firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 07:51:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 298wYSbRLbx9vjkPsRDV9gEKdQ9xq1hPXBYiCVEWxXL6ngMaBrmOqg==
Age: 3489
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5542
Expires: Mon, 12 Sep 2022 10:21:59 GMT
Date: Mon, 12 Sep 2022 08:49:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wOWPa6dx77lOtdfSr74MARgrCU6l40qOphPy76M-tcMxcCOQLf2Dpg==
age: 5545
X-Firefox-Spdy: h2
semionlotto.com/
198.54.115.58301 Moved Permanently 707 B IP 198.54.115.58:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Mon, 12 Sep 2022 08:49:37 GMT
server: LiteSpeed
location: https://semionlotto.com/
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 08:49:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 12 Sep 2022 07:56:07 GMT
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 08:43:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NgetVuu7ipRJjmAJUt6gX5qMrpfk6iKT3DMiJNyoObRtsmKrfB5avw==
Age: 3211
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1e7b636a1831d33be42127f701b4297e
3f2d9f07995f5d3bbadc3e35316fe99a823b8b83
fd60b4b4a568117b6648d743cc3a2f486ac7871c282c4c274cd35c6ece7d3988
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:49:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 22:38:23 GMT
Expires: Thu, 15 Sep 2022 22:38:22 GMT
Etag: "3f2d9f07995f5d3bbadc3e35316fe99a823b8b83"
Cache-Control: max-age=308323,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749764164aec1c02-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3897
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:49:38 GMT
Last-Modified: Mon, 12 Sep 2022 07:44:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ptn4buofAuMeX/9yNzJThA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5ahCu74t4ueccpiK9RRfF85qjdM=
semionlotto.com/
198.54.115.58301 Moved Permanently 0 B IP 198.54.115.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
set-cookie: PHPSESSID=b2fa916781ee4cd4af042a60533f094a; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://www.semionlotto.com/
content-length: 0
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:49:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.semionlotto.com/wp-includes/css/dist/block-library/style.min.css
198.54.115.58200 OK 11 kB URL HTTP/2 www.semionlotto.com/wp-includes/css/dist/block-library/style.min.css
IP 198.54.115.58:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 16:52:19 GMT
etag: "15b64-62cda6c3-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/plugins/wp-auto-content/css/jquery.webui-popover.min.css
198.54.115.58200 OK 1.3 kB URL HTTP/2 www.semionlotto.com/wp-content/plugins/wp-auto-content/css/jquery.webui-popover.min.css
IP 198.54.115.58:0
File type ASCII text, with very long lines (6777), with no line terminators
Hash 64800fd2ec49e7574571d09c70b039ed
7f4042208218b23d4c82ba99c9e9dcaf152f9cb9
ab843aed52370809782b68b71eceb7f1ce5f40110ca1c092846e0472e1a293fc
GET /wp-content/plugins/wp-auto-content/css/jquery.webui-popover.min.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
content-type: text/css
last-modified: Wed, 11 Aug 2021 05:39:28 GMT
etag: "1a79-61136290-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1284
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19846
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 08:49:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19846
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 08:49:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19846
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 08:49:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19846
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 08:49:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19846
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 08:49:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f6d3098-68f1-4ed7-baff-aed0e0b792ed.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f6d3098-68f1-4ed7-baff-aed0e0b792ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da890c42b21daa080ec1bdd023800393
02807770b43d375393e1efef0ba432b664a05be0
c0795e0b7535a3f25564b52b2e70a7447baa79378c95153ceb51f8bd3620d89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f6d3098-68f1-4ed7-baff-aed0e0b792ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8658
x-amzn-requestid: 37529bed-8f0c-43dc-926b-32ef4a7adbac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkSfHkDIAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb40f-45988cf4677a87b521ac15b8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:45:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Gc_42daM_t1zgHPELLgKNn3Sk4lis4zmV7yBWRme4NRXOzf2qr2NSg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 22:17:41 GMT
age: 37919
