urlscan.io logo urlscan.io
SecurityTrails logo

jtingjewelrycandle.com.au Open in urlscan Pro
35.213.157.149  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Submission: On August 05 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 18 domains to perform 112 HTTP transactions. The main IP is 35.213.157.149, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is jtingjewelrycandle.com.au.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 10th 2020. Valid for: 3 months.
This is the only time jtingjewelrycandle.com.au was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Global Sources (E-commerce)

Domain & IP information

54    35.213.157.149 (Mountain View, United States)

ASN15169 (GOOGLE, US)
jtingjewelrycandle.com.au
1    34.252.23.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
analytics.analytics-egain.com
5    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f2.1e100.net
www.googleadservices.com
1    151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
5    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2600:9000:2057:be00:e:887:44c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.webtrends.com
3    3.121.51.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
statse.webtrendslive.com
23    91.235.132.146 (Netherlands)

ASN30286 (THM, US)
tmxapi.globalsources.com
3    91.235.132.130 (Netherlands)

ASN30286 (THM, US)
PTR: h.online-metrix.net
h.online-metrix.net
2    91.235.134.131 (Netherlands)

ASN30286 (THM, US)
5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqp0ca8d9e9f420a746am1.e.aa.online-metrix.net
5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqpa4b784297d595015am1.e.aa.online-metrix.net
Domain Requested by
54 jtingjewelrycandle.com.au jtingjewelrycandle.com.au
23 tmxapi.globalsources.com jtingjewelrycandle.com.au
tmxapi.globalsources.com
5 www.facebook.com jtingjewelrycandle.com.au
5 www.google.com 1 redirects jtingjewelrycandle.com.au
3 h.online-metrix.net jtingjewelrycandle.com.au
tmxapi.globalsources.com
3 statse.webtrendslive.com 1 redirects jtingjewelrycandle.com.au
3 www.google.de jtingjewelrycandle.com.au
2 googleads.g.doubleclick.net www.googleadservices.com
2 connect.facebook.net jtingjewelrycandle.com.au
connect.facebook.net
2 www.google-analytics.com jtingjewelrycandle.com.au
2 www.google.co.uk jtingjewelrycandle.com.au
1 5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqpa4b784297d595015am1.e.aa.online-metrix.net
1 5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqp0ca8d9e9f420a746am1.e.aa.online-metrix.net
1 s.webtrends.com jtingjewelrycandle.com.au
1 analytics.twitter.com static.ads-twitter.com
1 t.co jtingjewelrycandle.com.au
1 static.ads-twitter.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com jtingjewelrycandle.com.au
1 analytics.analytics-egain.com jtingjewelrycandle.com.au
112 21

This site contains links to these domains. Also see Links.

Domain
www.globalsources.com
mrw.so
Subject Issuer Validity Valid
jtingjewelrycandle.com.au
Let's Encrypt Authority X3		 2020-07-10 -
2020-10-08		 3 months crt.sh
*.analytics-egain.com
Go Daddy Secure Certificate Authority - G2		 2017-09-07 -
2020-09-07		 3 years crt.sh
www.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.google.co.uk
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
s.webtrends.com
Entrust Certification Authority - L1K		 2020-04-03 -
2022-07-02		 2 years crt.sh
statse.webtrendslive.com
Entrust Certification Authority - L1K		 2018-10-09 -
2020-10-09		 2 years crt.sh
tmxapi.globalsources.com
Thawte RSA CA 2018		 2020-04-01 -
2022-04-01		 2 years crt.sh
h.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2020-02-20 -
2021-02-19		 a year crt.sh
*.e.aa.online-metrix.net
Go Daddy Secure Certificate Authority - G2		 2019-09-13 -
2021-09-13		 2 years crt.sh

This page contains 21 frames:

Primary Page: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Frame ID: 178F711FC69CCB3A03D48F61ADADF602
Requests: 56 HTTP requests in this frame

Frame: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/egain-docked-chat.js
Frame ID: 68378AB038C877CF4EF3FCAC3EA5B8FD
Requests: 1 HTTP requests in this frame

Frame: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource.html
Frame ID: 473F931C5FAC8EA6AA9355622E36EFE8
Requests: 2 HTTP requests in this frame

Frame: https://analytics.analytics-egain.com/onetag/EG48975170
Frame ID: EFEB94219C87811186B543003F27E07D
Requests: 1 HTTP requests in this frame

Frame: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/EG48975170.html
Frame ID: C244456D64FE5CFE12476ED46FC1918E
Requests: 1 HTTP requests in this frame

Frame: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(2).html
Frame ID: C69021F2FAD92020BDBC2E00B26F6B4B
Requests: 1 HTTP requests in this frame

Frame: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/BLANK.html
Frame ID: 35390067ACDE43DD40216C1819379D06
Requests: 1 HTTP requests in this frame

Frame: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Frame ID: 779EF7F687391E4AE0B094459A549A62
Requests: 19 HTTP requests in this frame

Frame: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/HP.html
Frame ID: F90D76BE80662061A91E99F0047092BE
Requests: 4 HTTP requests in this frame

Frame: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/BLANK.html
Frame ID: 65D312C5A66649B1B32D3C58627BAEFC
Requests: 2 HTTP requests in this frame

Frame: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ls_fp.html
Frame ID: 73F351C858DCB456187BD1B88469C58C
Requests: 3 HTTP requests in this frame

Frame: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/sid_fp.html
Frame ID: 13EE82762E76922F597D0B97F4B5EC42
Requests: 3 HTTP requests in this frame

Frame: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/top_fp.html
Frame ID: DB023E3924CD8690DCD1CAEC8952F732
Requests: 1 HTTP requests in this frame

Frame: https://tmxapi.globalsources.com/fp/check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jb=313526246a736d753f4c696e777a2468736f3d4e6b6c77702e6873623d4368726d6f672730303a33
Frame ID: 1DDF8CFF079859D6A70975CE45531759
Requests: 10 HTTP requests in this frame

Frame: https://tmxapi.globalsources.com/fp/HP?session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&org_id=5uvbsw0f&nonce=0ca8d9e9f420a746&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 6BB940E705939831585535359E7CB1CA
Requests: 1 HTTP requests in this frame

Frame: https://tmxapi.globalsources.com/fp/ls_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746
Frame ID: E556B04513A795175C32CBAC13EC571F
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746
Frame ID: 2FAF539615FCA2E61C2A182D71C75BEC
Requests: 1 HTTP requests in this frame

Frame: https://tmxapi.globalsources.com/fp/top_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746
Frame ID: EBE09B709E5173E1181C9BA0F0D1FEB1
Requests: 1 HTTP requests in this frame

Frame: https://tmxapi.globalsources.com/fp/HP?session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&org_id=5uvbsw0f&nonce=a4b784297d595015&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 92D50DECA2DF2F457299FA4E80D460A4
Requests: 1 HTTP requests in this frame

Frame: https://tmxapi.globalsources.com/fp/ls_fp.html;CIS3SID=C63C30B512991598DB4457E989253EF9?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015
Frame ID: 0CEC4582D55BEFBFE08A2471E1A06B92
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C63C30B512991598DB4457E989253EF9?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015
Frame ID: 8300420B29AF1453D18B5DB16A505325
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

112
Requests

99 %
HTTPS

50 %
IPv6

18
Domains

21
Subdomains

20
IPs

5
Countries

1225 kB
Transfer

2640 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-179370-18&cid=498067916.1596630033&jid=283811288&gjid=748008040&_gid=2063295774.1596630033&_u=YGBAgEAB~&z=919198229 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-179370-18&cid=498067916.1596630033&jid=283811288&_v=j83&z=919198229 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-179370-18&cid=498067916.1596630033&jid=283811288&_v=j83&z=919198229&slf_rd=1&random=136553266
Request Chain 63
  • https://statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/dcs.gif?&dcsdat=1596630032823&dcssip=jtingjewelrycandle.com.au&dcsuri=/wordpress/wp-content/plugins/rafda/connect/html/index.html&WT.tz=2&WT.bh=14&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Global%2520Sources&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4.23&WT.dl=0&WT.ssl=1&WT.es=jtingjewelrycandle.com.au%252Fwordpress%252Fwp-content%252Fplugins%252Frafda%252Fconnect%252Fhtml%252Findex.html&WT.cg_n=Login&WT.new_visited_us=1596144521329414654&WT.ce=2&WT.vt_f_a=2&WT.vt_f=2 HTTP 303
  • https://statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1596630032823&dcssip=jtingjewelrycandle.com.au&dcsuri=/wordpress/wp-content/plugins/rafda/connect/html/index.html&WT.tz=2&WT.bh=14&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Global%2520Sources&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4.23&WT.dl=0&WT.ssl=1&WT.es=jtingjewelrycandle.com.au%252Fwordpress%252Fwp-content%252Fplugins%252Frafda%252Fconnect%252Fhtml%252Findex.html&WT.cg_n=Login&WT.new_visited_us=1596144521329414654&WT.ce=2&WT.vt_f_a=2&WT.vt_f=2

