Submitted URL: http://www.therefinery.ca/
Effective URL: https://www.therefinery.ca/
Submission: On March 31 via api from CA — Scanned from CA

Summary

This website contacted 24 IPs in 1 countries across 18 domains to perform 71 HTTP transactions. The main IP is 104.197.122.227, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.therefinery.ca.
TLS certificate: Issued by R3 on March 16th 2023. Valid for: 3 months.
This is the only time www.therefinery.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 104.197.122.227 396982 (GOOGLE-CL...)
9 192.0.77.37 2635 (AUTOMATTIC)
2 2607:f8b0:400... 15169 (GOOGLE)
9 192.0.77.2 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:20e... 16509 (AMAZON-02)
1 108.138.128.110 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:24f... 16509 (AMAZON-02)
1 2600:9000:21d... 16509 (AMAZON-02)
2 4 54.89.3.251 14618 (AMAZON-AES)
3 18.164.124.123 16509 (AMAZON-02)
1 3 63.251.86.49 32475 (SINGLEHOP...)
1 13.225.223.106 16509 (AMAZON-02)
1 13.226.39.112 16509 (AMAZON-02)
3 72.251.238.254 32475 (SINGLEHOP...)
1 108.139.29.112 16509 (AMAZON-02)
1 13.226.39.96 16509 (AMAZON-02)
2 2 52.5.98.218 14618 (AMAZON-AES)
1 2 2620:1ec:21::14 ()
1 5 18.214.54.215 ()
2 2 142.250.65.226 ()
3 3 15.197.193.217 ()
1 23.205.6.178 ()
2 3 34.111.113.62 ()
1 1 2620:112:f002... ()
71 24
Apex Domain
Subdomains
Transfer
20 wp.com
c0.wp.com — Cisco Umbrella Rank: 7535
i0.wp.com — Cisco Umbrella Rank: 3491
stats.wp.com — Cisco Umbrella Rank: 2973
pixel.wp.com — Cisco Umbrella Rank: 2697
2 MB
14 therefinery.ca
www.therefinery.ca
135 KB
6 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1025
ap.lijit.com — Cisco Umbrella Rank: 646
vpod1q.qa.lijit.com Failed
7 KB
6 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4020
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4970
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5065
data-beacons.s-onetag.com — Cisco Umbrella Rank: 13802
24 KB
5 eyeota.net
ps.eyeota.net
3 KB
5 gstatic.com
fonts.gstatic.com
188 KB
5 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 9462
api.viglink.com — Cisco Umbrella Rank: 13720
31 KB
5 flodesk.com
assets.flodesk.com — Cisco Umbrella Rank: 21761
form.flodesk.com — Cisco Umbrella Rank: 30003
usercontent.flodesk.com — Cisco Umbrella Rank: 35388
96 KB
3 tapad.com
pixel.tapad.com
1 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 doubleclick.net
cm.g.doubleclick.net
1 KB
2 linkedin.com
px.ads.linkedin.com
855 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1006
835 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
2 KB
1 turn.com
d.turn.com
438 B
1 bluekai.com
tags.bluekai.com
478 B
1 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1700
71 18
Domain Requested by
14 www.therefinery.ca 1 redirects www.therefinery.ca
9 i0.wp.com www.therefinery.ca
9 c0.wp.com www.therefinery.ca
5 ps.eyeota.net 1 redirects
5 fonts.gstatic.com fonts.googleapis.com
4 api.viglink.com 2 redirects cdn.viglink.com
3 pixel.tapad.com 2 redirects
3 match.adsrvr.org 3 redirects
3 ap.lijit.com signal-beacon.s-onetag.com
api.viglink.com
data-beacons.s-onetag.com
3 ce.lijit.com 1 redirects
3 get.s-onetag.com api.viglink.com
get.s-onetag.com
3 assets.flodesk.com www.therefinery.ca
assets.flodesk.com
3 www.google-analytics.com www.therefinery.ca
www.google-analytics.com
2 cm.g.doubleclick.net 2 redirects
2 px.ads.linkedin.com 1 redirects
2 bcp.crwdcntrl.net 2 redirects
2 fonts.googleapis.com www.therefinery.ca
assets.flodesk.com
1 d.turn.com 1 redirects
1 tags.bluekai.com
1 api.intentiq.com data-beacons.s-onetag.com
1 data-beacons.s-onetag.com api.viglink.com
1 signal-beacon.s-onetag.com api.viglink.com
1 onetag-geo.s-onetag.com api.viglink.com
1 usercontent.flodesk.com
1 form.flodesk.com assets.flodesk.com
1 pixel.wp.com www.therefinery.ca
1 cdn.viglink.com www.therefinery.ca
1 stats.wp.com www.therefinery.ca
0 vpod1q.qa.lijit.com Failed ap.lijit.com
71 29
Subject Issuer Validity Valid
www.therefinery.ca
R3
2023-03-16 -
2023-06-14
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.flodesk.com
Amazon RSA 2048 M01
2023-02-24 -
2023-08-01
5 months crt.sh
viglink.com
Amazon RSA 2048 M01
2023-02-24 -
2023-11-11
9 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01
2023-02-23 -
2024-01-02
10 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
*.intentiq.com
Amazon RSA 2048 M01
2023-02-28 -
2023-04-17
2 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.therefinery.ca/
Frame ID: 819B3F69C0E391C1E280C22A582A1753
Requests: 67 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 3774B97DD9ABF43AEE2B4E8392739E21
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=11304&maxed=1&rnd=82323
Frame ID: 3E828C8B1A3E955A4EE2E1370D755E9A
Requests: 1 HTTP requests in this frame

Frame: https://vpod1q.qa.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Frame ID: BC2AD32560480E203DABAEA6328E928F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

THE REFINERY | online personal stylist in Toronto and around the world

Page URL History Show full URLs

  1. http://www.therefinery.ca/ HTTP 301
    https://www.therefinery.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com


Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

71
Requests

86 %
HTTPS

30 %
IPv6

18
Domains

29
Subdomains

24
IPs

1
Countries

2262 kB
Transfer

3012 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.therefinery.ca/ HTTP 301
    https://www.therefinery.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://api.viglink.com/api/sync.js?key=be356d06e4ffccf824b84448f0223fd1 HTTP 302
  • https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Request Chain 50
  • https://api.viglink.com/api/sync.gif?key=be356d06e4ffccf824b84448f0223fd1 HTTP 302
  • https://ce.lijit.com/merge?pid=8008&3pid=504d754047ef3cae4734f7968983edfd HTTP 302
  • https://ce.lijit.com/merge?pid=8008&3pid=504d754047ef3cae4734f7968983edfd&dnr=1
Request Chain 60
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GZ2khQZHj0ehMKVTR8e3Xdbw/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=GZ2khQZHj0ehMKVTR8e3Xdbw/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=34484bc64d9419a30750065708bbd535
Request Chain 61
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GZ2khQZHj0ehMKVTR8e3Xdbw&rand=33012&pu= HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GZ2khQZHj0ehMKVTR8e3Xdbw&rand=33012&pu=&expected_cookie=dc8680a1-050c-46dc-8fd7-da4209fbd58e
Request Chain 62
  • https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Request Chain 63
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnAwOWtBZTFfTTBhZ2VUZ2xGRTZnRldzMUc4eW9oQ0N6dGlsX29yemUtenM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MnAwOWtBZTFfTTBhZ2VUZ2xGRTZnRldzMUc4eW9oQ0N6dGlsX29yemUtenM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESENl8Ky80BRFm4mP7qqK2IVg&google_cver=1
Request Chain 64
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=c8762936-fd66-4a6a-b268-d684e8acb157&bid=1e2n4ou
Request Chain 66
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2rRSmdDJuZ3CnoCN3hT-WYwah0sSkzPQohbK7ZdxCRZ0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3081&partner_device_id=2rRSmdDJuZ3CnoCN3hT-WYwah0sSkzPQohbK7ZdxCRZ0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4fe391ef-4013-4161-9670-e1c1b4ac7f77%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c8762936-fd66-4a6a-b268-d684e8acb157&ttd_puid=4fe391ef-4013-4161-9670-e1c1b4ac7f77%2C%2C
Request Chain 67
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2519962718296961491&newuser=1&referrer_pid=51md42u

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.therefinery.ca/
Redirect Chain
  • http://www.therefinery.ca/
  • https://www.therefinery.ca/
42 KB
10 KB
Document
General
Full URL
https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
9874c174bfb77cf959f8f32316649359d8b1b709445f6b740d33e6752b0e94fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 31 Mar 2023 19:16:13 GMT
link
<https://www.therefinery.ca/wp-json/>; rel="https://api.w.org/" <https://wp.me/5isG6>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Fri, 31 Mar 2023 19:16:13 GMT
Keep-Alive
timeout=20
Location
https://www.therefinery.ca/
Server
nginx
style.css
www.therefinery.ca/wp-content/themes/foodiepro/
44 KB
9 KB
Stylesheet
General
Full URL
https://www.therefinery.ca/wp-content/themes/foodiepro/style.css?ver=2.0.2
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
3bfa252230774121983c0671862012384108e8ec6762a7f022ebe6fb15f323ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
last-modified
Mon, 24 Oct 2016 16:55:53 GMT
server
nginx
etag
W/"580e3d19-b167"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/
93 KB
12 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 11 Nov 2022 14:56:45 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Mar 2024 19:16:13 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/
11 KB
2 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Mar 2024 19:16:13 GMT
wp-mediaelement.min.css
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Mar 2024 19:16:13 GMT
classic-themes.min.css
c0.wp.com/c/6.1.1/wp-includes/css/
217 B
280 B
Stylesheet
General
Full URL
https://c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 31 Mar 2023 19:16:13 GMT
strict-transport-security
max-age=15552000
last-modified
Tue, 25 Oct 2022 13:45:16 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
217
expires
Sat, 30 Mar 2024 19:16:13 GMT
foogallery.css
www.therefinery.ca/wp-content/plugins/foogallery/extensions/default-templates/shared/css/
118 KB
13 KB
Stylesheet
General
Full URL
https://www.therefinery.ca/wp-content/plugins/foogallery/extensions/default-templates/shared/css/foogallery.css?ver=2.2.35
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
078703b4088604c012e9e78d0c44d98eb85f64381c1679b7c4f5d411bfb52325

