www.therefinery.ca
Open in
urlscan Pro
104.197.122.227
Public Scan
Effective URL: https://www.therefinery.ca/
Submission: On March 31 via api from CA — Scanned from CA
Summary
TLS certificate: Issued by R3 on March 16th 2023. Valid for: 3 months.
This is the only time www.therefinery.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 227.122.197.104.bc.googleusercontent.com
www.therefinery.ca |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-110.jfk50.r.cloudfront.net
cdn.viglink.com |
ASN16509 (AMAZON-02, US)
usercontent.flodesk.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-3-251.compute-1.amazonaws.com
api.viglink.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-123.jfk50.r.cloudfront.net
get.s-onetag.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-106.jfk51.r.cloudfront.net
onetag-geo.s-onetag.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-112.ewr53.r.cloudfront.net
signal-beacon.s-onetag.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-112.jfk50.r.cloudfront.net
data-beacons.s-onetag.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-96.ewr53.r.cloudfront.net
api.intentiq.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-98-218.compute-1.amazonaws.com
bcp.crwdcntrl.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
wp.com
c0.wp.com — Cisco Umbrella Rank: 7535 i0.wp.com — Cisco Umbrella Rank: 3491 stats.wp.com — Cisco Umbrella Rank: 2973 pixel.wp.com — Cisco Umbrella Rank: 2697 |
2 MB |
14 |
therefinery.ca
1 redirects
www.therefinery.ca |
135 KB |
6 |
lijit.com
1 redirects
ce.lijit.com — Cisco Umbrella Rank: 1025 ap.lijit.com — Cisco Umbrella Rank: 646 vpod1q.qa.lijit.com Failed |
7 KB |
6 |
s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4020 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4970 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5065 data-beacons.s-onetag.com — Cisco Umbrella Rank: 13802 |
24 KB |
5 |
eyeota.net
1 redirects
ps.eyeota.net |
3 KB |
5 |
gstatic.com
fonts.gstatic.com |
188 KB |
5 |
viglink.com
2 redirects
cdn.viglink.com — Cisco Umbrella Rank: 9462 api.viglink.com — Cisco Umbrella Rank: 13720 |
31 KB |
5 |
flodesk.com
assets.flodesk.com — Cisco Umbrella Rank: 21761 form.flodesk.com — Cisco Umbrella Rank: 30003 usercontent.flodesk.com — Cisco Umbrella Rank: 35388 |
96 KB |
3 |
tapad.com
2 redirects
pixel.tapad.com |
1 KB |
3 |
adsrvr.org
3 redirects
match.adsrvr.org |
1 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
20 KB |
2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net |
1 KB |
2 |
linkedin.com
1 redirects
px.ads.linkedin.com |
855 B |
2 |
crwdcntrl.net
2 redirects
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1006 |
835 B |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 |
2 KB |
1 |
turn.com
1 redirects
d.turn.com |
438 B |
1 |
bluekai.com
tags.bluekai.com |
478 B |
1 |
intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1700 |
|
71 | 18 |
Domain | Requested by | |
---|---|---|
14 | www.therefinery.ca |
1 redirects
www.therefinery.ca
|
9 | i0.wp.com |
www.therefinery.ca
|
9 | c0.wp.com |
www.therefinery.ca
|
5 | ps.eyeota.net | 1 redirects |
5 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | api.viglink.com |
2 redirects
cdn.viglink.com
|
3 | pixel.tapad.com | 2 redirects |
3 | match.adsrvr.org | 3 redirects |
3 | ap.lijit.com |
signal-beacon.s-onetag.com
api.viglink.com data-beacons.s-onetag.com |
3 | ce.lijit.com | 1 redirects |
3 | get.s-onetag.com |
api.viglink.com
get.s-onetag.com |
3 | assets.flodesk.com |
www.therefinery.ca
assets.flodesk.com |
3 | www.google-analytics.com |
www.therefinery.ca
www.google-analytics.com |
2 | cm.g.doubleclick.net | 2 redirects |
2 | px.ads.linkedin.com | 1 redirects |
2 | bcp.crwdcntrl.net | 2 redirects |
2 | fonts.googleapis.com |
www.therefinery.ca
assets.flodesk.com |
1 | d.turn.com | 1 redirects |
1 | tags.bluekai.com | |
1 | api.intentiq.com |
data-beacons.s-onetag.com
|
1 | data-beacons.s-onetag.com |
api.viglink.com
|
1 | signal-beacon.s-onetag.com |
api.viglink.com
|
1 | onetag-geo.s-onetag.com |
api.viglink.com
|
1 | usercontent.flodesk.com | |
1 | form.flodesk.com |
assets.flodesk.com
|
1 | pixel.wp.com |
www.therefinery.ca
|
1 | cdn.viglink.com |
www.therefinery.ca
|
1 | stats.wp.com |
www.therefinery.ca
|
0 | vpod1q.qa.lijit.com Failed |
ap.lijit.com
|
71 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.graceineverymoment.com |
