r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2630
Expires: Fri, 09 Dec 2022 18:46:08 GMT
Date: Fri, 09 Dec 2022 18:02:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9040
Expires: Fri, 09 Dec 2022 20:32:58 GMT
Date: Fri, 09 Dec 2022 18:02:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 17:08:19 GMT
content-type: application/json
age: 3239
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7562
Expires: Fri, 09 Dec 2022 20:08:20 GMT
Date: Fri, 09 Dec 2022 18:02:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PuobmvIsSVX2YLrGajOKxazjurcpUohyv6OpzLfKlU9Cd5bYytRDM5L9InyqPMw5xso9FArod4I=
x-amz-request-id: BJ7V7F44WC2MQTDK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 17:50:21 GMT
age: 717
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
links.your.richdigestexpo.com/u/click?_t=57ceb59fe6544f2b9dc61277e58dc44d&_m=ad9584da5eed4084bde42f5f8bfa321d&_e=rVykLmf6t4-24u2qzzPSoouDe87aZ2e8C0OBILCwe_pOtJ1Oy2HQ5iJFhs0htK70BurB8XvEj6HaeGQ-ouBHV9cXv6xB0RZr_BxjlQDHbiuJgGb_Tkhzt6WUZIcvNgUxkIsHkgOc03bWCv0kbkoyA8ZcL5nNXv9d_a_4Ji2yQPKOuI28CNMco-4FV6L3a736lrm5wZ2s6SXS9e79nEBTKxZpciXZe5vX1CbWxLomRds=
143.204.55.6303 See Other 0 B URL HTTP/1.1 links.your.richdigestexpo.com/u/click?_t=57ceb59fe6544f2b9dc61277e58dc44d&_m=ad9584da5eed4084bde42f5f8bfa321d&_e=rVykLmf6t4-24u2qzzPSoouDe87aZ2e8C0OBILCwe_pOtJ1Oy2HQ5iJFhs0htK70BurB8XvEj6HaeGQ-ouBHV9cXv6xB0RZr_BxjlQDHbiuJgGb_Tkhzt6WUZIcvNgUxkIsHkgOc03bWCv0kbkoyA8ZcL5nNXv9d_a_4Ji2yQPKOuI28CNMco-4FV6L3a736lrm5wZ2s6SXS9e79nEBTKxZpciXZe5vX1CbWxLomRds=
IP 143.204.55.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /u/click?_t=57ceb59fe6544f2b9dc61277e58dc44d&_m=ad9584da5eed4084bde42f5f8bfa321d&_e=rVykLmf6t4-24u2qzzPSoouDe87aZ2e8C0OBILCwe_pOtJ1Oy2HQ5iJFhs0htK70BurB8XvEj6HaeGQ-ouBHV9cXv6xB0RZr_BxjlQDHbiuJgGb_Tkhzt6WUZIcvNgUxkIsHkgOc03bWCv0kbkoyA8ZcL5nNXv9d_a_4Ji2yQPKOuI28CNMco-4FV6L3a736lrm5wZ2s6SXS9e79nEBTKxZpciXZe5vX1CbWxLomRds= HTTP/1.1
Host: links.your.richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Content-Length: 0
Connection: keep-alive
Date: Fri, 09 Dec 2022 18:02:18 GMT
Vary: Origin
Location: https://richdigestexpo.com/suspicious-engagement/
Set-Cookie: iterableEndUserId=gstark%40saturnfreight.com; Max-Age=31536000; Expires=Sat, 09 Dec 2023 18:02:18 GMT; Path=/; Domain=.richdigestexpo.com
iterableEmailCampaignId=5714806; Max-Age=86400; Expires=Sat, 10 Dec 2022 18:02:18 GMT; Path=/; Domain=.richdigestexpo.com
iterableTemplateId=7711496; Max-Age=86400; Expires=Sat, 10 Dec 2022 18:02:18 GMT; Path=/; Domain=.richdigestexpo.com
iterableMessageId=ad9584da5eed4084bde42f5f8bfa321d; Max-Age=86400; Expires=Sat, 10 Dec 2022 18:02:18 GMT; Path=/; Domain=.richdigestexpo.com
XSRF-TOKEN=52cf7e1e8a09f677053a3a6d56c96164f4cd8994-1670608938241-1eefcc61db0fe1d64740150f; SameSite=Lax; Path=/
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: base-uri 'none'; worker-src 'self' blob:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub46dd5cf52153d917fc1d5e91ff3a600d&dd-evp-origin=content-security-policy&ddsource=csp-report; frame-ancestors 'self' https://links.iterable.com; script-src 'none'; object-src 'none'
X-Permitted-Cross-Domain-Policies: master-only
Server: iterable-links 6795
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: A8b7n8qRbDc5vIzQocgYM2INOivkciwosfRZR8m7OuJ0cGj-oCTanw==
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 18:02:18 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 17:07:55 GMT
age: 3263
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1796
Cache-Control: max-age=142473
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:02:18 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:36:51 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.35.167.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.167.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Bl2qMxFa+uov1PithIRBHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Uyf0X2QDMkUguXkfOwlTBLxN6to=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4598
Expires: Fri, 09 Dec 2022 19:18:58 GMT
Date: Fri, 09 Dec 2022 18:02:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4598
Expires: Fri, 09 Dec 2022 19:18:58 GMT
Date: Fri, 09 Dec 2022 18:02:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4598
Expires: Fri, 09 Dec 2022 19:18:58 GMT
Date: Fri, 09 Dec 2022 18:02:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4598
Expires: Fri, 09 Dec 2022 19:18:58 GMT
Date: Fri, 09 Dec 2022 18:02:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 72656
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:33:36 GMT
age: 19724
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 51834
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 38901
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 38945
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uoulSfEOLxBRCmwK55huNOYSqpyZMFiibwTjm-HqOf67vsf-3o5jtg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 13:33:54 GMT
age: 85181
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:02:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3.tradingview.com/external-embedding/embed-widget-tickers.js
54.230.111.34200 OK 11 kB URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-tickers.js
IP 54.230.111.34:0
File type ASCII text, with very long lines (3066)
Hash a50feb515542303408e17e868d92815d
3e37066778dc0edc30d5dd35d29489606b96ffe0
d8b23ed1d9b8e701f8800fea1c6107f8bd6a9396e5543309ed5fdb9508e378fe
GET /external-embedding/embed-widget-tickers.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 10752
date: Fri, 09 Dec 2022 10:19:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 09 Dec 2022 10:19:10 GMT
etag: "a50feb515542303408e17e868d92815d"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Aqvn-Z3_f6XdyMZB2eLmer2nfn5W1tXrpdlVfdOu4YQ30odSXZjVdQ==
age: 27785
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:02:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
richdigestexpo.com/wp-includes/css/classic-themes.min.css?ver=1
199.192.24.99200 OK 217 B URL HTTP/1.1 richdigestexpo.com/wp-includes/css/classic-themes.min.css?ver=1
IP 199.192.24.99:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:24 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 10:52:23 GMT
Accept-Ranges: bytes
Content-Length: 217
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
richdigestexpo.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
