bba7d26cd61f7
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET / HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4S0SSFJvPlvxQdPcXmDvGMXqdUOzlYBNPDGOMw%2FS5AmY4dXHuzp6e%2Fa41ilNHQyJAbWOfOfrmszuW45HEL7wrXOCIg7%2BZPeNShrrEweGDUVOfPBBS7WHCskhltvFIIusOHFq%2FhfbGCQ8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749c1401aaafb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6167
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:28:47 GMT
Last-Modified: Mon, 12 Sep 2022 20:46:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
claim.mythicseason.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.12.23200 OK 655 B URL HTTP/1.1 claim.mythicseason.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.12.23:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 17:33:45 GMT
ETag: W/"631b78f9-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7GJ0EOWsR7EshpvKXOfv1T7%2BuRHieP76AiTh%2BYBFFAiwbl84gUWV%2F8gSNH5MQQEooFXbOrPNBw%2F9eQK1f4b5Io0VkWu%2Fx3T9wFv6Pwq5uX0nxzKD3zkAyBvg4yrmDQs%2FIHfre%2FO6AZo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c1407c895b517-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Wed, 14 Sep 2022 22:28:47 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.24.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://claim.mythicseason.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:28:47 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5177370
expires: Sat, 02 Sep 2023 22:28:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYOHAdVPMfXc7gmGlxjW%2BgqJAAFSDf6%2F2Y9x0%2FIQ%2BgdBc2LuBIYIcrnOtmgedXNtSFeDq%2BOko0vrYl4HWA09TycKsPcl72%2FAldZLM6%2FnnDi6xVm%2BZsLBv9tku2fU%2BInTT9HC0SCQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749c1407cbf00b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-1.10.2.min.js
69.16.175.42200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.10.2.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32072)
Hash 68cc08e82915da8b82fc6be74ab86365
4089530b0c00f6cbd1452d7f873be85454196fd1
6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://claim.mythicseason.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:28:48 GMT
content-encoding: gzip
content-length: 32788
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-16bb3"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663021728.dop209.sk1.t,1663021728.cds220.sk1.hn,1663021728.cds243.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
142.250.74.10200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP 142.250.74.10:0
File type ASCII text, with very long lines (32061)
Hash b90b3d2618cce9d766152cd3092b5c27
496339457cd00caab8118e2e1f30ea18dc05b9f4
b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://claim.mythicseason.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 15:43:53 GMT
expires: Sat, 09 Sep 2023 15:43:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 283495
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
142.250.74.10200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP 142.250.74.10:0
File type ASCII text, with very long lines (32180)
Hash f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://claim.mythicseason.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 12:03:18 GMT
expires: Mon, 11 Sep 2023 12:03:18 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 123930
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
claim.mythicseason.com/css/style.css
104.21.12.23404 Not Found 238 B URL HTTP/1.1 claim.mythicseason.com/css/style.css
IP 104.21.12.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert openphish Tencent
GET /css/style.css HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 22:28:48 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cvQezZuguGugaVZi1uvD1CP%2FOexm9T96PEcX9NfCrF1%2FRT5OPO5ydJjfIYAW0%2BEsM6NKh80qpSvRqUAHJ5zwxmk8DRz9CMQo8iNJ8LHWdq%2FCtU9yqb5n0bmdA1VULToD6GptsDTWlId"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14078805b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
142.250.74.10200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP 142.250.74.10:0
Hash c161a40517f304d832dd8c6a4774ec60
531a25b09260faef88c9ef53a5a20899066dd0c5
448ca2980d273ed7bef4b256e73efc1de86b5e65b1ffd8b737a91091ce448470
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://claim.mythicseason.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Sep 2022 22:28:48 GMT
date: Mon, 12 Sep 2022 22:28:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
claim.mythicseason.com/css/log/tantw.css
104.21.12.23200 OK 664 B URL HTTP/1.1 claim.mythicseason.com/css/log/tantw.css
IP 104.21.12.23:0
Hash 5bd5e29a4a326cb950da414e593a5697
0575b0ac851fe8339a56ca4e3a2e29433ff11498
3fde6a93814044e231445ec95800bd5738561909f0e3c78e963f801febe38656
Analyzer Verdict Alert openphish Tencent
GET /css/log/tantw.css HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:48 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 16 Oct 2021 00:46:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhVJvyoiwTlNbLeifiqeuv14tJHt1E59UcthedV1k3HdNJuh6bhP0qXi%2BS4XC526GYnTq4XdVFJwcEpUDdOhtCtRdghAgFeFUa9Ba6GuSeeAIhfwhYwLz3LxZ20IUfeHD7stJc9Af6b6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14078acb0b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/js/tab.js