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
471839d32eab48a348e12109912c18c95d449dd754b7eacff47f99fb5f28678c

Request headers

:method
GET
:authority
jtingjewelrycandle.com.au
:scheme
https
:path
/wordpress/wp-content/plugins/rafda/connect/html/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Wed, 05 Aug 2020 12:20:30 GMT
content-type
text/html
last-modified
Sun, 02 Aug 2020 03:09:06 GMT
vary
Accept-Encoding
etag
W/"5f262e52-35cd"
expires
Mon, 01 Feb 2021 12:20:30 GMT
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info
DT:1
content-encoding
gzip
SSO.CSS
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		41 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/SSO.CSS
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
b40a66d8255f46b1c25e96910c1e64cf213cf651a891d2307ae28c186006474e

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:30 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
server
nginx
etag
W/"5f236348-a42b"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 05 Aug 2021 12:20:30 GMT
webtrends.hm.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/webtrends.hm.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
fe11671e8ca6d3b5659e5dae0924ecae80c99c0dd72478710eed0886e687f69d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:30 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
server
nginx
etag
W/"1cd6-5abb1b9a96200"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
f.txt
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/f.txt
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:15:20 GMT
server
nginx
etag
W/"5f236298-75ba"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/plain
status
200
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 01 Feb 2021 12:20:32 GMT
396613127629341
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		355 KB
356 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/396613127629341
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
8709c2c753624361c1ac493ff03b4ea59fc2be04ac9769e34f8d635efa47eefe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
last-modified
Fri, 31 Jul 2020 00:11:16 GMT
server
nginx
etag
"58dd6-5abb1a0a0b100"
x-proxy-cache-info
D NC:000000 UP:0
status
200
x-httpd
1
date
Wed, 05 Aug 2020 12:20:32 GMT
accept-ranges
bytes
content-length
363990
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
fbevents.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/fbevents.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
eecdf607f41793e61a58937f215d9b1192888fc67ba525b041b05f2b3ab9685f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:18:04 GMT
server
nginx
etag
W/"19d1b-5abb1b8f24700"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
uwt.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/uwt.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
server
nginx
etag
W/"141b-5abb1b9a96200"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
gtm.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/gtm.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
39e6f8ba9bae68f7c3873af6217a9d05be8b60a3d57280cf8f099903f202be20
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:18:04 GMT
server
nginx
etag
W/"21dfe-5abb1b8f24700"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
analytics.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		45 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/analytics.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:14:48 GMT
server
nginx
etag
W/"b386-5abb1ad438e00"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
webtrends.min.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/webtrends.min.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
bceccc4659416c72597c905dd9f17f9245ad9c0f1258147bfba31d9b29368f3d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:13:54 GMT
server
nginx
etag
W/"5e3b-5abb1aa0b9480"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
Offers.egain
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		146 B
396 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/Offers.egain
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
585fb8ad916f6d14fe7d1db97e0cd98563d2e4d09ed2f99a210a0b6d3255c8d3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
server
nginx
etag
"92-5abb1b9a96200"
x-proxy-cache-info
D NC:000000 UP:0
status
200
x-httpd
1
date
Wed, 05 Aug 2020 12:20:30 GMT
accept-ranges
bytes
content-length
146
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
egain-chat.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/egain-chat.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
0b612f32a5ea492a7975ed975b6470c279f280a04ac4de1d027afe1c1e5923bb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:30 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:17:24 GMT
server
nginx
etag
W/"884-5abb1b68fed00"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
jqueryandplugins.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		99 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/jqueryandplugins.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
5ee7561a3a5c0bcfd620ab6004ff7cab8ee16c800aada8a165c32cd104086cd5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:30 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
server
nginx
etag
W/"18b31-5abb1b9a96200"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
ssoscripts.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ssoscripts.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
3fde29f2f8731ef0a87aa88c87ef1e0f3900901402df6c8c4ce8cc39e4e9e0e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:30 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
server
nginx
etag
W/"9dde-5abb1b9a96200"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
egain_docked_chat.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/egain_docked_chat.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
48b29082ef6f23b131571a87ea690b627b3640daf2ec9e5a48a2a9a8d6efb643
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:30 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:17:20 GMT
server
nginx
etag
W/"636-5abb1b652e400"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
tags.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/tags.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
8dde1cba1634a77416076690270bc740af94bfbd82948fb7d94c1b68f2491495
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:30 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
server
nginx
etag
W/"c49e-5abb1b9a96200"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
rdvoqldvqhjbezvv999157.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/rdvoqldvqhjbezvv999157.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
content-encoding
gzip
x-proxy-cache-info
D NC:000000 UP:1
x-cache-enabled
True
status
404
host-header
192fc2e7e50945beb8231a492d6a8024
pragma
no-cache
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
x-httpd
1
cache-control
no-transform, no-cache, no-store, must-revalidate
content-security-policy
upgrade-insecure-requests
link
<https://jtingjewelrycandle.com.au/wp-json/>; rel="https://api.w.org/"
x-proxy-cache
MISS
expires
Wed, 11 Jan 1984 05:00:00 GMT
f(1).txt
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/f(1).txt
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
0bd62f8abe16d51f0088e5dc232f208dcfb0ff148d4e7bae349a3a325c12480e

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:30 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:15:12 GMT
server
nginx
etag
W/"5f236290-8eb"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/plain
status
200
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 01 Feb 2021 12:20:30 GMT
f(2).txt
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/f(2).txt
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
b57ba5c23e6914ee02d9424017333d7bda6f1a760d1e30fe1f1fc351ba13a8d8

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:30 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:15:14 GMT
server
nginx
etag
W/"5f236292-8eb"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/plain
status
200
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 01 Feb 2021 12:20:30 GMT
GSLOGO.PNG
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/GSLOGO.PNG
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
465c8b941a45a964b3c73162a3357083c03e807f2eb45a6e0cc03658f686ece6

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
last-modified
Fri, 31 Jul 2020 00:05:22 GMT
server
nginx
etag
"5f236042-ecc"
x-proxy-cache-info
DT:1
content-type
image/png
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
3788
expires
Thu, 05 Aug 2021 12:20:32 GMT
APPEDU_LOGO_APP.JPG
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/APPEDU_LOGO_APP.JPG
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
900774ab9d108ddeee13c38f67680d8b855588ab4b3c37949fa79f4b15c4e3a9

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
last-modified
Fri, 31 Jul 2020 00:02:16 GMT
server
nginx
etag
"5f235f88-10bc"
x-proxy-cache-info
DT:1
content-type
image/jpeg
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
4284
expires
Thu, 05 Aug 2021 12:20:32 GMT
APPEDU_LOGO_GOOGLE.JPG
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/APPEDU_LOGO_GOOGLE.JPG
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
b0501c9294231206d2aeb28e8bbd622910de7fc139e02756dc339cb9a68d017f

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
last-modified
Fri, 31 Jul 2020 00:02:20 GMT
server
nginx
etag
"5f235f8c-123b"
x-proxy-cache-info
DT:1
content-type
image/jpeg
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
4667
expires
Thu, 05 Aug 2021 12:20:32 GMT
GSLOGIN_PROMO_PIC.JPG
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/GSLOGIN_PROMO_PIC.JPG
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
a333d615df16eae983fc674e1e06c445d08bc440cb16eff950ec7570d98c3206

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
last-modified
Fri, 31 Jul 2020 00:05:10 GMT
server
nginx
etag
"5f236036-fc61"
x-proxy-cache-info
DT:1
content-type
image/jpeg
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
64609
expires
Thu, 05 Aug 2021 12:20:32 GMT
EGSOL_WEB_UI.JS.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/EGSOL_WEB_UI.JS.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
a554e28a9a7d158bcabe4664a618a2da7e783fb1f603a3e4b18d25b8a537298a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:17:24 GMT
server
nginx
etag
W/"4336-5abb1b68fed00"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
SSO.JS.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/SSO.JS.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
a00fdcb68e4088ed1c6b6f535c370c6162f3ef6319bb1e57a7092ff53d8abe2d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
server
nginx
etag
W/"40b4-5abb1b9a96200"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
BLANK.GIF
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/BLANK.GIF
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
last-modified
Fri, 31 Jul 2020 00:02:24 GMT
server
nginx
etag
"5f235f90-2b"
x-proxy-cache-info
DT:1
content-type
image/gif
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
43
expires
Thu, 05 Aug 2021 12:20:32 GMT
adsct
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ 		31 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/adsct
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
last-modified
Fri, 31 Jul 2020 00:11:22 GMT
server
nginx
etag
"1f-5abb1a0fc3e80"
x-proxy-cache-info
D NC:000000 UP:0
status
200
x-httpd
1
date
Wed, 05 Aug 2020 12:20:32 GMT
accept-ranges
bytes
content-length
31
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
egain-docked-chat.js
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 6837 		0
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/egain-docked-chat.js
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/egain-chat.js.download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-proxy-cache-info
W NC:000000 UP:0
content-type
text/html; charset=UTF-8
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
saved_resource.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 473F 		325 B
494 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource.html
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
a01572d9b2b5eca71ee08a2c6d8d68c04815f55979ff780d0ebfe16af5494972