therefinery.ca |
shaybocks.com |
www.studiopress.com |
wordpress.org |
automattic.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.therefinery.ca R3 |
2023-03-16 - 2023-06-14 |
3 months | crt.sh |
*.wp.com Sectigo ECC Domain Validation Secure Server CA |
2022-11-14 - 2023-12-15 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-13 - 2023-06-05 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-13 - 2023-06-05 |
3 months | crt.sh |
*.flodesk.com Amazon RSA 2048 M01 |
2023-02-24 - 2023-08-01 |
5 months | crt.sh |
viglink.com Amazon RSA 2048 M01 |
2023-02-24 - 2023-11-11 |
9 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-13 - 2023-06-05 |
3 months | crt.sh |
*.s-onetag.com Amazon RSA 2048 M01 |
2023-02-23 - 2024-01-02 |
10 months | crt.sh |
*.lijit.com Go Daddy Secure Certificate Authority - G2 |
2022-06-27 - 2023-06-05 |
a year | crt.sh |
*.intentiq.com Amazon RSA 2048 M01 |
2023-02-28 - 2023-04-17 |
2 months | crt.sh |
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-07 - 2024-02-08 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.therefinery.ca/
Frame ID: 819B3F69C0E391C1E280C22A582A1753
Requests: 67 HTTP requests in this frame
Frame:
https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 3774B97DD9ABF43AEE2B4E8392739E21
Requests: 2 HTTP requests in this frame
Frame:
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=11304&maxed=1&rnd=82323
Frame ID: 3E828C8B1A3E955A4EE2E1370D755E9A
Requests: 1 HTTP requests in this frame
Frame:
https://vpod1q.qa.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Frame ID: BC2AD32560480E203DABAEA6328E928F
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
THE REFINERY | online personal stylist in Toronto and around the worldPage URL History Show full URLs
-
http://www.therefinery.ca/
HTTP 301
https://www.therefinery.ca/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Yoast SEO (SEO) Expand
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
VigLink (Advertising Networks) Expand
Detected patterns
- (?:^[^/]*//[^/]*viglink\.com/api/|vglnk\.js)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: check it out!
Search URL Search Domain Scan URL
Title: work with wendy
Search URL Search Domain Scan URL
Title: contact
Search URL Search Domain Scan URL
Title: free style advice
Search URL Search Domain Scan URL
Title: Foodie Pro Theme
Search URL Search Domain Scan URL
Title: Genesis Framework
Search URL Search Domain Scan URL
Title: WordPress
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.therefinery.ca/
HTTP 301
https://www.therefinery.ca/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 49- https://api.viglink.com/api/sync.js?key=be356d06e4ffccf824b84448f0223fd1 HTTP 302
- https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
- https://api.viglink.com/api/sync.gif?key=be356d06e4ffccf824b84448f0223fd1 HTTP 302
- https://ce.lijit.com/merge?pid=8008&3pid=504d754047ef3cae4734f7968983edfd HTTP 302
- https://ce.lijit.com/merge?pid=8008&3pid=504d754047ef3cae4734f7968983edfd&dnr=1
- https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GZ2khQZHj0ehMKVTR8e3Xdbw/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
- https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=GZ2khQZHj0ehMKVTR8e3Xdbw/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
- https://ce.lijit.com/merge?pid=5001&3pid=34484bc64d9419a30750065708bbd535
- https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GZ2khQZHj0ehMKVTR8e3Xdbw&rand=33012&pu= HTTP 302
- https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GZ2khQZHj0ehMKVTR8e3Xdbw&rand=33012&pu=&expected_cookie=dc8680a1-050c-46dc-8fd7-da4209fbd58e
- https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0 HTTP 302
- https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
- https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnAwOWtBZTFfTTBhZ2VUZ2xGRTZnRldzMUc4eW9oQ0N6dGlsX29yemUtenM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MnAwOWtBZTFfTTBhZ2VUZ2xGRTZnRldzMUc4eW9oQ0N6dGlsX29yemUtenM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_tc= HTTP 302
- https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESENl8Ky80BRFm4mP7qqK2IVg&google_cver=1
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
- https://ps.eyeota.net/match?uid=c8762936-fd66-4a6a-b268-d684e8acb157&bid=1e2n4ou
- https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2rRSmdDJuZ3CnoCN3hT-WYwah0sSkzPQohbK7ZdxCRZ0 HTTP 302