etag: "02807770b43d375393e1efef0ba432b664a05be0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba8d12f-23ff-4cd1-837d-b0b922013960.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba8d12f-23ff-4cd1-837d-b0b922013960.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1854d4caadc989a97ef1fe048c97e16e
5cb1d1b24f8fd8ed9367952df70cead8912b8451
664eeeed30d4d3dc5793c8af69f8bda92d1ad7e4f35e339e4d1e694d5d904fa2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba8d12f-23ff-4cd1-837d-b0b922013960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10622
x-amzn-requestid: c7f857e3-7402-4d2e-8435-c8af6340aecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxLHCiIAMFqqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d4-5693b82c5a794bb10dbfdd45;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: lhGJrfCWUsU0GsQmh_7QumF8DQY1-R3lWEuFrWD8NL6b8J1jaT0Q0g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 22:16:55 GMT
etag: "5cb1d1b24f8fd8ed9367952df70cead8912b8451"
content-type: image/jpeg
age: 37965
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:49:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: ad06f499-3e04-414a-8a3f-6daa9e0124ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN1F2BIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-3a17f11440d2f37b23ac7f6a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iNRnq8nMhoTo9oY379Ynb6uPW0vNyf3dNufU_HpXNfzxvhrAEKEzJQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 14:06:07 GMT
age: 67413
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8c9e77-e1e7-4dac-8b40-0f1dc36c1c90.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8c9e77-e1e7-4dac-8b40-0f1dc36c1c90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8ac7af52a032c012cd38652bb90be99
f3179f2d233c0422b31d723aea47d26ca851d946
4020cd554d8c1bdf5432d359a2079451a6bc328bd2f51fbb738f6a1d52ca7f21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8c9e77-e1e7-4dac-8b40-0f1dc36c1c90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11309
x-amzn-requestid: 9c63b64e-0464-419a-9c9a-006107a7d79a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIx8HNaoAMFxkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d9-127311335960fcd84c8e8a01;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Air80GlBxX3Dew_9SfLnYGPG2dN3PHWSqP6GP38AfPm91qjNi5hxzg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:47 GMT
etag: "f3179f2d233c0422b31d723aea47d26ca851d946"
content-type: image/jpeg
age: 39233
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.semionlotto.com/
198.54.115.58200 OK 26 kB IP 198.54.115.58:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 95b4c2868813e78f86a322f513f25e05
d7873a73a5c12707c68ad523b2db174429e9f2df
a63bc40f613e82d2ff5087b1ff95386db956979315ce183ca5bdc1ad9a897f42
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Sep 2022 01:22:21 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca76593aa217eb69a58ed89610d9d59d
d09f2d5acd5945620a2a51d72411c3c464a5166e
7b31c12dad70a30defa8924061b635410d8b2a59e90819c8707ee6d0b5acc98e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7029
x-amzn-requestid: 188bfede-89d9-42f9-914b-13a330675370
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxLHkBIAMFrrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d4-44c167dd64d1756c0280a759;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qbhdBjUA4GNK7U8VQYUPDynJ58slL5aG1bZMDdXc8IKeg0KwZeqn2Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:55 GMT
age: 39225
etag: "d09f2d5acd5945620a2a51d72411c3c464a5166e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/plugins/wp-auto-content/css/wpautoc-front.css
198.54.115.58200 OK 9.8 kB URL HTTP/2 www.semionlotto.com/wp-content/plugins/wp-auto-content/css/wpautoc-front.css
IP 198.54.115.58:0
File type ASCII text, with very long lines (4353), with CRLF line terminators
Hash 810a8dcae65141844f731b9378f26dfa
d5dd1336e16c2cf79b04d7d5e9f221a579c250c4
eedd986ca71f23730d3bb1d21a3535ee6c5bf87916c49d5e25ff8a5243f26501
GET /wp-content/plugins/wp-auto-content/css/wpautoc-front.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
content-type: text/css
last-modified: Wed, 11 Aug 2021 05:39:28 GMT
etag: "89c6-61136290-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9838
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/css/bootstrap.css
198.54.115.58200 OK 23 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/css/bootstrap.css
IP 198.54.115.58:0
File type ASCII text, with very long lines (629)
Hash a83e1c1b4924d3e8d4194d8cc053f341
c3bbfa6a336314e011a034373c64a6eb46a4c743
90227b4c56905db7dc0ff85f78c859527d5d13c0aabc46bf03202aa72ae543e1
GET /wp-content/themes/newsup/css/bootstrap.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
content-type: text/css
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "301e7-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23264
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/news-hunt/style.css
198.54.115.58200 OK 1.8 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/news-hunt/style.css
IP 198.54.115.58:0
