Overview

URLsemionlotto.com/
IP 198.54.115.58 (United States)
ASN#22612 NAMECHEAP-NET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-12 08:49:49 UTC
StatusLoading report..
IDS alerts0
Blocklist alert22
urlquery alerts No alerts detected
Tags None

Domain Summary (20)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-12 05:54:37 UTC 142.250.74.10
kingoflotto.com (1) 0 2017-04-18 18:15:39 UTC 2022-08-23 00:13:13 UTC 172.67.210.202 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-12 05:23:45 UTC 143.204.55.36
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-12 04:53:23 UTC 34.117.237.239
fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-11 04:58:03 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
apis.google.com (1) 105 2013-05-30 23:17:44 UTC 2022-09-11 05:29:04 UTC 142.250.74.174
www.semionlotto.com (39) 0 2021-04-15 10:16:25 UTC 2022-07-08 19:55:32 UTC 198.54.115.58 Unknown ranking
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-12 04:05:50 UTC 34.120.237.76
freeelotto.com (1) 0 2017-05-26 01:42:54 UTC 2022-09-09 02:39:06 UTC 104.21.51.134 Unknown ranking
log.pinterest.com (1) 3464 2015-02-16 23:42:31 UTC 2022-09-12 05:21:03 UTC 151.101.84.84
r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-12 04:51:47 UTC 95.101.11.115
semionlotto.com (2) 0 2021-04-15 10:16:25 UTC 2022-07-08 19:55:32 UTC 198.54.115.58 Unknown ranking
ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-12 06:09:14 UTC 172.64.155.188
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-12 05:49:40 UTC 93.184.220.29
mugshuay.com (1) 0 2022-04-05 05:33:19 UTC 2022-09-05 09:38:02 UTC 174.138.23.45 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-12 05:38:13 UTC 143.204.55.110
ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-12 04:51:36 UTC 142.250.74.3
www.ruay889.com (1) 0 2022-01-17 10:54:15 UTC 2022-02-17 17:59:04 UTC 104.21.74.228 Unknown ranking
assets.pinterest.com (2) 2560 2014-11-19 16:42:27 UTC 2022-09-12 04:10:22 UTC 2.18.172.195
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-12 06:04:57 UTC 34.208.31.97

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-12 2 semionlotto.com/ Phishing
2022-09-12 2 semionlotto.com/ Phishing
2022-09-12 2 www.semionlotto.com/ Phishing
2022-09-12 2 www.semionlotto.com/wp-includes/js/jquery/jquery.min.js Phishing
2022-09-12 2 www.semionlotto.com/wp-includes/js/jquery/jquery-migrate.min.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/plugins/wp-auto-content/js/jquery.webui-popo (...) Phishing
2022-09-12 2 www.semionlotto.com/wp-content/plugins/wp-auto-content/js/shareIt.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/plugins/wp-auto-content/js/jquery.modal.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/plugins/wp-auto-content/js/wpautoc-front.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/themes/newsup/js/navigation.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/themes/newsup/js/owl.carousel.min.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/themes/newsup/js/jquery.smartmenus.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/themes/newsup/js/jquery.smartmenus.bootstrap.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/themes/newsup/js/jquery.marquee.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/themes/newsup/js/main.js Phishing
2022-09-12 2 www.semionlotto.com/wp-includes/js/wp-emoji-release.min.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/themes/newsup/js/bootstrap.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/plugins/gp-premium/menu-plus/functions/js/st (...) Phishing
2022-09-12 2 www.semionlotto.com/wp-content/plugins/featured-image-from-url/includes/htm (...) Phishing
2022-09-12 2 www.semionlotto.com/wp-content/themes/newsup/js/custom.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/themes/newsup/js/custom-time.js Phishing
2022-09-12 2 www.semionlotto.com/wp-content/themes/newsup/css/font-awesome/webfonts/fa-s (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 198.54.115.58
Date UQ / IDS / BL URL IP
2023-01-25 11:41:48 +0000 0 - 0 - 0 citizensfintrusts.com/account/public/login 198.54.115.58
2022-11-24 20:37:53 +0000 0 - 0 - 8 crypto247mart.com/ 198.54.115.58
2022-11-19 01:29:51 +0000 0 - 0 - 4 macquesttourstravel.com/voli/index.php?qbot.zip 198.54.115.58
2022-11-19 01:20:31 +0000 0 - 0 - 4 nanaxcompany.com/lo/index.php?qbot.zip 198.54.115.58
2022-11-19 01:08:01 +0000 0 - 0 - 5 explorenaija.com/oep/index.php?qbot.zip 198.54.115.58