- https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3081&partner_device_id=2rRSmdDJuZ3CnoCN3hT-WYwah0sSkzPQohbK7ZdxCRZ0 HTTP 302
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4fe391ef-4013-4161-9670-e1c1b4ac7f77%252C%252C&gdpr=0&gdpr_consent= HTTP 302
- https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c8762936-fd66-4a6a-b268-d684e8acb157&ttd_puid=4fe391ef-4013-4161-9670-e1c1b4ac7f77%2C%2C
- https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u HTTP 302
- https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2519962718296961491&newuser=1&referrer_pid=51md42u
71 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.therefinery.ca/ Redirect Chain
|
42 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.therefinery.ca/wp-content/themes/foodiepro/ |
44 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/ |
93 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediaelementplayer-legacy.min.css
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-mediaelement.min.css
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
classic-themes.min.css
c0.wp.com/c/6.1.1/wp-includes/css/ |
217 B 280 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foogallery.css
www.therefinery.ca/wp-content/plugins/foogallery/extensions/default-templates/shared/css/ |
118 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/css/ |
37 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 939 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.therefinery.ca/wp-content/plugins/simple-social-icons/css/ |
1 KB 649 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jetpack.css
c0.wp.com/p/jetpack/11.9.1/css/ |
97 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.therefinery.ca/wp-content/plugins/genesis-responsive-slider/assets/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ |
88 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
THAT-WOMAN-WITH-EFFORTLESS-STYLE..jpg
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/11/ |
1 MB 1 MB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Style-expert-for-vogue-glamour-elle-GQ-BBC-Forbes..png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/06/ |
28 KB 28 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
photon.min.js
c0.wp.com/p/jetpack/11.9.1/_inc/build/photon/ |
685 B 371 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
front.js
www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/scripts/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cookie.js
www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/scripts/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
general.js
www.therefinery.ca/wp-content/themes/foodiepro/assets/js/ |
658 B 579 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.flexslider.js
www.therefinery.ca/wp-content/plugins/genesis-responsive-slider/assets/js/ |
27 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eu-cookie-law.min.js
c0.wp.com/p/jetpack/11.9.1/_inc/build/widgets/eu-cookie-law/ |
2 KB 635 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e-202313.js
stats.wp.com/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
www.therefinery.ca/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
universal.js
assets.flodesk.com/ |
101 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vglnk.js
cdn.viglink.com/api/ |
82 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v25/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buEzpo6gcdjy0EiZMBUG4C0f_Q.woff2
fonts.gstatic.com/s/sacramento/v13/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wendy-woods-style-from-where-Ive-been.png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2018/11/ |
180 KB 180 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wardrobe-capsule-7-e1432595597774.png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/05/ |
35 KB 35 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
colours-that-go-together-1-e1430172175847.png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/04/ |
30 KB 30 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
How-to-wear-a-denim-shirt.png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/04/ |
68 KB 69 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spring-outfits.png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/03/ |
108 KB 108 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