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
last-modified
Tue, 21 Mar 2023 21:31:24 GMT
server
nginx
etag
W/"641a222c-1d6a4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/css/
10 KB
2 KB
Stylesheet
General
Full URL
https://www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/css/style.css?ver=6.1.1
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e8de0c511f206a8522bae7f264f8ff7b242df812eb6dd6d1ec4c4a966dd42ed1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
last-modified
Thu, 08 Apr 2021 13:41:29 GMT
server
nginx
etag
W/"606f0809-260f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
font-awesome.css
www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/css/
37 KB
7 KB
Stylesheet
General
Full URL
https://www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/css/font-awesome.css?ver=6.1.1
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
last-modified
Thu, 08 Apr 2021 13:41:29 GMT
server
nginx
etag
W/"606f0809-9226"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/
4 KB
939 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C400%2C700%7CSacramento%3A300%2C400&ver=foodie_pro_THEME_VERSION
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11dc860c2c27c016e52c08456347953a56f3c54279842f915d06dcfd9cc93d3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 19:16:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 31 Mar 2023 19:16:13 GMT
style.css
www.therefinery.ca/wp-content/plugins/simple-social-icons/css/
1 KB
649 B
Stylesheet
General
Full URL
https://www.therefinery.ca/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
last-modified
Wed, 07 Sep 2022 20:50:24 GMT
server
nginx
etag
W/"63190410-4cc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jetpack.css
c0.wp.com/p/jetpack/11.9.1/css/
97 KB
17 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/jetpack/11.9.1/css/jetpack.css
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
79d10641c6d35e4e40683d5297eb7f52c0071e3b5e8247725118ebe08cce1b57
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 14 Mar 2023 19:58:29 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Mar 2024 19:16:13 GMT
style.css
www.therefinery.ca/wp-content/plugins/genesis-responsive-slider/assets/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.therefinery.ca/wp-content/plugins/genesis-responsive-slider/assets/style.css?ver=1.0.1
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
9472f0e4b9df82ddfd868a6b15cbbffcf1a00e25f6f502a36bdf9707fe93aec9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
last-modified
Wed, 14 Aug 2019 13:56:34 GMT
server
nginx
etag
W/"5d541312-1066"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
c0.wp.com/c/6.1.1/wp-includes/js/jquery/
88 KB
30 KB
Script
General
Full URL
https://c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Mon, 19 Sep 2022 14:16:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Mar 2024 19:16:13 GMT
jquery-migrate.min.js
c0.wp.com/c/6.1.1/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Mar 2024 19:16:13 GMT
THAT-WOMAN-WITH-EFFORTLESS-STYLE..jpg
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/11/
1 MB
1 MB
Image
General
Full URL
https://i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/11/THAT-WOMAN-WITH-EFFORTLESS-STYLE..jpg
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
40983c00cff3be7565f88352442ea8a85e29a7c1cd81c9c7b5a4410744040992
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 3
date
Fri, 31 Mar 2023 19:16:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 May 2022 16:54:41 GMT
server
nginx
etag
"22e919ff458c40c9"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://www.therefinery.ca/wp-content/uploads/2015/11/THAT-WOMAN-WITH-EFFORTLESS-STYLE..jpg>; rel="canonical"
content-length
1162458
expires
Sun, 05 May 2024 04:54:41 GMT
Style-expert-for-vogue-glamour-elle-GQ-BBC-Forbes..png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/06/
28 KB
28 KB
Image
General
Full URL
https://i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/06/Style-expert-for-vogue-glamour-elle-GQ-BBC-Forbes..png
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
a9bc51d7302b83132679842b4b35a1ee4f550870daefa656a13ae6dc7bde1082
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 4
date
Fri, 31 Mar 2023 19:16:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 May 2022 16:54:40 GMT
server
nginx
etag
"789f431242af7200"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://www.therefinery.ca/wp-content/uploads/2015/06/Style-expert-for-vogue-glamour-elle-GQ-BBC-Forbes..png>; rel="canonical"
content-length
28390
expires
Sun, 05 May 2024 04:54:40 GMT
photon.min.js
c0.wp.com/p/jetpack/11.9.1/_inc/build/photon/
685 B
371 B
Script
General
Full URL
https://c0.wp.com/p/jetpack/11.9.1/_inc/build/photon/photon.min.js
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 07 Dec 2021 16:56:47 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Mar 2024 19:16:13 GMT
front.js
www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/scripts/
5 KB
2 KB
Script
General
Full URL
https://www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/scripts/front.js?ver=2.3.2
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
eb048a2037ebacb05d190fa881b7f5065c64bfe2b5b6366a19a1a80c0020f3de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
last-modified
Thu, 08 Apr 2021 13:41:29 GMT
server
nginx
etag
W/"606f0809-12cf"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.cookie.js
www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/scripts/
4 KB
2 KB
Script
General
Full URL
https://www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/scripts/jquery.cookie.js?ver=2.3.2
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
9e87e2f42a956bd000600ef695440a1e4c1de7aa82b5488897ee72c124ac49bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
last-modified
Thu, 08 Apr 2021 13:41:29 GMT
server
nginx
etag
W/"606f0809-e7f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
general.js
www.therefinery.ca/wp-content/themes/foodiepro/assets/js/
658 B
579 B
Script
General
Full URL
https://www.therefinery.ca/wp-content/themes/foodiepro/assets/js/general.js?ver=1.0.0
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
cd0289f1b409e008f82436545797d9543cb7c526572f51148c04bd8118de113b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
last-modified
Mon, 24 Oct 2016 16:55:54 GMT
server
nginx
etag
W/"580e3d1a-292"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.flexslider.js
www.therefinery.ca/wp-content/plugins/genesis-responsive-slider/assets/js/
27 KB
6 KB
Script
General
Full URL
https://www.therefinery.ca/wp-content/plugins/genesis-responsive-slider/assets/js/jquery.flexslider.js?ver=1.0.1
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ee509bb1c57d79983d9b61bc0df4ffba2307f8bcae447efa74c311e2f615dda1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
last-modified
Wed, 14 Aug 2019 13:56:34 GMT
server
nginx
etag
W/"5d541312-6a6d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
eu-cookie-law.min.js
c0.wp.com/p/jetpack/11.9.1/_inc/build/widgets/eu-cookie-law/
2 KB
635 B
Script
General
Full URL
https://c0.wp.com/p/jetpack/11.9.1/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9f9093afac549fa0f24e54a23798dabcc1ca87f3fb1d4449e636a8ea99844527
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 07 Dec 2021 16:56:47 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Mar 2024 19:16:13 GMT
e-202313.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202313.js
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz
date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
server
nginx
etag
W/"61beb1e6-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 25 Mar 2024 04:37:38 GMT
wp-emoji-release.min.js
www.therefinery.ca/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.therefinery.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:13 GMT
content-encoding
br
last-modified
Tue, 12 Apr 2022 05:56:23 GMT
server
nginx
etag
W/"62551487-48b9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 31 Mar 2023 18:05:12 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4261
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 31 Mar 2023 20:05:12 GMT
universal.js
assets.flodesk.com/
101 KB
37 KB
Script
General
Full URL
https://assets.flodesk.com/universal.js?v=1680290173556
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:8e00:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd6287ffcb6d5d2543830d0defa4ff46c9bc413b845b17e07e3209e8f4f56f3c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 06:38:15 GMT
Content-Encoding
gzip
Via
1.1 6ef53c06467f47a1223db91b4e03cb22.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
Age
218279
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 29 Mar 2023 06:38:09 GMT
Server
AmazonS3
ETag
W/"2afad91403208f75843a8f47973929c4"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
X-Amz-Cf-Id
Eb1QvTzz9d4QvjWcTzXMzdR6UWupgUofpq6H9SZfbMtVLKp4cvSiWg==
vglnk.js
cdn.viglink.com/api/
82 KB
29 KB
Script
General
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-110.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a668268856434cbdbb058b9cb3e8d73eb6159305075868ae67b5c1c38e51ca1f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 13:37:04 GMT
content-encoding
gzip
via
1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront)
last-modified
Tue, 07 Feb 2023 13:36:11 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
279550
x-amz-server-side-encryption
AES256
etag