Last 5 reports on ASN: NAMECHEAP-NET
Date UQ / IDS / BL URL IP
2023-03-25 23:45:00 +0000 0 - 0 - 8 www.bryansaintbernardpuppies.com/ 68.65.122.53
2023-03-25 23:42:28 +0000 0 - 0 - 8 www.bryansaintbernardpuppies.com/ 68.65.122.53
2023-03-25 23:21:10 +0000 0 - 0 - 55 66.29.129.121/ 66.29.129.121
2023-03-25 23:18:06 +0000 0 - 0 - 4 joshdataservice.com/teda/teda.php 66.29.132.96
2023-03-25 23:17:13 +0000 0 - 0 - 11 devfly.net/installable.zip 162.0.235.180


Last 1 reports on domain: semionlotto.com
Date UQ / IDS / BL URL IP
2022-09-12 08:49:49 +0000 0 - 0 - 22 semionlotto.com/ 198.54.115.58


No other reports with similar screenshot

JavaScript

Executed Scripts (31)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (76)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 07:51:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 298wYSbRLbx9vjkPsRDV9gEKdQ9xq1hPXBYiCVEWxXL6ngMaBrmOqg==
Age: 3489


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5542
Expires: Mon, 12 Sep 2022 10:21:59 GMT
Date: Mon, 12 Sep 2022 08:49:37 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wOWPa6dx77lOtdfSr74MARgrCU6l40qOphPy76M-tcMxcCOQLf2Dpg==
age: 5545
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET / HTTP/1.1 
Host: semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         198.54.115.58
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
keep-alive: timeout=5, max=100
content-length: 707
date: Mon, 12 Sep 2022 08:49:37 GMT
server: LiteSpeed
location: https://semionlotto.com/
x-turbo-charged-by: LiteSpeed


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 12 Sep 2022 08:49:37 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 12 Sep 2022 07:56:07 GMT
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 08:43:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NgetVuu7ipRJjmAJUt6gX5qMrpfk6iKT3DMiJNyoObRtsmKrfB5avw==
Age: 3211


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 12 Sep 2022 08:49:38 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 22:38:23 GMT
Expires: Thu, 15 Sep 2022 22:38:22 GMT
Etag: "3f2d9f07995f5d3bbadc3e35316fe99a823b8b83"
Cache-Control: max-age=308323,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749764164aec1c02-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3897
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 08:49:38 GMT
Last-Modified: Mon, 12 Sep 2022 07:44:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ptn4buofAuMeX/9yNzJThA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.208.31.97
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5ahCu74t4ueccpiK9RRfF85qjdM=

                                        
                                            GET / HTTP/1.1 
Host: semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         198.54.115.58
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
set-cookie: PHPSESSID=b2fa916781ee4cd4af042a60533f094a; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-redirect-by: WordPress
location: https://www.semionlotto.com/
content-length: 0
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 12 Sep 2022 08:49:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
last-modified: Tue, 12 Jul 2022 16:52:19 GMT
etag: "15b64-62cda6c3-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   10946
Md5:    d45207ee05c1f0c57dfa075e61405ccd
Sha1:   a8d35143a2d828a739ea0fdde75f97d33621e7ec
Sha256: a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
                                        
