urlscan.io logo urlscan.io
SecurityTrails logo

offers.refinerysixtythree.com Open in urlscan Pro
192.236.233.27  Public Scan

Go To Rescan Add Verdict Report
URL: https://offers.refinerysixtythree.com/
Submission: On January 30 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 44 HTTP transactions. The main IP is 192.236.233.27, located in Seattle, United States and belongs to HOSTWINDS, US. The main domain is offers.refinerysixtythree.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 30th 2021. Valid for: 3 months.
This is the only time offers.refinerysixtythree.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 192.236.233.27 54290 (HOSTWINDS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.45.26.232 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
44 11
26    192.236.233.27 (Seattle, United States)

ASN54290 (HOSTWINDS, US)
PTR: host.refinedserver.com
offers.refinerysixtythree.com
1    2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
5    2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)
prism.app-us1.com
diffuser-cdn.app-us1.com
1    2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
5    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
forms.hubspot.com
track.hubspot.com
app.hubspot.com
1    52.45.26.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-26-232.compute-1.amazonaws.com
trackcmp.net
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)
conversations.app-us1.com
Domain Requested by
26 offers.refinerysixtythree.com offers.refinerysixtythree.com
3 diffuser-cdn.app-us1.com offers.refinerysixtythree.com
prism.app-us1.com
diffuser-cdn.app-us1.com
2 conversations.app-us1.com diffuser-cdn.app-us1.com
2 api.hubspot.com js.usemessages.com
2 prism.app-us1.com 1 redirects prism.app-us1.com
1 app.hubspot.com js.usemessages.com
1 track.hubspot.com
1 fonts.googleapis.com offers.refinerysixtythree.com
1 trackcmp.net prism.app-us1.com
1 forms.hubspot.com js.hscollectedforms.net
1 js.hscollectedforms.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-scripts.com offers.refinerysixtythree.com
44 15

This site contains no links.

Subject Issuer Validity Valid
offers.refinerysixtythree.com
cPanel, Inc. Certification Authority		 2021-01-30 -
2021-04-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2020-07-27 -
2021-07-27		 a year crt.sh
*.trackcmp.net
Amazon		 2020-03-31 -
2021-04-30		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://offers.refinerysixtythree.com/
Frame ID: D5982BCE11ED5C384184D5CA59C4EF47
Requests: 38 HTTP requests in this frame

Frame: https://diffuser-cdn.app-us1.com/conversations/widget.d1f4ff7646dd12c98bd4.js
Frame ID: 9B3E65D576FE6B129A7F923D50129272
Requests: 3 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/8021334/threads/utk/22ea2cd6865c4be3913671f14488d54a?uuid=8c971794054b4a118cb735baf2c814a5&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=22ea2cd6865c4be3913671f14488d54a&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 3B03574D48B5A4D8FB7E4090DAE99978
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /prism\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

44
Requests

100 %
HTTPS

82 %
IPv6

10
Domains

15
Subdomains

11
IPs

2
Countries

545 kB
Transfer

2170 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://prism.app-us1.com/prism.js HTTP 301
  • https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offers.refinerysixtythree.com/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
245fbd6c6f3ba95cb75f1664d1be1830e127b56eda0654fee906536194ceba84

Request headers

Host
offers.refinerysixtythree.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:15 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
5391
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
base.css
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ 		704 B
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/base.css?ver=2.5.6.1
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
d16400e6b2166cf4a5b37b2216cde40c8637e6693cf623abbee9f8cd21a7dc33

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Nov 2020 16:15:25 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
321
blank_v2.css
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ 		0
256 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/blank_v2.css?ver=2.5.6.1
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Last-Modified
Sat, 14 Nov 2020 16:15:25 GMT
Server
Apache
Vary
User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
0
style.min.css
offers.refinerysixtythree.com/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 18:00:38 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7907
style-index.css
offers.refinerysixtythree.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/ 		70 B
366 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/style-index.css?ver=1605429926
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Nov 2020 08:45:26 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
68
thrive_flat.css
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/editor/css/ 		593 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.5.6.1
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
41b778a125f809bdffee47c7393bc059e29ca589f66b998226b0d9d2ef86759a