104.21.12.23200 OK 294 B URL HTTP/1.1 claim.mythicseason.com/js/tab.js
IP 104.21.12.23:0
File type ASCII text, with CRLF line terminators
Hash d69b163d8b366f282bb84dd2b0f5a339
459d2d5ca57294907f679154200b7386b732b382
e6ca05ce0d591801f4beba4a1a3d7da070c25a0ed33bbc993d8e2093fcad11f4
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js/tab.js HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 16 Oct 2021 00:46:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQngXipgTvTpuLiwdFpJQ1nbaZExizxQQFw%2BL7RWDXv1aR4LCbZKP8GfjyMKucehKsX4SSfDOfAuTrEHpxxYbN%2FR74odr2e7nczl3TTzM%2FklPZB2Gm4m6PBaVoC6mGha%2BzK%2FYpKWC5K1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c1407d8abb517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/js/showHide.js
104.21.12.23200 OK 270 B URL HTTP/1.1 claim.mythicseason.com/js/showHide.js
IP 104.21.12.23:0
File type ASCII text, with CRLF line terminators
Hash 04cc81718efbe798422edf9fd974d3aa
fa5384e6f98de7ccd4d6fcbb24a406726c4da2c8
0aecd4d06d3cfe914c9518772d6e53947fbb991dfd933f1dfb745fc5d95cb159
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js/showHide.js HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 16 Oct 2021 00:46:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jF65bidpnU0cEK%2BwR1QClDdKzv9Gtv68zaSOxgPCnuEgaWO97Jrj983FIF%2BXkVVfcbMz5e9LKBZ1GTPJPrqYBGY6TJ4rZbnt%2FKj494soq%2BdWo4Ym61H7s2VqLqULfIzrnSS%2FS3vuQqVY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c1407c84cb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
34.210.39.83101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.39.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R+Hlf8F7w1hrq1SFJAvqFA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IMwKwobZBQRvaOAO6bJeZn9DBHI=
claim.mythicseason.com/css/animate.css
104.21.12.23200 OK 4.7 kB URL HTTP/1.1 claim.mythicseason.com/css/animate.css
IP 104.21.12.23:0
File type ASCII text, with CRLF line terminators
Hash 486c56c1ed2e22f15d3c914ac71cf426
8ecb50277b7efc0daccef8a0237d36fcc3ecfc65
573f20528d8a70a42d86c0397b809cb6520c68dfbeca219ceace7a9c49fded7b
Analyzer Verdict Alert openphish Tencent
GET /css/animate.css HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:48 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 16 Oct 2021 00:46:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fG25VxFp921qqBjzWL9tEuWZhmQx%2FSIa7vQ%2BTja9OP2WhosVPPaHOjpzkfDgDgzNA2x4UK3ZxRwK7lwCNE9%2BcEm2r4N19YwU6WlNsTTUux5ImT1wZZE9vRNE%2FjvcVky8p%2BNGmZUc2ENN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14078f4fb4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/css/log/tanfc.css
104.21.12.23200 OK 774 B URL HTTP/1.1 claim.mythicseason.com/css/log/tanfc.css
IP 104.21.12.23:0
Hash 7fdb10e3bd0ff2092dafc6c3a37eef74
f32c9989eb9f9df18d23d3e5336d9f3e3d1107c6
c7c0f4174046eba6cd28c552a580b3a784b610ff7688ca82d3d7b1ec890dc176
Analyzer Verdict Alert openphish Tencent
GET /css/log/tanfc.css HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:48 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 16 Oct 2021 00:46:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yrlxgZ0wJTtPtNPTiI6Qa74FI8%2BBE2Vv8diQzxbr4%2BMyfnttr4RihJ5%2BBAO0LIa5gBM29VJcQlD5VO3scLmFsQ%2FCsFfuujeZZf9ueFGuJmsQg4jAI6B%2BqA35Gg3qe0%2BBJyLFNb09OTM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14078fd00b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://claim.mythicseason.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 20:23:38 GMT
expires: Thu, 07 Sep 2023 20:23:38 GMT
cache-control: public, max-age=31536000
age: 439510
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Hash 5b9fce771bd530ab9767e2b5aebd28c1
28ee5935b59df8b2d6876707e1f0f0e6768d2d31
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c
GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://claim.mythicseason.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 20:03:44 GMT
expires: Tue, 12 Sep 2023 20:03:44 GMT
cache-control: public, max-age=31536000
age: 8704
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
claim.mythicseason.com/img/selow/1.png
104.21.12.23200 OK 28 kB URL HTTP/1.1 claim.mythicseason.com/img/selow/1.png
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash 120bf820339eb56fca3df442f379e6a6
12cf0edf4aee9eb55ca46f2d79811f294d2cb44a
76af08d5034504c39cf5bfd43b8516f56bc31895de397530de3628c9c4bf14f0
Analyzer Verdict Alert openphish Tencent
GET /img/selow/1.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:48 GMT
Content-Type: image/png
Content-Length: 27903
Connection: keep-alive
Last-Modified: Sat, 13 Nov 2021 19:32:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LSc%2BMzApoUyzj4789ZiiDtLqOiZIkNRPc%2FsvfSj1gt0MaB40oR6UbMmPiTHwUx%2FsJ4%2BCtLG4Y%2B6hQxe%2FwreJpATC3vgPzLRMbu4EOIWmRJrkqsg42eud0gw7M4x%2FfpDJN9DrSw1L3UC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c140c7c62b517-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/header6.jpg
