![](/screenshots/d1268178-9ea6-4fc4-9b03-f7585e50e2d9.png)
jtingjewelrycandle.com.au
Open in
urlscan Pro
35.213.157.149
Malicious Activity!
Public Scan
Submission: On August 05 via manual from IN
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on July 10th 2020. Valid for: 3 months.
This is the only time jtingjewelrycandle.com.au was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Global Sources (E-commerce)Domain & IP information
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Domain | Requested by | |
---|---|---|
54 | jtingjewelrycandle.com.au |
jtingjewelrycandle.com.au
|
23 | tmxapi.globalsources.com |
jtingjewelrycandle.com.au
tmxapi.globalsources.com |
5 | www.facebook.com |
jtingjewelrycandle.com.au
|
5 | www.google.com |
1 redirects
jtingjewelrycandle.com.au
|
3 | h.online-metrix.net |
jtingjewelrycandle.com.au
tmxapi.globalsources.com |
3 | statse.webtrendslive.com |
1 redirects
jtingjewelrycandle.com.au
|
3 | www.google.de |
jtingjewelrycandle.com.au
|
2 | googleads.g.doubleclick.net |
www.googleadservices.com
|
2 | connect.facebook.net |
jtingjewelrycandle.com.au
connect.facebook.net |
2 | www.google-analytics.com |
jtingjewelrycandle.com.au
|
2 | www.google.co.uk |
jtingjewelrycandle.com.au
|
1 | 5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqpa4b784297d595015am1.e.aa.online-metrix.net | |
1 | 5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqp0ca8d9e9f420a746am1.e.aa.online-metrix.net | |
1 | s.webtrends.com |
jtingjewelrycandle.com.au
|
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | t.co |
jtingjewelrycandle.com.au
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.googletagmanager.com |
jtingjewelrycandle.com.au
|
1 | analytics.analytics-egain.com |
jtingjewelrycandle.com.au
|
112 | 21 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.globalsources.com |
mrw.so |
Subject Issuer | Validity | Valid | |
---|---|---|---|
jtingjewelrycandle.com.au Let's Encrypt Authority X3 |
2020-07-10 - 2020-10-08 |
3 months | crt.sh |
*.analytics-egain.com Go Daddy Secure Certificate Authority - G2 |
2017-09-07 - 2020-09-07 |
3 years | crt.sh |
www.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
www.google.co.uk GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-07-21 - 2020-10-12 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2019-08-14 - 2020-08-18 |
a year | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
s.webtrends.com Entrust Certification Authority - L1K |
2020-04-03 - 2022-07-02 |
2 years | crt.sh |
statse.webtrendslive.com Entrust Certification Authority - L1K |
2018-10-09 - 2020-10-09 |
2 years | crt.sh |
tmxapi.globalsources.com Thawte RSA CA 2018 |
2020-04-01 - 2022-04-01 |
2 years | crt.sh |
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2020-02-20 - 2021-02-19 |
a year | crt.sh |
*.e.aa.online-metrix.net Go Daddy Secure Certificate Authority - G2 |
2019-09-13 - 2021-09-13 |
2 years | crt.sh |
This page contains 21 frames:
Primary Page:
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/index.html
Frame ID: 178F711FC69CCB3A03D48F61ADADF602
Requests: 56 HTTP requests in this frame
Frame:
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/egain-docked-chat.js
Frame ID: 68378AB038C877CF4EF3FCAC3EA5B8FD
Requests: 1 HTTP requests in this frame
Frame:
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource.html
Frame ID: 473F931C5FAC8EA6AA9355622E36EFE8
Requests: 2 HTTP requests in this frame
Frame:
https://analytics.analytics-egain.com/onetag/EG48975170
Frame ID: EFEB94219C87811186B543003F27E07D
Requests: 1 HTTP requests in this frame
Frame:
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/EG48975170.html
Frame ID: C244456D64FE5CFE12476ED46FC1918E
Requests: 1 HTTP requests in this frame
Frame:
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(2).html
Frame ID: C69021F2FAD92020BDBC2E00B26F6B4B
Requests: 1 HTTP requests in this frame
Frame:
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/BLANK.html
Frame ID: 35390067ACDE43DD40216C1819379D06
Requests: 1 HTTP requests in this frame
Frame:
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/saved_resource(3).html
Frame ID: 779EF7F687391E4AE0B094459A549A62
Requests: 19 HTTP requests in this frame
Frame:
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/HP.html
Frame ID: F90D76BE80662061A91E99F0047092BE
Requests: 4 HTTP requests in this frame
Frame:
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/BLANK.html
Frame ID: 65D312C5A66649B1B32D3C58627BAEFC
Requests: 2 HTTP requests in this frame
Frame:
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ls_fp.html