"18a10f22bd971df457201f5dcd81eef1"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28829
x-amz-cf-id
Wnuaj6tP5SKPbz8QMRxapV7fzzTIxI4uStGEMKpvNWukC5d6Y03ltQ==
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v25/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C400%2C700%7CSacramento%3A300%2C400&ver=foodie_pro_THEME_VERSION
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therefinery.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:54:55 GMT
x-content-type-options
nosniff
age
289278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26592
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:56:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:54:55 GMT
buEzpo6gcdjy0EiZMBUG4C0f_Q.woff2
fonts.gstatic.com/s/sacramento/v13/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sacramento/v13/buEzpo6gcdjy0EiZMBUG4C0f_Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C400%2C700%7CSacramento%3A300%2C400&ver=foodie_pro_THEME_VERSION
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fcd867d2812578d001b0eca921848e24de91d01986f26e038be374ec7c5cfd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therefinery.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 12:36:26 GMT
x-content-type-options
nosniff
age
283187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23708
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:03:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 12:36:26 GMT
wendy-woods-style-from-where-Ive-been.png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2018/11/
180 KB
180 KB
Image
General
Full URL
https://i0.wp.com/www.therefinery.ca/wp-content/uploads/2018/11/wendy-woods-style-from-where-Ive-been.png?resize=680%2C450&ssl=1
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
1fb5d5c94ddbd154c1031a8d619916fe70a06415164c6704d9d51fc68fcc4b52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 31 Mar 2023 19:16:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 May 2022 16:54:41 GMT
server
nginx
etag
"7e6b637a08d7c63f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.therefinery.ca/wp-content/uploads/2018/11/wendy-woods-style-from-where-Ive-been.png>; rel="canonical"
content-length
183958
expires
Sun, 05 May 2024 04:54:41 GMT
wardrobe-capsule-7-e1432595597774.png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/05/
35 KB
35 KB
Image
General
Full URL
https://i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/05/wardrobe-capsule-7-e1432595597774.png?resize=320%2C320&ssl=1
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
e0d8db2c40a32cefa58f4469b86b3e4a1fb207434857750e6cdcf8fbceaab6ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 1
date
Fri, 31 Mar 2023 19:16:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 26 Dec 2022 22:54:48 GMT
server
nginx
etag
"7417b2a019fc7dac"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.therefinery.ca/wp-content/uploads/2015/05/wardrobe-capsule-7-e1432595597774.png>; rel="canonical"
content-length
35406
expires
Thu, 26 Dec 2024 10:54:48 GMT
colours-that-go-together-1-e1430172175847.png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/04/
30 KB
30 KB
Image
General
Full URL
https://i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/04/colours-that-go-together-1-e1430172175847.png?resize=320%2C320&ssl=1
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
947e9d2c412c42dd7fe8df5504b6dedf4bac5e80716f9e922dfdebc2457c2d7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 31 Mar 2023 19:16:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 May 2022 16:54:41 GMT
server
nginx
etag
"323a1efc78bf070c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.therefinery.ca/wp-content/uploads/2015/04/colours-that-go-together-1-e1430172175847.png>; rel="canonical"
content-length
30960
expires
Sun, 05 May 2024 04:54:41 GMT
How-to-wear-a-denim-shirt.png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/04/
68 KB
69 KB
Image
General
Full URL
https://i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/04/How-to-wear-a-denim-shirt.png?resize=320%2C320&ssl=1
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
dd1010c9db57e1eed618fad48213e3ecd121de4be666ca6334c8ffc70c9766ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 1
date
Fri, 31 Mar 2023 19:16:13 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Mar 2023 19:50:35 GMT
server
nginx
etag
"43fd8f8607153677"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.therefinery.ca/wp-content/uploads/2015/04/How-to-wear-a-denim-shirt.png>; rel="canonical"
content-length
70088
expires
Mon, 17 Mar 2025 07:50:35 GMT
spring-outfits.png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/03/
108 KB
108 KB
Image
General
Full URL
https://i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/03/spring-outfits.png?resize=320%2C320&ssl=1
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
0fff4c2027775ae7c24954b473637cc24d8d6dd36f870d9a1ccfd665d3cc8889
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 31 Mar 2023 19:16:13 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Mar 2023 19:50:35 GMT
server
nginx
etag
"f8287d940430ad8c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.therefinery.ca/wp-content/uploads/2015/03/spring-outfits.png>; rel="canonical"
content-length
110402
expires
Mon, 17 Mar 2025 07:50:35 GMT
what-to-wear-to-a-conference.-itemized-packing-list.png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/01/
89 KB
89 KB
Image
General
Full URL
https://i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/01/what-to-wear-to-a-conference.-itemized-packing-list.png?resize=320%2C320&ssl=1
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ad4810377c15e58066f380fe9a66c23c4f2e97f8496867d6dd0ef8e154ce75e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
MISS yyz 3
date
Fri, 31 Mar 2023 19:16:13 GMT
x-content-type-options
nosniff
last-modified
Fri, 31 Mar 2023 19:16:13 GMT
server
nginx
etag
"a31776071c4d563d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.therefinery.ca/wp-content/uploads/2015/01/what-to-wear-to-a-conference.-itemized-packing-list.png>; rel="canonical"
content-length
90794
expires
Mon, 31 Mar 2025 07:16:13 GMT
Closet-inventory.jpg
i0.wp.com/www.therefinery.ca/wp-content/uploads/2014/04/
11 KB
11 KB
Image
General
Full URL
https://i0.wp.com/www.therefinery.ca/wp-content/uploads/2014/04/Closet-inventory.jpg?resize=320%2C320&ssl=1
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
c7f94b2fe8eb0d673869e71515fe739cb8ebccba120198c95cf0e1ba73bbd532
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT yyz 1
date
Fri, 31 Mar 2023 19:16:13 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Mar 2023 16:39:17 GMT
server
nginx
etag
"da2536bc822bd840"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.therefinery.ca/wp-content/uploads/2014/04/Closet-inventory.jpg>; rel="canonical"
content-length
11220
expires
Mon, 17 Mar 2025 04:39:17 GMT
collect
www.google-analytics.com/j/
3 B
148 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1409103093&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therefinery.ca%2F&ul=en-us&de=UTF-8&dt=THE%20REFINERY%20%7C%20online%20personal%20stylist%20in%20Toronto%20and%20around%20the%20world&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=582700283&gjid=606161067&cid=764617650.1680290174&tid=UA-8104867-1&_gid=78489317.1680290174&_r=1&_slc=1&z=1609978858
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.therefinery.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:16:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therefinery.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
189 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1409103093&t=pageview&_s=2&dl=https%3A%2F%2Fwww.therefinery.ca%2F&ul=en-us&de=UTF-8&dt=THE%20REFINERY%20%7C%20online%20personal%20stylist%20in%20Toronto%20and%20around%20the%20world&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=764617650.1680290174&tid=UA-8104867-1&_gid=78489317.1680290174&z=883695933
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4261
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/
50 B
93 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=78281826&post=0&tz=-5&srv=www.therefinery.ca&j=1%3A11.9.1&host=www.therefinery.ca&ref=&fcp=647&rand=0.6880260122982913
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 31 Mar 2023 19:16:13 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
fontawesome-webfont.woff2
www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/fonts/
75 KB
76 KB
Font
General
Full URL
https://www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.therefinery.ca
URL: https://www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/css/font-awesome.css?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.122.227 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.122.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/css/font-awesome.css?ver=6.1.1
Origin
https://www.therefinery.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:13 GMT
last-modified
Thu, 08 Apr 2021 13:41:29 GMT
server
nginx
etag
"606f0809-12d68"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
77160
6036a53aafc5df7f5c4704ae
form.flodesk.com/forms/
33 KB
5 KB
XHR
General
Full URL
https://form.flodesk.com/forms/6036a53aafc5df7f5c4704ae
Requested by
Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1680290173556
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:ec00:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
702b2461817739f4a7a3bef9fd458872845c6ec432a9a9404f2eae18bda1e077