                                            GET /wp-content/plugins/wp-auto-content/css/jquery.webui-popover.min.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
last-modified: Wed, 11 Aug 2021 05:39:28 GMT
etag: "1a79-61136290-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1284
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6777), with no line terminators
Size:   1284
Md5:    64800fd2ec49e7574571d09c70b039ed
Sha1:   7f4042208218b23d4c82ba99c9e9dcaf152f9cb9
Sha256: ab843aed52370809782b68b71eceb7f1ce5f40110ca1c092846e0472e1a293fc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19846
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 08:49:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19846
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 08:49:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19846
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 08:49:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19846
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 08:49:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19846
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 08:49:40 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f6d3098-68f1-4ed7-baff-aed0e0b792ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8658
x-amzn-requestid: 37529bed-8f0c-43dc-926b-32ef4a7adbac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkSfHkDIAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb40f-45988cf4677a87b521ac15b8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:45:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Gc_42daM_t1zgHPELLgKNn3Sk4lis4zmV7yBWRme4NRXOzf2qr2NSg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 22:17:41 GMT
age: 37919
etag: "02807770b43d375393e1efef0ba432b664a05be0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8658
Md5:    da890c42b21daa080ec1bdd023800393
Sha1:   02807770b43d375393e1efef0ba432b664a05be0
Sha256: c0795e0b7535a3f25564b52b2e70a7447baa79378c95153ceb51f8bd3620d89e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba8d12f-23ff-4cd1-837d-b0b922013960.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10622
x-amzn-requestid: c7f857e3-7402-4d2e-8435-c8af6340aecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxLHCiIAMFqqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d4-5693b82c5a794bb10dbfdd45;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: lhGJrfCWUsU0GsQmh_7QumF8DQY1-R3lWEuFrWD8NL6b8J1jaT0Q0g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 22:16:55 GMT
etag: "5cb1d1b24f8fd8ed9367952df70cead8912b8451"
age: 37965
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10622
Md5:    1854d4caadc989a97ef1fe048c97e16e
Sha1:   5cb1d1b24f8fd8ed9367952df70cead8912b8451
Sha256: 664eeeed30d4d3dc5793c8af69f8bda92d1ad7e4f35e339e4d1e694d5d904fa2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 12 Sep 2022 08:49:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13568
x-amzn-requestid: ad06f499-3e04-414a-8a3f-6daa9e0124ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN1F2BIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-3a17f11440d2f37b23ac7f6a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iNRnq8nMhoTo9oY379Ynb6uPW0vNyf3dNufU_HpXNfzxvhrAEKEzJQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 14:06:07 GMT
age: 67413
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13568
Md5:    8625e0707046e7a3715a8dbb40b1cae2
Sha1:   0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
Sha256: abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8c9e77-e1e7-4dac-8b40-0f1dc36c1c90.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11309
x-amzn-requestid: 9c63b64e-0464-419a-9c9a-006107a7d79a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIx8HNaoAMFxkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d9-127311335960fcd84c8e8a01;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Air80GlBxX3Dew_9SfLnYGPG2dN3PHWSqP6GP38AfPm91qjNi5hxzg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:47 GMT
etag: "f3179f2d233c0422b31d723aea47d26ca851d946"
age: 39233
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11309
Md5:    a8ac7af52a032c012cd38652bb90be99
Sha1:   f3179f2d233c0422b31d723aea47d26ca851d946
Sha256: 4020cd554d8c1bdf5432d359a2079451a6bc328bd2f51fbb738f6a1d52ca7f21
                                        
                                            GET / HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
last-modified: Mon, 12 Sep 2022 01:22:21 GMT
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   25820
Md5:    95b4c2868813e78f86a322f513f25e05
Sha1:   d7873a73a5c12707c68ad523b2db174429e9f2df
Sha256: a63bc40f613e82d2ff5087b1ff95386db956979315ce183ca5bdc1ad9a897f42

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7029
x-amzn-requestid: 188bfede-89d9-42f9-914b-13a330675370
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxLHkBIAMFrrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d4-44c167dd64d1756c0280a759;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qbhdBjUA4GNK7U8VQYUPDynJ58slL5aG1bZMDdXc8IKeg0KwZeqn2Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:55 GMT
age: 39225
etag: "d09f2d5acd5945620a2a51d72411c3c464a5166e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7029
Md5:    ca76593aa217eb69a58ed89610d9d59d
Sha1:   d09f2d5acd5945620a2a51d72411c3c464a5166e
Sha256: 7b31c12dad70a30defa8924061b635410d8b2a59e90819c8707ee6d0b5acc98e
                                        
                                            GET /wp-content/plugins/wp-auto-content/css/wpautoc-front.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
last-modified: Wed, 11 Aug 2021 05:39:28 GMT
etag: "89c6-61136290-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9838
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4353), with CRLF line terminators
Size:   9838
Md5:    810a8dcae65141844f731b9378f26dfa
Sha1:   d5dd1336e16c2cf79b04d7d5e9f221a579c250c4
Sha256: eedd986ca71f23730d3bb1d21a3535ee6c5bf87916c49d5e25ff8a5243f26501
                                        
                                            GET /wp-content/themes/newsup/css/bootstrap.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "301e7-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23264
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (629)
Size:   23264
Md5:    a83e1c1b4924d3e8d4194d8cc053f341
Sha1:   c3bbfa6a336314e011a034373c64a6eb46a4c743
Sha256: 90227b4c56905db7dc0ff85f78c859527d5d13c0aabc46bf03202aa72ae543e1
                                        