File type ASCII text, with very long lines (586), with CRLF line terminators
Hash 47b81babcddc25f57b54ba1acb2a9a92
eb86f3aeb4bad56d1038815ae0823d026790cc45
3cb1c0507287553a7dd6af2627940c9285e4adffb46e692dfab6a0665069e3b4
GET /wp-content/themes/news-hunt/style.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 08:27:36 GMT
etag: "1567-62f0c8f8-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1779
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/css/font-awesome/css/all.min.css
198.54.115.58200 OK 12 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/css/font-awesome/css/all.min.css
IP 198.54.115.58:0
File type ASCII text, with very long lines (56331)
Hash fedf62c9badc785b85542834d1caa9e9
5e7014488d4e774f94bbc20e6248a59c13f53132
da57962661d40cad55187229338c076e138483e298a480406f5c09136398c09e
GET /wp-content/themes/newsup/css/font-awesome/css/all.min.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 09:10:46 GMT
etag: "dcc5-61de9b16-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11796
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/css/font-awesome/css/v4-shims.min.css
198.54.115.58200 OK 3.9 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/css/font-awesome/css/v4-shims.min.css
IP 198.54.115.58:0
File type ASCII text, with very long lines (26440)
Hash 49241411582031da2e3d0428b4c9d717
ca21b128d50568ce3140d85d02ee6e11a3ca8f10
cb9bc4515fa609f027bca9c020048c9e46825ea1c42171491f9d1e9e72920122
GET /wp-content/themes/newsup/css/font-awesome/css/v4-shims.min.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 09:10:46 GMT
etag: "6802-61de9b16-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3949
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/css/owl.carousel.css
198.54.115.58200 OK 468 B URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/css/owl.carousel.css
IP 198.54.115.58:0
Hash e3aa866b8ad4c9f0daa4a9dec73cbc10
820601757d7725447c99cfc7d004f780ce8d292b
1bedb836f4582e6c8948bdfe5748088f19d8ce830aa3a8bc88dd2d4d2f3624ac
GET /wp-content/themes/newsup/css/owl.carousel.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
content-type: text/css
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "5c2-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 468
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/css/jquery.smartmenus.bootstrap.css
198.54.115.58200 OK 906 B URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/css/jquery.smartmenus.bootstrap.css
IP 198.54.115.58:0
Hash ee648e36377dc92981bab9d5bb64f5f3
7300392c971b15c57f71140a5b7f9a2e1aad8d2f
339de297f5c2e6cdec750c652a4086e7c92b14c656188d3bc880f1ff3d2b1d17
GET /wp-content/themes/newsup/css/jquery.smartmenus.bootstrap.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
content-type: text/css
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "caa-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 906
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css
198.54.115.58200 OK 431 B URL HTTP/2 www.semionlotto.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css
IP 198.54.115.58:0
File type ASCII text, with very long lines (3383), with no line terminators
Hash 0db0a5fadb39bee433eeb0885b607e5b
eeffa13c26d4facfe39847889ba45fdc18930890
f2286b67c001f9fc2c7e1c21cd007e52f95830741ce211c3ca1434388708bf4b
GET /wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:39 GMT
content-type: text/css
last-modified: Tue, 22 Feb 2022 02:25:05 GMT
etag: "d37-62144981-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 431
date: Mon, 12 Sep 2022 08:49:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/plugins/gp-premium/menu-plus/functions/css/sticky.min.css
198.54.115.58200 OK 421 B URL HTTP/2 www.semionlotto.com/wp-content/plugins/gp-premium/menu-plus/functions/css/sticky.min.css
IP 198.54.115.58:0
File type ASCII text, with very long lines (1869), with no line terminators
Hash 094daac9d5c5872501debef5c7b6dbf1
e6ba2c246835f0d6bf4a01dd366b853fefaf5eb4
1349f5db8b9ceedd8d15b7dc692cacb4fbb3ce578743e49ec745aa9fee8e6a86
GET /wp-content/plugins/gp-premium/menu-plus/functions/css/sticky.min.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: text/css
last-modified: Tue, 22 Feb 2022 02:25:05 GMT
etag: "74d-62144981-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 421
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css
198.54.115.58200 OK 583 B URL HTTP/2 www.semionlotto.com/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css
IP 198.54.115.58:0
File type ASCII text, with very long lines (2816), with no line terminators
Hash 2f627e8d193180dd36388e96c54e4103
fdebee94c0b838bff896f4f930ecf9b4af103de6
92bbf07abb87d4d7d923a6d253c0efdb9ba3275464f8f61a061c410d2c2128ef
GET /wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: text/css
last-modified: Tue, 22 Feb 2022 02:25:05 GMT
etag: "b00-62144981-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 583
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/style.css