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Nov 2020 16:15:25 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
style.css
offers.refinerysixtythree.com/wp-content/themes/thrive-theme/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/themes/thrive-theme/style.css?ver=1.1.0
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
4b5b234b88d5b5a562f8e2492a9d70fd3ce248ae234588eb18189d5df4216e1c

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Nov 2020 08:41:25 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9310
jquery.js
offers.refinerysixtythree.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 May 2019 04:25:54 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33776
header.min.js
offers.refinerysixtythree.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/header.min.js?ver=1.2.8
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
61c8edca4e5b216ae3b455f479e1ab2f806fcb7924fe1e3cd1b0406a562bc8b2

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Nov 2020 16:15:27 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1082
no-campaign.min.js
offers.refinerysixtythree.com/wp-content/plugins/thrive-ultimatum/js/dist/ 		583 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-ultimatum/js/dist/no-campaign.min.js?v=2.2.16.1
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
43f2ff515050c5ee8e998578aa9d976852cd79b7906f2b2f1b9abbdfad1b4605

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Nov 2020 16:15:27 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
347
site_tracking.js
offers.refinerysixtythree.com/wp-content/plugins/activecampaign-subscription-forms/ 		1 KB
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/activecampaign-subscription-forms/site_tracking.js?ver=5.5.3
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
3d0df3d4f93a86a8251376ca0ea925e3c8b813fbd65625a9cc9e44a062f111a3

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Nov 2020 08:45:26 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
557
8021334.js
js.hs-scripts.com/ 		2 KB
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/8021334.js?integration=WordPress
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6109e4ef81f21dc29d2d6f403154c04adcf6d6b716ce03c669239f8bd33284f

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:41:16 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-trace
2B9D5FDAB118EA64A45D59535433C57F63E879A662000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://offers.refinerysixtythree.com
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
61988505a9942bca-FRA
cf-request-id
07f331778b00002bca7f994000000001
expires
Sat, 30 Jan 2021 04:42:16 GMT
triggers.min.js
offers.refinerysixtythree.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/triggers.min.js?ver=1.2.8
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
2640bdea12602985fd77015c3eb4f3faa89f1e352ab2568a8418896477638d15

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Nov 2020 16:15:27 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1418
imagesloaded.min.js
offers.refinerysixtythree.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Jun 2020 18:53:27 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1834
masonry.min.js
offers.refinerysixtythree.com/wp-includes/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Jun 2020 18:53:27 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
7382
jquery.masonry.min.js
offers.refinerysixtythree.com/wp-includes/js/jquery/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Aug 2016 18:55:30 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
716
frontend.min.js
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/ 		155 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.5.6.1
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
2bd769cb6c7025ab70d81cb7ea1c4fe872669f9b36e67408944d43bffbea2e35

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Nov 2020 16:15:25 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
45300
frontend.min.js
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=2.2.18.1
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
59ccd8782ca4c88247a8f972d3a71853d6209cbe3f082e391bb2e4a298b322e7

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Nov 2020 16:15:25 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
909
core.min.js
offers.refinerysixtythree.com/wp-includes/js/jquery/ui/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Oct 2019 22:01:04 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1813
widget.min.js
offers.refinerysixtythree.com/wp-includes/js/jquery/ui/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
2cd83d5a29914ad4797748d8e80fbc42c2131fbce9bbcdf2749a275fc7db875f

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Oct 2019 22:01:04 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
2559
mouse.min.js
offers.refinerysixtythree.com/wp-includes/js/jquery/ui/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
c04837b935b6d1fac0cbffc4a53bf19a6d89029742dbc4c8ad001c1078f5f957