Frame ID: 73F351C858DCB456187BD1B88469C58C
Requests: 3 HTTP requests in this frame
Frame:
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/sid_fp.html
Frame ID: 13EE82762E76922F597D0B97F4B5EC42
Requests: 3 HTTP requests in this frame
Frame:
https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/top_fp.html
Frame ID: DB023E3924CD8690DCD1CAEC8952F732
Requests: 1 HTTP requests in this frame
Frame:
https://tmxapi.globalsources.com/fp/check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015&jb=313526246a736d753f4c696e777a2468736f3d4e6b6c77702e6873623d4368726d6f672730303a33
Frame ID: 1DDF8CFF079859D6A70975CE45531759
Requests: 10 HTTP requests in this frame
Frame:
https://tmxapi.globalsources.com/fp/HP?session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&org_id=5uvbsw0f&nonce=0ca8d9e9f420a746&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 6BB940E705939831585535359E7CB1CA
Requests: 1 HTTP requests in this frame
Frame:
https://tmxapi.globalsources.com/fp/ls_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746
Frame ID: E556B04513A795175C32CBAC13EC571F
Requests: 1 HTTP requests in this frame
Frame:
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746
Frame ID: 2FAF539615FCA2E61C2A182D71C75BEC
Requests: 1 HTTP requests in this frame
Frame:
https://tmxapi.globalsources.com/fp/top_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=0ca8d9e9f420a746
Frame ID: EBE09B709E5173E1181C9BA0F0D1FEB1
Requests: 1 HTTP requests in this frame
Frame:
https://tmxapi.globalsources.com/fp/HP?session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&org_id=5uvbsw0f&nonce=a4b784297d595015&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 92D50DECA2DF2F457299FA4E80D460A4
Requests: 1 HTTP requests in this frame
Frame:
https://tmxapi.globalsources.com/fp/ls_fp.html;CIS3SID=C63C30B512991598DB4457E989253EF9?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015
Frame ID: 0CEC4582D55BEFBFE08A2471E1A06B92
Requests: 1 HTTP requests in this frame
Frame:
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C63C30B512991598DB4457E989253EF9?org_id=5uvbsw0f&session_id=6343e0357e406237d4a626b98fd4d4e4c3fcc1f5f4e7852474cb8d4e3cdca98d&nonce=a4b784297d595015
Frame ID: 8300420B29AF1453D18B5DB16A505325
Requests: 1 HTTP requests in this frame
7 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Security Measures
Search URL Search Domain Scan URL
Title: IP Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 44- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-179370-18&cid=498067916.1596630033&jid=283811288&gjid=748008040&_gid=2063295774.1596630033&_u=YGBAgEAB~&z=919198229 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-179370-18&cid=498067916.1596630033&jid=283811288&_v=j83&z=919198229 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-179370-18&cid=498067916.1596630033&jid=283811288&_v=j83&z=919198229&slf_rd=1&random=136553266
- https://statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/dcs.gif?&dcsdat=1596630032823&dcssip=jtingjewelrycandle.com.au&dcsuri=/wordpress/wp-content/plugins/rafda/connect/html/index.html&WT.tz=2&WT.bh=14&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Global%2520Sources&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4.23&WT.dl=0&WT.ssl=1&WT.es=jtingjewelrycandle.com.au%252Fwordpress%252Fwp-content%252Fplugins%252Frafda%252Fconnect%252Fhtml%252Findex.html&WT.cg_n=Login&WT.new_visited_us=1596144521329414654&WT.ce=2&WT.vt_f_a=2&WT.vt_f=2 HTTP 303
- https://statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1596630032823&dcssip=jtingjewelrycandle.com.au&dcsuri=/wordpress/wp-content/plugins/rafda/connect/html/index.html&WT.tz=2&WT.bh=14&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Global%2520Sources&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4.23&WT.dl=0&WT.ssl=1&WT.es=jtingjewelrycandle.com.au%252Fwordpress%252Fwp-content%252Fplugins%252Frafda%252Fconnect%252Fhtml%252Findex.html&WT.cg_n=Login&WT.new_visited_us=1596144521329414654&WT.ce=2&WT.vt_f_a=2&WT.vt_f=2
112 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/ |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SSO.CSS
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
41 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webtrends.hm.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f.txt
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
29 KB 13 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
396613127629341
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
355 KB 356 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
103 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