198.54.115.58200 OK 12 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/style.css
IP 198.54.115.58:0
File type ASCII text, with very long lines (577), with CRLF line terminators
Hash 6782784b63fd3c76b436da2dea057d1f
e5fcb38edf19148729f63cb197ce09f6d7212e23
515d0f458cebc93634032ee98b4883754c6876c3c3cb5e415b5a9195a548d8f6
GET /wp-content/themes/newsup/style.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 07:29:52 GMT
etag: "1128b-631edff0-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12394
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/news-hunt/css/colors/default.css
198.54.115.58200 OK 4.5 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/news-hunt/css/colors/default.css
IP 198.54.115.58:0
File type ASCII text, with very long lines (1708), with CRLF line terminators
Hash 5399d9a89e90d86e4e49a7bdc38e4bd2
8660cc65b5a05d35471566d22ff8036eb346b996
9b961fd003e78c38d6bb6c7e1d64773c561a65ec319ae9fd32294ae435f6aaeb
GET /wp-content/themes/news-hunt/css/colors/default.css HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 07:11:32 GMT
etag: "6d4d-62ce7024-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4480
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-includes/js/jquery/jquery.min.js
198.54.115.58200 OK 30 kB URL HTTP/2 www.semionlotto.com/wp-includes/js/jquery/jquery.min.js
IP 198.54.115.58:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
etag: "15db1-60497454-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-includes/js/jquery/jquery-migrate.min.js
198.54.115.58200 OK 4.0 kB URL HTTP/2 www.semionlotto.com/wp-includes/js/jquery/jquery-migrate.min.js
IP 198.54.115.58:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
etag: "2bd8-5fb577a6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/plugins/wp-auto-content/js/jquery.webui-popover.min.js
198.54.115.58200 OK 5.2 kB URL HTTP/2 www.semionlotto.com/wp-content/plugins/wp-auto-content/js/jquery.webui-popover.min.js
IP 198.54.115.58:0
File type HTML document, ASCII text, with very long lines (17831)
Hash 488bc471a597e33c7c344d5a512a1842
637fd8249cbd77e461a3d4bbca6e9d1152a6b30d
6cd5399827d96f78c9c4a194d00a785044cc8c3a766c42467b6fddf7aa39e384
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-auto-content/js/jquery.webui-popover.min.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Aug 2021 05:39:28 GMT
etag: "46e9-61136290-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5238
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/plugins/wp-auto-content/js/shareIt.js
198.54.115.58200 OK 4.0 kB URL HTTP/2 www.semionlotto.com/wp-content/plugins/wp-auto-content/js/shareIt.js
IP 198.54.115.58:0
File type HTML document, ASCII text, with very long lines (454)
Hash 1ab976dec7566cf9320d2e98840827fd
706e16d22ca64741b70c03b9411782eaabbb5554
bf6b87f21f9412cb2446d10f5fd4bba2ebc27e34658dbabc0c3c872e30d8d110
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-auto-content/js/shareIt.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Aug 2021 05:39:28 GMT
etag: "46e1-61136290-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4021
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/plugins/wp-auto-content/js/jquery.modal.js
198.54.115.58200 OK 2.1 kB URL HTTP/2 www.semionlotto.com/wp-content/plugins/wp-auto-content/js/jquery.modal.js
IP 198.54.115.58:0
Hash 083ed093e8de7b958934539842777ed8
b03d8edf3f21104387e51fc79497c8e9c51bceb2
aad69b672a6faba9588ba5b5a45155162a38617b4bc3836594f28688df459501
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-auto-content/js/jquery.modal.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Aug 2021 05:39:28 GMT
etag: "1e83-61136290-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2089
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/plugins/wp-auto-content/js/wpautoc-front.js
198.54.115.58200 OK 615 B URL HTTP/2 www.semionlotto.com/wp-content/plugins/wp-auto-content/js/wpautoc-front.js
IP 198.54.115.58:0
File type ASCII text, with CRLF line terminators
Hash b8233223e38c909c4d538c3fa302d719
deda33f90e4b4d4c1097a73e3d1a3815ed027cfd
152632ebdf8a5195c5812c7a04546e37c185c57686e9f3da04c2cf36b0dbed69
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-auto-content/js/wpautoc-front.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Aug 2021 05:39:28 GMT
etag: "613-61136290-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 615
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/js/navigation.js
198.54.115.58200 OK 749 B URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/js/navigation.js
IP 198.54.115.58:0
Hash 63e94568f0849c87f9dfbdf5be5e64c5
b2e3ce4c460351a52a1f384f684662400b59ddfd
54d4ab298ba74f6a59c9622fe5087253322cf60f63d7a36b9807c6d0e6a561a7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newsup/js/navigation.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "8e9-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 749