104.21.12.23200 OK 141 kB URL HTTP/1.1 claim.mythicseason.com/img/header6.jpg
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x607, components 3\012- data
Size 141 kB (141231 bytes)
Hash 47cfb5609c21df01633ff1cbba14acbc
17f3c9e286c7c8742f57ab52179b072ae31e3c85
3b6ae20f80c1bcf887e70b133babcf371373a4b362b7281bf258d6610c21a568
Analyzer Verdict Alert openphish Tencent
GET /img/header6.jpg HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:48 GMT
Content-Type: image/jpeg
Content-Length: 141231
Connection: keep-alive
Last-Modified: Thu, 04 Nov 2021 18:53:19 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qv2Z7WM6vzKolKnRuQjKBFPBkGTD4bX8V6CrZ9fMtb57xTSMQ5zF2GWpLXa%2FCuxLqBNKyz%2FpjF4MGWQhIACOkTqPI%2BReqU161Kci7upZoBu6nI%2BYi2Q0ZglU97NaZfkbnkYqejHBKytG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c140c7b39b4f9-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/js/click.js
104.21.12.23200 OK 124 B URL HTTP/1.1 claim.mythicseason.com/js/click.js
IP 104.21.12.23:0
File type ASCII text, with CRLF line terminators
Hash 811013ddb980ed4a5dc358c90e26d950
ed553fd27f8571f957d898f0a2dee98cb0078135
84a29c1d3b6510ba845094467630579c38e3377174c13221c3e64844c1b92da6
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js/click.js HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 16 Oct 2021 00:46:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgBDN86Al0ZpN84PX0o7twBegwlA5y%2FoKUCHIl1iIQtbZUK%2FUwUJ%2F3m1Orf9s0YssAYyvs3kqhe%2FDuIk3fu3ee5y5ukaFSQO4auADv%2FGESylGryBSJ6blz4IN%2FNQvT%2Fd6Xt7Rjn1glzi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c1408c93bb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/selow/2.png
104.21.12.23200 OK 24 kB URL HTTP/1.1 claim.mythicseason.com/img/selow/2.png
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash b000435d18a8c869fd7fef890982b4dc
1871d78ad9ebbd47afbc56a6dfff9029bf065514
19df759958bafb9dbf35ed2cce45032008b233e95669fbe2228957647623180e
Analyzer Verdict Alert openphish Tencent
GET /img/selow/2.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:49 GMT
Content-Type: image/png
Content-Length: 23653
Connection: keep-alive
Last-Modified: Sat, 13 Nov 2021 19:32:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aw7Z%2BWgDiF46gy2t4BtzpGImzvZSkOKHWFzsDQgjFqNdGhERA3nkYO7uwQst5gyYbS8Wt49JE%2BHkyoE6ShlSavvgMK1aC%2B2hQ2%2BjXkZPyITNjl%2BYrbihwYG%2FGJ9zUid9MmfapkGohvb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c140c7c55b518-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 767731e93444a1191fe16209ac95849f
10c227b4e27e61ab82e5bb094bf6020c2b4af71f
9a28940d8af90bf7f7034b075989b69e4515c1e2394f0153e5d472fb1b4f9897
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A28940D8AF90BF7F7034B075989B69E4515C1E2394F0153E5D472FB1B4F9897"
Last-Modified: Mon, 12 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19239
Expires: Tue, 13 Sep 2022 03:49:28 GMT
Date: Mon, 12 Sep 2022 22:28:49 GMT
Connection: keep-alive
claim.mythicseason.com/img/selow/3.png
104.21.12.23200 OK 14 kB URL HTTP/1.1 claim.mythicseason.com/img/selow/3.png
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash facce8f32544040043c522f2655a04da
b449bcf2a54f68fdaee2bb5e6174be2005f6be42
248f2c92a793ba05e4b35e735b7ecda79740ba489f5f6fe03053f891cedc6873
Analyzer Verdict Alert openphish Tencent
GET /img/selow/3.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:49 GMT
Content-Type: image/png
Content-Length: 14135
Connection: keep-alive
Last-Modified: Sat, 13 Nov 2021 19:32:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J60ESSxX3pBidLbqhiBhzUdDvd0Hh7nfVl5BhjfRLC%2F1y5ATCYg76h12IvkzyRuYaOcHEHS5cfG9jLGL1qmmHn5SU6D%2BtQ3BajYQo1B8a9PM%2BmN0k%2BohUgIZSV8FM1%2BMnB%2FtsU43pS9k"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c140c7b660b65-OSL
alt-svc: h2=":443"; ma=60
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://claim.mythicseason.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Mon, 12 Sep 2022 22:28:49 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Tue, 13 Sep 2022 22:05:29 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Tue, 13 Sep 2022 00:28:49 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 767731e93444a1191fe16209ac95849f
10c227b4e27e61ab82e5bb094bf6020c2b4af71f
9a28940d8af90bf7f7034b075989b69e4515c1e2394f0153e5d472fb1b4f9897
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A28940D8AF90BF7F7034B075989B69E4515C1E2394F0153E5D472FB1B4F9897"
Last-Modified: Mon, 12 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16780
Expires: Tue, 13 Sep 2022 03:08:29 GMT
Date: Mon, 12 Sep 2022 22:28:49 GMT
Connection: keep-alive
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://claim.mythicseason.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Mon, 12 Sep 2022 22:28:49 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Tue, 13 Sep 2022 22:05:29 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Tue, 13 Sep 2022 00:28:49 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
claim.mythicseason.com/fonts/pubg.woff2
104.21.12.23200 OK 8.2 kB URL HTTP/1.1 claim.mythicseason.com/fonts/pubg.woff2
IP 104.21.12.23:0