what-to-wear-to-a-conference.-itemized-packing-list.png
i0.wp.com/www.therefinery.ca/wp-content/uploads/2015/01/ |
89 KB 89 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Closet-inventory.jpg
i0.wp.com/www.therefinery.ca/wp-content/uploads/2014/04/ |
11 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 148 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 189 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g.gif
pixel.wp.com/ |
50 B 93 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
www.therefinery.ca/wp-content/plugins/topbar-for-genesis/assets/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6036a53aafc5df7f5c4704ae
form.flodesk.com/forms/ |
33 KB 5 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 803 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
947.f45864a720019a135d8f.js
assets.flodesk.com/ |
32 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
650.0adf812821cb3db20b5d.js
assets.flodesk.com/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wendy-woods_b9cdccdb-a686-4327-b065-e97743c463b7.jpg
usercontent.flodesk.com/47bda947-0dcd-423d-b02f-ae6d01fae7a3/upload/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ |
45 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptsg8zYS_SKggPNyCg4TYFq.woff2
fonts.gstatic.com/s/raleway/v28/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ |
45 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
ping
api.viglink.com/api/ |
288 B 1015 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.min.js
get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/ Redirect Chain
|
38 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
merge
ce.lijit.com/ Redirect Chain
|
43 B 682 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
domains
api.viglink.com/api/ |
61 B 511 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
onetag-geo.s-onetag.com/ |
535 B 942 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.min.js
signal-beacon.s-onetag.com/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v2
ap.lijit.com/readerinfo/ |
41 B 466 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dataBeacons.min.js
data-beacons.s-onetag.com/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v2
ap.lijit.com/readerinfo/ |
41 B 466 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 3774 |
85 B 462 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 3774 |
766 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 3E82 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
merge
ce.lijit.com/ Redirect Chain
|
43 B 1012 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
db_sync
px.ads.linkedin.com/ Redirect Chain
|
0 142 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ps.eyeota.net/pixel/bounce/ Redirect Chain
|
807 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
29535
tags.bluekai.com/site/ |
62 B 478 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
receive
pixel.tapad.com/idsync/ex/ Redirect Chain
|
95 B 123 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
beacon
vpod1q.qa.lijit.com/ Frame BC2A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- vpod1q.qa.lijit.com
- URL
- https://vpod1q.qa.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless object| _wpemojiSettings undefined| $ function| jQuery string| GoogleAnalyticsObject function| ga string| FlodeskObject function| fd function| vglnk object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| __v5k function| vl_cB function| vl_disable function| Cookies object| _stq object| twemoji object| wp function| st_go function| linktracker_init object| wpcom object| webpackChunk_dev_assets function| vglnk_16802901757126 undefined| vglnk_16802901757137 undefined| vglnk_16802901758419 object| __connect object| __underground12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.therefinery.ca/ | Name: _ga Value: GA1.2.764617650.1680290174 |
|
.therefinery.ca/ | Name: _gid Value: GA1.2.78489317.1680290174 |
|
.therefinery.ca/ | Name: _gat Value: 1 |
|
www.therefinery.ca/ | Name: visited Value: yes |
|
.viglink.com/ | Name: vglnk.Agent.p Value: 504d754047ef3cae4734f7968983edfd |
|
.lijit.com/ | Name: ljt_reader Value: GZ2khQZHj0ehMKVTR8e3Xdbw |
|
.lijit.com/ | Name: _ljtrtb_8008 Value: 504d754047ef3cae4734f7968983edfd |
|
.intentiq.com/ | Name: IQver Value: 1.9 |
|
.crwdcntrl.net/ | Name: _cc_dc Value: 0 |
|
.crwdcntrl.net/ | Name: _cc_id Value: 34484bc64d9419a30750065708bbd535 |