199.192.24.99200 OK 2.7 kB URL HTTP/1.1 richdigestexpo.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 199.192.24.99:0
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:24 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 22:15:04 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
richdigestexpo.com/wp-content/plugins/infinite-scroll-and-ajax-load-more/public/css/bliss-loadmore.css?ver=1.0.0
199.192.24.99200 OK 503 B URL HTTP/1.1 richdigestexpo.com/wp-content/plugins/infinite-scroll-and-ajax-load-more/public/css/bliss-loadmore.css?ver=1.0.0
IP 199.192.24.99:0
File type ASCII text, with CRLF line terminators
Hash b3c43b8d84bf18998437c2d3141677ac
d447a16c252d5a6c71b0018b8f60f26ee9a4df7a
55e9b8ba69d2deba32b245f1074db767231f3ff039c84fb7caf223c07b1420a9
GET /wp-content/plugins/infinite-scroll-and-ajax-load-more/public/css/bliss-loadmore.css?ver=1.0.0 HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:24 GMT
Server: Apache
Last-Modified: Sat, 08 Oct 2022 22:14:23 GMT
Accept-Ranges: bytes
Content-Length: 503
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
richdigestexpo.com/wp-content/themes/WallStreetExpos/style.css
199.192.24.99200 OK 56 kB URL HTTP/1.1 richdigestexpo.com/wp-content/themes/WallStreetExpos/style.css
IP 199.192.24.99:0
File type Unicode text, UTF-8 text, with very long lines (3500)
Hash 44e893d29976aba5b418f184f76fd001
9145c333154aeea84456389175886efcfade24d3
87236411e9ba399eb081f0cd5529df8bb0445be4f4da28923c613d7f78b48684
GET /wp-content/themes/WallStreetExpos/style.css HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:24 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 20:58:37 GMT
Accept-Ranges: bytes
Content-Length: 56034
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
richdigestexpo.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
199.192.24.99200 OK 95 kB URL HTTP/1.1 richdigestexpo.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 199.192.24.99:0
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:24 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 22:52:10 GMT
Accept-Ranges: bytes
Content-Length: 94889
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
richdigestexpo.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
199.192.24.99200 OK 11 kB URL HTTP/1.1 richdigestexpo.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 199.192.24.99:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:24 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 14:36:06 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
richdigestexpo.com/wp-content/plugins/widget-options/assets/css/widget-options.css
199.192.24.99200 OK 1.0 kB URL HTTP/1.1 richdigestexpo.com/wp-content/plugins/widget-options/assets/css/widget-options.css
IP 199.192.24.99:0
File type ASCII text, with very long lines (1045)
Hash 499c6ac5e063f83b2b763f52a51a9619
fa49212eb65861206da1a25c574e361ee6380566
d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73
GET /wp-content/plugins/widget-options/assets/css/widget-options.css HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:24 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 22:13:42 GMT
Accept-Ranges: bytes
Content-Length: 1046
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
use.typekit.net/duo6sun.css
23.33.119.19200 OK 1.2 kB URL HTTP/2 use.typekit.net/duo6sun.css
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 488289c71a2ae7727b02f6565bbe25a0
a26502ac2cd13353aebf560cd2c3bf8210cb90d1
799606462fcdc1f37a6924b01f74b7b4747d1709f761b77496da8ce153685368
GET /duo6sun.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 1226
date: Fri, 09 Dec 2022 18:02:24 GMT
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=duo6sun&ht=tk&f=30027.30028.30033.30034.30041.30042.30047.30048.30055.30056.30061.30062.30069.30070.30075.30076&a=82725206&app=typekit&e=css
95.101.11.112200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=duo6sun&ht=tk&f=30027.30028.30033.30034.30041.30042.30047.30048.30055.30056.30061.30062.30069.30070.30075.30076&a=82725206&app=typekit&e=css
IP 95.101.11.112:0
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=duo6sun&ht=tk&f=30027.30028.30033.30034.30041.30042.30047.30048.30055.30056.30061.30062.30069.30070.30075.30076&a=82725206&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
date: Fri, 09 Dec 2022 18:02:24 GMT
X-Firefox-Spdy: h2
richdigestexpo.com/wp-content/themes/WallStreetExpos/myloadmore.js?ver=6.1.1
199.192.24.99200 OK 1.1 kB URL HTTP/1.1 richdigestexpo.com/wp-content/themes/WallStreetExpos/myloadmore.js?ver=6.1.1
IP 199.192.24.99:0
Hash 887f98edd434839961c8b5a81d546c6c
44bb8a9935b49b885beea88c2422d771d2ebc353
efe10824155c57cb4827334165279a30ebd3b3e40db3bad31b21bc8e8fa485aa
GET /wp-content/themes/WallStreetExpos/myloadmore.js?ver=6.1.1 HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:24 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 20:45:38 GMT
Accept-Ranges: bytes
Content-Length: 1078
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
richdigestexpo.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
199.192.24.99200 OK 19 kB URL HTTP/1.1 richdigestexpo.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 199.192.24.99:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:25 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 11:26:24 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
richdigestexpo.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
199.192.24.99200 OK 90 kB URL HTTP/1.1 richdigestexpo.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 199.192.24.99:0
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:24 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 10:52:23 GMT
Accept-Ranges: bytes
Content-Length: 89684
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.typekit.net/af/0c0905/00000000000000003b9ae392/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.33.119.19200 OK 22 kB URL HTTP/2 use.typekit.net/af/0c0905/00000000000000003b9ae392/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 22444, version 1.0\012- data
Hash a5a5d3e4d614291fec4cb6d2e8b00271
e929931e6757d2db625544b9a6c879ea3262dbdc
5c6300badb97e570cff6e202663dff96642c48b511fc6a02f1f7812d4af1e504
GET /af/0c0905/00000000000000003b9ae392/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://richdigestexpo.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 22444
etag: "4223ba63432fa5551763e488061b94ad76ad75c2"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 09 Dec 2022 18:02:25 GMT
X-Firefox-Spdy: h2