File type TrueType Font data, 11 tables, 1st "OS/2", 32 names, Macintosh, Copyright 2014, 2015 Adobe Systems Incorporated (http://www.adobe.com/).pubg-headline-boldRegul\012- data
Hash 46c47ed3c526deb2920d3e0568166bcd
c807bd8c7803733f7fa76134ef1e8102c72e8430
cb43ac49eedab33f20aaf47304230a47a4f0da8e26e76dde2710f37a5aed0978
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /fonts/pubg.woff2 HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:49 GMT
Content-Type: font/woff2
Content-Length: 8156
Connection: keep-alive
Last-Modified: Sat, 16 Oct 2021 00:46:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUSTI%2FzOv1zE2pfpFMvOwU3Ftl1Fv5CZa0Kxjv7Lm0r%2B99DNuBQYjr%2FjJZJm97vl75%2BFP8A1OGTt1Hb%2B6vKkxputxWFeVX5RvOakDpkT%2FqORH4Zy5kVTGAX75ZrsxgIQYtsfdNwL3mGW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c140dcd4eb517-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/alatselow/alert.png
104.21.12.23200 OK 68 kB URL HTTP/1.1 claim.mythicseason.com/img/alatselow/alert.png
IP 104.21.12.23:0
File type PNG image data, 1280 x 254, 8-bit colormap, non-interlaced\012- data
Hash 8ad6554bc963b76a1b3a29d5594dd632
e9aa11a36589cba373ef7f3625857e60585f60ae
9a0129ec262a64888939d7b4e823bd51b6f2d2a36ed10b9f6940f194a4e40450
Analyzer Verdict Alert openphish Tencent
GET /img/alatselow/alert.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:49 GMT
Content-Type: image/png
Content-Length: 67828
Connection: keep-alive
Last-Modified: Mon, 08 Nov 2021 11:31:02 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgsUQFDnC4Uw8xLoQVyEEIrGked2CgnQ708y%2FtIA767iDnjOi%2BubuceknGreiGzGI7U7bQ56pGNLc6a3PbbhRhSMRnB4WAR6sPKSM74QkC5ZuRfDeocCMkXMrGs%2F3dEW3tSv8nt9RnrB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c140e0d93b518-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/alatselow/colok.png
104.21.12.23200 OK 48 kB URL HTTP/1.1 claim.mythicseason.com/img/alatselow/colok.png
IP 104.21.12.23:0
File type PNG image data, 208 x 57, 16-bit/color RGB, non-interlaced\012- data
Hash 0c22425ecdafd6fdb0fc10c91764e5ae
8fc5056f3950167ba6dfb966fb6d95bc2e094998
0180456998e4fbfd1822ceb384b7f683960577de965da5124776515c8ac620e9
Analyzer Verdict Alert openphish Tencent
GET /img/alatselow/colok.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:49 GMT
Content-Type: image/png
Content-Length: 47715
Connection: keep-alive
Last-Modified: Mon, 08 Nov 2021 01:06:20 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmZ8AQIljxbw8w77VDVjRUl8g%2FMvHFVZpus4uWIyRkUdQc3Rw95gaTh8UvmAdvc4X0VO9TG6cNpnCWuivxRDuaCAZ81neSdcgshUNNvHrRwWqSvWXZkRrpWaq6jmjhRjxPNtAmEUdoGF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c140efd0f0b65-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/selow/4.png
104.21.12.23200 OK 20 kB URL HTTP/1.1 claim.mythicseason.com/img/selow/4.png
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash 40c4462c226bc3604588f52003ec9a02
ea62e76dfa570bc302af511244879c90a1cf0574
68f83cf7d78d264aa4c175bb29a9148c2bece5ca8d24a59be442bb80fb8d138e
Analyzer Verdict Alert openphish Tencent
GET /img/selow/4.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:49 GMT
Content-Type: image/png
Content-Length: 19954
Connection: keep-alive
Last-Modified: Sat, 13 Nov 2021 17:00:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcW6lbG8OtgODpIgtRanzpo1DbsR2eDCc5d5rFk4lWDNTiDc7bQhApZzqCmkCdEnzszi1u2TB2SWsLt6U0yBhvZlTu4eu9VgWIAeHebQmvzSilo7hYGXhfMom%2FH%2FS3gsPRTjhj9rgH5r"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14104f55b517-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10187
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:28:49 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10187
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:28:49 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10187
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:28:49 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10187
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:28:49 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10187
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:28:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:57:43 GMT
age: 1866
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:38:55 GMT
age: 67794
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jGj2al3pBpze7UQnHild4DxKndrprY4pTG_EZScw2RukQlgFEvNMkw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:18:04 GMT
age: 54645
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: u_jETr8miiFyuhq7R09yb0lAP-hUv_6eTRV81Xzd9gSqU31VXwC9CQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:15:48 GMT
age: 69181
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bTzXQvDkX23_t4vLJNWv7bg-DoRsdqiBhwNJH5B-RcXxj9RC-87LvA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:41:52 GMT
age: 2817
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:41 GMT
age: 1988
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
claim.mythicseason.com/img/selow/5.png
104.21.12.23200 OK 22 kB URL HTTP/1.1 claim.mythicseason.com/img/selow/5.png
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash 8ba5d0b91e3ad764b1fcb35bb0313ca6