Request headers

:method
GET
:authority
jtingjewelrycandle.com.au
:scheme
https
:path
/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html

Response headers

status
200
server
nginx
date
Wed, 05 Aug 2020 12:20:32 GMT
content-type
text/html
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
vary
Accept-Encoding
etag
W/"5f236348-145"
expires
Mon, 01 Feb 2021 12:20:32 GMT
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info
DT:1
content-encoding
gzip
EG48975170
analytics.analytics-egain.com/onetag/ Frame EFEB 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.analytics-egain.com/onetag/EG48975170
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/egain_docked_chat.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.23.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
www.google.com/pagead/1p-user-list/1072021429/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1072021429/?random=1596147973072&cv=9&fst=1596146400000&num=1&guid=ON&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7m1&sendb=1&frm=0&url=https%3A%2F%2Flogin.globalsources.com%2Fsso%2FGeneralManager%3Faction%3DLogin&ref=https%3A%2F%2Flogin.globalsources.com%2F&tiba=Global%20Sources&async=1&fmt=3&is_vtc=1&random=1026035452&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/1072021429/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/1072021429/?random=1596147973072&cv=9&fst=1596146400000&num=1&guid=ON&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7m1&sendb=1&frm=0&url=https%3A%2F%2Flogin.globalsources.com%2Fsso%2FGeneralManager%3Faction%3DLogin&ref=https%3A%2F%2Flogin.globalsources.com%2F&tiba=Global%20Sources&async=1&fmt=3&is_vtc=1&random=1026035452&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1027654176/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1027654176/?random=1596147973075&cv=9&fst=1596146400000&num=1&guid=ON&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7m1&sendb=1&frm=0&url=https%3A%2F%2Flogin.globalsources.com%2Fsso%2FGeneralManager%3Faction%3DLogin&ref=https%3A%2F%2Flogin.globalsources.com%2F&tiba=Global%20Sources&async=1&fmt=3&is_vtc=1&random=4203340671&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/1027654176/ 		42 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/1027654176/?random=1596147973075&cv=9&fst=1596146400000&num=1&guid=ON&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7m1&sendb=1&frm=0&url=https%3A%2F%2Flogin.globalsources.com%2Fsso%2FGeneralManager%3Faction%3DLogin&ref=https%3A%2F%2Flogin.globalsources.com%2F&tiba=Global%20Sources&async=1&fmt=3&is_vtc=1&random=4203340671&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EG48975170
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 473F 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/EG48975170
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
8790d1820562042c336180587d2678d78fe1657ceb7bc1b212cd68e69d0b208f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
last-modified
Fri, 31 Jul 2020 00:13:02 GMT
server
nginx
etag
"4136-5abb1a6f21f80"
x-proxy-cache-info
D NC:000000 UP:0
status
200
x-httpd
1
date
Wed, 05 Aug 2020 12:20:32 GMT
accept-ranges
bytes
content-length
16694
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
EG48975170.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame C244 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/EG48975170.html
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2e04229707efbc3fff8ce2064c61d26b56703fcf36942391a1f0decd4dffde4d

Request headers

:method
GET
:authority
jtingjewelrycandle.com.au
:scheme
https
:path
/wordpress/wp-content/plugins/rafda/connect/html/images/EG48975170.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource.html

Response headers

status
200
server
nginx
date
Wed, 05 Aug 2020 12:20:32 GMT
content-type
text/html
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
vary
Accept-Encoding
etag
W/"5f236348-110e"
expires
Mon, 01 Feb 2021 12:20:32 GMT
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info
DT:1
content-encoding
gzip
saved_resource(2).html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame C690 		149 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(2).html
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Request headers

:method
GET
:authority
jtingjewelrycandle.com.au
:scheme
https
:path
/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(2).html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html

Response headers

status
200
server
nginx
date
Wed, 05 Aug 2020 12:20:33 GMT
content-type
text/html
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
vary
Accept-Encoding
etag
W/"5f236348-95"
expires
Mon, 01 Feb 2021 12:20:33 GMT
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info
DT:1
content-encoding
gzip
webtrends.min.js
jtingjewelrycandle.com.au/sso/gsol/pex/en/balat/includes/ 		0
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/sso/gsol/pex/en/balat/includes/webtrends.min.js
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-proxy-cache-info
W NC:000000 UP:0
content-type
text/html; charset=UTF-8
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6411
date
Wed, 05 Aug 2020 10:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Wed, 05 Aug 2020 12:33:41 GMT
gtm.js
www.googletagmanager.com/ 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
91cb51e36f0dd33cc8fe3e33e94872e0a6877f965df985063dbd943064d2e1ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43776
x-xss-protection
0
last-modified
Wed, 05 Aug 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Aug 2020 12:20:32 GMT
BLANK.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 3539 		0
0
fbevents.js
connect.facebook.net/en_US/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34220
x-xss-protection
0
pragma
public
x-fb-debug
IfrHGhrcvBOH77YZ4x3Je1sGuz93wATs/kTCunn0ONbpmEiGMO8aBd9Db/mgoIOTBj4dHcFTNxTu4FyzRg6ygw==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 05 Aug 2020 12:20:32 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
saved_resource(3).html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
ee1df90c154ea68748d42e82ed37c3fac436b5f53cdea6604a3a272c6f9173b9

Request headers

:method
GET
:authority
jtingjewelrycandle.com.au
:scheme
https
:path
/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html

Response headers

status
200
server
nginx
date
Wed, 05 Aug 2020 12:20:33 GMT
content-type
text/html
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
vary
Accept-Encoding
etag
W/"5f236348-98b"
expires
Mon, 01 Feb 2021 12:20:33 GMT
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info
DT:1
content-encoding
gzip
HP.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame F90D 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/HP.html
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
91ce58de09b1d71b9848ddab21e19c29584c5998b783af335bc3b997d2ac8514

Request headers

:method
GET
:authority
jtingjewelrycandle.com.au
:scheme
https
:path
/wordpress/wp-content/plugins/rafda/connect/html/images/HP.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html