richdigestexpo.com/wp-content/themes/WallStreetExpos/images/search-ico.svg
199.192.24.99200 OK 1.4 kB URL HTTP/1.1 richdigestexpo.com/wp-content/themes/WallStreetExpos/images/search-ico.svg
IP 199.192.24.99:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1311)
Hash 8aaa2aa92767e926478c637615d23a85
5fe60bed6903611ad242d96252f3d461843893c6
6f9c352bce2a669342c4da7f8496c9c17ae2a95cce810c51ad8bad8bd3a2f1f1
GET /wp-content/themes/WallStreetExpos/images/search-ico.svg HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:25 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 20:45:38 GMT
Accept-Ranges: bytes
Content-Length: 1415
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
richdigestexpo.com/wp-content/uploads/2022/09/Frame-1-12.png
199.192.24.99200 OK 27 kB URL HTTP/1.1 richdigestexpo.com/wp-content/uploads/2022/09/Frame-1-12.png
IP 199.192.24.99:0
File type PNG image data, 923 x 154, 8-bit/color RGBA, non-interlaced\012- data
Hash ef74e840d2e990fa06e973a20188a467
e40d85870c233e1c3a1cca8dc9119472a065b238
c45132dc09f14f7ee87aed9ae2e031da5ae742f1650c71c961716198e7dfbcaf
GET /wp-content/uploads/2022/09/Frame-1-12.png HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:25 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 15:14:27 GMT
Accept-Ranges: bytes
Content-Length: 26860
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
richdigestexpo.com/wp-content/themes/WallStreetExpos/images/tab-arrow.svg
199.192.24.99200 OK 1.4 kB URL HTTP/1.1 richdigestexpo.com/wp-content/themes/WallStreetExpos/images/tab-arrow.svg
IP 199.192.24.99:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1056)
Hash 11c6a227801728b26cea2b1ade1275bf
0dd751efe0444e643b751281dbe559907f08a5c7
c5a844ba72490ff1f736cc0be6e5f78a4404e43f46ad71aca3158f0b6077a379
GET /wp-content/themes/WallStreetExpos/images/tab-arrow.svg HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:25 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 20:45:38 GMT
Accept-Ranges: bytes
Content-Length: 1388
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/bitter/v32/rax8HiqOu8IVPmn7f4xp.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/bitter/v32/rax8HiqOu8IVPmn7f4xp.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30892, version 1.0\012- data
Hash c912960f49f3f9c15e37161e40937b44
5c27fb92ff5bd3996d00b565f259c484a2601a43
ee034a6cfa166960dac8b3faed99d2f0393468053f3e32d1c80c677d549f38a5
GET /s/bitter/v32/rax8HiqOu8IVPmn7f4xp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://richdigestexpo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:31:47 GMT
expires: Thu, 07 Dec 2023 20:31:47 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 17:46:21 GMT
content-type: font/woff2
age: 163838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash d2bf89a391396231904cb5335cb20776
661af595ba0be678d6e92df94e63b39ba3c0d520
37c687f43b49ea9b6c1a3982de6f0948edb9846ec863562b39f055d25766342c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148469
Date: Fri, 09 Dec 2022 18:02:25 GMT
Etag: "6393032b-1d7"
Expires: Sun, 11 Dec 2022 11:16:54 GMT
Last-Modified: Fri, 09 Dec 2022 09:43:07 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FdEo_lQLdsgMXhvV5qf7oyfn2KkBmkcC-0DvURK1R4OvnGi20qJ09w==
Age: 5627
static.tradingview.com/static/bundles/embed/88710.98ec53efb632e5e0b6f8.js
54.230.111.84200 OK 9.7 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/88710.98ec53efb632e5e0b6f8.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (3122)
Hash 2d756c490fdcf0a2ee8dda6120f8a38e
3fefe1ab55abc50c3e64c49ba6be83f90df7b5f1
70d680b21f32a3b90e63edea64d09c8a1cc107a5a4afda45b74098ea00ff9092
GET /static/bundles/embed/88710.98ec53efb632e5e0b6f8.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9715
date: Wed, 07 Dec 2022 10:13:06 GMT
last-modified: Wed, 07 Dec 2022 08:32:29 GMT
etag: "63904f9d-25f3"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -7g4k7ISlsFmFmJ1lJC9ztUAb8-R_QDq0AvUaIPek0miBv5p2ctxnw==
age: 200959
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/9103.464c1c80cc8ee0c618a6.js
54.230.111.84200 OK 6.7 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/9103.464c1c80cc8ee0c618a6.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (3072)
Hash 497a158e8adc7cbc4ab597c3a1a99020
a5507a73c29522b10f5ce87547fbaa1c971149b1
bd0dfa4e62527373e73d21d6dc3a061a056a8aad757bb47933b6319f0454dbda
GET /static/bundles/embed/9103.464c1c80cc8ee0c618a6.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 6679
date: Wed, 07 Dec 2022 10:13:06 GMT
last-modified: Wed, 07 Dec 2022 08:32:28 GMT
etag: "63904f9c-1a17"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 7qNZLfjNxRGOgdVjXVxLzV0OsNEqJOGMeT3l_3j-9DovlqhB81xaUQ==
age: 200959
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/51299.6d663fdb78883d5e12de.js
54.230.111.84200 OK 12 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/51299.6d663fdb78883d5e12de.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (16113)
Hash 108cd7f5bad74c43db4f4d17746ccd10
ba90735fc109cd47b41afec54dd15725ddbf4c99
d3c56b3a1df31c8e0c9a415a9cc0e87e64f7dd1e724092475ba3401b52912725
GET /static/bundles/embed/51299.6d663fdb78883d5e12de.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 11737
date: Thu, 08 Dec 2022 10:23:06 GMT
last-modified: Thu, 08 Dec 2022 08:21:49 GMT
etag: "63919e9d-2dd9"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dn9pjhT9JAm5iomulKvo5IiE7oBw5aYlTqQ92B9x7KA9cbZonAIhPg==
age: 113959
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/4572.8aa7dd1534208c6e6c09.js
54.230.111.84200 OK 10 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/4572.8aa7dd1534208c6e6c09.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (6062)
Hash 31ecf5d478caeffe29bfbcb5e9b1d00e
17cf025eadb10260ed6f4ba786a924f1e1f5cd77
23a12931713bf48b81b0ec4d4f9648f25825aefc06ff0cb2a6fb4b8161919231
GET /static/bundles/embed/4572.8aa7dd1534208c6e6c09.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 10339
date: Thu, 08 Dec 2022 10:23:06 GMT
last-modified: Thu, 08 Dec 2022 08:21:49 GMT
etag: "63919e9d-2863"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kEnrcydUqMCTTh9Osay1IkVmOprMfQbhImzG64_Oz0KdmXKOvTTpLA==
age: 113959
X-Firefox-Spdy: h2
static.tradingview.com/static/localization/translations/en.f465cb355ae10651.js
54.230.111.84200 OK 73 kB URL HTTP/2 static.tradingview.com/static/localization/translations/en.f465cb355ae10651.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (65460), with no line terminators