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Oct 2019 22:01:04 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
992
resizable.min.js
offers.refinerysixtythree.com/wp-includes/js/jquery/ui/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.11.4
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
c92c6a06a05ebbc74655d4d596a2e169f97f1ad070ee073e4024106654441a7c

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Oct 2019 22:01:04 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
5220
frontend.min.js
offers.refinerysixtythree.com/wp-content/themes/thrive-theme/inc/assets/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/themes/thrive-theme/inc/assets/dist/frontend.min.js?ver=1.1.0
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
f8b431166274df67e737ab195fae33fae7c00798ee1912385501dc1a54f8aaa6

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Nov 2020 08:41:25 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3770
wp-embed.min.js
offers.refinerysixtythree.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Oct 2019 00:17:07 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
769
wp-emoji-release.min.js
offers.refinerysixtythree.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 18:04:26 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
4671
R63-Logo-no-clearance.png
offers.refinerysixtythree.com/wp-content/uploads/2020/03/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.refinerysixtythree.com/wp-content/uploads/2020/03/R63-Logo-no-clearance.png
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
b6d887a8a61fd4ec4b38b0b5584dc021ffe1538a948424efff8c38c67e441922

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
Last-Modified
Sun, 15 Nov 2020 08:41:25 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
35265
diffuser.js
diffuser-cdn.app-us1.com/diffuser/
Redirect Chain
  • https://prism.app-us1.com/prism.js
  • https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72058501f83c1ff78df7acc5b97b5be177d66c51cc29dad4dae7ab478ebff070

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:41:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
155
x-cache
Hit from cloudfront
cf-request-id
07f33177ad00002b41e890b000000001
last-modified
Thu, 03 Sep 2020 15:21:34 GMT
server
cloudflare
etag
W/"72b6f46e57e66ab97fe05eb07b6bdc45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
FRA50-C1
cf-ray
61988505eb532b41-FRA
x-amz-cf-id
T8a0PbLHQhGrj3Z-GBYyrUuPWU4fHZL2KcLR5sdW0IxcpUpvut-v9g==

Redirect headers

date
Sat, 30 Jan 2021 04:41:16 GMT
cf-cache-status
HIT
server
cloudflare
age
1500
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
location
https://diffuser-cdn.app-us1.com:443/diffuser/diffuser.js
cache-control
public, max-age=14400
cf-ray
61988505cb3e2b41-FRA
cf-request-id
07f331779e00002b4101267000000001
expires
Sat, 30 Jan 2021 08:41:16 GMT
/
prism.app-us1.com/ 		260 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prism.app-us1.com/?a=66493512&u=https%3A%2F%2Foffers.refinerysixtythree.com%2F
Requested by
Host: prism.app-us1.com
URL: https://prism.app-us1.com/prism.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
fbf3ef22ae6e27cca866afe0ca178c9f7b609ea02299270f85b807bd793713c9

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:41:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.2.34
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, private
cf-ray
619885062ba42b41-FRA
cf-request-id
07f33177d800002b41b2bff000000001
admin-ajax.php
offers.refinerysixtythree.com/wp-admin/ 		45 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-admin/admin-ajax.php
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.236.233.27 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
host.refinedserver.com
Software
Apache /
Resource Hash
dcd8c5494dcac3c1b8192d6fb0c5df48f4aeec9f7313495529eddd2e0a252b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://offers.refinerysixtythree.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sat, 30 Jan 2021 04:41:16 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
45
pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
User-Agent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://offers.refinerysixtythree.com
Cache-Control
no-cache, must-revalidate, max-age=0, no-store
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=94
Expires
Wed, 11 Jan 1984 05:00:00 GMT
8021334.js
js.hs-analytics.net/analytics/1611981600000/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1611981600000/8021334.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d609d62b4c31432a651e3a601987f3c2a669c4bc2c2d24f652e194150d1d1674