                                            GET /wp-content/themes/news-hunt/style.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
last-modified: Mon, 08 Aug 2022 08:27:36 GMT
etag: "1567-62f0c8f8-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1779
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (586), with CRLF line terminators
Size:   1779
Md5:    47b81babcddc25f57b54ba1acb2a9a92
Sha1:   eb86f3aeb4bad56d1038815ae0823d026790cc45
Sha256: 3cb1c0507287553a7dd6af2627940c9285e4adffb46e692dfab6a0665069e3b4
                                        
                                            GET /wp-content/themes/newsup/css/font-awesome/css/all.min.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
last-modified: Wed, 12 Jan 2022 09:10:46 GMT
etag: "dcc5-61de9b16-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11796
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (56331)
Size:   11796
Md5:    fedf62c9badc785b85542834d1caa9e9
Sha1:   5e7014488d4e774f94bbc20e6248a59c13f53132
Sha256: da57962661d40cad55187229338c076e138483e298a480406f5c09136398c09e
                                        
                                            GET /wp-content/themes/newsup/css/font-awesome/css/v4-shims.min.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
last-modified: Wed, 12 Jan 2022 09:10:46 GMT
etag: "6802-61de9b16-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3949
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26440)
Size:   3949
Md5:    49241411582031da2e3d0428b4c9d717
Sha1:   ca21b128d50568ce3140d85d02ee6e11a3ca8f10
Sha256: cb9bc4515fa609f027bca9c020048c9e46825ea1c42171491f9d1e9e72920122
                                        
                                            GET /wp-content/themes/newsup/css/owl.carousel.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "5c2-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 468
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   468
Md5:    e3aa866b8ad4c9f0daa4a9dec73cbc10
Sha1:   820601757d7725447c99cfc7d004f780ce8d292b
Sha256: 1bedb836f4582e6c8948bdfe5748088f19d8ce830aa3a8bc88dd2d4d2f3624ac
                                        
                                            GET /wp-content/themes/newsup/css/jquery.smartmenus.bootstrap.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "caa-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 906
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   906
Md5:    ee648e36377dc92981bab9d5bb64f5f3
Sha1:   7300392c971b15c57f71140a5b7f9a2e1aad8d2f
Sha256: 339de297f5c2e6cdec750c652a4086e7c92b14c656188d3bc880f1ff3d2b1d17
                                        
                                            GET /wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
last-modified: Tue, 22 Feb 2022 02:25:05 GMT
etag: "d37-62144981-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 431
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3383), with no line terminators
Size:   431
Md5:    0db0a5fadb39bee433eeb0885b607e5b
Sha1:   eeffa13c26d4facfe39847889ba45fdc18930890
Sha256: f2286b67c001f9fc2c7e1c21cd007e52f95830741ce211c3ca1434388708bf4b
                                        
                                            GET /wp-content/plugins/gp-premium/menu-plus/functions/css/sticky.min.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Tue, 22 Feb 2022 02:25:05 GMT
etag: "74d-62144981-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 421
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1869), with no line terminators
Size:   421
Md5:    094daac9d5c5872501debef5c7b6dbf1
Sha1:   e6ba2c246835f0d6bf4a01dd366b853fefaf5eb4
Sha256: 1349f5db8b9ceedd8d15b7dc692cacb4fbb3ce578743e49ec745aa9fee8e6a86
                                        
                                            GET /wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Tue, 22 Feb 2022 02:25:05 GMT
etag: "b00-62144981-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 583
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2816), with no line terminators
Size:   583
Md5:    2f627e8d193180dd36388e96c54e4103
Sha1:   fdebee94c0b838bff896f4f930ecf9b4af103de6
Sha256: 92bbf07abb87d4d7d923a6d253c0efdb9ba3275464f8f61a061c410d2c2128ef
                                        
                                            GET /wp-content/themes/newsup/style.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Mon, 12 Sep 2022 07:29:52 GMT
etag: "1128b-631edff0-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12394
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (577), with CRLF line terminators
Size:   12394
Md5:    6782784b63fd3c76b436da2dea057d1f
Sha1:   e5fcb38edf19148729f63cb197ce09f6d7212e23
Sha256: 515d0f458cebc93634032ee98b4883754c6876c3c3cb5e415b5a9195a548d8f6
                                        