5e8c522ee6e1c3a8e8a02c671592e0cb77d0ca93
c4d26d006c4b653c212fccbb1af593e65a515de4150a1e79cf3752815b74b572
Analyzer Verdict Alert openphish Tencent
GET /img/selow/5.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:49 GMT
Content-Type: image/png
Content-Length: 22384
Connection: keep-alive
Last-Modified: Sat, 13 Nov 2021 17:00:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVXLLbE9O%2BqsM0LrA3eMy23t0%2FZNn9l%2FEqKwJQyXo6njL9xHKBxEIKgA6JFYkeW1Jxhr9arUIQh06hdgKjmUckuoLKvHSSijSbjgISb8WX7wM71EGUY7nKu%2BQ7AI9Y%2FLaVRdEz22P3mg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c1410bf89b518-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/bg.jpg
104.21.12.23200 OK 19 kB URL HTTP/1.1 claim.mythicseason.com/img/bg.jpg
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 591x1280, components 3\012- data
Hash 62065e3946a32e23c173be8cd387971d
042ea4125c5972b59d31b9e32a16b0d8e6106fef
526543ec7772eb1282b10e36700dbf729f0ccc876e47e5600c8867e07213d566
Analyzer Verdict Alert openphish Tencent
GET /img/bg.jpg HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:49 GMT
Content-Type: image/jpeg
Content-Length: 19359
Connection: keep-alive
Last-Modified: Mon, 08 Nov 2021 11:46:42 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyBk11fdVCHiOcfgYtDM9%2BaWV9w2oZc0Fysx4%2B4aGdIpiINM6dcr9lfWDBiSFysWp1ZjopwZZ71qpExtH86%2FPRunyHaVJ38BY2hV1SKJObcb57afRgkoL5PC3UWPm24kDgIDTzSkozhk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c140e0cecb4f9-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/alatselow/alert2.png
104.21.12.23200 OK 7.4 kB URL HTTP/1.1 claim.mythicseason.com/img/alatselow/alert2.png
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x141, components 3\012- data
Hash cd7b95d8a5fdcc4f7d578cce0ca311a2
a1fa1546ae9efca560d34aa3c2a5251b7ee670cd
bae711aaca7fd37c804e6fbc789f3a24fb465410f04781da7b43432526f85365
Analyzer Verdict Alert openphish Tencent
GET /img/alatselow/alert2.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:49 GMT
Content-Type: image/png
Content-Length: 7425
Connection: keep-alive
Last-Modified: Mon, 08 Nov 2021 05:02:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7inODukjHPg4ww16%2BYpbQjYP4zUaePRSai6iE8%2F5GhYQRe2ryhCcv4DV%2FNY6eYTC%2B1OApxoGNsVXpQ3e0ci06b%2BCmjJ6JABS5N84c1jYKU%2FkjKxxVx9XIWi2%2BsmggjpP5nqsZK%2BWx3Tv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c140ece18b518-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/header7.jpg
104.21.12.23200 OK 137 kB URL HTTP/1.1 claim.mythicseason.com/img/header7.jpg
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x607, components 3\012- data
Size 137 kB (137200 bytes)
Hash 1268e3f87e6f67df84ba3e300e35f536
2335093ed14eaa0f4cf2af92334be8e71f843abe
89f7c283aca9fbb756995373b4716eec1788113ac99e0d913fe92c489d95abac
Analyzer Verdict Alert openphish Tencent
GET /img/header7.jpg HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:49 GMT
Content-Type: image/jpeg
Content-Length: 137200
Connection: keep-alive
Last-Modified: Thu, 04 Nov 2021 18:53:17 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvUcNkmkfIxQikFNtu8E6SwDRi5xDKCtdMq1Y6Dz%2BLxNsTD%2F54R7X0%2BUM0W%2B0OWUvUSLbDUhwhyLl%2FLOviDLykUiEfByyJL055EgcMmszwV5Ivo2plFW6IOVlfpHOxau8JE18cTVvXq5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c140c7dd60b3d-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/selow/6.png
104.21.12.23200 OK 22 kB URL HTTP/1.1 claim.mythicseason.com/img/selow/6.png
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash 54eca5e787f9150cc876554113da9b9c
f0702d216fcd0068dbfb3057df261b32df8339a6
c2164e394da8f10139c237d45140d61cb77f937ee076b8207417688467c1432a
Analyzer Verdict Alert openphish Tencent
GET /img/selow/6.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:49 GMT
Content-Type: image/png
Content-Length: 21726
Connection: keep-alive
Last-Modified: Sat, 13 Nov 2021 17:00:52 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FZUrJeGrJ0sNAOhE78TQvN2gFXpZPD2YV9HdTRf8l2joyin%2BxO1yMVbTO58Ym%2F2d2mpRoZgL4y3svI%2FKrtQLAgLJ7oZoF2%2B1ly8nawU3hqxUFqTORKEmJLp7D2O9EdnBthSm9SbjtOn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14127f050b65-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/selow/7.png
104.21.12.23200 OK 24 kB URL HTTP/1.1 claim.mythicseason.com/img/selow/7.png
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash c57b0e266ab93e926bb47e8f9d00b40b
35d7bc000eb5b67111da6583c67f2c141e7e2907
e258d1920cd758b3be2665ddc5a1cd24d21bb6b0780f13f0d73462f167c3ec1f
Analyzer Verdict Alert openphish Tencent
GET /img/selow/7.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:49 GMT
Content-Type: image/png
Content-Length: 23569
Connection: keep-alive
Last-Modified: Sat, 13 Nov 2021 19:32:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85ebSbbCzx3qyDBTKSRtQZNrrdhUtaiBb5q4E4TDzjZ%2BvVfcrlS%2FD14%2FqHDRQ22VLmKhY8iqBMZ%2BbLebz0sRlnlgzOdBWy%2F8%2FJxrDZ92Ol32smcAJpK5MCjpC8W0hQ4T4JdVMNgr3t1a"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c1412ba55b517-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/selow/8.png
104.21.12.23200 OK 12 kB URL HTTP/1.1 claim.mythicseason.com/img/selow/8.png