135 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
45 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webtrends.min.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Offers.egain
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
146 B 396 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
egain-chat.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jqueryandplugins.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
99 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ssoscripts.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
39 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
egain_docked_chat.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tags.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
49 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rdvoqldvqhjbezvv999157.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f(1).txt
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
2 KB 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f(2).txt
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
2 KB 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GSLOGO.PNG
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APPEDU_LOGO_APP.JPG
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APPEDU_LOGO_GOOGLE.JPG
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GSLOGIN_PROMO_PIC.JPG
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
63 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EGSOL_WEB_UI.JS.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SSO.JS.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BLANK.GIF
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
43 B 270 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ |
31 B 280 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
egain-docked-chat.js
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 6837 |
0 245 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saved_resource.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 473F |
325 B 494 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EG48975170
analytics.analytics-egain.com/onetag/ Frame EFEB |
0 0 |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1072021429/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.uk/pagead/1p-user-list/1072021429/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1027654176/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.uk/pagead/1p-user-list/1027654176/ |
42 B 539 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EG48975170
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 473F |
16 KB 17 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EG48975170.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame C244 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saved_resource(2).html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame C690 |
149 B 384 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webtrends.min.js
jtingjewelrycandle.com.au/sso/gsol/pex/en/balat/includes/ |
0 245 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
138 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BLANK.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 3539 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
134 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saved_resource(3).html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HP.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame F90D |
22 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 96 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
396613127629341
connect.facebook.net/signals/config/ |
522 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 377 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 213 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 212 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 212 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 449 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1027654176/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072021429/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1072021429/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1072021429/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1027654176/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1027654176/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 652 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BLANK.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 65D3 |
388 B 534 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webtrends.hm.js
s.webtrends.com/js/ |
7 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wtid.js
statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/ |
201 B 305 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dcs.gif
statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/ Redirect Chain
|
67 B 271 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear.png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E |
0 216 B |
Script
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear(1).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E |
0 216 B |
Script
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear(2).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E |
81 B 308 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear(3).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E |
0 216 B |
Script
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear3.png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E |
0 216 B |
Script
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear1(1).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E |
0 216 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear(4).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E |
0 216 B |
Script
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear(5).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E |
0 216 B |
Script
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear(6).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E |
81 B 308 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.js.download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 779E |
186 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.js(1).download
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame F90D |
122 KB 122 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ARF
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame F90D |
0 238 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BLANK.GIF
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 65D3 |
43 B 270 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ARF;CIS3SID=BF3D4422CE610D8906C6B364F45D8FE7
tmxapi.globalsources.com/fp/ Frame F90D |
0 407 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 779E |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls_fp.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 73F3 |
48 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid_fp.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 13EE |
54 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top_fp.html
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame DB02 |
48 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear(7).png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 73F3 |
0 216 B |
Script
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear1.png
jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/ Frame 13EE |
0 216 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear1.png;CIS3SID=C8B06542DD42AABFCABE625DD1BC93EC
h.online-metrix.net/fp/ Frame 13EE |
0 387 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 259 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 73F3 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check.js;CIS3SID=39D8729091E9FED7FE1855CE2037BDBE
tmxapi.globalsources.com/fp/ Frame 1DDF |
186 KB 49 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF |
81 B 474 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF |
81 B 474 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HP
tmxapi.globalsources.com/fp/ Frame 6BB9 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 779E |
81 B 541 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ls_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280
tmxapi.globalsources.com/fp/ Frame E556 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 779E |
0 388 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sid_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280
h.online-metrix.net/fp/ Frame 2FAF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 779E |
0 388 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_fp.html;CIS3SID=218860B3ECD32AB88FB8626B6B321280
tmxapi.globalsources.com/fp/ Frame EBE0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 779E |
0 219 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqp0ca8d9e9f420a746am1.e.aa.online-metrix.net/fp/ Frame 779E |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear1.png;CIS3SID=218860B3ECD32AB88FB8626B6B321280
tmxapi.globalsources.com/fp/ Frame 779E |
0 387 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HP
tmxapi.globalsources.com/fp/ Frame 92D5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF |
81 B 540 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ls_fp.html;CIS3SID=C63C30B512991598DB4457E989253EF9
tmxapi.globalsources.com/fp/ Frame 0CEC |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sid_fp.html;CIS3SID=C63C30B512991598DB4457E989253EF9
h.online-metrix.net/fp/ Frame 8300 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF |
0 218 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqpa4b784297d595015am1.e.aa.online-metrix.net/fp/ Frame 1DDF |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 779E |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear1.png;CIS3SID=C63C30B512991598DB4457E989253EF9
tmxapi.globalsources.com/fp/ Frame 1DDF |
0 386 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
tmxapi.globalsources.com/fp/ Frame 1DDF |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- jtingjewelrycandle.com.au
- URL
- https://jtingjewelrycandle.com.au/wordpress/wp-content/plugins/rafda/connect/html/images/BLANK.html
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Global Sources (E-commerce)180 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| sldpnl function| $ function| jQuery object| Color number| DELAY_SHOW_HIDE string| RFI_MINILOGIN string| RFI_MINIREG string| RFI_MINIREG_PALITE string| USER_REGISTRATION string| PALITE_UPGRADE string| USER_PROFILE string| RFQ_REG string| M_REG string| M_RFI_REG string| EMAGLITE_REG string| LOGIN_LINKEDIN string| BUYER_REGISTRATION_LINKEDIN string| LINKEDIN_EXISTING string| LINKEDIN_NEWREG string| LINKEDIN_EXISTING_NOAPP object| WTSI_P_PREFIX function| winPop function| winPop2 function| winPop3 function| sortThis function| toggleDefValue function| syncCheckboxToHidden function| checkValidID function| getRandom boolean| isMSIE3 string| path number| expDays object| exp string| value function| GetCookie function| SetCookie function| DeleteCookie function| setUniqCookie function| showBox function| hideBox function| delayShowBox function| delayHideBox function| delayShowBox2 function| delayHideBox2 function| toggleHiddenByCheckbox function| checkKeyword function| LTrim function| RTrim function| Trim function| checkIsFilledMandatory function| checkForEmailError function| validateEmailValue function| trimFieldValue function| checkforEmail function| checkEmailFieldNoTrack function| checkEmailIsNotInError function| checkEmailField function| showEmailTipWithError function| showEmailTipWithErrorEmag function| showEmailTipWithErrorEmagCheck function| showErrorEmagLoginCheck function| hasSpecialChars function| hasSpaceChars function| checkUidChar function| showUidTipWithError function| checkPwdChar function| checkValuesMatch function| isNum function| isNumWithSpace function| isPhone function| extendisPhone function| checkNameBg function| changeNameBg function| checkFieldIsNotInError function| changePhoneBg function| toggleLabelColor function| checkEmailBg function| checkPhoneBg function| validatePhoneForEmag function| validatePhoneNumberForEmag function| validatePhoneForOTP function| validateOTPInput function| hideErrorBoxForOTP function| checkPhoneBgEmag function| changeCompanyNameBg function| checkCompanyNameBgEmag function| checkNameBgEmagLiteForm function| checkEmagSelected function| validateCompanyNameForEmag function| checkCombineNameEmag function| checkNameBgEmagLiteFormNew function| checkCompanyURL function| checkCompanyURLFieldError function| checkCompanyURLField function| checkCompanyURLFieldMobile function| checkCompanyDescriptionField function| WTFieldErrorTag function| WTFieldPWLengthErrorTag function| WTFieldTag function| WTNumFieldTag string| msg_invalidemailchar string| msg_invalidemail string| invalidemailchar string| invalidemail string| iChar string| iEmail boolean| goWT_Track function| getEvent function| automailKeydown function| automail function| fillinmaill function| hideAutomailBox undefined| req undefined| ctyflag function| checkCountryFieldMobile function| validatingCountryMobile boolean| first_load function| processCountryMobile function| checkUid function| requestReminder function| removeSpaceTelFax function| removeSpaceTelMobile function| removeSpaces function| checkIMoption function| checkEMoption function| isEmpty function| validatePAKW function| toggleCheckBox undefined| compurl function| appendSuggestedCompUrl function| showOverlayLogin function| downloadfile function| checkCompanyURLFieldForSmallRFI function| InvalidMsg object| today number| timetoday number| randm string| timenow boolean| nets boolean| nseven number| bVer object| egainDockChat function| startChat string| EG_ACT_ID object| td_1i boolean| tmx_profiling_started object| td_1b function| tmx_post_session_params_fixed