Hash 07438c738d34730c0594e1a52757e5e6
35cb5d9408586126ac3de1a3a8bc1571e614cc47
dda2f8ee9780b7c69c3bcf412c5c5f51d908bd1d4c8f4f2d0317235fc93cadf1
GET /static/localization/translations/en.f465cb355ae10651.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 72846
date: Fri, 09 Dec 2022 10:20:05 GMT
last-modified: Fri, 09 Dec 2022 08:41:49 GMT
etag: "6392f4cd-11c8e"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: XMt2w6zS0Q853DPSUECyXMQkvJiAMBxNxNLunBA9RFDlk8gjuQ3Neg==
age: 27740
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/47872.9dd8f946620cf60ed3f9.js
54.230.111.84200 OK 17 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/47872.9dd8f946620cf60ed3f9.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (3072)
Hash fb2fd6330a795a228944187055b3c656
83bea3c24731f1d229d943eff9295a4426a82188
f810d532b6d4946e09291b2bde88b3eadf9b30649cb8d9567c6a5f41561bb68c
GET /static/bundles/embed/47872.9dd8f946620cf60ed3f9.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 16962
date: Tue, 06 Dec 2022 10:36:07 GMT
last-modified: Tue, 06 Dec 2022 08:51:32 GMT
etag: "638f0294-4242"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IrmzuTqurNsKOuIjCgZJh8a795UhzgS2jhgQ8N20NT0Rk5WNyRZM5w==
age: 285978
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/63042.ca9918cbf462aff5b55b.css
54.230.111.84200 OK 611 B URL HTTP/2 static.tradingview.com/static/bundles/embed/63042.ca9918cbf462aff5b55b.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (1493), with no line terminators
Hash 4b94089150f9ef9d0f67bf6dddb76190
3bfc72d134825976ba0e774426e149b03626fb93
b2a4e1dc43e07817aa6162a1feb54258b86d2882dda682aecf28b264cc671670
GET /static/bundles/embed/63042.ca9918cbf462aff5b55b.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 611
date: Wed, 07 Dec 2022 10:13:06 GMT
last-modified: Wed, 07 Dec 2022 08:32:28 GMT
etag: "63904f9c-263"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2HNssDSakcaUEiFn_NLovT5hgWMh4TJiGIDpvNNS5nu4D0nNn8bgZw==
age: 200959
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/embed_tickers_widget.4e5009e02511a4843cc2.js
54.230.111.84200 OK 4.6 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/embed_tickers_widget.4e5009e02511a4843cc2.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3068)
Hash cc9298fee83aceb5ddb95120e1bc7b8b
ade959f7d01f1d0e5ba8add743e1ad7c5823f6c0
faf03c3d3e5f51ada990b94f58b81f43df0f7533cad4065dc4dbd70e9a667511
GET /static/bundles/embed/embed_tickers_widget.4e5009e02511a4843cc2.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4641
date: Wed, 07 Dec 2022 10:13:13 GMT
last-modified: Wed, 07 Dec 2022 08:32:28 GMT
etag: "63904f9c-1221"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VzBE10UsFlCDFV338olQzNJKm6VlI2a40QnUzNtIwJfYfd-fiDymeQ==
age: 200952
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/87461.4b64e5a2d12f19de98bf.js
54.230.111.84200 OK 5.6 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/87461.4b64e5a2d12f19de98bf.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3068)
Hash 218ca2eef1e15f00e0084b5b37d3ec55
450004b2f9e442fbfc4d75d962c56af956f045fc
6c39a4b1b8939eb8902929d92b510d4b3252847c65490e595cdd66cc39735c28
GET /static/bundles/embed/87461.4b64e5a2d12f19de98bf.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 5594
date: Wed, 07 Dec 2022 10:13:07 GMT
last-modified: Wed, 07 Dec 2022 08:32:28 GMT
etag: "63904f9c-15da"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: zELeJmlp_PekzCp7dDCXZLwtTM2KvFceoTLGOpfQ2Edyf86QaPimow==
age: 200958
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/99622.83330e98cd0f13f52e0f.css
54.230.111.84200 OK 1.3 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/99622.83330e98cd0f13f52e0f.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (9662), with no line terminators
Hash 1590890d2b95e5dd26b6619078fc3716
7f099065b77017303b41d575174d0506404c2422
0f2d89b30ed40c9645acec4a6708531eb2489aff5aca6f0639d92e6de208c97b
GET /static/bundles/embed/99622.83330e98cd0f13f52e0f.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1254
date: Wed, 07 Dec 2022 10:13:06 GMT
last-modified: Wed, 07 Dec 2022 08:32:27 GMT
etag: "63904f9b-4e6"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IEjMcH57ginL6BnVDnKYclPDFswNuMa7mY8Xod1Wyak5bp78Y1aC4g==
age: 200959
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/83620.2e21e39552e27b0c3f8d.css
54.230.111.84200 OK 358 B URL HTTP/2 static.tradingview.com/static/bundles/embed/83620.2e21e39552e27b0c3f8d.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (1933), with no line terminators
Hash a908545b4125f29f908a88efdb3beecc
1a6166078f7504bc2bfad7d9b38d94ff39308265
726885ea85bdff7e3968f6043c30585e6fb2d71e65e3b4f6a655a8c3a0e37f22
GET /static/bundles/embed/83620.2e21e39552e27b0c3f8d.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 358
date: Thu, 08 Dec 2022 10:23:07 GMT
last-modified: Thu, 08 Dec 2022 08:21:47 GMT
etag: "63919e9b-166"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Peg6z3vctROtWEVfsHTdptPzPqXxcmwyxD0y-_d8A1mQ7jVlL4xA6g==
age: 113958
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/43140.721cbfb1a5d6784e3109.css
54.230.111.84200 OK 482 B URL HTTP/2 static.tradingview.com/static/bundles/embed/43140.721cbfb1a5d6784e3109.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (2185), with no line terminators
Hash 58cbe331cf45c85a52eb02587adc9fef
13f08c64e54a3f211e26f97b80af35abd49b670b
53adcb676377768d48af24466b08fb38f141ede6a9e84b20d72ed3c209aaf647
GET /static/bundles/embed/43140.721cbfb1a5d6784e3109.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 482
date: Wed, 07 Dec 2022 10:13:06 GMT
last-modified: Wed, 07 Dec 2022 08:32:27 GMT
etag: "63904f9b-1e2"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: B-v4PfapwMuvi42UjRN40H13M7ki78Vs7VuDTUCV4Hhf0MN3-938gA==
age: 200959
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/81215.57ed1f0e14de0ce7dcbb.css
54.230.111.84200 OK 275 B URL HTTP/2 static.tradingview.com/static/bundles/embed/81215.57ed1f0e14de0ce7dcbb.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (868), with no line terminators
Hash baa8242f859530e38f8b32a9c0615593
c883ab6d475cbd4fea077661f25bbca065950a08
c7b10129b6beba6afdd65d4b6079e7952447d0a79c094ee6a850c7a583fb7406
GET /static/bundles/embed/81215.57ed1f0e14de0ce7dcbb.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 275
date: Wed, 07 Dec 2022 10:13:06 GMT
last-modified: Wed, 07 Dec 2022 08:32:29 GMT