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:41:16 GMT
content-encoding
br
cf-cache-status
HIT
age
53
x-amz-server-side-encryption
AES256
x-amz-request-id
48FB50DBD6098909
x-amz-id-2
Aglb1nq7spreWabS4rXjST7pu1o4ep9Vab4FadVLN+SqeeqhOMeUJigkeAF+SONbKoA6l6JEZsg=
last-modified
Thu, 14 Jan 2021 20:18:33 GMT
server
cloudflare
etag
W/"e68d9597f301f2e60070388ef2b1ff98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-request-id
07f331780900004a803e1b7000000001
cf-ray
61988506790b4a80-FRA
expires
Sat, 30 Jan 2021 04:45:23 GMT
8021334.js
js.hs-banner.com/ 		54 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/8021334.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef37d6d4dc1ccdb109e8bc850c0ddd79a1d9191f2a3537a1d53cc75d108a76f6

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=R8BzFA==, md5=eNcf3Y7mTT9ldrGcJ94UZw==
date
Sat, 30 Jan 2021 04:41:16 GMT
content-encoding
br
cf-cache-status
HIT
age
162
x-guploader-uploadid
ABg5-UzhpbXCTe0e-jSeiUKXqfjceJp02hp_D8k4ArF9mvEWt_NFuPuFuQKHe6nqQCqwYRLaE54E6KNVz1G0MzAvh78rLcfB5Q
x-goog-storage-class
STANDARD
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript; charset=UTF-8
cf-request-id
07f3317809000005e998bc9000000001
timing-allow-origin
*
last-modified
Tue, 05 Jan 2021 21:18:16 GMT
server
cloudflare
etag
W/"78d71fdd8ee64d3f6576b19c27de1467"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1609881496485650
access-control-allow-origin
https://start.refinerysixtythree.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
55629
cf-ray
619885067a3905e9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Sat, 30 Jan 2021 04:43:34 GMT
conversations-embed.js
js.usemessages.com/ 		79 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892b01f9608d34938e98ea78d178348fb3ca0f5c63f484a507dc407a9da9977a

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:41:16 GMT
via
1.1 47c0295005ec7d8570406951491004c3.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
278
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.8207/bundles/project.js&cfRay=61987e398c53d72d-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
07f33178080000d6b516ba5000000001
last-modified
Thu, 28 Jan 2021 03:32:47 UTC
server
cloudflare
etag
W/"95f08d27ac2150aa595fb2b5622775fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
UhDQCFL2nV4K_A6NyGe.rsgRkxYhFxb5
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
619885067ff2d6b5-FRA
x-amz-cf-id
AwFj9DiUv9KXy2-vEqpCvqIwh7A1a-i2hnlB4C_Y7iWd5bs-mDHxpA==
collectedforms.js
js.hscollectedforms.net/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89049f14909be627289aa672ce684c064839bf205b34ea0026b4e4b8aea157be

Request headers

Origin
https://offers.refinerysixtythree.com
Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:41:16 GMT
via
1.1 e89d95d090c0c86ecc7b8930e434625d.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
53
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.222/bundles/project.js&cfRay=619883b81c263244-IAD
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
07f331780800003244a4b8b000000001
cf-ray
619885067a543244-FRA
last-modified
Fri, 29 Jan 2021 10:49:33 UTC
server
cloudflare
etag
W/"83bb543fb0df2b33c33ceed41517d2c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
efJB9Ar_o.DduPm6vdNXUoTMV5w1h4Tl
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
AKXvE2hTfzTurFB7KQt24VzIrtNugmyMHAU8mLDUbSwI3vGVq7EwCA==
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=8021334&conversations-embed=static-1.8207&mobile=false&messagesUtk=22ea2cd6865c4be3913671f14488d54a&traceId=22ea2cd6865c4be3913671f14488d54a
Protocol
H2
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-hubspot-messages-uri
Origin
https://offers.refinerysixtythree.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 30 Jan 2021 04:41:16 GMT
content-type
text/plain; charset=utf-8
content-length
18
x-trace
2BBCA6BA2451C3937B067622596EDA4DB582539098000000000000000000
allow
HEAD,GET,OPTIONS
vary
Accept-Encoding
access-control-allow-credentials
false
access-control-allow-origin
https://offers.refinerysixtythree.com
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-cache-status
DYNAMIC
cf-request-id
07f331784500000605bbb5c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qi2tkQHYHRJ7Tmmbwzt5MdP1YWmMTY7K00EoZTZP7U%2Fm99XZNTfFbTzVPuxr97tb2og5hQ064RsSuNzyi3Yh30yKWLGQXAPJMdM17MRRLESasdzwJa3j1VtOdi8%3D"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
61988506d9940605-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
public
api.hubspot.com/livechat-public/v1/message/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=8021334&conversations-embed=static-1.8207&mobile=false&messagesUtk=22ea2cd6865c4be3913671f14488d54a&traceId=22ea2cd6865c4be3913671f14488d54a
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c536cfe7279bb092bf70cfa01dfc1279ff8ba7b56b214676c2c7b256503c05b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://offers.refinerysixtythree.com/