                                            GET /wp-content/themes/news-hunt/css/colors/default.css HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Wed, 13 Jul 2022 07:11:32 GMT
etag: "6d4d-62ce7024-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4480
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1708), with CRLF line terminators
Size:   4480
Md5:    5399d9a89e90d86e4e49a7bdc38e4bd2
Sha1:   8660cc65b5a05d35471566d22ff8036eb346b996
Sha256: 9b961fd003e78c38d6bb6c7e1d64773c561a65ec319ae9fd32294ae435f6aaeb
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
etag: "15db1-60497454-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30273
Md5:    34f918ada1fe4f01c5a4b90065bbc37a
Sha1:   a731f6ce2d413805e39ae45994012b1bd5ea1e2b
Sha256: eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
etag: "2bd8-5fb577a6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wp-auto-content/js/jquery.webui-popover.min.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Wed, 11 Aug 2021 05:39:28 GMT
etag: "46e9-61136290-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5238
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (17831)
Size:   5238
Md5:    488bc471a597e33c7c344d5a512a1842
Sha1:   637fd8249cbd77e461a3d4bbca6e9d1152a6b30d
Sha256: 6cd5399827d96f78c9c4a194d00a785044cc8c3a766c42467b6fddf7aa39e384

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wp-auto-content/js/shareIt.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Wed, 11 Aug 2021 05:39:28 GMT
etag: "46e1-61136290-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4021
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (454)
Size:   4021
Md5:    1ab976dec7566cf9320d2e98840827fd
Sha1:   706e16d22ca64741b70c03b9411782eaabbb5554
Sha256: bf6b87f21f9412cb2446d10f5fd4bba2ebc27e34658dbabc0c3c872e30d8d110

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wp-auto-content/js/jquery.modal.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Wed, 11 Aug 2021 05:39:28 GMT
etag: "1e83-61136290-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2089
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2089
Md5:    083ed093e8de7b958934539842777ed8
Sha1:   b03d8edf3f21104387e51fc79497c8e9c51bceb2
Sha256: aad69b672a6faba9588ba5b5a45155162a38617b4bc3836594f28688df459501

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wp-auto-content/js/wpautoc-front.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Wed, 11 Aug 2021 05:39:28 GMT
etag: "613-61136290-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 615
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   615
Md5:    b8233223e38c909c4d538c3fa302d719
Sha1:   deda33f90e4b4d4c1097a73e3d1a3815ed027cfd
Sha256: 152632ebdf8a5195c5812c7a04546e37c185c57686e9f3da04c2cf36b0dbed69

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newsup/js/navigation.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "8e9-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 749
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   749
Md5:    63e94568f0849c87f9dfbdf5be5e64c5
Sha1:   b2e3ce4c460351a52a1f384f684662400b59ddfd
Sha256: 54d4ab298ba74f6a59c9622fe5087253322cf60f63d7a36b9807c6d0e6a561a7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newsup/js/owl.carousel.min.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "5d52-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6271
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (635)
Size:   6271
Md5:    18fa2df48fec38884bab8d83de7c677a
Sha1:   71dbc0a92dd5b7dcb3c4f1b2740fddcb20757d97
Sha256: c4ff58768bceeb1b48a090d848272427c51d2772ab6661cf49f689162f6e16cc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newsup/js/jquery.smartmenus.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "b16b-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11209
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   11209
Md5:    6ea9c7c2166725f50c33474b4dbd9bd1
Sha1:   17413c337126555fb3ee2dd35b34ecaba84daeb7
Sha256: 72e2cfdc4f92a52f9e4e72035124c304a2ff1756f955184f6f4152114669061e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newsup/js/jquery.smartmenus.bootstrap.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "16d4-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1826
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1826
Md5:    4b3dba7de931cc47d016d2471940b006
Sha1:   2ddacbd8d3cafd913717e39de3314402572b6b43
Sha256: eac0d22b254c3d6dc5544de9764d9436a18cca1ef4a45ec044721597d8e24bcb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newsup/js/jquery.marquee.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "5bc8-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4378
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4378
Md5:    93fdc9776c013ac877480d8c0c3c066d
Sha1:   eb227d15dcfad035dba1250034e4d2bc4b2c908b
Sha256: f28b4f4c0cb18968c1c261b8fe5991fd521160fa2f616eac7f37e63230d07907