etag: "63904f9d-113"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: mVp7mySWE5cbnO7CEdg6Watv7YFco1ZoYO75_L3pgYB9vwvXEXlxqg==
age: 200959
X-Firefox-Spdy: h2
richdigestexpo.com/wp-content/uploads/2022/10/man_uses_a_paper_fortune_teller_to_make_multiple_decisions-GceSeu.jpeg
199.192.24.99200 OK 147 kB URL HTTP/1.1 richdigestexpo.com/wp-content/uploads/2022/10/man_uses_a_paper_fortune_teller_to_make_multiple_decisions-GceSeu.jpeg
IP 199.192.24.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, description=Man uses a paper fortune teller to make multiple decisions for his own portfolio., manufacturer=NIKON CORPORATION, model=NIKON D750, orientation=upper-left, xresolution=257, yresolution=265, resolutionunit=2, software=ACDSee Pro 8, datetime=2018:04:10 14:16:55], baseline, precision 8, 605x340, components 3\012- data
Size 147 kB (147010 bytes)
Hash ff5ce3b0ddc9840b95e0ea4b2d6f127d
4ba5cc405ed387d50de6e427069a40a86c1bb535
f1d6038ea3ce30b433dc114b5f25c40f0b7bea24707235a86dd8f0136cd2bb97
GET /wp-content/uploads/2022/10/man_uses_a_paper_fortune_teller_to_make_multiple_decisions-GceSeu.jpeg HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:25 GMT
Server: Apache
Last-Modified: Mon, 10 Oct 2022 09:56:51 GMT
Accept-Ranges: bytes
Content-Length: 147010
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
static.tradingview.com/static/bundles/embed/58441.3ff50c27a31c85df6216.css
54.230.111.84200 OK 304 B URL HTTP/2 static.tradingview.com/static/bundles/embed/58441.3ff50c27a31c85df6216.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (1115), with no line terminators
Hash dde2c28513cb9781c8074fbea8e34c35
753bc67893aa9d9ab62b583721182f318ea0e64c
ae1ea3a1999ca0f368879bcc2d8e92d44400280b156a0d76e962a78583120b4c
GET /static/bundles/embed/58441.3ff50c27a31c85df6216.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 304
date: Thu, 08 Dec 2022 10:23:07 GMT
last-modified: Thu, 08 Dec 2022 08:21:48 GMT
etag: "63919e9c-130"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DnjAq5e7GWX0_WYtEIBO7Cweh-9UYgkAH8_DwcUCzVy-IBsy_v02Lw==
age: 113958
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/61537.30d503dc3d29d9930510.css
54.230.111.84200 OK 1.0 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/61537.30d503dc3d29d9930510.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (4310), with no line terminators
Hash 61dc8e3d38960d27d19070df457e524c
046071ceecfb745bbfcc08873d1c2876d3589ff5
09b286eb0b3aa5f289bbd8ffc41875fa5278780a77a6bdb214cce4898f5ba8e0
GET /static/bundles/embed/61537.30d503dc3d29d9930510.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1043
date: Wed, 07 Dec 2022 10:13:13 GMT
last-modified: Wed, 07 Dec 2022 08:32:28 GMT
etag: "63904f9c-413"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: x_bzDK3YmaMtvgG49rs8KEJl_po7zZ38kJ0InthHaxQR6bqDo5wYsQ==
age: 200952
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/878.c7183a76dc0599de9f42.css
54.230.111.84200 OK 566 B URL HTTP/2 static.tradingview.com/static/bundles/embed/878.c7183a76dc0599de9f42.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (3872), with no line terminators
Hash 6e6b52d09836b19a082054796f9fbadf
47f855654aca16bb3d22b0a261028c07bfbf3ac1
b66836dc4dcb259fd7f709598dc05417bc69fe1c7f6382e3be864e124f711186
GET /static/bundles/embed/878.c7183a76dc0599de9f42.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 566
date: Wed, 07 Dec 2022 10:13:06 GMT
last-modified: Wed, 07 Dec 2022 08:32:27 GMT
etag: "63904f9b-236"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: S3tfv5_PNVoiqQm87EyGQ2TklgcFjb2OgTl6DJfVsFQF8qkVNgz4Kg==
age: 200959
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/runtime.07a5cef4415cf13cad3a.js
54.230.111.84200 OK 24 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/runtime.07a5cef4415cf13cad3a.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (3071)
Hash 622d73d13558d780dce4b49df325661c
1385d3dfcfff3fd6c91fbe9f9d202bb18d357cd4
253bfb7fd22faf0ba33472f327ebd986a8b10a52d6e76dc77cb1468bdc8f7807
GET /static/bundles/embed/runtime.07a5cef4415cf13cad3a.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 24019
date: Fri, 09 Dec 2022 10:20:06 GMT
last-modified: Fri, 09 Dec 2022 08:42:15 GMT
etag: "6392f4e7-5dd3"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: AjgDpJRh9y8_IvIwkIzOt5yHxrZ7MgAx-COEru57uHbD1Bgg3xPXKg==
age: 27738
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/75932.8783ff424657296ab185.js
54.230.111.84200 OK 13 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/75932.8783ff424657296ab185.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3072)
Hash 434f1a51efa1b817036f13650da6636a
a1bf80f453be35d64e45b21016c4a774da81da46
574860e94b4e2a2a46015a6475030e54e112fa48668730d3175b0571697623b6
GET /static/bundles/embed/75932.8783ff424657296ab185.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 12673
date: Fri, 09 Dec 2022 10:20:07 GMT
last-modified: Fri, 09 Dec 2022 08:42:15 GMT
etag: "6392f4e7-3181"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UKfBF1YWx1AokVeV6s2KmJdDiY1UuSsusZLkAYT_QPxbahKzslfJOw==
age: 27738
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/23262.5f01af00dfde58d05a3a.js
54.230.111.84200 OK 6.2 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/23262.5f01af00dfde58d05a3a.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3070)
Hash 668e60e8504130efd707ea667de78152
067d99ee3ccbbe5d984bd9f20923229f2635950f
c3837ad29ac04670d9d045914518bf679161881e8687736c686bdd84fc14bfb4
GET /static/bundles/embed/23262.5f01af00dfde58d05a3a.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 6172
date: Mon, 07 Nov 2022 10:22:06 GMT
last-modified: Mon, 07 Nov 2022 08:37:35 GMT
etag: "6368c3cf-181c"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FEDt13pisFrCbXt1p0DbheNAu4G8t4hizkQqmhxKwYYq_FZyxq5uAA==
age: 2792419
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/53748.06fcdc5a1b850f86a915.js
54.230.111.84200 OK 5.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/53748.06fcdc5a1b850f86a915.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3071)
Hash 94c68ecc7ab87ef48519dfad4365ba43
00f71a35b49cde66976af169849eeae284c8c357
96049206a34c586f9268c258600048ea9b6c26cb308e863faa325167b0c91f0e
GET /static/bundles/embed/53748.06fcdc5a1b850f86a915.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 5057
date: Mon, 07 Nov 2022 10:22:06 GMT
last-modified: Mon, 07 Nov 2022 08:37:36 GMT
etag: "6368c3d0-13c1"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CMspkhkK3tW3I1hog92pMbaRdTNWLVsTIVQeLYm5RBBA59mYX1SvAg==