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash 6e021388d4d417adefbb58d5a699b0a1
6b09e68736aeb1f85e83a5ad2c7ac1b589f39a1e
0e5cfc57074d8c340d6a149108bef9d9af9573bc704c0b1da2b5ac25b45933e0
Analyzer Verdict Alert openphish Tencent
GET /img/selow/8.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:50 GMT
Content-Type: image/png
Content-Length: 12247
Connection: keep-alive
Last-Modified: Sat, 13 Nov 2021 19:32:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AN%2FckkQA0GzeRr5%2Bev2WeZvDx2y9xPb3vCZIYRddDPHoaKy9j%2BWnyfCFvkAKmT7dfU0rjqXk%2Bl5CJXi1xsX3E6NTSrefgwHEjT%2B1%2F8lBCAgijoujqRhu%2Br02fREloQgTsF9CF4l4wZEn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14131993b518-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/selow/9.png
104.21.12.23200 OK 16 kB URL HTTP/1.1 claim.mythicseason.com/img/selow/9.png
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash 1926359775f1300e78d06840b1aba27d
08b80a767133a363a176cd8c3afab26e4133636f
493bbb0b6b1b77caa49004c2eeb519522bc334ca03fa94d4d3b6e1faa9bf86c4
Analyzer Verdict Alert openphish Tencent
GET /img/selow/9.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:50 GMT
Content-Type: image/png
Content-Length: 15787
Connection: keep-alive
Last-Modified: Sat, 13 Nov 2021 19:32:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OI5GdszzHDvf6fSg7NxW7JFiPIrrhCtcRXX6zV17bfLBnDrgMFcZjJXTmSAG6ixcOvTxdmwwp0WfQeZ5KDcWSZTY%2BBs8ONjEnmtnMR37bzr6QRpYgx%2Fwo6%2FsSC%2BqLXZggvl1ML9KEJel"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c141338e9b4f9-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/alatselow/selow_3.png
104.21.12.23200 OK 638 B URL HTTP/1.1 claim.mythicseason.com/img/alatselow/selow_3.png
IP 104.21.12.23:0
File type PNG image data, 97 x 97, 8-bit colormap, non-interlaced\012- data
Hash de20417af4a25e0e4b270108101dc88a
cd0d4a6be07ae625ca9137d5594733c8bdce0a8d
65bcb1d2699f8726c0fe67bd01eb5cc8cd682a8eb8b67aeda82739a41f1f5a8d
Analyzer Verdict Alert openphish Tencent
GET /img/alatselow/selow_3.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:50 GMT
Content-Type: image/png
Content-Length: 638
Connection: keep-alive
Last-Modified: Wed, 20 Oct 2021 10:47:58 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBJ74sKR%2BWVREayamQIUHEtXbO9FW5EjGEJqlQunyE4KKZi6RZIFbZ1RLGxJKkoQnAuz6UkQnVYB1t1Qp2UeLC%2Fhtp%2FzSJ2FyIpHOrr4cwkSiHELyHzC%2BfdjDxddROhfd0zVayn7PrDS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c1413efdb0b65-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/alatselow/selowlogo.jpg
104.21.12.23200 OK 54 kB URL HTTP/1.1 claim.mythicseason.com/img/alatselow/selowlogo.jpg
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash 4511c6cadf17a4d5a00887af7ec3f804
094331f330f8f361d7caef2363f02516c7e3fd0e
e18e70580a9943863f8a143e4d1eea7fa213ed4e82a735b70540390d4fa8202f
Analyzer Verdict Alert openphish Tencent
GET /img/alatselow/selowlogo.jpg HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:50 GMT
Content-Type: image/jpeg
Content-Length: 53812
Connection: keep-alive
Last-Modified: Wed, 20 Oct 2021 10:45:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N90aKrLCg4lVis%2BnRWtokaskxCVS%2BWuI7ecY3opdaRokHM9JqrNXudtGAhpYI45gPWaoG2zQniRgLkwEsX9ShOWfR9f8OS8Yocdp0UbiMq6iXnSmvlMyFYa5rsZTDYyxq%2Fm2oDiOtXv4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c1415badab4f9-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/alatselow/selow_4.png
104.21.12.23200 OK 768 B URL HTTP/1.1 claim.mythicseason.com/img/alatselow/selow_4.png
IP 104.21.12.23:0
File type PNG image data, 97 x 97, 8-bit colormap, non-interlaced\012- data
Hash b480c3674a6555319933765cabc6bad1
ebba145f86644ffa0c0fb85482ca6d87977e63da
a61ba6147dc708bcecfb1a2adfdd5ceb9550e06992c5ffb42c3e30d36823e95c
Analyzer Verdict Alert openphish Tencent
GET /img/alatselow/selow_4.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:50 GMT
Content-Type: image/png
Content-Length: 768
Connection: keep-alive
Last-Modified: Wed, 20 Oct 2021 10:48:06 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWOzmPzpVa4VsquxRRWPY3wNkqydq27vBC3u2ZyKl%2BZ9r0cWICV%2Bcu8AuhPJSy8MFqpIjcUZPJFurgjdh1hmmhKhp2V1MWggm2PrRpec5FtZEL%2BUaPUApMfoWIRXvuSdbT9SFttA440O"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14140bddb517-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/header2.jpg
104.21.12.23200 OK 122 kB URL HTTP/1.1 claim.mythicseason.com/img/header2.jpg
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x607, components 3\012- data
Size 122 kB (122438 bytes)
Hash 0660591e0473c4bb9c5ab73ae1113403
7347c57541744dca8e1d0fcb74e08d0184cfdb70
9a660680509c44c37e8926cce400793b609370d8a34498df6e3577e250bf3ec5
Analyzer Verdict Alert openphish Tencent
GET /img/header2.jpg HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:50 GMT
Content-Type: image/jpeg
Content-Length: 122438
Connection: keep-alive
Last-Modified: Thu, 04 Nov 2021 18:53:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdrVSOH%2B0NULckxqX1Lo5kyTNg7sbQmysDtW%2Bk2U%2BsjNJNOeRM7HPQGgxoK%2FrjvqBaBdUBwxPGKgWMKaO6yxi1RKAaf5qmvAvU5ST%2FVt%2F2fnnbgjj5JB1uPi4bROmpX7DffQSdDZwtax"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14181cb9b4f9-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/alatselow/selow_1.png