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newsup/js/main.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "25a-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 211
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   211
Md5:    ad261d8cd607670b9a1c1fad3f77ea01
Sha1:   8f662bbe94e5a1bf6aaba0914b6fabbc75aafd3c
Sha256: 93479f7acb044d007ac09c7e52d327b6cedd4955abb63ff211f639ce20093015

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Wed, 22 Jun 2022 04:46:06 GMT
etag: "48b9-62b29e8e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   4619
Md5:    0232689bd203f330529b36a437f41a68
Sha1:   9046583f7469ad38297969f10a9513eb895d5316
Sha256: feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newsup/js/bootstrap.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "20f80-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24196
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (328)
Size:   24196
Md5:    d4f1a66a618800767db1fc66042b5646
Sha1:   2bd2b5302d55298778c4ba8ec3824206bb7796c8
Sha256: 6e34b40f5244d46f56fafb29921bc7ec237d418455ba4ac2b0c5c87934143da1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Tue, 22 Feb 2022 02:25:05 GMT
etag: "2146-62144981-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2665
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8518), with no line terminators
Size:   2665
Md5:    7ff80f9892eedbde036df467933e243a
Sha1:   5d53c47816f5622ca4f1cd2e4aed8e824069a545
Sha256: 0b6bc7c77e47c898d9f33c6850502f0d504bb065bbd09f667bec303aae033980

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Sat, 10 Sep 2022 21:48:24 GMT
etag: "ef2-631d0628-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 918
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   918
Md5:    ff98a2d5f2f2ad26eb5e4ac74aa9702b
Sha1:   83bf52f910c78babbe737914acc7e36a8b0f35df
Sha256: 9158326d8570a2ac4ecf0d34c7befd54bb857a0c139a3e19dd19bf894642ec89

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newsup/js/custom.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Mon, 07 Mar 2022 07:03:52 GMT
etag: "d31-6225ae58-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 733
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text
Size:   733
Md5:    364f105ec30cf4bcd68993b124c4a201
Sha1:   a830a314753ec5fb1cae4bb4a9dcb141b927c224
Sha256: 377e1bb82ec4ff4be6756b41b1deaca8d9e3dc93a291022b43b2bf93bcebd781

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newsup/js/custom-time.js HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "ef-614846c2-0;;;"
accept-ranges: bytes
content-length: 239
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   239
Md5:    de2e2f628f238ffaf3bc7cea25f78753
Sha1:   b76f72c2733571f98d63509acacc1fa368bbe71b
Sha256: 72f68a10209f34b666a39ca68fd2f326168c0d75d235540cfa3add58350d7c42

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2022/09/taytod.huayrudtaban.jpg HTTP/1.1 
Host: www.ruay889.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.74.228
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 12 Sep 2022 08:49:41 GMT
content-length: 58037
last-modified: Sat, 10 Sep 2022 09:32:33 GMT
cache-control: public, max-age=10368000
expires: Sun, 08 Jan 2023 09:33:15 GMT
vary: Accept-Encoding,Accept
cf-cache-status: HIT
age: 93514
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAy1PHxBfQ%2FM5RVJD2JTHxsaBTf9kq17swx4ft58YpCCuN%2FUfS3ZC7iR%2BN5CWF%2B%2FeDHaVX1TRhXMZYxEBoI1W6Tu%2BlYmzU88jae8EOnT7zpuabArXnodYLlZutR89tZFWmM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74976428281cb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 900x450, components 3\012- data
Size:   58037
Md5:    184e966507146d07fd1638db05b30b7a
Sha1:   820eeebb18daa1e4c8db5d03fa4a4c26b6200627
Sha256: bd28a1f61f8934d9521d290da136114edf3bf2bef38a5e5391398031c6b7461d
                                        