Response headers

date
Sat, 30 Jan 2021 04:41:17 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1345
cf-request-id
07f33179cc00000605f1397000000001
server
cloudflare
x-trace
2B9C66470D7D4FB7DE6F48690FD139358562B165FC000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TdOfuAPtH7k9IW%2FYV6yNtUJVd2aukg%2F4R9rONmX7HKknIUoI5f%2F0JXP5eBVPOCbIDshpsRTOKVXKhWCdxaW%2FoG%2B8DbY06djef3Dr7K2HWi%2FJT7KOOx2tkYlLDms%3D"}],"max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://offers.refinerysixtythree.com
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
619885094cf90605-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
json
forms.hubspot.com/collected-forms/v1/config/ 		115 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8021334&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65738e204282832cf4e4ed7e8f6048fe944dbc2b0ce3274d2e7055eae8766a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:41:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
07f3317857000006050b81a000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=toW9y6rDxuSbOTIvBU%2BSdNdlt%2BfBMabF4VSEtKcwOdjXz0FfwTuGXsgpybo0sB3UtLecdk3mEhaAHNJYaKGyZZfPwS50gQH9o07%2F9QyqelEQSajaSj6EHz3dGMfqig%3D%3D"}],"max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://offers.refinerysixtythree.com
access-control-allow-credentials
false
cf-ray
61988506f9bf0605-FRA
access-control-allow-headers
*
t_prism_sitemessages.php
trackcmp.net/ 		0
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackcmp.net/t_prism_sitemessages.php?trackid=66493512&prismid=bb993870-6ba9-445a-a01d-fbef270b72bb&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F
Requested by
Host: prism.app-us1.com
URL: https://prism.app-us1.com/prism.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.26.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-26-232.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:41:17 GMT
server
Apache/2.4.46 (Amazon)
x-powered-by
PHP/7.1.33
p3p
CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
cache-control
no-cache, private
x-privacy-policy
You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type
text/javascript;charset=UTF-8
content-length
0
widget.js
diffuser-cdn.app-us1.com/conversations/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/conversations/widget.js
Requested by
Host: prism.app-us1.com
URL: https://prism.app-us1.com/prism.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce5b7a1847dc06253838e5f6e660c2fb08cf07ed7819619a754116e09f4a523

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:41:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
150
x-cache
Hit from cloudfront
cf-request-id
07f33179a600002b41152cc000000001
last-modified
Tue, 10 Nov 2020 20:39:55 GMT
server
cloudflare
etag
W/"1aa6581a4cc8ab471f68cb4573ee9857"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
FRA6-C1
cf-ray
619885090f572b41-FRA
x-amz-cf-id
1ilgvlBo9p8RFtjhJwGwCKmQqkkBz9iPzxY-r-Djl1aiPmgvRFB_0Q==
widget.d1f4ff7646dd12c98bd4.js
diffuser-cdn.app-us1.com/conversations/ Frame 9B3E 		765 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/conversations/widget.d1f4ff7646dd12c98bd4.js
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/conversations/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef2120d764ef7f6b435d01af459c870f54113996ec52c78e2fad5d430b0de66