age: 2792419
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 726f8e11c39cc71358f132c317d7e115
aaec0109ac91beb88d0da9d59217ddad824ee39c
735176ff46828cf720e915e8f7de1bf4e94c61fd3cc5b9cae84d475cd142096c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116735
Date: Fri, 09 Dec 2022 18:02:25 GMT
Etag: "639288c7-1d7"
Expires: Sun, 11 Dec 2022 02:28:00 GMT
Last-Modified: Fri, 09 Dec 2022 01:00:55 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lynFU9WczNLnc43Gz6aoX7H0C_gIIXGyVlQ6NeZYnKOHmqsgVhXQqQ==
Age: 5225
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Ftickers%2F&date=2022_12_09-11_33&page-uri=richdigestexpo.com%2Fsuspicious-engagement%2F
93.123.102.195101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Ftickers%2F&date=2022_12_09-11_33&page-uri=richdigestexpo.com%2Fsuspicious-engagement%2F
IP 93.123.102.195:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Ftickers%2F&date=2022_12_09-11_33&page-uri=richdigestexpo.com%2Fsuspicious-engagement%2F HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p+2vwe9qWgfO/neYtzQiMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 09 Dec 2022 18:02:25 GMT
Connection: upgrade
sec-websocket-accept: +BNZCxLwZal2aDrpGLO55QLn0hA=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
richdigestexpo.com/wp-content/uploads/2022/10/social_security_card_with_currency_and_dice-1AzAs4.jpeg
199.192.24.99200 OK 200 kB URL HTTP/1.1 richdigestexpo.com/wp-content/uploads/2022/10/social_security_card_with_currency_and_dice-1AzAs4.jpeg
IP 199.192.24.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=13, description=Close-up of an old Social Security Card with US currency and dice., manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, xresolution=256, yresolution=264, resolutionunit=2, software=ACDSee Pro 8, datetime=2018:05:04 18:02:26], baseline, precision 8, 605x340, components 3\012- data
Size 200 kB (199992 bytes)
Hash a01cae6f68985a70f70d27afcb4d25bd
6daad330fc835ae5411fe210c1a69f732a83611e
27d61a76fb62c0e32eedbde111191853d2fd36ad045b88283df9138eeca89c8d
GET /wp-content/uploads/2022/10/social_security_card_with_currency_and_dice-1AzAs4.jpeg HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:25 GMT
Server: Apache
Last-Modified: Mon, 10 Oct 2022 09:56:50 GMT
Accept-Ranges: bytes
Content-Length: 199992
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
richdigestexpo.com/suspicious-engagement/
199.192.24.99404 Not Found 111 kB URL HTTP/1.1 richdigestexpo.com/suspicious-engagement/
IP 199.192.24.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Size 111 kB (111339 bytes)
Hash 5605cc7480f720e7ff643e81ee64e59e
b8292fdf1f56b16d2dd6bf94ee6fc5e936e5fac6
14e07baa84531dc2f78f642d36968334daca3ce4ee10aba8084090b415e0850e
Analyzer Verdict Alert fortinet Malware
GET /suspicious-engagement/ HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 18:02:18 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://richdigestexpo.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.googletagmanager.com/gtag/js?id=UA-96826332-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-96826332-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash e42d0c3c90ab8c6371fc4363ca93209f
ba907765c8837f1c49347ba75148dd143e51cca3
6aa1e216ba1fb1d0729d55825f6f94921a0ca98bf70f6d1583428c7471d2417a
GET /gtag/js?id=UA-96826332-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.tradingview.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 18:02:26 GMT
expires: Fri, 09 Dec 2022 18:02:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43596
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
richdigestexpo.com/wp-content/uploads/2022/10/woman_stressed_laptop_529422618-Xd5Maz.jpeg
199.192.24.99200 OK 92 kB URL HTTP/1.1 richdigestexpo.com/wp-content/uploads/2022/10/woman_stressed_laptop_529422618-Xd5Maz.jpeg
IP 199.192.24.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, PhotometricIntepretation=RGB, description=Shot of a young businesswoman using a laptop at work, manufacturer=NIKON CORPORATION, model=NIKON D800E, orientation=upper-left, xresolution=254, yresolution=262, resolutionunit=2, software=Pixelmator 3.6, datetime=2019:08:29 17:08:13], baseline, precision 8, 605x340, components 3\012- data
Hash fc28cbce7fc34efba346bec4007d8886
b4cebefc44dc1fc2636ff7f56c02925aec3bd8be
5f2eb6b2de17896efb18b193751246e808a8d2ab753ac9743467b88191280404
GET /wp-content/uploads/2022/10/woman_stressed_laptop_529422618-Xd5Maz.jpeg HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:25 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 03:07:49 GMT
Accept-Ranges: bytes
Content-Length: 91819
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.tradingview.com/static/bundles/embed/11520.415109541489380d12f6.css
54.230.111.84200 OK 219 B URL HTTP/2 static.tradingview.com/static/bundles/embed/11520.415109541489380d12f6.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (801), with no line terminators
Hash 97f7a20e8f5b5aab89e7323c3f952f93
0a86a43d70147185f1f356ac3061d461f498a0af
51e40ba29ca9c9b7f89f255331a616a93beb9fb033c029e058a6a45483c0209c
GET /static/bundles/embed/11520.415109541489380d12f6.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 219
date: Wed, 07 Dec 2022 10:13:08 GMT
last-modified: Wed, 07 Dec 2022 08:32:26 GMT
etag: "63904f9a-db"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: vdtt-IbMQ8XktqvLquRwotVRDx4zB1R0jTZFdhd4LwM453HluHDgCw==
age: 200958
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.bbd1a83b1115d3969205.js
54.230.111.84200 OK 2.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.bbd1a83b1115d3969205.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3332)
Hash 51eb00c80a4f65d9b0c385e610e5579e
53dae9eeeff884adb33b3b4cc784fe42be3e2235
2cc0a8aae499ad769413e27ec7dcc0432e2c53743d483a472b73efe4f9ebf20e
GET /static/bundles/embed/tradingview-copyright-data-impl.bbd1a83b1115d3969205.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2081
date: Fri, 09 Dec 2022 10:20:08 GMT
last-modified: Fri, 09 Dec 2022 08:42:14 GMT
etag: "6392f4e6-821"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fe9eDBVa7X7DKa0CzE65DekliFRUd4YMxDoljJYPUadljrpg75sVgQ==
age: 27738
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-mini-symbol-overview.js
54.230.111.34200 OK 11 kB URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-mini-symbol-overview.js
IP 54.230.111.34:0
File type ASCII text, with very long lines (3066)
Hash 7d286436c4d0245c274efe305ec13e70