                                            GET /storage/2022/09/09-5_0.jpg HTTP/1.1 
Host: freeelotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.51.134
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 12 Sep 2022 08:49:41 GMT
content-length: 82921
last-modified: Fri, 09 Sep 2022 10:34:01 GMT
cache-control: public, max-age=31536000
expires: Sat, 07 Jan 2023 10:56:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000
content-security-policy: object-src 'none'
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 93512
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn4pqlXCMqBBj8JEdXWYoV8FhISwgnFlikVCK8opE82g%2FIOC4M8zUlPilKpw4C%2FcaXdYTo6I3hH%2Fm5pcetGW55xqLpWMCKoOP%2FOp0KIz3C8zJ9ZE%2FAUvSMHjupw5HBYWXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749764288aff0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1024x500, components 3\012- data
Size:   82921
Md5:    819e2f035c67b07c76ac7916d8422b10
Sha1:   708070752fe329467bec1d35b04c248176f50afb
Sha256: 8e9f560c35a8b14f4b91df2673429cdebca712ca1159da2bc94a1c31c2c29e1a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 12 Sep 2022 08:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 12 Sep 2022 08:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.semionlotto.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 16:40:18 GMT
expires: Fri, 08 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 317363
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 12 Sep 2022 08:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/news-hunt/images/head-back.jpg HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:41 GMT
last-modified: Fri, 03 Jun 2022 17:03:20 GMT
etag: "13f98-629a3ed8-0;;;"
accept-ranges: bytes
content-length: 81816
date: Mon, 12 Sep 2022 08:49:41 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x854, components 3\012- data
Size:   81816
Md5:    e88efe41c02eb6ee491fb3dbf1fc9307
Sha1:   d9b860c55c027cf74e2082b0800c3820ffdc363c
Sha256: e25ba07dc05c19d8194746b8a22d5485b787c8d003ecea5c9e974d454b04c8cd
                                        
                                            GET /wp-content/themes/newsup/css/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.semionlotto.com/wp-content/themes/newsup/css/font-awesome/css/all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: application/font-woff2
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:41 GMT
last-modified: Wed, 12 Jan 2022 09:10:46 GMT
etag: "12680-61de9b16-0;;;"
accept-ranges: bytes
content-length: 75392
date: Mon, 12 Sep 2022 08:49:41 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 75392, version 330.15728\012- data
Size:   75392
Md5:    60ce8cf4dd9fe177abdfeda21e20798e
Sha1:   d378644ff0f7549fa6f217a08dfd2566a770638e
Sha256: e348d772480f8c0e5fa546b3c531a38700ae16b5dad5defb5e67ade7f6d332e8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/pinit.js HTTP/1.1 
Host: assets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         2.18.172.195
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
etag: "62d32c28f14783b94192cd8d35bc010d"
content-encoding: br
accept-ranges: bytes
content-length: 203
cache-control: max-age=181
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (361), with no line terminators
Size:   203
Md5:    62d32c28f14783b94192cd8d35bc010d
Sha1:   78c1ba11e104bbd01a07225d0f8c41d7712094d4
Sha256: e823b68f75484d37c74ebb652e2a5b183a1b65c43f1592985e519a8cabc44b2e
                                        
                                            GET /wp-content/uploads/2022/06/%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%AB%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C-%E0%B9%80%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%E0%B9%84%E0%B8%94%E0%B9%89.jpg HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
last-modified: Wed, 22 Jun 2022 07:05:44 GMT
etag: "13518-62b2bf48-0;;;"
accept-ranges: bytes
content-length: 79128
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Mon, 12 Sep 2022 08:49:41 GMT
expires: Mon, 12 Sep 2022 08:49:41 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "45721ba9c974fc6e"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1277)
Size:   20361
Md5:    b5a31516be83fe4f962609045d824f88
Sha1:   939a49a9858bf23561279f9ca2d1941d3256c66f
Sha256: edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 12 Sep 2022 08:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2022/06/%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%AB%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%80%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%E0%B9%84%E0%B8%94%E0%B9%89.png HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:41 GMT
last-modified: Wed, 22 Jun 2022 07:01:51 GMT
etag: "ae30-62b2be5f-0;;;"
accept-ranges: bytes
content-length: 44592
date: Mon, 12 Sep 2022 08:49:41 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 705 x 349, 8-bit colormap, non-interlaced\012- data
Size:   44592
Md5:    265bc436ffa294e571e1fb500e5d8c56
Sha1:   cb3c19780a1f47c639d3e5c0ec2576828aa968c6
Sha256: 46fb0d635c04700d0b11b00d394e5427aed03eff21a0368d9aea3aac1868a8ae
                                        
                                            GET /wp-content/uploads/2022/06/cropped-lotto-192x192.jpg HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:41 GMT
last-modified: Wed, 22 Jun 2022 04:49:14 GMT
etag: "15ee-62b29f4a-0;;;"
accept-ranges: bytes
content-length: 5614
date: Mon, 12 Sep 2022 08:49:41 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", baseline, precision 8, 192x192, components 3\012- data
Size:   5614
Md5:    1dbdfd2a510e5751e12f5a07f995be98
Sha1:   482b60aa7f9e5fedbc95bbc10828a24d475b5397
Sha256: e4db990609efeeb7aabc85f7d26ec9b7e9241429852e128705ae3c10e7249a16
                                        