Response headers

status
200
server
nginx
date
Wed, 05 Aug 2020 12:20:33 GMT
content-type
text/html
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
vary
Accept-Encoding
etag
W/"5f236348-5793"
expires
Mon, 01 Feb 2021 12:20:33 GMT
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info
DT:1
content-encoding
gzip
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=141148382&t=pageview&_s=1&dl=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html&ul=en-us&de=UTF-8&dt=Global%20Sources&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=283811288&gjid=748008040&cid=498067916.1596630033&tid=UA-179370-18&_gid=2063295774.1596630033&cg1=LOGIN_FORM&z=82421647
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jul 2020 22:56:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
653063
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-179370-18&cid=498067916.1596630033&jid=283811288&gjid=748008040&_gid=2063295774.1596630033&_u=YGBAgEAB~&z=919198229
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-179370-18&cid=498067916.1596630033&jid=283811288&_v=j83&z=919198229
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-179370-18&cid=498067916.1596630033&jid=283811288&_v=j83&z=919198229&slf_rd=1&random=136553266
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-179370-18&cid=498067916.1596630033&jid=283811288&_v=j83&z=919198229&slf_rd=1&random=136553266
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:32 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-179370-18&cid=498067916.1596630033&jid=283811288&_v=j83&z=919198229&slf_rd=1&random=136553266
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
396613127629341
connect.facebook.net/signals/config/ 		522 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/396613127629341?v=2.9.22&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2e4610ed3a8d3aff55b90b4e0633844b6fbd0c8b3d22202e0ce1495dce309d2a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
134683
x-xss-protection
0
pragma
public
x-fb-debug
/inwZ25p/LMxMFFN3BEpNEjZWp9tz6Iu9r1GKMdWaHYw5wUBiZ+dlUz+DNDKK4sDO4Rzs0gILYRzb6mWvXI2HQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 05 Aug 2020 12:20:32 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
cafe /
Resource Hash
6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11328
x-xss-protection
0
server
cafe
etag
4229961699705442162
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 05 Aug 2020 12:20:32 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
age
53311
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-hhn4022-HHN
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1596630033.617559,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
/
www.facebook.com/tr/ 		44 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=396613127629341&ev=PageView&dl=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html&rl=&if=false&ts=1596630032593&sw=1600&sh=1200&v=2.9.22&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1596630032592.811705113&it=1596630032533&coo=false&rqm=GET
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 05 Aug 2020 12:20:32 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=396613127629341&ev=Subscribe&dl=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html&rl=&if=false&ts=1596630032595&cd[subscription_id]=NLI&sw=1600&sh=1200&v=2.9.22&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1596630032592.811705113&it=1596630032533&coo=false&rqm=GET
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 05 Aug 2020 12:20:32 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=396613127629341&ev=Subscribe&dl=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html&rl=&if=false&ts=1596630032596&cd[subscription_id]=NLI&sw=1600&sh=1200&v=2.9.22&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.2.1596630032592.811705113&it=1596630032533&coo=false&rqm=GET
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 05 Aug 2020 12:20:32 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=396613127629341&ev=iClickDynRMKT&dl=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html&rl=&if=false&ts=1596630032597&sw=1600&sh=1200&v=2.9.22&r=stable&a=tmgoogletagmanager&ec=3&o=30&fbp=fb.2.1596630032592.811705113&it=1596630032533&coo=false&rqm=GET
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 05 Aug 2020 12:20:32 GMT
adsct
t.co/i/ 		43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nux8z&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
118
pragma
no-cache
last-modified
Wed, 05 Aug 2020 12:20:32 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
58753b028ab26bfd9cf22b42a1b3b8d6
x-transaction
0074faa7009446e3
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1027654176/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1027654176/?random=1596630032645&cv=9&fst=1596630032645&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7v1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html&tiba=Global%20Sources&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8fc083890e2c53a990a3227205d25c0722069eef6d169553eda84c4809068598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1043
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072021429/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072021429/?random=1596630032648&cv=9&fst=1596630032648&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7v1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html&tiba=Global%20Sources&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d2f62d70760ffca0f2bf4c1fb0d2708c121a0ae754c1ec9172724969af27195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1042
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1072021429/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1072021429/?random=1596630032648&cv=9&fst=1596628800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7v1&sendb=1&frm=0&url=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html&tiba=Global%20Sources&async=1&fmt=3&is_vtc=1&random=1744048779&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1072021429/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1072021429/?random=1596630032648&cv=9&fst=1596628800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7v1&sendb=1&frm=0&url=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html&tiba=Global%20Sources&async=1&fmt=3&is_vtc=1&random=1744048779&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1027654176/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1027654176/?random=1596630032645&cv=9&fst=1596628800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7v1&sendb=1&frm=0&url=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html&tiba=Global%20Sources&async=1&fmt=3&is_vtc=1&random=2961444541&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1027654176/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1027654176/?random=1596630032645&cv=9&fst=1596628800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7v1&sendb=1&frm=0&url=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html&tiba=Global%20Sources&async=1&fmt=3&is_vtc=1&random=2961444541&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nux8z&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Wed, 05 Aug 2020 12:20:32 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
97b8752d5bc515a4d8a6f5a6fe19527e
x-transaction
0036d3bb005e11df
expires
Tue, 31 Mar 1981 05:00:00 GMT
BLANK.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 65D3 		388 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/BLANK.html
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/jqueryandplugins.js.download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
1c40640a7a51074c7d716d57f30f45f44bcf20eaee8bd83adbae4ed44b5b160e

Request headers

:method
GET
:authority
jtingjewelrycandle.com.au
:scheme
https
:path
/wordpress/wp-content/plugins/rafda/connect/html/images/BLANK.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
hc3_session=a%3A3%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%220fc4ecd5c4a6de227036983dbc4544c9%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1596630032%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D1f5d609c753a590d85d6e4a9a16a3280; _ga=GA1.3.498067916.1596630033; _gid=GA1.3.2063295774.1596630033; _gat=1; _gcl_au=1.1.103252798.1596630033; _fbp=fb.2.1596630032592.811705113; cxssh_status=off; PHPSESSID=b22484d8df90f2b472d3d23f43333ed0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html

Response headers

status
200
server
nginx
date
Wed, 05 Aug 2020 12:20:33 GMT
content-type
text/html
last-modified
Fri, 31 Jul 2020 00:02:28 GMT
vary
Accept-Encoding
etag
W/"5f235f94-184"
expires
Mon, 01 Feb 2021 12:20:33 GMT
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info
DT:1
content-encoding
gzip
webtrends.hm.js
s.webtrends.com/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.webtrends.com/js/webtrends.hm.js
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/webtrends.min.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:be00:e:887:44c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe11671e8ca6d3b5659e5dae0924ecae80c99c0dd72478710eed0886e687f69d

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
last-modified
Tue, 25 Feb 2020 23:34:02 GMT
server
AmazonS3
age
491547
etag
"b2ea8b95abb8ab706e7a0cfa9685cd10"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
date
Thu, 30 Jul 2020 19:48:06 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
7382
x-amz-cf-id
8BNQ7MG1Fz520eqDDrq0rSTn7yN4pGIrKvCfVaDN89cOJxWVm9AGsg==
wtid.js
statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/ 		201 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/webtrends.min.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.51.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
32c858e9a3683cedb3aafc488599ef7088637855d40c1686d0a26d885857c044

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Wed, 05 Aug 2020 12:20:32 GMT
cache-control
no-cache
content-type
application/x-javascript
content-length
201
expires
-1
dcs.gif
statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/
Redirect Chain
  • https://statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/dcs.gif?&dcsdat=1596630032823&dcssip=jtingjewelrycandle.com.au&dcsuri=/wordpress/wp-content/plugins/rafda/connect/html/index.html&WT....
  • https://statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1596630032823&dcssip=jtingjewelrycandle.com.au&dcsuri=/wordpress/wp-content/plugins/...
67 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1596630032823&dcssip=jtingjewelrycandle.com.au&dcsuri=/wordpress/wp-content/plugins/rafda/connect/html/index.html&WT.tz=2&WT.bh=14&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Global%2520Sources&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4.23&WT.dl=0&WT.ssl=1&WT.es=jtingjewelrycandle.com.au%252Fwordpress%252Fwp-content%252Fplugins%252Frafda%252Fconnect%252Fhtml%252Findex.html&WT.cg_n=Login&WT.new_visited_us=1596144521329414654&WT.ce=2&WT.vt_f_a=2&WT.vt_f=2
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.51.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 12:20:32 GMT
p3p
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
status
200
cache-control
no-cache
content-type
image/gif
content-length
67
expires
-1