104.21.12.23200 OK 412 B URL HTTP/1.1 claim.mythicseason.com/img/alatselow/selow_1.png
IP 104.21.12.23:0
File type PNG image data, 97 x 97, 8-bit colormap, non-interlaced\012- data
Hash 82939295be11b12439a76cada0d3b06d
d5ae3f2dbb15970e5f3aae222e08212f020f85d5
99ed54c6d4dbabf849b1b844a548a0ee3f8a8d0bf2c4424d57ee5d8c761f843a
Analyzer Verdict Alert openphish Tencent
GET /img/alatselow/selow_1.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:50 GMT
Content-Type: image/png
Content-Length: 412
Connection: keep-alive
Last-Modified: Wed, 20 Oct 2021 10:47:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7yLhHWOagpnjPcqz0v5LPQMlUUJ%2F%2FnA0yP8nkpzEFp4vB%2BOrUEWIfIgeoHyWNoozjzKlWbNKwqwNPEEgLm%2Fqhrq5tR3X53%2FSItKQF%2F4panw9bKkmU9yrx4VLE7uGTQVAbMH8TdjScdS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c141389d9b518-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/alatselow/selow_2.png
104.21.12.23200 OK 827 B URL HTTP/1.1 claim.mythicseason.com/img/alatselow/selow_2.png
IP 104.21.12.23:0
File type PNG image data, 96 x 97, 8-bit colormap, non-interlaced\012- data
Hash 5237cbfbbee111383e08cfc45a464042
c540d679fda7b859b08b19635d0cebdedf529b86
e20d0a77af62d8461cc5f464d9463d7eb417452e32ce216cff928b0658a53a52
Analyzer Verdict Alert openphish Tencent
GET /img/alatselow/selow_2.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:50 GMT
Content-Type: image/png
Content-Length: 827
Connection: keep-alive
Last-Modified: Wed, 20 Oct 2021 10:47:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4hYYZRl3D72ZGPPBN1HThs9EqkWae38P7spEU813U97udL1SlQM7AfCFE9JWTT%2FQ0Rx2fcv8xWXs0zTqOfLS5fhtVA7RWWBtC2lw6ytVolGmR9DlGvZkBQt6WGg7sWBnsffbX6zIrzs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c1413a9ba0b3d-OSL
alt-svc: h2=":443"; ma=60
www.pubgmobile.com/common/images/icon_logo.jpg
23.33.119.25200 OK 982 kB URL HTTP/2 www.pubgmobile.com/common/images/icon_logo.jpg
IP 23.33.119.25:0
ASN #20940 Akamai International B.V.
File type JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size 982 kB (982437 bytes)
Hash b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d
GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://claim.mythicseason.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=128
expires: Mon, 12 Sep 2022 22:31:00 GMT
date: Mon, 12 Sep 2022 22:28:52 GMT
X-Firefox-Spdy: h2
claim.mythicseason.com/img/header4.jpg
104.21.12.23200 OK 137 kB URL HTTP/1.1 claim.mythicseason.com/img/header4.jpg
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x607, components 3\012- data
Size 137 kB (136833 bytes)
Hash d01c17f972e1451424d9fede159150c6
34abad1261bb9d63bbdb7b55e9dc7c3c614295fa
d1b95ce0b5d854628c8b81ef136aac96a31a5caa4e3fe1b3e26f4b5cc1045fb2
Analyzer Verdict Alert openphish Tencent
GET /img/header4.jpg HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:52 GMT
Content-Type: image/jpeg
Content-Length: 136833
Connection: keep-alive
Last-Modified: Thu, 04 Nov 2021 18:53:23 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyVv92B0s6X9I%2Bxr2Uc7aIXEuDGpeHI3RpCzTCECfU29wEa%2Fj5A6kxM6LVzDS2WdbuzFnFOZTMlrf8MHbpLox%2B1%2Bpn3h%2BK5UYHjm4304NcwmfxciSqrSTU4Vsj99XM05zSANXQ%2BTwpTS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14195dbab4f9-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/header3.jpg
104.21.12.23200 OK 133 kB URL HTTP/1.1 claim.mythicseason.com/img/header3.jpg
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x607, components 3\012- data
Size 133 kB (132971 bytes)
Hash 9e81e1407c510641eaa2f856a9e17c1d
31fdc4847b664f7d629a977a69bb152e16e01160
38094519dac47cbe821768437e594ec60d468fa463303bf03f47989049708d2b
Analyzer Verdict Alert openphish Tencent
GET /img/header3.jpg HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:52 GMT
Content-Type: image/jpeg
Content-Length: 132971
Connection: keep-alive
Last-Modified: Thu, 04 Nov 2021 18:53:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sepTjfw3NLa6jn9ypQBN%2FVUCThVhrPI6CHUIxGrDCnl%2F98KJKrj3qXUXGB79jeJY8uw5NvBdOYHzRR1fkA0LDxvmXKxgwsscOupeKVOukQc1uWkIOi0IQg2LWPKMq48Su8NPRpZdgUqo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c1418282ab517-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/alatselow/selow_5.png
104.21.12.23200 OK 643 B URL HTTP/1.1 claim.mythicseason.com/img/alatselow/selow_5.png
IP 104.21.12.23:0
File type PNG image data, 96 x 97, 8-bit colormap, non-interlaced\012- data
Hash b5e71034e6ad24b6ba8a9e2dd4e9eacf
8764842732f93a3f3bb3a79944163e5a8ef67b9a
ece6fc3bf5e763a1031f5900eea1e88bd8a27bf8a2a9bddf4402301f450f21e4
Analyzer Verdict Alert openphish Tencent
GET /img/alatselow/selow_5.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:52 GMT
Content-Type: image/png
Content-Length: 643
Connection: keep-alive
Last-Modified: Wed, 20 Oct 2021 10:48:16 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YNaOWPR%2BzdVDbsiiFDQ3fFzo0socHPjOxy40lSrlV9da0LFj3k4jx1ko1wXVAAF2Xd1J08te1fy47EwkCWytUlfmh6IaRRVYMoCaUOcu5zP4IEAeSMr3TyYyOxs%2FDZdeBpjf9q0d1Fn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14159bfdb518-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/alatselow/footer.png