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:14 GMT
content-encoding
gzip
via
1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
vary
Origin
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
hMGLkc8PieoWsIbKT8-ksCmAMisFYLWx57toG09lvyNPkXqQC1pXSg==
css
fonts.googleapis.com/
10 KB
803 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,300i,400,400i,700,700i&display=swap
Requested by
Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1680290173556
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bdf287a615018ad797c19a9e62261f427e34180a11ba40a685e25bf15cb0bb30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 31 Mar 2023 19:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 17:30:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 31 Mar 2023 19:16:14 GMT
947.f45864a720019a135d8f.js
assets.flodesk.com/
32 KB
12 KB
Script
General
Full URL
https://assets.flodesk.com/947.f45864a720019a135d8f.js
Requested by
Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1680290173556
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:8e00:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ddb844d60d2d29ca0a63ec6e005ab18475969232921955a9d6b9be4e8275dd65

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 06:38:16 GMT
Content-Encoding
gzip
Via
1.1 6ef53c06467f47a1223db91b4e03cb22.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
Age
218279
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 29 Mar 2023 06:37:44 GMT
Server
AmazonS3
ETag
W/"58e8836adab70573ea5f6b05b391f2a6"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
X-Amz-Cf-Id
1wUAU2AwbozwDjLkh5UAcsqw7ZeVEwpB3PJNr2b6E1jPyZ5uss1bSw==
650.0adf812821cb3db20b5d.js
assets.flodesk.com/
17 KB
6 KB
Script
General
Full URL
https://assets.flodesk.com/650.0adf812821cb3db20b5d.js
Requested by
Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1680290173556
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:8e00:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec5859871ca2c30ea24cb1c80724d81d408afb701f2656852483f57f257f542b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 06:38:16 GMT
Content-Encoding
gzip
Via
1.1 6ef53c06467f47a1223db91b4e03cb22.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
Age
218279
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 29 Mar 2023 06:37:43 GMT
Server
AmazonS3
ETag
W/"cd9efbb735b4cb94d9ebb1567824fda8"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
X-Amz-Cf-Id
Gl34sF7NM43b-rnx-6ogeU7c93URqnSLZFyluhrIboBGiOWY9wfT-A==
wendy-woods_b9cdccdb-a686-4327-b065-e97743c463b7.jpg
usercontent.flodesk.com/47bda947-0dcd-423d-b02f-ae6d01fae7a3/upload/
35 KB
35 KB
Image
General
Full URL
https://usercontent.flodesk.com/47bda947-0dcd-423d-b02f-ae6d01fae7a3/upload/wendy-woods_b9cdccdb-a686-4327-b065-e97743c463b7.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:600:16:5ccd:c900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5811c487381199ea347ea779daad62ba1c81f7b56c086a534f8b3f43f76d2790

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 13:31:47 GMT
Via
1.1 1f4c9bd672bb89060a69b305de06ad0e.cloudfront.net (CloudFront)
Last-Modified
Wed, 24 Feb 2021 19:14:04 GMT
Server
AmazonS3
Age
20668
X-Amz-Cf-Pop
EWR53-C2
Etag
"193dbff6236efbb962f4ad8aa098e56d"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35658
X-Amz-Cf-Id
aSZY0k7GdCmjVSehD8rgMuk2TnPI6kSuH9dniR2qff3bPfF1eXkzIA==
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/
45 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,300i,400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therefinery.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:42 GMT
x-content-type-options
nosniff
age
290672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:42 GMT
1Ptsg8zYS_SKggPNyCg4TYFq.woff2
fonts.gstatic.com/s/raleway/v28/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,300i,400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4defd36147167542db6c6ac44452d3784f51bf7f124128fe5f4581bbdb8d2ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therefinery.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:41 GMT
x-content-type-options
nosniff
age
290673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48620
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:45:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:41 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/
45 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,300i,400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therefinery.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:42 GMT
x-content-type-options
nosniff
age
290672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:42 GMT
ping
api.viglink.com/api/
288 B
1015 B
XHR
General
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.3.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-3-251.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
ac58ce6133a056dd6717d8968372d6cfa44ce7d71ae8fdf54e07f3fc0accfac2