446ecb5ac0b0d03228be88112304b38e873eb92a
be2d663b14c7c761e538ff0e07e791aabdec36eed9f734a984c3bfa2cea4ff9e
GET /external-embedding/embed-widget-mini-symbol-overview.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 10569
date: Fri, 09 Dec 2022 10:19:21 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 09 Dec 2022 10:19:14 GMT
etag: "7d286436c4d0245c274efe305ec13e70"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GVlVzMSLqfa-swqsu729peRaaToewweqHVjeA8tyu-LFtn5AIL-YoA==
age: 27786
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-market-overview.js
54.230.111.34200 OK 11 kB URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-market-overview.js
IP 54.230.111.34:0
File type ASCII text, with very long lines (3066)
Hash 9b3afd4e1d145a246c7262c583c58f2c
e91ec844e6d5bf23d84914fbefdad8c713b5ff93
8e894460a04867a734d9dc1cf2718ec915221e4a99d9d70abb7d61e83b4bc43d
GET /external-embedding/embed-widget-market-overview.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 11146
date: Fri, 09 Dec 2022 10:19:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 09 Dec 2022 10:19:10 GMT
etag: "9b3afd4e1d145a246c7262c583c58f2c"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fRm8TJcxH8YR8g0aSflIkABKIHPPbj47eQZQgtZ72JBxIH4Qd-1WLA==
age: 27788
X-Firefox-Spdy: h2
use.typekit.net/af/ab8655/00000000000000003b9ae398/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
23.33.119.19200 OK 22 kB URL HTTP/2 use.typekit.net/af/ab8655/00000000000000003b9ae398/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 22456, version 1.0\012- data
Hash 824f62f8a1a2c1abfebab066c288d3ae
56c31d68afb970295b3f5d2355fc2f3b3b67f822
204a3f8b70ccd8296cb74b0703785c7ba5e89e4b8137514d110186eca8ba6c27
GET /af/ab8655/00000000000000003b9ae398/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://richdigestexpo.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 22456
etag: "a67038b5714435c5ebb20e2eb01bb125f3575079"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 09 Dec 2022 18:02:26 GMT
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 18:02:26 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670608946.dop201.sk1.t,1670608946.cds240.sk1.hn,1670608946.cds217.sk1.c
X-Firefox-Spdy: h2
richdigestexpo.com/wp-content/themes/WallStreetExpos/js/main.js
199.192.24.99200 OK 51 kB URL HTTP/1.1 richdigestexpo.com/wp-content/themes/WallStreetExpos/js/main.js
IP 199.192.24.99:0
File type ASCII text, with very long lines (42862), with CRLF line terminators
Hash fac0b5e317c538e20e5548637efadd33
26c0ca6aa970b7f3fb012fd504521befa3879cfd
910a0d57c767ea56be9beba8f60822b99d4a90022ec69e90066a8c3a60df8853
GET /wp-content/themes/WallStreetExpos/js/main.js HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:26 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 20:45:38 GMT
Accept-Ranges: bytes
Content-Length: 51202
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 10 kB IP 142.250.74.131:0
File type gzip compressed data, from Unix\012- data
Hash afb600870867747089e289bd65947b12
7c9187f2a2f7826a62d223c6a3e662a689327326
f1d1c08b5a109c95d53c3be5152964c235b64ab7b31f392832f7ec87c7701bc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.tradingview.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 17:34:02 GMT
expires: Fri, 09 Dec 2022 19:34:02 GMT
cache-control: public, max-age=7200
age: 1704
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-overview%2F&date=2022_12_09-11_33&page-uri=richdigestexpo.com%2Fsuspicious-engagement%2F
93.123.102.195101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-overview%2F&date=2022_12_09-11_33&page-uri=richdigestexpo.com%2Fsuspicious-engagement%2F
IP 93.123.102.195:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmarket-overview%2F&date=2022_12_09-11_33&page-uri=richdigestexpo.com%2Fsuspicious-engagement%2F HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: W5r+DKjCGaFdIIqXV5BX1g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 09 Dec 2022 18:02:26 GMT
Connection: upgrade
sec-websocket-accept: ZTAegWN/fucbWcGh9uuGpU2x9+Q=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
143.204.55.35200 OK 777 B URL HTTP/2 s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (777), with no line terminators
Hash fe60c6206a39b7984b1ebb2b8234c5ab
ec9c1ff626f97b55d2196a86ccb44fce9bdadbd2
425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4
GET /indices/nasdaq-100.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 777
last-modified: Thu, 26 May 2022 07:17:23 GMT
x-amz-meta-hash: fe60c6206a39b7984b1ebb2b8234c5ab
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 17:48:45 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "fe60c6206a39b7984b1ebb2b8234c5ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cf0J-2nzme34gZbi7P7O5dUiOPkZetP_jXYeYFeWIuQv7HfltpwcEA==
age: 905
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/EU.svg
143.204.55.35200 OK 870 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/EU.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (870), with no line terminators
Hash e9173ef4613c3da43c45885ea39c4b96
218b28ec16584e3f2326b778d3cca1d5c6a682d1
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
GET /country/EU.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 870
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 18:01:17 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "e9173ef4613c3da43c45885ea39c4b96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: LhdgXwyE1qQNlobxZn2OjrFPGSi8laJs-tqxnWo_IA_YaTJuEiitNw==
age: 129
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
143.204.55.35200 OK 836 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (836), with no line terminators
Hash 22c56ff05dc453a69fdbae0b7a7eb06c
365ad565706e84de54dfbd24e00a0eb15367b860
9b9fe71606636a37b6f7fb74e8ea572130d0f61dbcd92fe3ae40e80425f56fb2
GET /crypto/XTVCETH.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 836
last-modified: Fri, 18 Nov 2022 08:44:55 GMT
x-amz-meta-hash: 22c56ff05dc453a69fdbae0b7a7eb06c
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 18:00:09 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "22c56ff05dc453a69fdbae0b7a7eb06c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kDEzmNwj4QBsE4YxGeD0-_xEnLugIeU9mZhWgEZr27KX1hTKeZH56A==
age: 166
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
143.204.55.35200 OK 801 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (801), with no line terminators