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:41:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3026611
x-cache
Miss from cloudfront
cf-request-id
07f33179bd00002b41db292000000001
last-modified
Tue, 10 Nov 2020 20:39:53 GMT
server
cloudflare
etag
W/"bc2c6ff74ed780e1450cf704c3a109e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 6c973aa0cbaa9809a414d7a4e20e26ce.cloudfront.net (CloudFront)
cache-control
public, max-age=63072000
x-amz-cf-pop
LHR61-C1
cf-ray
619885092f802b41-FRA
x-amz-cf-id
NCRzmewaBk9PuArLTK31qZQX7B8yLY7XkMAjM63Krcxdm0IOO4NmXA==
css2
fonts.googleapis.com/ Frame 9B3E 		12 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@200;300;400;500;600;700&display=swap
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be8534e6ecdef05bc0f49e5856350501cca6a964c866960e495de56995665393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 30 Jan 2021 03:11:09 GMT
server
ESF
date
Sat, 30 Jan 2021 04:41:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Jan 2021 04:41:17 GMT
settings
conversations.app-us1.com/widget/ Frame 9B3E 		58 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://conversations.app-us1.com/widget/settings
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/conversations/widget.d1f4ff7646dd12c98bd4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
f1bdc425d05fb6a52d75c976cf37ac1dca1e856303e845bf5b2e53664ae6d602

Request headers

Accept
application/json, text/plain, */*
Referer
https://offers.refinerysixtythree.com/
x-tracking-id
bb993870-6ba9-445a-a01d-fbef270b72bb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-email
x-account-id
66493512

Response headers

date
Sat, 30 Jan 2021 04:41:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.3.24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-envoy-upstream-service-time
21
cf-ray
6198850ccbbd05b7-FRA
cf-request-id
07f3317bfe000005b72da61000000001
settings
conversations.app-us1.com/widget/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://conversations.app-us1.com/widget/settings
Protocol
H2
Server
2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-account-id,x-email,x-tracking-id
Origin
https://offers.refinerysixtythree.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 30 Jan 2021 04:41:17 GMT
content-type
text/html; charset=UTF-8
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization, X-Account-Id, X-Tracking-Id, X-Prism-Id, X-Email
access-control-allow-methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, private
x-envoy-upstream-service-time
9
x-powered-by
PHP/7.3.24
cf-cache-status
DYNAMIC
cf-request-id
07f3317a5a000005b76219f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6198850a287a05b7-FRA
content-encoding
gzip
__ptq.gif
track.hubspot.com/ 		45 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=8021334&ct=standard-page&rcu=https%3A%2F%2Foffers.refinerysixtythree.com%2F&pu=https%3A%2F%2Foffers.refinerysixtythree.com%2F&t=Refinery+Sixty+Three+%E2%80%93+Marketing.+Refined.&cts=1611981677159&vi=b92eb39b2d10797c1f4cb7ee7f0f0b7b&nc=true&u=59854642.b92eb39b2d10797c1f4cb7ee7f0f0b7b.1611981677156.1611981677156.1611981677156.1&b=59854642.1.1611981677156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 04:41:17 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
6198850a497b96fe-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
cf-request-id
07f3317a6b000096fe0abe7000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8%2BZmmeTEOgWt5J4581EYKBU3vY3Mo6SbEGZ9J8pnnoYHDVES7NoLYZDXHHH0cNqzHWpqiIb060FZUtvHEAQVvdPLuik93M%2BMpTbuSVbAv5pazpcL8vxNL1USC1LDOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
22ea2cd6865c4be3913671f14488d54a
app.hubspot.com/conversations-visitor/8021334/threads/utk/ Frame 3B03 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/conversations-visitor/8021334/threads/utk/22ea2cd6865c4be3913671f14488d54a?uuid=8c971794054b4a118cb735baf2c814a5&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=22ea2cd6865c4be3913671f14488d54a&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
app.hubspot.com
:scheme
https
:path
/conversations-visitor/8021334/threads/utk/22ea2cd6865c4be3913671f14488d54a?uuid=8c971794054b4a118cb735baf2c814a5&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=22ea2cd6865c4be3913671f14488d54a&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://offers.refinerysixtythree.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://offers.refinerysixtythree.com/