Request headers

Referer
https://www.therefinery.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:16:15 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.therefinery.ca
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
288
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.min.js
get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/
Redirect Chain
  • https://api.viglink.com/api/sync.js?key=be356d06e4ffccf824b84448f0223fd1
  • https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
38 KB
12 KB
Script
General
Full URL
https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol
H2
Server
18.164.124.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-123.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5240f81348f6e42a822cb94a7440d7dbd266ce56c6f6201c50357f43e9fa5a95

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
TbEa6KI1u6dfxXR9ioGAHdquwCbY0JAH
content-encoding
gzip
via
1.1 d5b1e30b6413a7f5a2c9efa2afce8170.cloudfront.net (CloudFront)
date
Fri, 31 Mar 2023 19:16:15 GMT
last-modified
Tue, 28 Feb 2023 11:20:38 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
x-amz-server-side-encryption
AES256
etag
W/"1fdcbd9b025a8e748615aeda2355e253"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
rIgMOyT1XhcqdcblI0ykubZTwH5G95qgCPehKBZfqdRx_kVJMTmHWA==

Redirect headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:16:15 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location
https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://api.viglink.com/api/sync.gif?key=be356d06e4ffccf824b84448f0223fd1
  • https://ce.lijit.com/merge?pid=8008&3pid=504d754047ef3cae4734f7968983edfd
  • https://ce.lijit.com/merge?pid=8008&3pid=504d754047ef3cae4734f7968983edfd&dnr=1
43 B
682 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=8008&3pid=504d754047ef3cae4734f7968983edfd&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:16:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:16:15 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=8008&3pid=504d754047ef3cae4734f7968983edfd&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
domains
api.viglink.com/api/
61 B
511 B
XHR
General
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.3.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-3-251.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
51cf8d6e679975710a44a7b31e736900fbad5cf83057673463d0a70c85654558

Request headers

Referer
https://www.therefinery.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:16:15 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.therefinery.ca
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
onetag-geo.s-onetag.com/
535 B
942 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: api.viglink.com
URL: https://api.viglink.com/api/sync.js?key=be356d06e4ffccf824b84448f0223fd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-106.jfk51.r.cloudfront.net
Software
/
Resource Hash
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:16 GMT
via
1.1 b467a4a34e9f37bba6d2f0aba8257b5e.cloudfront.net (CloudFront), 1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK51-C1
x-amzn-requestid
20a8142b-86cb-426a-93d1-f90315d7b659
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
CqSsDHGxiYcFd7Q=
content-length
535
x-amz-cf-id
-aVqQ6YOPVqheAOOvhRtl-bHz7UBmr5yfTS-3Y5AszCpflW1EWWXsw==
beacon.min.js
signal-beacon.s-onetag.com/
22 KB
7 KB
Script
General
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: api.viglink.com
URL: https://api.viglink.com/api/sync.js?key=be356d06e4ffccf824b84448f0223fd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.39.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-39-112.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
h0jfx2_ld0LSppgdK5454e6x8dlC_h3s
content-encoding
gzip
via
1.1 6377b6d44129cf483b7fc47ee1f9b05c.cloudfront.net (CloudFront)
date
Fri, 31 Mar 2023 08:05:27 GMT
last-modified
Wed, 01 Mar 2023 12:13:37 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
40250
x-amz-server-side-encryption
AES256
etag
W/"fd89ceeda84b55780ed4e8f97b752a7a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
skNOVGSNaXlGM3PSweiR1XKlsedAWYId9fd6GibJzW41eAQFaweKkA==
v2
ap.lijit.com/readerinfo/
41 B
466 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b3531579bbeeaca112582c703f2e1056a1dd780f04108b0fa69b896d4386a5f6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:16:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.therefinery.ca
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61
dataBeacons.min.js
data-beacons.s-onetag.com/
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: api.viglink.com
URL: https://api.viglink.com/api/sync.js?key=be356d06e4ffccf824b84448f0223fd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-112.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
AynV9CxPKzE_gbaRfuvHkmlMpRA2Kx_l
content-encoding
gzip
via
1.1 c4ce298584668e99f320a46c88c4a04a.cloudfront.net (CloudFront)
date
Fri, 31 Mar 2023 18:46:16 GMT
last-modified
Mon, 30 Jan 2023 17:09:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1801
etag
W/"b33b67ced6b706568683ecea83e198c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
XIBuQ1t1vdsQkDAGd0qZFAGcdkAHhqIAd3aSJuh9VxPmg69wgwY4jQ==
v2
ap.lijit.com/readerinfo/
41 B
466 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: api.viglink.com
URL: https://api.viglink.com/api/sync.js?key=be356d06e4ffccf824b84448f0223fd1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b3531579bbeeaca112582c703f2e1056a1dd780f04108b0fa69b896d4386a5f6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:16:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.therefinery.ca
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 3774
85 B
462 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: api.viglink.com
URL: https://api.viglink.com/api/sync.js?key=be356d06e4ffccf824b84448f0223fd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-123.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://www.therefinery.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
387969
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Mon, 27 Mar 2023 08:59:21 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
via
1.1 d5b1e30b6413a7f5a2c9efa2afce8170.cloudfront.net (CloudFront)
x-amz-cf-id
0KHEhn594uVmhtDt6gi-MgDW41NAVaovkv7Z1_dYmENeApV0g-Qy7w==
x-amz-cf-pop
JFK50-P7
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 3774
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-123.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Fri, 31 Mar 2023 18:38:30 GMT
via
1.1 d5b1e30b6413a7f5a2c9efa2afce8170.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
2267
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
eJcNDrymL3nWddY7SspVjhxmGyOeCsl2JnSsSgvzjWhuV_IChGxmOw==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 3E82
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=11304&maxed=1&rnd=82323
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.39.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-39-96.ewr53.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://www.therefinery.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Fri, 31 Mar 2023 19:16:17 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server
Apache-Coyote/1.1
via
1.1 0a84c1b70b100e694edd23e638bf7fa8.cloudfront.net (CloudFront)
x-amz-cf-id
Y7DcjotHACA-6TeQ3idmwOx5cIVZCkzos2zekjp9gwk_h8Vwy3avIQ==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
merge
ce.lijit.com/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GZ2khQZHj0ehMKVTR8e3Xdbw/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=GZ2khQZHj0ehMKVTR8e3Xdbw/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
  • https://ce.lijit.com/merge?pid=5001&3pid=34484bc64d9419a30750065708bbd535
43 B
1012 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=34484bc64d9419a30750065708bbd535
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:16:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:16:17 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=34484bc64d9419a30750065708bbd535
cache-control
no-cache
x-server
10.40.36.105
content-length
0
expires
0
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GZ2khQZHj0ehMKVTR8e3Xdbw&rand=33012&pu=
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GZ2khQZHj0ehMKVTR8e3Xdbw&rand=33012&pu=&expected_cookie=dc8680a1-050c-46dc-8fd7-da4209fbd58e
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GZ2khQZHj0ehMKVTR8e3Xdbw&rand=33012&pu=&expected_cookie=dc8680a1-050c-46dc-8fd7-da4209fbd58e
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:18 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B669838D2FF64752AE892760268FCB2F Ref B: YMQ01EDGE0614 Ref C: 2023-03-31T19:16:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX4Nws0e3vbupy/CK3vIA==