104.21.12.23200 OK 23 kB URL HTTP/1.1 claim.mythicseason.com/img/alatselow/footer.png
IP 104.21.12.23:0
File type PNG image data, 1280 x 170, 8-bit colormap, non-interlaced\012- data
Hash 67b778ee339c7f4ba0b7a4904ae38847
040173c41918b80af751f78e238d196d0a941c96
98cf3a21a68c83ca849dfccd8f01657099249d66b8a69956471a2ec1741557f8
Analyzer Verdict Alert openphish Tencent
GET /img/alatselow/footer.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:53 GMT
Content-Type: image/png
Content-Length: 23110
Connection: keep-alive
Last-Modified: Sat, 23 Oct 2021 06:14:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KxLnboirZuv5iE40hMJsZOuYNNyVYiIqAQahFRcBtjNrFg48fmkjBAmQZncZ44mTWIDMogc6RaPV3esfSUjUr1%2FX51xzcDpWcKzHLNzb0vPsgqco04DfpFyH55prDf%2BMWYfJSPyAQrq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c141a2d1e0b3d-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/header1.jpg
104.21.12.23200 OK 136 kB URL HTTP/1.1 claim.mythicseason.com/img/header1.jpg
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x608, components 3\012- data
Size 136 kB (136036 bytes)
Hash 3ffaa4eb3db8f317f42044f05f320454
794906906c77288f3b1fa3e7241ad05ec83a900d
de41cd45aed7c7f716c6780f1f27ee6bf2c5506d26c69ea47d271aaa4bbb11a0
Analyzer Verdict Alert openphish Tencent
GET /img/header1.jpg HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:53 GMT
Content-Type: image/jpeg
Content-Length: 136036
Connection: keep-alive
Last-Modified: Thu, 04 Nov 2021 18:53:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvBWeSac%2BjonAEYP10KNMkNBIoBbiJUoJ28ZNIQf81cusb%2BBDrRt7Q4GI3yCBvMlmKpu%2BjFL2MvSp8jL88eCbPKV%2F0HjCVr2VVMWhhxFm0N7GRJqiCebErBrw9SE2Fth5%2BEe7eRZilvc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c1417ca860b65-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/header5.jpg
104.21.12.23200 OK 121 kB URL HTTP/1.1 claim.mythicseason.com/img/header5.jpg
IP 104.21.12.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x607, components 3\012- data
Size 121 kB (121136 bytes)
Hash 7c9d958689601489576d9928d466cee1
85cb5e8f7cb3bba064a7f363061c43d7c79e9ddc
841d9d82dea1a3885882d12b6d6be98e93d6292173133aecfbe0e8d955020004
Analyzer Verdict Alert openphish Tencent
GET /img/header5.jpg HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:53 GMT
Content-Type: image/jpeg
Content-Length: 121136
Connection: keep-alive
Last-Modified: Thu, 04 Nov 2021 18:53:21 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKHbULakYJL6TIWuRGiYyrT7PhezjEQ7EWsaFjMBLBksla1563cJBFQWfHVcRV7Skdk3nOPotEIQ%2FY3PQdvo5LWPlTX5meRO7waFaC1muy6Qq2s0NvaV2an5wV%2BnoSkNXKKmDFKXcgoR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14196f98b518-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/alatselow/icontw.png
104.21.12.23200 OK 6.2 kB URL HTTP/1.1 claim.mythicseason.com/img/alatselow/icontw.png
IP 104.21.12.23:0
File type PNG image data, 320 x 320, 8-bit colormap, non-interlaced\012- data
Hash 02bdddf067f754fa7373d81946ec0ebd
0eb4b688a45279730bb0ade2aebd7e657a640854
6d45af732342bdbc9521b77a14437c48c69cf83eea3eafd090f45e2bbfc14ed0
Analyzer Verdict Alert openphish Tencent
GET /img/alatselow/icontw.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:53 GMT
Content-Type: image/png
Content-Length: 6237
Connection: keep-alive
Last-Modified: Tue, 02 Nov 2021 09:25:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMUM7XMoT21k8DGbl%2FShK%2BnLkuGiwdxQIQa7PJEbwcN7%2FWpKDAv6PUqNOSBmYz27Z9kClBsUFPW1E%2Fl%2Bbl8M5rWUe6fwhIDJHZ8U%2BprFrC9wZiq%2B0kYLNLuqEKgXvG2MgEHjpmgN9qeL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c1423ed87b4f9-OSL
alt-svc: h2=":443"; ma=60
claim.mythicseason.com/img/alatselow/iconfc.png
104.21.12.23200 OK 23 kB URL HTTP/1.1 claim.mythicseason.com/img/alatselow/iconfc.png
IP 104.21.12.23:0
File type PNG image data, 640 x 259, 8-bit colormap, non-interlaced\012- data
Hash 4f519286b96f47f3a3731f5759d030c2
ff34348c6eb9119421d0661cf1b88d52a3a43545
07771fc18b638418397aaeb08a067108ea200da7794263c6fbfbe85e0900b2ae
Analyzer Verdict Alert openphish Tencent
GET /img/alatselow/iconfc.png HTTP/1.1
Host: claim.mythicseason.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://claim.mythicseason.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:28:53 GMT
Content-Type: image/png
Content-Length: 22857
Connection: keep-alive
Last-Modified: Tue, 02 Nov 2021 09:25:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwRpn7IuVFZMezuq%2B3Hn1zMAhvwHsaTRlqBiP3NEvGbzhr92rioWBFbECMX9VmB9G1Iu5bne41C2XTnh%2FMGFKiXxf9gej1H2yniN2aNUcjLhm08mUh2Tb7h4E%2B2R1Zt6il2nG6AGRVPe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c14263dbab517-OSL
alt-svc: h2=":443"; ma=60
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://claim.mythicseason.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:28:47 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 8468481
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 749c1407cfe60b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2