Redirect headers

status
303
date
Wed, 05 Aug 2020 12:20:32 GMT
content-length
0
location
/dcs222s995baa3dif3txj4i1d_8y2f/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1596630032823&dcssip=jtingjewelrycandle.com.au&dcsuri=/wordpress/wp-content/plugins/rafda/connect/html/index.html&WT.tz=2&WT.bh=14&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Global%2520Sources&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4.23&WT.dl=0&WT.ssl=1&WT.es=jtingjewelrycandle.com.au%252Fwordpress%252Fwp-content%252Fplugins%252Frafda%252Fconnect%252Fhtml%252Findex.html&WT.cg_n=Login&WT.new_visited_us=1596144521329414654&WT.ce=2&WT.vt_f_a=2&WT.vt_f=2
p3p
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
clear.png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E 		0
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/clear.png
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
last-modified
Fri, 31 Jul 2020 00:03:32 GMT
server
nginx
etag
"5f235fd4-0"
x-proxy-cache-info
DT:1
content-type
image/png
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
0
expires
Thu, 05 Aug 2021 12:20:33 GMT
clear(1).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E 		0
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/clear(1).png
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
last-modified
Fri, 31 Jul 2020 00:02:34 GMT
server
nginx
etag
"5f235f9a-0"
x-proxy-cache-info
DT:1
content-type
image/png
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
0
expires
Thu, 05 Aug 2021 12:20:33 GMT
clear(2).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E 		81 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/clear(2).png
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
last-modified
Fri, 31 Jul 2020 00:02:40 GMT
server
nginx
etag
"5f235fa0-51"
x-proxy-cache-info
DT:1
content-type
image/png
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
81
expires
Thu, 05 Aug 2021 12:20:33 GMT
clear(3).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E 		0
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/clear(3).png
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
last-modified
Fri, 31 Jul 2020 00:02:58 GMT
server
nginx
etag
"5f235fb2-0"
x-proxy-cache-info
DT:1
content-type
image/png
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
0
expires
Thu, 05 Aug 2021 12:20:33 GMT
clear3.png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E 		0
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/clear3.png
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
last-modified
Fri, 31 Jul 2020 00:03:56 GMT
server
nginx
etag
"5f235fec-0"
x-proxy-cache-info
DT:1
content-type
image/png
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
0
expires
Thu, 05 Aug 2021 12:20:33 GMT
clear1(1).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E 		0
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/clear1(1).png
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
last-modified
Fri, 31 Jul 2020 00:03:38 GMT
server
nginx
etag
"5f235fda-0"
x-proxy-cache-info
DT:1
content-type
image/png
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
0
expires
Thu, 05 Aug 2021 12:20:33 GMT
clear(4).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E 		0
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/clear(4).png
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
last-modified
Fri, 31 Jul 2020 00:03:08 GMT
server
nginx
etag
"5f235fbc-0"
x-proxy-cache-info
DT:1
content-type
image/png
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
0
expires
Thu, 05 Aug 2021 12:20:33 GMT
clear(5).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E 		0
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/clear(5).png
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
last-modified
Fri, 31 Jul 2020 00:03:14 GMT
server
nginx
etag
"5f235fc2-0"
x-proxy-cache-info
DT:1
content-type
image/png
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
0
expires
Thu, 05 Aug 2021 12:20:33 GMT
clear(6).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E 		81 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/clear(6).png
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
last-modified
Fri, 31 Jul 2020 00:03:20 GMT
server
nginx
etag
"5f235fc8-51"
x-proxy-cache-info
DT:1
content-type
image/png
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
81
expires
Thu, 05 Aug 2021 12:20:33 GMT
check.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E 		186 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/check.js.download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
b9555a9c9efac3a90e50483e295df90acf2ed9bf5484736acae73cf2535d8a7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 00:07:22 GMT
server
nginx
etag
W/"2e979-5abb192ae2280"
vary
Accept-Encoding
x-proxy-cache-info
D NC:000000 UP:0
content-type
application/javascript
status
200
x-httpd
1
content-security-policy
upgrade-insecure-requests
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
check.js(1).download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame F90D 		122 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/check.js(1).download
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/HP.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
ba6ec305317747fe25450cd84dd59d1cec339cc27a3b746b1b6e834180c8e273
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/HP.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
last-modified
Fri, 31 Jul 2020 00:07:16 GMT
server
nginx
etag
"1e671-5abb192529500"
x-proxy-cache-info
D NC:000000 UP:0
status
200
x-httpd
1
date
Wed, 05 Aug 2020 12:20:33 GMT
accept-ranges
bytes
content-length
124529
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
ARF
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame F90D 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ARF
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/HP.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/HP.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
last-modified
Fri, 31 Jul 2020 00:11:12 GMT
server
nginx
etag
"0-5abb1a063a800"
x-proxy-cache-info
D NC:000000 UP:0
status
200
x-httpd
1
date
Wed, 05 Aug 2020 12:20:33 GMT
accept-ranges
bytes
content-length
0
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
BLANK.GIF
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 65D3 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/BLANK.GIF
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/BLANK.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/BLANK.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:33 GMT
last-modified
Fri, 31 Jul 2020 00:02:24 GMT
server
nginx
etag
"5f235f90-2b"
x-proxy-cache-info
DT:1
content-type
image/gif
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
43
expires
Thu, 05 Aug 2021 12:20:33 GMT
ARF;CIS3SID=BF3D4422CE610D8906C6B364F45D8FE7
tmxapi.globalsources.com/fp/ Frame F90D 		0
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/ARF;CIS3SID=BF3D4422CE610D8906C6B364F45D8FE7?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746&pageid=99998&sera_parametere=VhNcXVEBVQAEV1NVVVMFVQdRVAsAAQYLBVdQUgcCA1QGAVQMXFsGDl8NBxYSRAlfXhMUTBccVn1DA3AVVnMRBAAJEl0IXAhcCEBBFVJzEQFyU0QPIBxXCQ5bQUQSEgdyFVQjHVN9Q10PCQUCVgICD1JRAwwAWgZbUFYKBQNTAw5WVwdeVg9dDQdVVAlXBAdSAwFHVgtXBlxbBFFRWVMNUwkFVQpUWFINUBJYQ1wHTAJUB1ALXQ0GX1YDBwVVAwwOBlNSDlUJA10HA1EDAw9RAgFQB1pcD1EfB10PAVAEAxBZClwVVR8VUFsNCwlYDxJeW15HWll6DUsJWVcWA0EJDgNFA1cXBClQCEFKFgJVCUJUGT5bBVUJWwdXWRYEQwkHAVU%3D&count=0&max=0
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/check.js(1).download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/HP.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:33 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
tmxapi.globalsources.com/fp/ Frame 779E 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tmxapi.globalsources.com/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746&w=30e314f99213057f&ck=0&m=1
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:33 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ls_fp.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 73F3 		48 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ls_fp.html
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
957c970b79b704404a7f623caf31b85575f607d1c93f9a202176a44a63935d66

Request headers

:method
GET
:authority
jtingjewelrycandle.com.au
:scheme
https
:path
/wordpress/wp-content/plugins/rafda/connect/html/images/ls_fp.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html

Response headers

status
200
server
nginx
date
Wed, 05 Aug 2020 12:20:34 GMT
content-type
text/html
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
vary
Accept-Encoding
etag
W/"5f236348-bf83"
expires
Mon, 01 Feb 2021 12:20:34 GMT
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info
DT:1
content-encoding
gzip
sid_fp.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 13EE 		54 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/sid_fp.html
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
406ce043acdb8bcb35a771a0b8875dd2b8b22c4c5143fc7e339d4a1ddc1c70c4

Request headers

:method
GET
:authority
jtingjewelrycandle.com.au
:scheme
https
:path
/wordpress/wp-content/plugins/rafda/connect/html/images/sid_fp.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html

Response headers

status
200
server
nginx
date
Wed, 05 Aug 2020 12:20:34 GMT
content-type
text/html
last-modified
Fri, 31 Jul 2020 00:18:16 GMT
vary
Accept-Encoding
etag
W/"5f236348-d9e6"
expires
Mon, 01 Feb 2021 12:20:34 GMT
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info
DT:1
content-encoding
gzip
top_fp.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame DB02 		48 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/top_fp.html
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
5fcd29f1be98a44a265ba1649a9fa79aca16265a1638c48b13e8fcf5468da399

Request headers

:method
GET
:authority
jtingjewelrycandle.com.au
:scheme
https
:path
/wordpress/wp-content/plugins/rafda/connect/html/images/top_fp.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html