|
.lijit.com/ | Name: ljtrtb Value: eJwFwQENACAIBMAuJGDj9cE2TqCEs7t3V1zVZclQJAcUrLazCzQ0Y3q4VXbK%2B%2BYzCzc%3D |
|
.lijit.com/ | Name: _ljtrtb_5001 Value: 34484bc64d9419a30750065708bbd535 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ap.lijit.com
api.intentiq.com
api.viglink.com
assets.flodesk.com
bcp.crwdcntrl.net
c0.wp.com
cdn.viglink.com
ce.lijit.com
cm.g.doubleclick.net
d.turn.com
data-beacons.s-onetag.com
fonts.googleapis.com
fonts.gstatic.com
form.flodesk.com
get.s-onetag.com
i0.wp.com
match.adsrvr.org
onetag-geo.s-onetag.com
pixel.tapad.com
pixel.wp.com
ps.eyeota.net
px.ads.linkedin.com
signal-beacon.s-onetag.com
stats.wp.com
tags.bluekai.com
usercontent.flodesk.com
vpod1q.qa.lijit.com
www.google-analytics.com
www.therefinery.ca
vpod1q.qa.lijit.com
104.197.122.227
108.138.128.110
108.139.29.112
13.225.223.106
13.226.39.112
13.226.39.96
142.250.65.226
15.197.193.217
18.164.124.123
18.214.54.215
192.0.76.3
192.0.77.2
192.0.77.37
23.205.6.178
2600:9000:20ed:8e00:f:b2f5:a240:93a1
2600:9000:21dd:600:16:5ccd:c900:93a1
2600:9000:24f1:ec00:f:9de7:2240:93a1
2607:f8b0:4006:80f::200a
2607:f8b0:4006:817::200e
2607:f8b0:4006:81f::2003
2620:112:f002:bbbb::23
2620:1ec:21::14
34.111.113.62
52.5.98.218
54.89.3.251
63.251.86.49
72.251.238.254
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
078703b4088604c012e9e78d0c44d98eb85f64381c1679b7c4f5d411bfb52325
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0fff4c2027775ae7c24954b473637cc24d8d6dd36f870d9a1ccfd665d3cc8889
11dc860c2c27c016e52c08456347953a56f3c54279842f915d06dcfd9cc93d3c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fb5d5c94ddbd154c1031a8d619916fe70a06415164c6704d9d51fc68fcc4b52
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fcd867d2812578d001b0eca921848e24de91d01986f26e038be374ec7c5cfd2
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
3bfa252230774121983c0671862012384108e8ec6762a7f022ebe6fb15f323ff
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
40983c00cff3be7565f88352442ea8a85e29a7c1cd81c9c7b5a4410744040992
4defd36147167542db6c6ac44452d3784f51bf7f124128fe5f4581bbdb8d2ccc
51cf8d6e679975710a44a7b31e736900fbad5cf83057673463d0a70c85654558
5240f81348f6e42a822cb94a7440d7dbd266ce56c6f6201c50357f43e9fa5a95
5811c487381199ea347ea779daad62ba1c81f7b56c086a534f8b3f43f76d2790
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
67276e683daeac54954817e1772d49dc37d4c765cde9f476f2bf92f4d3f2decb
702b2461817739f4a7a3bef9fd458872845c6ec432a9a9404f2eae18bda1e077
79d10641c6d35e4e40683d5297eb7f52c0071e3b5e8247725118ebe08cce1b57
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9472f0e4b9df82ddfd868a6b15cbbffcf1a00e25f6f502a36bdf9707fe93aec9
947e9d2c412c42dd7fe8df5504b6dedf4bac5e80716f9e922dfdebc2457c2d7a
9874c174bfb77cf959f8f32316649359d8b1b709445f6b740d33e6752b0e94fe
9e87e2f42a956bd000600ef695440a1e4c1de7aa82b5488897ee72c124ac49bc
9f9093afac549fa0f24e54a23798dabcc1ca87f3fb1d4449e636a8ea99844527
a668268856434cbdbb058b9cb3e8d73eb6159305075868ae67b5c1c38e51ca1f
a9bc51d7302b83132679842b4b35a1ee4f550870daefa656a13ae6dc7bde1082
ac58ce6133a056dd6717d8968372d6cfa44ce7d71ae8fdf54e07f3fc0accfac2
ad4810377c15e58066f380fe9a66c23c4f2e97f8496867d6dd0ef8e154ce75e9
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3531579bbeeaca112582c703f2e1056a1dd780f04108b0fa69b896d4386a5f6
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bdf287a615018ad797c19a9e62261f427e34180a11ba40a685e25bf15cb0bb30
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c7f94b2fe8eb0d673869e71515fe739cb8ebccba120198c95cf0e1ba73bbd532
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd0289f1b409e008f82436545797d9543cb7c526572f51148c04bd8118de113b
dd1010c9db57e1eed618fad48213e3ecd121de4be666ca6334c8ffc70c9766ac
dd6287ffcb6d5d2543830d0defa4ff46c9bc413b845b17e07e3209e8f4f56f3c
ddb844d60d2d29ca0a63ec6e005ab18475969232921955a9d6b9be4e8275dd65
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e0d8db2c40a32cefa58f4469b86b3e4a1fb207434857750e6cdcf8fbceaab6ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8de0c511f206a8522bae7f264f8ff7b242df812eb6dd6d1ec4c4a966dd42ed1
eb048a2037ebacb05d190fa881b7f5065c64bfe2b5b6366a19a1a80c0020f3de
ec5859871ca2c30ea24cb1c80724d81d408afb701f2656852483f57f257f542b
ee509bb1c57d79983d9b61bc0df4ffba2307f8bcae447efa74c311e2f615dda1
f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f522106cb8eef17f67ab33bb623590773c6c58f65bfc805fff1f34a0abdf9c75