Response headers

date
Sat, 30 Jan 2021 04:41:17 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd4d94ca9e82a90a4f44fbda1720c1b901611981677; expires=Mon, 01-Mar-21 04:41:17 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax
x-amz-replication-status
COMPLETED
last-modified
Thu, 28 Jan 2021 10:00:29 UTC
x-amz-server-side-encryption
AES256
x-amz-version-id
LInTqC8pjrgLpEWowcMGowoU.PN52ljH
etag
W/"34729791e50b3d1507811f0867ab8f64"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 38ecebcaa39c8742da2b6336935bb446.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-cf-id
aIZjLuVqb5nq0gTmI0OpGFT4E4QVZBW8GijImVOmTNrwsJVm3hFpqg==
age
1669
access-control-allow-credentials
false
cache-control
max-age=600
x-hs-cache-status
MISS
cf-cache-status
DYNAMIC
cf-request-id
07f3317aa1000096fe2ba91000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ibs8vZlphvv1%2BDPpaBx%2BmwXyx3HCyW6CO4eXsS5l%2BHi7zxLNq4M459QU6CCgoahCsbyADRTtPOYGgrxrkDSWSCQ61aGGLxtMbxM8mXhvWwzrE8CuFc8Ka11s%2BiY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
6198850a998a96fe-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| THO_Head function| tho_change_titles function| tho_brute_search_replace function| tho_get_title_variation function| tho_output_title function| tho_random_key function| tho_get_cookie function| tho_set_cookie string| THO_Titles object| THO_Variations number| tho_title_interval object| _hsq object| hbspt object| TVE_Ult_Data undefined| __thrive_$oJ object| ThriveGlobal object| php_data function| acEnableTracking string| prismGlobalObjectAlias function| pgo object| leadin_wordpress object| THO_Front function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| tve_frontend_options function| ownKeys function| _objectSpread function| _defineProperty function| _possibleConstructorReturn function| _assertThisInitialized function| _get function| _superPropBase function| _getPrototypeOf function| _inherits function| _setPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| _typeof object| TVE_jQFn object| TCB_Front function| tve_add_http function| tve_is_email function| tve_unserialize object| tve_dash_front object| TVE_Dash object| thrive_front_localize string| visitorGlobalObjectAlias object| visitorGlobalObject object| ThriveTheme object| wp object| tcb_post_lists object| TL_Const object| jQuery1124005163972855816401 object| tcb_autofill number| TCB_PAGE_INDEX object| twemoji object| _hsp boolean| _hspb_loaded object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| hubspot_live_messages_running object| HubSpotConversations function| bindToWindowOnError function| OutpostErrorReporter object| __hsCollectedFormsDebug object| conversationsGlobalObject boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