Response headers

status
200
server
nginx
date
Wed, 05 Aug 2020 12:20:34 GMT
content-type
text/html
last-modified
Fri, 31 Jul 2020 00:02:12 GMT
vary
Accept-Encoding
etag
W/"5f235f84-be30"
expires
Mon, 01 Feb 2021 12:20:34 GMT
cache-control
max-age=15552000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info
DT:1
content-encoding
gzip
clear(7).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 73F3 		0
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/clear(7).png
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ls_fp.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ls_fp.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:34 GMT
last-modified
Fri, 31 Jul 2020 00:03:26 GMT
server
nginx
etag
"5f235fce-0"
x-proxy-cache-info
DT:1
content-type
image/png
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
0
expires
Thu, 05 Aug 2021 12:20:34 GMT
clear1.png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 13EE 		0
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/clear1.png
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/sid_fp.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.157.149 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/sid_fp.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:34 GMT
last-modified
Fri, 31 Jul 2020 00:03:46 GMT
server
nginx
etag
"5f235fe2-0"
x-proxy-cache-info
DT:1
content-type
image/png
status
200
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
0
expires
Thu, 05 Aug 2021 12:20:34 GMT
clear1.png;CIS3SID=C8B06542DD42AABFCABE625DD1BC93EC
h.online-metrix.net/fp/ Frame 13EE 		0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear1.png;CIS3SID=C8B06542DD42AABFCABE625DD1BC93EC?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746&jf=363336247369665f706e643d7666705d6342467a6f56763e6f70524a5676717724716b665d646374673d313731363433323031312e7369645d76797265357f6560386561647363267169645f69677b3f3330353b3132333b3834303732613836363a61673164323232313034383830613a36363a6b65336432313033303f38333630303230346333306533383a676332666663343b6736393c3a3830396466386630303a60316464333463676c636138676163646934333333633735303d6c326667613b3538633564626538633b303b6564333433643b3930676436373038643b3064363337303663383736386334373b3835676d6431326336333b393c6b3866316133366524736b645f736b653f31303435323030323f39323034343763393537643233646031323064336d623b63303134633d37656333323960623c6c313131653661376738636564356036336434383867366434383a30313030393662343b3b3532336666673236676c616765373867666e6362343a613666356b3f663a333933626234363a39616163363634336164303166673f6b3032306226736964703f33
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/sid_fp.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , Netherlands, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/sid_fp.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:33 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=396613127629341&ev=Microdata&dl=https%3A%2F%2Fjtingjewelrycandle.com.au%2Fwordpress%2Fwp-content%2Fplugins%2Frafda%2Fconnect%2Fhtml%2Findex.html&rl=&if=false&ts=1596630034097&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Global%20Sources%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.5&r=c2&a=tmgoogletagmanager&ec=4&o=30&fbp=fb.2.1596630034096.1971114651&it=1596630032533&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 12:20:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 05 Aug 2020 12:20:34 GMT
clear.png
tmxapi.globalsources.com/fp/ Frame 73F3 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746&jf=3134266e73623f33346262333635323435616636333363696b32633161373863353b3a34346334
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ls_fp.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ls_fp.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:34 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE
tmxapi.globalsources.com/fp/ Frame 1DDF 		186 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jb=313526246a736d753f4c696e777a2468736f3d4e6b6c77702e6873623d4368726d6f672730303a33
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/tags.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
c20f7cb30760c72f33af58d8bf02e1d1d77348a41bef38a721dabfce317241d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 05 Aug 2020 12:20:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP=IVAa PSAa
tmx-nonce
a4b784297d595015
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Keep-Alive
timeout=2, max=98
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF 		81 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tmxapi.globalsources.com/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&w=35e014fa9213057f&ck=0&m=1
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/tags.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:34 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF 		81 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tmxapi.globalsources.com/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&ck=0&m=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:34 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
HP
tmxapi.globalsources.com/fp/ Frame 6BB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/HP?session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&org_id=5uvbsw0f&nonce=0ca8d9e9f420a746&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/check.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
tmxapi.globalsources.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html

Response headers

Date
Wed, 05 Aug 2020 12:20:34 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible
IE=Edge
Content-Type
text/html;charset=UTF-8
Content-Language
en-US
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
5825
Keep-Alive
timeout=2, max=97
clear.png
tmxapi.globalsources.com/fp/ Frame 779E 		81 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/clear.png
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/check.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, 5uvbsw0f/0ca8d9e9f420a7466343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 05 Aug 2020 12:20:34 GMT
Last-Modified
Wed, 05 Aug 2020 12:20:34 GMT
Server
Apache
Etag
b67941b293a94bf1be2ebfcbfa9027bc
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
https://jtingjewelrycandle.com.au
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Mon, 04 Aug 2025 12:20:34 GMT
ls_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280
tmxapi.globalsources.com/fp/ Frame E556 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/ls_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/check.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
tmxapi.globalsources.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html

Response headers

Date
Wed, 05 Aug 2020 12:20:34 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=99
Transfer-Encoding
chunked
clear.png
tmxapi.globalsources.com/fp/ Frame 779E 		0
388 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746&jb=3730266e73613f33376531313664633b323133323735643b3e6062333437303637636436333163616130633369373a6335393a343e6336
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/check.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:34 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280
h.online-metrix.net/fp/ Frame 2FAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/check.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , Netherlands, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
h.online-metrix.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html

Response headers

Date
Wed, 05 Aug 2020 12:20:34 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=99
Transfer-Encoding
chunked
clear.png
tmxapi.globalsources.com/fp/ Frame 779E 		0
388 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746&jd=35352624773d31356731313464633b3031333037356424626e6c3d3434266a666a3f373030633430633336633e3036343b3463676a38636135363334326931313261266866746c3d323a343331383636
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/check.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:35 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
top_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280
tmxapi.globalsources.com/fp/ Frame EBE0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/top_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/check.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
tmxapi.globalsources.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html

Response headers

Date
Wed, 05 Aug 2020 12:20:35 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=99
Transfer-Encoding
chunked
clear.png
tmxapi.globalsources.com/fp/ Frame 779E 		0
219 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746&ja=3a36342426773f33376531313664633b323133323735642e6b3f3630267a3d363224643f333632307a313232382663663f3134323878313232322671787135307a32266670723f312e313630322e333030302c3334323224393030302c313630322e333032302e313430302e393232302e302e322e7363643f3034246c6035687676707125334325304625324468766b6e676a6775676e7a7161616e646c652e616d6f2c6375273244776f706c707065717327304e77702d616d6e7665667c253044706e75676b6e712532467063646661253244616d6c666d617425324668746f6e273044696f61656573273a4671617465665d7a65736f77706367283b212e6a766d6e2664703d6a74747071273143253246273044687c616c676a6577656c707b61636c646e652c636f6f266177253046756d7a64707267717327324e7f702f616f6c74656c74273246706e77656b6e7325304470636e6c63253246636f6e6c67617627324468766d6c273a466b6e66657a2c60746d6c24723d726c7d6f696c5d666e61736a5e64616c736723726e7567696c5d756b666c6d77735f6d65646b635d726e617b65705e666364736721726c7765616e5f61666d62675f696b726d6061765e66636c716521706e77656b6e5f71776b61697c616f655e66616c736723726e77676b6e5d73686d6b6b756174655c64696c736523726c776761665f7067616e706c637967725e66636e716721706c77656b6c577e6e635f706c617967705c64636c716523706c776f696c5f666574636476725e64636c716529786c7765696c5f7374675d7669657567705c66616c71672372647d65696e5f6a6176635c64636e7367266a683d353a6361366434303b6d34343231353531376b303467306660333930636338392668716d3f4c696e777a24687b6a3f4368726f6d652730323a312668736d753d4e616e7778246e6a61353136266c666d3f382e7c7a663f4577726f72652732464267706e6b6e266d63766a70353c3230336431633260676132306534636135363238383061663137373c3031666636353a38393c316634656361323664613934616460663532333131333b34692e6778333d6338346436356635363b63603337633b346132326530663131666635313836306b69373237613663266163663d323032323232&jb=333739246c713f4d6d7a696c6e63273046352e3227303220456363696e746f736a273140273232496c74656e2d32324d63632730384f532530325827323839305d33345d35292732324170706e675567624b69762730443d3b352e33362532302a494a564f4c27324125323264696965273232456d636b6f2b27323243607a6f6f6725304638312e322e343132312c3431253232516364697a6b2532463533372c3134
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/check.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 05 Aug 2020 12:20:35 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
clear.png
5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqp0ca8d9e9f420a746am1.e.aa.online-metrix.net/fp/ Frame 779E 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqp0ca8d9e9f420a746am1.e.aa.online-metrix.net/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746&di=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.134.131 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:35 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=218860B3ECD32AB88FB8626B6B321280
tmxapi.globalsources.com/fp/ Frame 779E 		0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tmxapi.globalsources.com/fp/clear1.png;CIS3SID=218860B3ECD32AB88FB8626B6B321280?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746&jf=363336247369665f706e643d7666705d3957494c604b5a666e4a42455a306c3724716b665d646374673d313731363433323031312e7369645d76797265357f6560386561647363267169645f69677b3f3330353b3132333b3834303732613836363a61673164323232313034383830613a36363a6b65336432313033303f38333630303230346333306533383a676332666663343b6736393c3a3830396466386630303a60316464333463676c636138676163646934333333633735303d6c326667613b3538633564626538633b303b6564333433643b3930676436373038643b3064363337303663383736386334373b3835676d6431326336333b393c6b3866316133366524736b645f736b653f3130343532303032393b376631323562343437303b376537653738346169333464346635663e32343634306632363a3e353432366435343a65643431623267636431316330353132383a3031303066316431633b6130356464643662363b626337633563313133636531676166353c3964613530313163676536343732323b36646435373a61633539696766653526736964703f32
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:35 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
HP
tmxapi.globalsources.com/fp/ Frame 92D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/HP?session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&org_id=5uvbsw0f&nonce=a4b784297d595015&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Requested by
Host: tmxapi.globalsources.com
URL: https://tmxapi.globalsources.com/fp/check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jb=313526246a736d753f4c696e777a2468736f3d4e6b6c77702e6873623d4368726d6f672730303a33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
tmxapi.globalsources.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
thx_guid=026bb5aa8c3a480388ff85961413bd2e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html