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/js/owl.carousel.min.js
198.54.115.58200 OK 6.3 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/js/owl.carousel.min.js
IP 198.54.115.58:0
File type ASCII text, with very long lines (635)
Hash 18fa2df48fec38884bab8d83de7c677a
71dbc0a92dd5b7dcb3c4f1b2740fddcb20757d97
c4ff58768bceeb1b48a090d848272427c51d2772ab6661cf49f689162f6e16cc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newsup/js/owl.carousel.min.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "5d52-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6271
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/js/jquery.smartmenus.js
198.54.115.58200 OK 11 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/js/jquery.smartmenus.js
IP 198.54.115.58:0
Hash 6ea9c7c2166725f50c33474b4dbd9bd1
17413c337126555fb3ee2dd35b34ecaba84daeb7
72e2cfdc4f92a52f9e4e72035124c304a2ff1756f955184f6f4152114669061e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newsup/js/jquery.smartmenus.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "b16b-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11209
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/js/jquery.smartmenus.bootstrap.js
198.54.115.58200 OK 1.8 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/js/jquery.smartmenus.bootstrap.js
IP 198.54.115.58:0
Hash 4b3dba7de931cc47d016d2471940b006
2ddacbd8d3cafd913717e39de3314402572b6b43
eac0d22b254c3d6dc5544de9764d9436a18cca1ef4a45ec044721597d8e24bcb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newsup/js/jquery.smartmenus.bootstrap.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "16d4-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1826
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/js/jquery.marquee.js
198.54.115.58200 OK 4.4 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/js/jquery.marquee.js
IP 198.54.115.58:0
Hash 93fdc9776c013ac877480d8c0c3c066d
eb227d15dcfad035dba1250034e4d2bc4b2c908b
f28b4f4c0cb18968c1c261b8fe5991fd521160fa2f616eac7f37e63230d07907
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newsup/js/jquery.marquee.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "5bc8-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4378
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/js/main.js
198.54.115.58200 OK 211 B URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/js/main.js
IP 198.54.115.58:0
Hash ad261d8cd607670b9a1c1fad3f77ea01
8f662bbe94e5a1bf6aaba0914b6fabbc75aafd3c
93479f7acb044d007ac09c7e52d327b6cedd4955abb63ff211f639ce20093015
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newsup/js/main.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "25a-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 211
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-includes/js/wp-emoji-release.min.js
198.54.115.58200 OK 4.6 kB URL HTTP/2 www.semionlotto.com/wp-includes/js/wp-emoji-release.min.js
IP 198.54.115.58:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Wed, 22 Jun 2022 04:46:06 GMT
etag: "48b9-62b29e8e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/js/bootstrap.js
198.54.115.58200 OK 24 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/js/bootstrap.js
IP 198.54.115.58:0
File type ASCII text, with very long lines (328)
Hash d4f1a66a618800767db1fc66042b5646
2bd2b5302d55298778c4ba8ec3824206bb7796c8
6e34b40f5244d46f56fafb29921bc7ec237d418455ba4ac2b0c5c87934143da1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newsup/js/bootstrap.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "20f80-614846c2-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24196
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js
198.54.115.58200 OK 2.7 kB URL HTTP/2 www.semionlotto.com/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js
IP 198.54.115.58:0
File type ASCII text, with very long lines (8518), with no line terminators
Hash 7ff80f9892eedbde036df467933e243a
5d53c47816f5622ca4f1cd2e4aed8e824069a545
0b6bc7c77e47c898d9f33c6850502f0d504bb065bbd09f667bec303aae033980
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Tue, 22 Feb 2022 02:25:05 GMT
etag: "2146-62144981-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2665
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js
198.54.115.58200 OK 918 B URL HTTP/2 www.semionlotto.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js
IP 198.54.115.58:0
Hash ff98a2d5f2f2ad26eb5e4ac74aa9702b
83bf52f910c78babbe737914acc7e36a8b0f35df
9158326d8570a2ac4ecf0d34c7befd54bb857a0c139a3e19dd19bf894642ec89
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Sat, 10 Sep 2022 21:48:24 GMT
etag: "ef2-631d0628-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 918
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/js/custom.js
198.54.115.58200 OK 733 B URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/js/custom.js
IP 198.54.115.58:0
Hash 364f105ec30cf4bcd68993b124c4a201