Redirect headers

date
Fri, 31 Mar 2023 19:16:18 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 503C69667283452F9F48272A0F8DCC6B Ref B: YMQ01EDGE0614 Ref C: 2023-03-31T19:16:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=15697&puuid=GZ2khQZHj0ehMKVTR8e3Xdbw&rand=33012&pu=&expected_cookie=dc8680a1-050c-46dc-8fd7-da4209fbd58e
x-li-proto
http/2
content-length
0
x-li-uuid
AAX4Nwszq3iAC+ldSDI5FQ==
/
ps.eyeota.net/pixel/bounce/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
  • https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
807 B
1 KB
Script
General
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Protocol
HTTP/1.1
Server
18.214.54.215 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
67276e683daeac54954817e1772d49dc37d4c765cde9f476f2bf92f4d3f2decb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Fri, 31 Mar 2023 19:16:18 GMT
Content-Length
807
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Date
Fri, 31 Mar 2023 19:16:18 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
match
ps.eyeota.net/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnAwOWtBZTFfTTBhZ2VUZ2xGRTZnRldzMUc4eW9oQ0N6dGlsX29yemUtenM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MnAwOWtBZTFfTTBhZ2VUZ2xGRTZnRldzMUc4eW9oQ0N6dGlsX29yemUtenM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESENl8Ky80BRFm4mP7qqK2IVg&google_cver=1
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESENl8Ky80BRFm4mP7qqK2IVg&google_cver=1
Protocol
HTTP/1.1
Server
18.214.54.215 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 31 Mar 2023 19:16:18 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:16:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESENl8Ky80BRFm4mP7qqK2IVg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=c8762936-fd66-4a6a-b268-d684e8acb157&bid=1e2n4ou
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=c8762936-fd66-4a6a-b268-d684e8acb157&bid=1e2n4ou
Protocol
HTTP/1.1
Server
18.214.54.215 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 31 Mar 2023 19:16:18 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:16:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=c8762936-fd66-4a6a-b268-d684e8acb157&bid=1e2n4ou
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
191
29535
tags.bluekai.com/site/
62 B
478 B
Image
General
Full URL
https://tags.bluekai.com/site/29535?limit=1&id=2koP2k2CwIPm51XGS3eUvgrWZTKHth11zG_ZcVDLxejw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.6.178 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 31 Mar 2023 19:16:18 GMT
content-length
62
content-type
image/gif
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2rRSmdDJuZ3CnoCN3hT-WYwah0sSkzPQohbK7ZdxCRZ0
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3081&partner_device_id=2rRSmdDJuZ3CnoCN3hT-WYwah0sSkzPQohbK7ZdxCRZ0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4fe391ef-4013-4161-9670-e1c1b4ac7f77%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c8762936-fd66-4a6a-b268-d684e8acb157&ttd_puid=4fe391ef-4013-4161-9670-e1c1b4ac7f77%2C%2C
95 B
123 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c8762936-fd66-4a6a-b268-d684e8acb157&ttd_puid=4fe391ef-4013-4161-9670-e1c1b4ac7f77%2C%2C
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:16:18 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:16:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c8762936-fd66-4a6a-b268-d684e8acb157&ttd_puid=4fe391ef-4013-4161-9670-e1c1b4ac7f77%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
match
ps.eyeota.net/
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2519962718296961491&newuser=1&referrer_pid=51md42u
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2519962718296961491&newuser=1&referrer_pid=51md42u
Protocol
HTTP/1.1
Server
18.214.54.215 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 31 Mar 2023 19:16:18 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2519962718296961491&newuser=1&referrer_pid=51md42u
pragma
no-cache
date
Fri, 31 Mar 2023 19:16:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/
12 KB
4 KB
Script
General
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
f522106cb8eef17f67ab33bb623590773c6c58f65bfc805fff1f34a0abdf9c75

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.therefinery.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:16:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 17:51:39 GMT
Server
nginx
ETag
W/"5e628dab-2e98"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=604800, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Fri, 07 Apr 2023 19:16:18 GMT
beacon
vpod1q.qa.lijit.com/ Frame BC2A
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vpod1q.qa.lijit.com
URL
https://vpod1q.qa.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| _wpemojiSettings undefined| $ function| jQuery string| GoogleAnalyticsObject function| ga string| FlodeskObject function| fd function| vglnk object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| __v5k function| vl_cB function| vl_disable function| Cookies object| _stq object| twemoji object| wp function| st_go function| linktracker_init object| wpcom object| webpackChunk_dev_assets function| vglnk_16802901757126 undefined| vglnk_16802901757137 undefined| vglnk_16802901758419 object| __connect object| __underground