Response headers

Date
Wed, 05 Aug 2020 12:20:35 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible
IE=Edge
Content-Type
text/html;charset=UTF-8
Content-Language
en-US
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
5826
Keep-Alive
timeout=2, max=97
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF 		81 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/clear.png
Requested by
Host: tmxapi.globalsources.com
URL: https://tmxapi.globalsources.com/fp/check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jb=313526246a736d753f4c696e777a2468736f3d4e6b6c77702e6873623d4368726d6f672730303a33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, 5uvbsw0f/a4b784297d5950156343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 05 Aug 2020 12:20:35 GMT
Last-Modified
Wed, 05 Aug 2020 12:20:35 GMT
Server
Apache
Etag
cf578118a984452b81a4d9343f0dc2cc
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
https://jtingjewelrycandle.com.au
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
81
Expires
Mon, 04 Aug 2025 12:20:35 GMT
ls_fp.html;CIS3SID=C63C30B512991598DB4457E989253EF9
tmxapi.globalsources.com/fp/ Frame 0CEC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/ls_fp.html;CIS3SID=C63C30B512991598DB4457E989253EF9?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015
Requested by
Host: tmxapi.globalsources.com
URL: https://tmxapi.globalsources.com/fp/check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jb=313526246a736d753f4c696e777a2468736f3d4e6b6c77702e6873623d4368726d6f672730303a33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
tmxapi.globalsources.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
thx_guid=026bb5aa8c3a480388ff85961413bd2e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html

Response headers

Date
Wed, 05 Aug 2020 12:20:35 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=99
Transfer-Encoding
chunked
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jb=3730266e73613f623339333963613663326661343760643b3e6062333437303637636436333163616130633369373a6335393a343e6336
Requested by
Host: tmxapi.globalsources.com
URL: https://tmxapi.globalsources.com/fp/check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jb=313526246a736d753f4c696e777a2468736f3d4e6b6c77702e6873623d4368726d6f672730303a33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:35 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=C63C30B512991598DB4457E989253EF9
h.online-metrix.net/fp/ Frame 8300 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C63C30B512991598DB4457E989253EF9?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015
Requested by
Host: tmxapi.globalsources.com
URL: https://tmxapi.globalsources.com/fp/check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jb=313526246a736d753f4c696e777a2468736f3d4e6b6c77702e6873623d4368726d6f672730303a33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , Netherlands, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
h.online-metrix.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html

Response headers

Date
Wed, 05 Aug 2020 12:20:35 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=97
Transfer-Encoding
chunked
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jd=35342624773d60313b3339616136633066613637606424626e6c3d3434266a666a3f373030633430633336633e3036343b3463676a38636135363334326931313261266866746c3d323a3130383636
Requested by
Host: tmxapi.globalsources.com
URL: https://tmxapi.globalsources.com/fp/check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jb=313526246a736d753f4c696e777a2468736f3d4e6b6c77702e6873623d4368726d6f672730303a33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:35 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&ja=3437352426773f623339333963613663326661343760642e6b3f3630267a3d363224643f333632307a313232382663663f3134323878313232322671787135307a32266670723f312e313630322e333030302c3334323224393030302c313630322e333032302e313430302e393232302e302e322e7363643f3034246c6035687676707125334325304625324468766b6e676a6775676e7a7161616e646c652e616d6f2c6375273244776f706c707065717327304e77702d616d6e7665667c253044706e75676b6e712532467063646661253244616d6c666d617425324668746f6e273044696c6467782e6a7c6d6e2666723f24783d706c7765696c5f6e6461716a5e64616c716523706c75656b6c5d77696e666d75715765676469615f706c637b67705c66636c71652172647565696c5f63666762655f6361726d62697c5e64636c716521726c7767696e5d73776b636b746b6f675c6e696e736521706c75656b6c5d71686d63697761746d5e64616e736723786c75676b6c5f70656964706e637967725e64616e736521726e7765696e5f746e615d7864637965725e66616e716723726c77676b6e5f666d76636c74725c64696c736523726c776761665f7174675d7669677767725e66636e716721706c77656b6c57626376615e66616c7167246a6a3d3532616336643c323b65363430313f353337613a3467326e6a333b3063633839246a716f3d4c6b6c777a266a73603f416a7a676f6525323038332468716d773d4e696c7578246668613d3336246c6c6d3d3824767a663d4d7d726d72652732464065706c696e246f637668723d363232316c396132626563303267346161373632303a32616639353734323164663c35383833363166366d696130366461393463666064373231333133393661&jb=333739246c713f4d6d7a696c6e63273046352e3227303220456363696e746f736a273140273232496c74656e2d32324d63632730384f532530325827323839305d33345d35292732324170706e675567624b69762730443d3b352e33362532302a494a564f4c27324125323264696965273232456d636b6f2b27323243607a6f6f6725304638312e322e343132312c3431253232516364697a6b2532463533372c3134
Requested by
Host: tmxapi.globalsources.com
URL: https://tmxapi.globalsources.com/fp/check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jb=313526246a736d753f4c696e777a2468736f3d4e6b6c77702e6873623d4368726d6f672730303a33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 05 Aug 2020 12:20:35 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
clear.png
5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqpa4b784297d595015am1.e.aa.online-metrix.net/fp/ Frame 1DDF 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqpa4b784297d595015am1.e.aa.online-metrix.net/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&di=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.134.131 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:35 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
tmxapi.globalsources.com/fp/ Frame 779E 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746&jac=1&je=33353724267767627074635f677a7667726e616e5d6b7235393a352e3135362e3335372c3330352675696d3f7f65607276635d6b667465726c636c5d6d6c667324726d3f6e6f2462637473743f79206e6576656e2038332638322c22737461747771203820636a617067696c6f227f266375666a3564646267316361363d3b3263306564336537373766326667376660313737313263673f3d373130613730306463633335653563333332313d323034353064366e
Requested by
Host: jtingjewelrycandle.com.au
URL: https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/check.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:35 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=C63C30B512991598DB4457E989253EF9
tmxapi.globalsources.com/fp/ Frame 1DDF 		0
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tmxapi.globalsources.com/fp/clear1.png;CIS3SID=C63C30B512991598DB4457E989253EF9?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jf=363336247369665f706e643d7666705d3535453775496760637769464e76524c24716b665d646374673d313731363433323031312e7369645d76797265357f6560386561647363267169645f69677b3f3330353b3132333b3834303732613836363a61673164323232313034383830613a36363a6b65336432313033303f38333630303230346333306533383a676332666663343b6736393c3a3830396466386630303a60316464333463676c636138676163646934333333633735303d6c326667613b3538633564626538633b303b6564333433643b3930676436373038643b3064363337303663383736386334373b3835676d6431326336333b393c6b3866316133366524736b645f736b653f31303435323030323a3a3430653835626261616636316161383a3536373a366633376533323134613763363435383b396137606460353734633a6136313334346334623033366431383a303130306530343b373a34603366336166653a6e35316666383137313137646767343b366b316133353364326133383562623160303437623361343036613c3f3465653726736964703f32
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:35 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=94
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tmxapi.globalsources.com/fp/clear.png?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jac=1&je=33353724267767627074635f677a7667726e616e5d6b7235393a352e3135362e3335372c3330352675696d3f7f65607276635d6b667465726c636c5d6d6c667324726d3f6e6f2462637473743f79206e6576656e2038332638322c22737461747771203820636a617067696c6f227f266375666a3564646267316361363d3b3263306564336537373766326667376660313737313263673f3d373130613730306463633335653563333332313d323034353064366e
Requested by
Host: tmxapi.globalsources.com
URL: https://tmxapi.globalsources.com/fp/check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jb=313526246a736d753f4c696e777a2468736f3d4e6b6c77702e6873623d4368726d6f672730303a33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.146 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Aug 2020 12:20:36 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jtingjewelrycandle.com.au
URL
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/BLANK.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Global Sources (E-commerce)