a830a314753ec5fb1cae4bb4a9dcb141b927c224
377e1bb82ec4ff4be6756b41b1deaca8d9e3dc93a291022b43b2bf93bcebd781
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newsup/js/custom.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Mon, 07 Mar 2022 07:03:52 GMT
etag: "d31-6225ae58-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 733
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/js/custom-time.js
198.54.115.58200 OK 239 B URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/js/custom-time.js
IP 198.54.115.58:0
Hash de2e2f628f238ffaf3bc7cea25f78753
b76f72c2733571f98d63509acacc1fa368bbe71b
72f68a10209f34b666a39ca68fd2f326168c0d75d235540cfa3add58350d7c42
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newsup/js/custom-time.js HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: application/x-javascript
last-modified: Mon, 20 Sep 2021 08:30:58 GMT
etag: "ef-614846c2-0;;;"
accept-ranges: bytes
content-length: 239
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.ruay889.com/wp-content/uploads/2022/09/taytod.huayrudtaban.jpg
104.21.74.228200 OK 58 kB URL HTTP/2 www.ruay889.com/wp-content/uploads/2022/09/taytod.huayrudtaban.jpg
IP 104.21.74.228:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 900x450, components 3\012- data
Hash 184e966507146d07fd1638db05b30b7a
820eeebb18daa1e4c8db5d03fa4a4c26b6200627
bd28a1f61f8934d9521d290da136114edf3bf2bef38a5e5391398031c6b7461d
GET /wp-content/uploads/2022/09/taytod.huayrudtaban.jpg HTTP/1.1
Host: www.ruay889.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 08:49:41 GMT
content-type: image/jpeg
content-length: 58037
last-modified: Sat, 10 Sep 2022 09:32:33 GMT
cache-control: public, max-age=10368000
expires: Sun, 08 Jan 2023 09:33:15 GMT
vary: Accept-Encoding,Accept
cf-cache-status: HIT
age: 93514
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAy1PHxBfQ%2FM5RVJD2JTHxsaBTf9kq17swx4ft58YpCCuN%2FUfS3ZC7iR%2BN5CWF%2B%2FeDHaVX1TRhXMZYxEBoI1W6Tu%2BlYmzU88jae8EOnT7zpuabArXnodYLlZutR89tZFWmM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74976428281cb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freeelotto.com/storage/2022/09/09-5_0.jpg
104.21.51.134200 OK 83 kB URL HTTP/2 freeelotto.com/storage/2022/09/09-5_0.jpg
IP 104.21.51.134:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1024x500, components 3\012- data
Hash 819e2f035c67b07c76ac7916d8422b10
708070752fe329467bec1d35b04c248176f50afb
8e9f560c35a8b14f4b91df2673429cdebca712ca1159da2bc94a1c31c2c29e1a
GET /storage/2022/09/09-5_0.jpg HTTP/1.1
Host: freeelotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 08:49:41 GMT
content-type: image/jpeg
content-length: 82921
last-modified: Fri, 09 Sep 2022 10:34:01 GMT
cache-control: public, max-age=31536000
expires: Sat, 07 Jan 2023 10:56:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000
content-security-policy: object-src 'none'
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 93512
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn4pqlXCMqBBj8JEdXWYoV8FhISwgnFlikVCK8opE82g%2FIOC4M8zUlPilKpw4C%2FcaXdYTo6I3hH%2Fm5pcetGW55xqLpWMCKoOP%2FOp0KIz3C8zJ9ZE%2FAUvSMHjupw5HBYWXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749764288aff0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.semionlotto.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 16:40:18 GMT
expires: Fri, 08 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 317363
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.semionlotto.com/wp-content/themes/news-hunt/images/head-back.jpg
198.54.115.58200 OK 82 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/news-hunt/images/head-back.jpg
IP 198.54.115.58:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x854, components 3\012- data
Hash e88efe41c02eb6ee491fb3dbf1fc9307
d9b860c55c027cf74e2082b0800c3820ffdc363c
e25ba07dc05c19d8194746b8a22d5485b787c8d003ecea5c9e974d454b04c8cd
GET /wp-content/themes/news-hunt/images/head-back.jpg HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:41 GMT
content-type: image/jpeg
last-modified: Fri, 03 Jun 2022 17:03:20 GMT
etag: "13f98-629a3ed8-0;;;"
accept-ranges: bytes
content-length: 81816
date: Mon, 12 Sep 2022 08:49:41 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/themes/newsup/css/font-awesome/webfonts/fa-solid-900.woff2
198.54.115.58200 OK 75 kB URL HTTP/2 www.semionlotto.com/wp-content/themes/newsup/css/font-awesome/webfonts/fa-solid-900.woff2
IP 198.54.115.58:0
File type Web Open Font Format (Version 2), TrueType, length 75392, version 330.15728\012- data
Hash 60ce8cf4dd9fe177abdfeda21e20798e
d378644ff0f7549fa6f217a08dfd2566a770638e
e348d772480f8c0e5fa546b3c531a38700ae16b5dad5defb5e67ade7f6d332e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newsup/css/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.semionlotto.com/wp-content/themes/newsup/css/font-awesome/css/all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:41 GMT