12 Cookies

Domain/Path Name / Value
.therefinery.ca/ Name: _ga
Value: GA1.2.764617650.1680290174
.therefinery.ca/ Name: _gid
Value: GA1.2.78489317.1680290174
.therefinery.ca/ Name: _gat
Value: 1
www.therefinery.ca/ Name: visited
Value: yes
.viglink.com/ Name: vglnk.Agent.p
Value: 504d754047ef3cae4734f7968983edfd
.lijit.com/ Name: ljt_reader
Value: GZ2khQZHj0ehMKVTR8e3Xdbw
.lijit.com/ Name: _ljtrtb_8008
Value: 504d754047ef3cae4734f7968983edfd
.intentiq.com/ Name: IQver
Value: 1.9
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 34484bc64d9419a30750065708bbd535
.lijit.com/ Name: ljtrtb
Value: eJwFwQENACAIBMAuJGDj9cE2TqCEs7t3V1zVZclQJAcUrLazCzQ0Y3q4VXbK%2B%2BYzCzc%3D
.lijit.com/ Name: _ljtrtb_5001
Value: 34484bc64d9419a30750065708bbd535

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ap.lijit.com
api.intentiq.com
api.viglink.com
assets.flodesk.com
bcp.crwdcntrl.net
c0.wp.com
cdn.viglink.com
ce.lijit.com
cm.g.doubleclick.net
d.turn.com
data-beacons.s-onetag.com
fonts.googleapis.com
fonts.gstatic.com
form.flodesk.com
get.s-onetag.com
i0.wp.com
match.adsrvr.org
onetag-geo.s-onetag.com
pixel.tapad.com
pixel.wp.com
ps.eyeota.net
px.ads.linkedin.com
signal-beacon.s-onetag.com
stats.wp.com
tags.bluekai.com
usercontent.flodesk.com
vpod1q.qa.lijit.com
www.google-analytics.com
www.therefinery.ca
vpod1q.qa.lijit.com
104.197.122.227
108.138.128.110
108.139.29.112
13.225.223.106
13.226.39.112
13.226.39.96
142.250.65.226
15.197.193.217
18.164.124.123
18.214.54.215
192.0.76.3
192.0.77.2
192.0.77.37
23.205.6.178
2600:9000:20ed:8e00:f:b2f5:a240:93a1
2600:9000:21dd:600:16:5ccd:c900:93a1
2600:9000:24f1:ec00:f:9de7:2240:93a1
2607:f8b0:4006:80f::200a
2607:f8b0:4006:817::200e
2607:f8b0:4006:81f::2003
2620:112:f002:bbbb::23
2620:1ec:21::14
34.111.113.62
52.5.98.218
54.89.3.251
63.251.86.49
72.251.238.254
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
078703b4088604c012e9e78d0c44d98eb85f64381c1679b7c4f5d411bfb52325
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0fff4c2027775ae7c24954b473637cc24d8d6dd36f870d9a1ccfd665d3cc8889
11dc860c2c27c016e52c08456347953a56f3c54279842f915d06dcfd9cc93d3c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fb5d5c94ddbd154c1031a8d619916fe70a06415164c6704d9d51fc68fcc4b52
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fcd867d2812578d001b0eca921848e24de91d01986f26e038be374ec7c5cfd2
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
3bfa252230774121983c0671862012384108e8ec6762a7f022ebe6fb15f323ff
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
40983c00cff3be7565f88352442ea8a85e29a7c1cd81c9c7b5a4410744040992
4defd36147167542db6c6ac44452d3784f51bf7f124128fe5f4581bbdb8d2ccc
51cf8d6e679975710a44a7b31e736900fbad5cf83057673463d0a70c85654558
5240f81348f6e42a822cb94a7440d7dbd266ce56c6f6201c50357f43e9fa5a95
5811c487381199ea347ea779daad62ba1c81f7b56c086a534f8b3f43f76d2790
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
67276e683daeac54954817e1772d49dc37d4c765cde9f476f2bf92f4d3f2decb
702b2461817739f4a7a3bef9fd458872845c6ec432a9a9404f2eae18bda1e077
79d10641c6d35e4e40683d5297eb7f52c0071e3b5e8247725118ebe08cce1b57
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9472f0e4b9df82ddfd868a6b15cbbffcf1a00e25f6f502a36bdf9707fe93aec9
947e9d2c412c42dd7fe8df5504b6dedf4bac5e80716f9e922dfdebc2457c2d7a
9874c174bfb77cf959f8f32316649359d8b1b709445f6b740d33e6752b0e94fe
9e87e2f42a956bd000600ef695440a1e4c1de7aa82b5488897ee72c124ac49bc
9f9093afac549fa0f24e54a23798dabcc1ca87f3fb1d4449e636a8ea99844527
a668268856434cbdbb058b9cb3e8d73eb6159305075868ae67b5c1c38e51ca1f
a9bc51d7302b83132679842b4b35a1ee4f550870daefa656a13ae6dc7bde1082
ac58ce6133a056dd6717d8968372d6cfa44ce7d71ae8fdf54e07f3fc0accfac2
ad4810377c15e58066f380fe9a66c23c4f2e97f8496867d6dd0ef8e154ce75e9
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3531579bbeeaca112582c703f2e1056a1dd780f04108b0fa69b896d4386a5f6
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bdf287a615018ad797c19a9e62261f427e34180a11ba40a685e25bf15cb0bb30
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c7f94b2fe8eb0d673869e71515fe739cb8ebccba120198c95cf0e1ba73bbd532
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd0289f1b409e008f82436545797d9543cb7c526572f51148c04bd8118de113b
dd1010c9db57e1eed618fad48213e3ecd121de4be666ca6334c8ffc70c9766ac
dd6287ffcb6d5d2543830d0defa4ff46c9bc413b845b17e07e3209e8f4f56f3c
ddb844d60d2d29ca0a63ec6e005ab18475969232921955a9d6b9be4e8275dd65
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e0d8db2c40a32cefa58f4469b86b3e4a1fb207434857750e6cdcf8fbceaab6ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8de0c511f206a8522bae7f264f8ff7b242df812eb6dd6d1ec4c4a966dd42ed1
eb048a2037ebacb05d190fa881b7f5065c64bfe2b5b6366a19a1a80c0020f3de
ec5859871ca2c30ea24cb1c80724d81d408afb701f2656852483f57f257f542b
ee509bb1c57d79983d9b61bc0df4ffba2307f8bcae447efa74c311e2f615dda1
f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f522106cb8eef17f67ab33bb623590773c6c58f65bfc805fff1f34a0abdf9c75