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| sldpnl function| $ function| jQuery object| Color number| DELAY_SHOW_HIDE string| RFI_MINILOGIN string| RFI_MINIREG string| RFI_MINIREG_PALITE string| USER_REGISTRATION string| PALITE_UPGRADE string| USER_PROFILE string| RFQ_REG string| M_REG string| M_RFI_REG string| EMAGLITE_REG string| LOGIN_LINKEDIN string| BUYER_REGISTRATION_LINKEDIN string| LINKEDIN_EXISTING string| LINKEDIN_NEWREG string| LINKEDIN_EXISTING_NOAPP object| WTSI_P_PREFIX function| winPop function| winPop2 function| winPop3 function| sortThis function| toggleDefValue function| syncCheckboxToHidden function| checkValidID function| getRandom boolean| isMSIE3 string| path number| expDays object| exp string| value function| GetCookie function| SetCookie function| DeleteCookie function| setUniqCookie function| showBox function| hideBox function| delayShowBox function| delayHideBox function| delayShowBox2 function| delayHideBox2 function| toggleHiddenByCheckbox function| checkKeyword function| LTrim function| RTrim function| Trim function| checkIsFilledMandatory function| checkForEmailError function| validateEmailValue function| trimFieldValue function| checkforEmail function| checkEmailFieldNoTrack function| checkEmailIsNotInError function| checkEmailField function| showEmailTipWithError function| showEmailTipWithErrorEmag function| showEmailTipWithErrorEmagCheck function| showErrorEmagLoginCheck function| hasSpecialChars function| hasSpaceChars function| checkUidChar function| showUidTipWithError function| checkPwdChar function| checkValuesMatch function| isNum function| isNumWithSpace function| isPhone function| extendisPhone function| checkNameBg function| changeNameBg function| checkFieldIsNotInError function| changePhoneBg function| toggleLabelColor function| checkEmailBg function| checkPhoneBg function| validatePhoneForEmag function| validatePhoneNumberForEmag function| validatePhoneForOTP function| validateOTPInput function| hideErrorBoxForOTP function| checkPhoneBgEmag function| changeCompanyNameBg function| checkCompanyNameBgEmag function| checkNameBgEmagLiteForm function| checkEmagSelected function| validateCompanyNameForEmag function| checkCombineNameEmag function| checkNameBgEmagLiteFormNew function| checkCompanyURL function| checkCompanyURLFieldError function| checkCompanyURLField function| checkCompanyURLFieldMobile function| checkCompanyDescriptionField function| WTFieldErrorTag function| WTFieldPWLengthErrorTag function| WTFieldTag function| WTNumFieldTag string| msg_invalidemailchar string| msg_invalidemail string| invalidemailchar string| invalidemail string| iChar string| iEmail boolean| goWT_Track function| getEvent function| automailKeydown function| automail function| fillinmaill function| hideAutomailBox undefined| req undefined| ctyflag function| checkCountryFieldMobile function| validatingCountryMobile boolean| first_load function| processCountryMobile function| checkUid function| requestReminder function| removeSpaceTelFax function| removeSpaceTelMobile function| removeSpaces function| checkIMoption function| checkEMoption function| isEmpty function| validatePAKW function| toggleCheckBox undefined| compurl function| appendSuggestedCompUrl function| showOverlayLogin function| downloadfile function| checkCompanyURLFieldForSmallRFI function| InvalidMsg object| today number| timetoday number| randm string| timenow boolean| nets boolean| nseven number| bVer object| egainDockChat function| startChat string| EG_ACT_ID object| td_1i boolean| tmx_profiling_started object| td_1b function| tmx_post_session_params_fixed function| tmx_run_page_fingerprinting object| egsolUI function| showOTP function| showOTPMsg function| ajaxCheckSendOTP function| setToGray function| setToBlack undefined| timeoutHandle function| countdown undefined| timeoutHandle2 function| countdown2 function| webtrendsAsyncInit string| GoogleAnalyticsObject function| ga object| dataLayer function| fbq function| _fbq function| GooglemKTybQhCsO function| google_trackConversion object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| twq object| twttr object| GooglebQhCsO undefined| n function| dcsMultiTrack object| Webtrends object| WebTrends object| WebtrendsHeatMap

1 Cookies

Domain/Path Name / Value
.jtingjewelrycandle.com.au/ Name: _fbp
Value: fb.2.1596630034096.1971114651

2 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 396613127629341.
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - You are sending a non-standard event 'iClickDynRMKT'. The preferred way to send these events is using trackCustom. See 'https://developers.facebook.com/docs/ads-for-websites/pixel-events/#events' for more information.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqp0ca8d9e9f420a746am1.e.aa.online-metrix.net
5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqpa4b784297d595015am1.e.aa.online-metrix.net
analytics.analytics-egain.com
analytics.twitter.com
connect.facebook.net
googleads.g.doubleclick.net
h.online-metrix.net
jtingjewelrycandle.com.au
s.webtrends.com
static.ads-twitter.com
stats.g.doubleclick.net
statse.webtrendslive.com
t.co
tmxapi.globalsources.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
jtingjewelrycandle.com.au
104.244.42.197
104.244.42.67
151.101.112.157
172.217.21.226
2600:9000:2057:be00:e:887:44c0:93a1
2a00:1450:4001:801::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:81a::2003
2a00:1450:400c:c00::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.51.57
34.252.23.208
35.213.157.149
91.235.132.130
91.235.132.146
91.235.134.131
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0b612f32a5ea492a7975ed975b6470c279f280a04ac4de1d027afe1c1e5923bb
0bd62f8abe16d51f0088e5dc232f208dcfb0ff148d4e7bae349a3a325c12480e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c40640a7a51074c7d716d57f30f45f44bcf20eaee8bd83adbae4ed44b5b160e
2e04229707efbc3fff8ce2064c61d26b56703fcf36942391a1f0decd4dffde4d
2e4610ed3a8d3aff55b90b4e0633844b6fbd0c8b3d22202e0ce1495dce309d2a
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
32c858e9a3683cedb3aafc488599ef7088637855d40c1686d0a26d885857c044
39e6f8ba9bae68f7c3873af6217a9d05be8b60a3d57280cf8f099903f202be20
3d2f62d70760ffca0f2bf4c1fb0d2708c121a0ae754c1ec9172724969af27195
3fde29f2f8731ef0a87aa88c87ef1e0f3900901402df6c8c4ce8cc39e4e9e0e2
406ce043acdb8bcb35a771a0b8875dd2b8b22c4c5143fc7e339d4a1ddc1c70c4
465c8b941a45a964b3c73162a3357083c03e807f2eb45a6e0cc03658f686ece6
471839d32eab48a348e12109912c18c95d449dd754b7eacff47f99fb5f28678c
48b29082ef6f23b131571a87ea690b627b3640daf2ec9e5a48a2a9a8d6efb643
585fb8ad916f6d14fe7d1db97e0cd98563d2e4d09ed2f99a210a0b6d3255c8d3
5ee7561a3a5c0bcfd620ab6004ff7cab8ee16c800aada8a165c32cd104086cd5
5fcd29f1be98a44a265ba1649a9fa79aca16265a1638c48b13e8fcf5468da399
6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975
71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8709c2c753624361c1ac493ff03b4ea59fc2be04ac9769e34f8d635efa47eefe
8790d1820562042c336180587d2678d78fe1657ceb7bc1b212cd68e69d0b208f
8dde1cba1634a77416076690270bc740af94bfbd82948fb7d94c1b68f2491495
8fc083890e2c53a990a3227205d25c0722069eef6d169553eda84c4809068598
900774ab9d108ddeee13c38f67680d8b855588ab4b3c37949fa79f4b15c4e3a9
91cb51e36f0dd33cc8fe3e33e94872e0a6877f965df985063dbd943064d2e1ac
91ce58de09b1d71b9848ddab21e19c29584c5998b783af335bc3b997d2ac8514
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
957c970b79b704404a7f623caf31b85575f607d1c93f9a202176a44a63935d66
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
a00fdcb68e4088ed1c6b6f535c370c6162f3ef6319bb1e57a7092ff53d8abe2d
a01572d9b2b5eca71ee08a2c6d8d68c04815f55979ff780d0ebfe16af5494972
a333d615df16eae983fc674e1e06c445d08bc440cb16eff950ec7570d98c3206
a554e28a9a7d158bcabe4664a618a2da7e783fb1f603a3e4b18d25b8a537298a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0501c9294231206d2aeb28e8bbd622910de7fc139e02756dc339cb9a68d017f
b40a66d8255f46b1c25e96910c1e64cf213cf651a891d2307ae28c186006474e
b57ba5c23e6914ee02d9424017333d7bda6f1a760d1e30fe1f1fc351ba13a8d8
b9555a9c9efac3a90e50483e295df90acf2ed9bf5484736acae73cf2535d8a7b
ba6ec305317747fe25450cd84dd59d1cec339cc27a3b746b1b6e834180c8e273
bceccc4659416c72597c905dd9f17f9245ad9c0f1258147bfba31d9b29368f3d
c20f7cb30760c72f33af58d8bf02e1d1d77348a41bef38a721dabfce317241d0
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ee1df90c154ea68748d42e82ed37c3fac436b5f53cdea6604a3a272c6f9173b9
eecdf607f41793e61a58937f215d9b1192888fc67ba525b041b05f2b3ab9685f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe11671e8ca6d3b5659e5dae0924ecae80c99c0dd72478710eed0886e687f69d