content-type: application/font-woff2
last-modified: Wed, 12 Jan 2022 09:10:46 GMT
etag: "12680-61de9b16-0;;;"
accept-ranges: bytes
content-length: 75392
date: Mon, 12 Sep 2022 08:49:41 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
assets.pinterest.com/js/pinit.js
2.18.172.195200 OK 203 B URL HTTP/2 assets.pinterest.com/js/pinit.js
IP 2.18.172.195:0
File type ASCII text, with very long lines (361), with no line terminators
Hash 62d32c28f14783b94192cd8d35bc010d
78c1ba11e104bbd01a07225d0f8c41d7712094d4
e823b68f75484d37c74ebb652e2a5b183a1b65c43f1592985e519a8cabc44b2e
GET /js/pinit.js HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "62d32c28f14783b94192cd8d35bc010d"
content-encoding: br
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 203
cache-control: max-age=181
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/uploads/2022/06/%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%AB%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C-%E0%B9%80%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%E0%B9%84%E0%B8%94%E0%B9%89.jpg
198.54.115.58200 OK 471 B URL HTTP/2 www.semionlotto.com/wp-content/uploads/2022/06/%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%AB%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C-%E0%B9%80%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%E0%B9%84%E0%B8%94%E0%B9%89.jpg
IP 198.54.115.58:0
Hash 7d0638db85def1a70c776e0dca26e2c0
1c738feb0ef9f19b58a91bd1755d5d053b839d9e
42163eda874ff11e6cec5c737926990d42cfb120bd0432c03741cece24bb4bbb
GET /wp-content/uploads/2022/06/%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%AB%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C-%E0%B9%80%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%E0%B9%84%E0%B8%94%E0%B9%89.jpg HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:40 GMT
content-type: image/jpeg
last-modified: Wed, 22 Jun 2022 07:05:44 GMT
etag: "13518-62b2bf48-0;;;"
accept-ranges: bytes
content-length: 79128
date: Mon, 12 Sep 2022 08:49:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Mon, 12 Sep 2022 08:49:41 GMT
expires: Mon, 12 Sep 2022 08:49:41 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "45721ba9c974fc6e"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.semionlotto.com/wp-content/uploads/2022/06/%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%AB%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%80%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%E0%B9%84%E0%B8%94%E0%B9%89.png
198.54.115.58200 OK 45 kB URL HTTP/2 www.semionlotto.com/wp-content/uploads/2022/06/%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%AB%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%80%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%E0%B9%84%E0%B8%94%E0%B9%89.png
IP 198.54.115.58:0
File type PNG image data, 705 x 349, 8-bit colormap, non-interlaced\012- data
Hash 265bc436ffa294e571e1fb500e5d8c56
cb3c19780a1f47c639d3e5c0ec2576828aa968c6
46fb0d635c04700d0b11b00d394e5427aed03eff21a0368d9aea3aac1868a8ae
GET /wp-content/uploads/2022/06/%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%AB%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%80%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%E0%B9%84%E0%B8%94%E0%B9%89.png HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:41 GMT
content-type: image/png
last-modified: Wed, 22 Jun 2022 07:01:51 GMT
etag: "ae30-62b2be5f-0;;;"
accept-ranges: bytes
content-length: 44592
date: Mon, 12 Sep 2022 08:49:41 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/uploads/2022/06/cropped-lotto-192x192.jpg
198.54.115.58200 OK 5.6 kB URL HTTP/2 www.semionlotto.com/wp-content/uploads/2022/06/cropped-lotto-192x192.jpg
IP 198.54.115.58:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", baseline, precision 8, 192x192, components 3\012- data
Hash 1dbdfd2a510e5751e12f5a07f995be98
482b60aa7f9e5fedbc95bbc10828a24d475b5397
e4db990609efeeb7aabc85f7d26ec9b7e9241429852e128705ae3c10e7249a16
GET /wp-content/uploads/2022/06/cropped-lotto-192x192.jpg HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:41 GMT
content-type: image/jpeg
last-modified: Wed, 22 Jun 2022 04:49:14 GMT
etag: "15ee-62b29f4a-0;;;"
accept-ranges: bytes
content-length: 5614
date: Mon, 12 Sep 2022 08:49:41 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.semionlotto.com/wp-content/uploads/2022/06/cropped-lotto-32x32.jpg
198.54.115.58200 OK 705 B URL HTTP/2 www.semionlotto.com/wp-content/uploads/2022/06/cropped-lotto-32x32.jpg
IP 198.54.115.58:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", baseline, precision 8, 32x32, components 3\012- data
Hash b74375fa21697c0cf40daaed20244223
5fdc036bc86c93a40fc1f8723deeb364b544f57a
7f9c8f39c1f670f2fe2875bd503b67a0f9927be4c53fbdcee2ad9e6a49d0690b
GET /wp-content/uploads/2022/06/cropped-lotto-32x32.jpg HTTP/1.1