function| tmx_run_page_fingerprinting object| egsolUI function| showOTP function| showOTPMsg function| ajaxCheckSendOTP function| setToGray function| setToBlack undefined| timeoutHandle function| countdown undefined| timeoutHandle2 function| countdown2 function| webtrendsAsyncInit string| GoogleAnalyticsObject function| ga object| dataLayer function| fbq function| _fbq function| GooglemKTybQhCsO function| google_trackConversion object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| twq object| twttr object| GooglebQhCsO undefined| n function| dcsMultiTrack object| Webtrends object| WebTrends object| WebtrendsHeatMap1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.jtingjewelrycandle.com.au/ | Name: _fbp Value: fb.2.1596630034096.1971114651 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqp0ca8d9e9f420a746am1.e.aa.online-metrix.net
5uvbsw0fh3jzgqkr5y67cukb2h645pearjd7xwqpa4b784297d595015am1.e.aa.online-metrix.net
analytics.analytics-egain.com
analytics.twitter.com
connect.facebook.net
googleads.g.doubleclick.net
h.online-metrix.net
jtingjewelrycandle.com.au
s.webtrends.com
static.ads-twitter.com
stats.g.doubleclick.net
statse.webtrendslive.com
t.co
tmxapi.globalsources.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
jtingjewelrycandle.com.au
104.244.42.197
104.244.42.67
151.101.112.157
172.217.21.226
2600:9000:2057:be00:e:887:44c0:93a1
2a00:1450:4001:801::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:81a::2003
2a00:1450:400c:c00::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.51.57
34.252.23.208
35.213.157.149
91.235.132.130
91.235.132.146
91.235.134.131
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0b612f32a5ea492a7975ed975b6470c279f280a04ac4de1d027afe1c1e5923bb
0bd62f8abe16d51f0088e5dc232f208dcfb0ff148d4e7bae349a3a325c12480e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c40640a7a51074c7d716d57f30f45f44bcf20eaee8bd83adbae4ed44b5b160e
2e04229707efbc3fff8ce2064c61d26b56703fcf36942391a1f0decd4dffde4d
2e4610ed3a8d3aff55b90b4e0633844b6fbd0c8b3d22202e0ce1495dce309d2a
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
32c858e9a3683cedb3aafc488599ef7088637855d40c1686d0a26d885857c044
39e6f8ba9bae68f7c3873af6217a9d05be8b60a3d57280cf8f099903f202be20
3d2f62d70760ffca0f2bf4c1fb0d2708c121a0ae754c1ec9172724969af27195
3fde29f2f8731ef0a87aa88c87ef1e0f3900901402df6c8c4ce8cc39e4e9e0e2
406ce043acdb8bcb35a771a0b8875dd2b8b22c4c5143fc7e339d4a1ddc1c70c4
465c8b941a45a964b3c73162a3357083c03e807f2eb45a6e0cc03658f686ece6
471839d32eab48a348e12109912c18c95d449dd754b7eacff47f99fb5f28678c
48b29082ef6f23b131571a87ea690b627b3640daf2ec9e5a48a2a9a8d6efb643
585fb8ad916f6d14fe7d1db97e0cd98563d2e4d09ed2f99a210a0b6d3255c8d3
5ee7561a3a5c0bcfd620ab6004ff7cab8ee16c800aada8a165c32cd104086cd5
5fcd29f1be98a44a265ba1649a9fa79aca16265a1638c48b13e8fcf5468da399
6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975
71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8709c2c753624361c1ac493ff03b4ea59fc2be04ac9769e34f8d635efa47eefe
8790d1820562042c336180587d2678d78fe1657ceb7bc1b212cd68e69d0b208f
8dde1cba1634a77416076690270bc740af94bfbd82948fb7d94c1b68f2491495
8fc083890e2c53a990a3227205d25c0722069eef6d169553eda84c4809068598
900774ab9d108ddeee13c38f67680d8b855588ab4b3c37949fa79f4b15c4e3a9
91cb51e36f0dd33cc8fe3e33e94872e0a6877f965df985063dbd943064d2e1ac
91ce58de09b1d71b9848ddab21e19c29584c5998b783af335bc3b997d2ac8514
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
957c970b79b704404a7f623caf31b85575f607d1c93f9a202176a44a63935d66
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
a00fdcb68e4088ed1c6b6f535c370c6162f3ef6319bb1e57a7092ff53d8abe2d
a01572d9b2b5eca71ee08a2c6d8d68c04815f55979ff780d0ebfe16af5494972
a333d615df16eae983fc674e1e06c445d08bc440cb16eff950ec7570d98c3206
a554e28a9a7d158bcabe4664a618a2da7e783fb1f603a3e4b18d25b8a537298a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0501c9294231206d2aeb28e8bbd622910de7fc139e02756dc339cb9a68d017f
b40a66d8255f46b1c25e96910c1e64cf213cf651a891d2307ae28c186006474e
b57ba5c23e6914ee02d9424017333d7bda6f1a760d1e30fe1f1fc351ba13a8d8
b9555a9c9efac3a90e50483e295df90acf2ed9bf5484736acae73cf2535d8a7b
ba6ec305317747fe25450cd84dd59d1cec339cc27a3b746b1b6e834180c8e273
bceccc4659416c72597c905dd9f17f9245ad9c0f1258147bfba31d9b29368f3d
c20f7cb30760c72f33af58d8bf02e1d1d77348a41bef38a721dabfce317241d0
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ee1df90c154ea68748d42e82ed37c3fac436b5f53cdea6604a3a272c6f9173b9
eecdf607f41793e61a58937f215d9b1192888fc67ba525b041b05f2b3ab9685f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe11671e8ca6d3b5659e5dae0924ecae80c99c0dd72478710eed0886e687f69d