Hash 107060b925841745f310697bd9f1f83d
40a2e01da20c164a3c3f774a72f3feadf17cafa2
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
GET /crypto/XTVCBTC.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 801
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 17:37:41 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "107060b925841745f310697bd9f1f83d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 7YNrLkoArIgZbXabaEXHR0j40DgOiV3EJOKm1yh3ClISSWhzP6cmtQ==
age: 1485
X-Firefox-Spdy: h2
richdigestexpo.com/wp-content/themes/WallStreetExpos/images/favicon/android-icon-192x192.png
199.192.24.99200 OK 27 kB URL HTTP/1.1 richdigestexpo.com/wp-content/themes/WallStreetExpos/images/favicon/android-icon-192x192.png
IP 199.192.24.99:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 8afc910ff508786375bc2499005788ad
a617ac9c928d4d2e65cbab9e2cd63ba5fb821ba2
3aefe8b663cd8a9c480d23a878820a1de626bcdbf9f7aeac0bbd1b18f54f2f05
GET /wp-content/themes/WallStreetExpos/images/favicon/android-icon-192x192.png HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:26 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 20:45:38 GMT
Accept-Ranges: bytes
Content-Length: 26639
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
richdigestexpo.com/wp-content/themes/WallStreetExpos/images/favicon/favicon-16x16.png
199.192.24.99200 OK 1.4 kB URL HTTP/1.1 richdigestexpo.com/wp-content/themes/WallStreetExpos/images/favicon/favicon-16x16.png
IP 199.192.24.99:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 36a900bcfa00a6afe8e772df92985f98
5ea6ec7d1693d97351da8dbdf51a75802e0d7a25
e4e1e07c18f6c608b0a26aefe5fd42a441cce7e6772f5627b219f4af56c9bf99
GET /wp-content/themes/WallStreetExpos/images/favicon/favicon-16x16.png HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:26 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 20:45:38 GMT
Accept-Ranges: bytes
Content-Length: 1448
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
richdigestexpo.com/wp-content/uploads/2022/10/bitcoin_cryptocurrency_930264196-HsRCLG.jpeg
199.192.24.99200 OK 185 kB URL HTTP/1.1 richdigestexpo.com/wp-content/uploads/2022/10/bitcoin_cryptocurrency_930264196-HsRCLG.jpeg
IP 199.192.24.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, description=Montreal, Canada - 28 February 2018: Stacked cryptocurrency coins (Bitcoin, Ethereum, Litecoins), manufacturer=NIKON CORPORATION, model=NIKON Df, orientation=upper-left, xresolution=284, yresolution=292, resolutionunit=2, software=Pixelmator 3.6, datetime=2018:04:17 16:04:43], baseline, precision 8, 605x340, components 3\012- data
Size 185 kB (185322 bytes)
Hash a950fb5f51fcf7b577c2090fcef329bf
a47b0dcd80caa74c612c63b4504fa489b64f3967
19759bd4820267a546d72514374853cae4de7bf760eb22d9e364aa0b34b3f758
GET /wp-content/uploads/2022/10/bitcoin_cryptocurrency_930264196-HsRCLG.jpeg HTTP/1.1
Host: richdigestexpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/suspicious-engagement/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 18:02:25 GMT
Server: Apache
Last-Modified: Mon, 10 Oct 2022 09:56:52 GMT
Accept-Ranges: bytes
Content-Length: 185322
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash c050fff1d4911fdad6c5689378beb9c7
ba3a8ab0358b096986eecc34bf70d6f724ae37bd
0f460d61145c917ebecaaf3f5d8b268488e6bd376d144c20862c6e4b2e660b03
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95115
Date: Fri, 09 Dec 2022 18:02:26 GMT
Etag: "63923b6a-1d7"
Expires: Sat, 10 Dec 2022 20:27:41 GMT
Last-Modified: Thu, 08 Dec 2022 19:30:50 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: laH-9fyVSIMNX0z-QcMZdGQ0x8ipq2gzUpUQfWTl2aVtcAyPqnwcFw==
Age: 3411
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmini-symbol-overview%2F&date=2022_12_09-11_33&page-uri=richdigestexpo.com%2Fsuspicious-engagement%2F
93.123.102.195101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmini-symbol-overview%2F&date=2022_12_09-11_33&page-uri=richdigestexpo.com%2Fsuspicious-engagement%2F
IP 93.123.102.195:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmini-symbol-overview%2F&date=2022_12_09-11_33&page-uri=richdigestexpo.com%2Fsuspicious-engagement%2F HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BzXenG/RaeLuNrwSIT4F9g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 09 Dec 2022 18:02:27 GMT
Connection: upgrade
sec-websocket-accept: usux2qXKr97BcgD2KWsiQTY1QS0=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:46:15 GMT
age: 47772
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Bitter:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Bitter:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP 142.250.74.106:0
GET /css2?family=Bitter:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 18:02:24 GMT
date: Fri, 09 Dec 2022 18:02:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/tickers/?locale=en
54.230.111.30200 OK 0 B URL HTTP/2 s.tradingview.com/embed-widget/tickers/?locale=en
IP 54.230.111.30:0
GET /embed-widget/tickers/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://richdigestexpo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Fri, 09 Dec 2022 18:01:55 GMT
expires: Fri, 09 Dec 2022 18:03:55 GMT
cache-control: max-age=120
content-security-policy: script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-h4SZhFjL/5ZzOz5pOji+dw=='; base-uri 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: OVSvSeWPvpbqQ_IIp5j2jAS4wKeRKVoExRq2PyFpheh8PSdAQIi1Vg==
age: 30
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
143.204.55.35200 OK 0 B URL HTTP/2 s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
IP 143.204.55.35:0
GET /indices/s-and-p-500.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 26 May 2022 07:17:22 GMT
x-amz-meta-hash: f120e635d6a57528861fe87233bc6c11
server: AmazonS3
content-encoding: gzip
date: Fri, 09 Dec 2022 17:20:33 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"f120e635d6a57528861fe87233bc6c11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: u60KHvuj4FpSdNDCAdiW4T4df4IAixiMtnnMWDO8VDqo5qE_G4qWHQ==
age: 2520
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/US.svg
143.204.55.35200 OK 0 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/US.svg
IP 143.204.55.35:0
GET /country/US.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
server: AmazonS3
content-encoding: gzip
date: Fri, 09 Dec 2022 17:32:30 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: rfGDpBafXuDfW85eFz-0cpM0oCpcThmbrW8NuwbpW6bT9A8yUMjp5w==
age: 1815
X-Firefox-Spdy: h2