Host: www.semionlotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.semionlotto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 12 Sep 2023 08:49:41 GMT
content-type: image/jpeg
last-modified: Wed, 22 Jun 2022 04:49:14 GMT
etag: "2c1-62b29f4a-0;;;"
accept-ranges: bytes
content-length: 705
date: Mon, 12 Sep 2022 08:49:41 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
assets.pinterest.com/js/pinit_main.js?0.5815184627956257
2.18.172.195200 OK 19 kB URL HTTP/2 assets.pinterest.com/js/pinit_main.js?0.5815184627956257
IP 2.18.172.195:0
File type Unicode text, UTF-8 text, with very long lines (32016)
Hash 3725764cf05d1a0938de73d398772331
abdc742d760ca9c8f28c8d44ca9796d9ad6c0bc7
f8c41f2f59fc9e9d088bc9002eef583c3cf256b4cd371619b18107b4abd92812
GET /js/pinit_main.js?0.5815184627956257 HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 18679
cache-control: max-age=246
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
mugshuay.com/wp-content/uploads/2022/09/web.huayyiki.jpg
174.138.23.45200 OK 77 kB URL HTTP/2 mugshuay.com/wp-content/uploads/2022/09/web.huayyiki.jpg
IP 174.138.23.45:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 900x450, components 3\012- data
Hash c76014b4e9a4474673af553873217914
7d2df5375a5b8625fd156535b8ff0344f62274c7
675178dea39db697ca126de7702a1b4823928059cda52bd4fbffbd11b73d040b
GET /wp-content/uploads/2022/09/web.huayyiki.jpg HTTP/1.1
Host: mugshuay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 08:49:41 GMT
content-type: image/jpeg
content-length: 76737
vary: Accept-Encoding
last-modified: Sat, 10 Sep 2022 09:35:22 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Tue, 10 Jan 2023 08:49:41 GMT
X-Firefox-Spdy: h2
log.pinterest.com/?type=pidget&guid=ZPNMQAW14fRb&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.semionlotto.com%2F&viaSrc=canonical
151.101.84.84200 OK 0 B URL HTTP/2 log.pinterest.com/?type=pidget&guid=ZPNMQAW14fRb&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.semionlotto.com%2F&viaSrc=canonical
IP 151.101.84.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?type=pidget&guid=ZPNMQAW14fRb&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.semionlotto.com%2F&viaSrc=canonical HTTP/1.1
Host: log.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 2
server: envoy
x-pinterest-rid: 7155523713409738
accept-ranges: bytes
date: Mon, 12 Sep 2022 08:49:43 GMT
via: 1.1 varnish
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662972583.130004,VS0,VE104
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f86a13b-1b13-4298-8397-2a35d951a8f4.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f86a13b-1b13-4298-8397-2a35d951a8f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7407173746b961cba0f774536bdc5406
7c8363a01b498ae9299a9205d779499f00a477b4
4dc901dfa6637f4e2205813f7b62938a6c1c45577bb1eff8b22bc2c391d54759
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f86a13b-1b13-4298-8397-2a35d951a8f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8461
x-amzn-requestid: 8f7492c7-ae65-4dd5-8ee9-85a2e2fc80dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLVAaEt3oAMFcnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631acecf-2db2074c53de3db23380767b;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 05:27:43 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: m0cnQ1kABQEYadt_zivtyeY8Uow9N1S8kDio2jooE9h7u1oh6u_ANg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 16:51:54 GMT
age: 57472
etag: "7c8363a01b498ae9299a9205d779499f00a477b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C800%7CWork%2BSans%3A300%2C400%2C500%2C600%2C700%2C800%2C900%26display%3Dswap&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C800%7CWork%2BSans%3A300%2C400%2C500%2C600%2C700%2C800%2C900%26display%3Dswap&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Montserrat%3A400%2C500%2C700%2C800%7CWork%2BSans%3A300%2C400%2C500%2C600%2C700%2C800%2C900%26display%3Dswap&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Sep 2022 08:49:40 GMT
date: Mon, 12 Sep 2022 08:49:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kingoflotto.com/wp-content/uploads/2022/09/09-7_0.jpg
172.67.210.202200 OK 0 B URL HTTP/2 kingoflotto.com/wp-content/uploads/2022/09/09-7_0.jpg
IP 172.67.210.202:0
GET /wp-content/uploads/2022/09/09-7_0.jpg HTTP/1.1
Host: kingoflotto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.semionlotto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 08:49:41 GMT
content-type: image/webp
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
vary: Accept,Accept-Encoding
last-modified: Fri, 09 Sep 2022 10:37:21 GMT
cache-control: max-age=10368000
expires: Sat, 07 Jan 2023 10:37:20 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdLgN0PEbci6jTs6nf8YZprGrglwGJ1sCmg%2BlI0UXiZ6FhqK79%2Fg56NJ3d3VsmB33%2BoKck2IhuP1T4LR6fckjXCKixc4tmIFzxi7OvYqsNbmti5VAYE4xiv4UjtqfGyj1pg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7497642828b3b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2