6 Cookies

Domain/Path Name / Value
.refinerysixtythree.com/ Name: __hssc
Value: 59854642.1.1611981677156
.refinerysixtythree.com/ Name: __hstc
Value: 59854642.b92eb39b2d10797c1f4cb7ee7f0f0b7b.1611981677156.1611981677156.1611981677156.1
.refinerysixtythree.com/ Name: __hssrc
Value: 1
.refinerysixtythree.com/ Name: hubspotutk
Value: b92eb39b2d10797c1f4cb7ee7f0f0b7b
.refinerysixtythree.com/ Name: prism_66493512
Value: bb993870-6ba9-445a-a01d-fbef270b72bb
offers.refinerysixtythree.com/ Name: ac_enable_tracking
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
conversations.app-us1.com
diffuser-cdn.app-us1.com
fonts.googleapis.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.usemessages.com
offers.refinerysixtythree.com
prism.app-us1.com
track.hubspot.com
trackcmp.net
192.236.233.27
2606:4700::6811:45b0
2606:4700::6811:82ab
2606:4700::6811:915b
2606:4700::6811:925b
2606:4700::6811:d2cc
2606:4700::6811:efcc
2606:4700::6812:15bf
2606:4700::6813:9a53
2a00:1450:4001:80e::200a
52.45.26.232
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
245fbd6c6f3ba95cb75f1664d1be1830e127b56eda0654fee906536194ceba84
2640bdea12602985fd77015c3eb4f3faa89f1e352ab2568a8418896477638d15
2bd769cb6c7025ab70d81cb7ea1c4fe872669f9b36e67408944d43bffbea2e35
2cd83d5a29914ad4797748d8e80fbc42c2131fbce9bbcdf2749a275fc7db875f
3d0df3d4f93a86a8251376ca0ea925e3c8b813fbd65625a9cc9e44a062f111a3
41b778a125f809bdffee47c7393bc059e29ca589f66b998226b0d9d2ef86759a
43f2ff515050c5ee8e998578aa9d976852cd79b7906f2b2f1b9abbdfad1b4605
46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251
4b5b234b88d5b5a562f8e2492a9d70fd3ce248ae234588eb18189d5df4216e1c
55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2
59ccd8782ca4c88247a8f972d3a71853d6209cbe3f082e391bb2e4a298b322e7
61c8edca4e5b216ae3b455f479e1ab2f806fcb7924fe1e3cd1b0406a562bc8b2
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6ef2120d764ef7f6b435d01af459c870f54113996ec52c78e2fad5d430b0de66
72058501f83c1ff78df7acc5b97b5be177d66c51cc29dad4dae7ab478ebff070
89049f14909be627289aa672ce684c064839bf205b34ea0026b4e4b8aea157be
892b01f9608d34938e98ea78d178348fb3ca0f5c63f484a507dc407a9da9977a
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
a6109e4ef81f21dc29d2d6f403154c04adcf6d6b716ce03c669239f8bd33284f
b6d887a8a61fd4ec4b38b0b5584dc021ffe1538a948424efff8c38c67e441922
be8534e6ecdef05bc0f49e5856350501cca6a964c866960e495de56995665393
c04837b935b6d1fac0cbffc4a53bf19a6d89029742dbc4c8ad001c1078f5f957
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c536cfe7279bb092bf70cfa01dfc1279ff8ba7b56b214676c2c7b256503c05b8
c65738e204282832cf4e4ed7e8f6048fe944dbc2b0ce3274d2e7055eae8766a4
c92c6a06a05ebbc74655d4d596a2e169f97f1ad070ee073e4024106654441a7c
d16400e6b2166cf4a5b37b2216cde40c8637e6693cf623abbee9f8cd21a7dc33
d609d62b4c31432a651e3a601987f3c2a669c4bc2c2d24f652e194150d1d1674
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcd8c5494dcac3c1b8192d6fb0c5df48f4aeec9f7313495529eddd2e0a252b94
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef37d6d4dc1ccdb109e8bc850c0ddd79a1d9191f2a3537a1d53cc75d108a76f6
f1bdc425d05fb6a52d75c976cf37ac1dca1e856303e845bf5b2e53664ae6d602
f8b431166274df67e737ab195fae33fae7c00798ee1912385501dc1a54f8aaa6
fbf3ef22ae6e27cca866afe0ca178c9f7b609ea02299270f85b807bd793713c9
fce5b7a1847dc06253838e5f6e660c2fb08cf07ed7819619a754116e09f4a523
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869