                                            GET /wp-content/uploads/2022/06/cropped-lotto-32x32.jpg HTTP/1.1 
Host: www.semionlotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.54.115.58
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:41 GMT
last-modified: Wed, 22 Jun 2022 04:49:14 GMT
etag: "2c1-62b29f4a-0;;;"
accept-ranges: bytes
content-length: 705
date: Mon, 12 Sep 2022 08:49:41 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", baseline, precision 8, 32x32, components 3\012- data
Size:   705
Md5:    b74375fa21697c0cf40daaed20244223
Sha1:   5fdc036bc86c93a40fc1f8723deeb364b544f57a
Sha256: 7f9c8f39c1f670f2fe2875bd503b67a0f9927be4c53fbdcee2ad9e6a49d0690b
                                        
                                            GET /js/pinit_main.js?0.5815184627956257 HTTP/1.1 
Host: assets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         2.18.172.195
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
accept-ranges: bytes
content-length: 18679
cache-control: max-age=246
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32016)
Size:   18679
Md5:    3725764cf05d1a0938de73d398772331
Sha1:   abdc742d760ca9c8f28c8d44ca9796d9ad6c0bc7
Sha256: f8c41f2f59fc9e9d088bc9002eef583c3cf256b4cd371619b18107b4abd92812
                                        
                                            GET /wp-content/uploads/2022/09/web.huayyiki.jpg HTTP/1.1 
Host: mugshuay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         174.138.23.45
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 12 Sep 2022 08:49:41 GMT
content-length: 76737
vary: Accept-Encoding
last-modified: Sat, 10 Sep 2022 09:35:22 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Tue, 10 Jan 2023 08:49:41 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 900x450, components 3\012- data
Size:   76737
Md5:    c76014b4e9a4474673af553873217914
Sha1:   7d2df5375a5b8625fd156535b8ff0344f62274c7
Sha256: 675178dea39db697ca126de7702a1b4823928059cda52bd4fbffbd11b73d040b
                                        
                                            GET /?type=pidget&guid=ZPNMQAW14fRb&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.semionlotto.com%2F&viaSrc=canonical HTTP/1.1 
Host: log.pinterest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.84.84
HTTP/2 200 OK
                                        
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 2
server: envoy
x-pinterest-rid: 7155523713409738
accept-ranges: bytes
date: Mon, 12 Sep 2022 08:49:43 GMT
via: 1.1 varnish
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662972583.130004,VS0,VE104
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f86a13b-1b13-4298-8397-2a35d951a8f4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8461
x-amzn-requestid: 8f7492c7-ae65-4dd5-8ee9-85a2e2fc80dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLVAaEt3oAMFcnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631acecf-2db2074c53de3db23380767b;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 05:27:43 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: m0cnQ1kABQEYadt_zivtyeY8Uow9N1S8kDio2jooE9h7u1oh6u_ANg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 16:51:54 GMT
age: 57472
etag: "7c8363a01b498ae9299a9205d779499f00a477b4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8461
Md5:    7407173746b961cba0f774536bdc5406
Sha1:   7c8363a01b498ae9299a9205d779499f00a477b4
Sha256: 4dc901dfa6637f4e2205813f7b62938a6c1c45577bb1eff8b22bc2c391d54759
                                        
                                            GET /css?family=Montserrat%3A400%2C500%2C700%2C800%7CWork%2BSans%3A300%2C400%2C500%2C600%2C700%2C800%2C900%26display%3Dswap&subset=latin%2Clatin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Sep 2022 08:49:40 GMT
date: Mon, 12 Sep 2022 08:49:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/uploads/2022/09/09-7_0.jpg HTTP/1.1 
Host: kingoflotto.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.210.202
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 12 Sep 2022 08:49:41 GMT
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
vary: Accept,Accept-Encoding
last-modified: Fri, 09 Sep 2022 10:37:21 GMT
cache-control: max-age=10368000
expires: Sat, 07 Jan 2023 10:37:20 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdLgN0PEbci6jTs6nf8YZprGrglwGJ1sCmg%2BlI0UXiZ6FhqK79%2Fg56NJ3d3VsmB33%2BoKck2IhuP1T4LR6fckjXCKixc4tmIFzxi7OvYqsNbmti5VAYE4xiv4UjtqfGyj1pg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7497642828b3b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---