refinancebased.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://refinewsupdate.com/
Effective URL:
https://refinancebased.com/
Submission: On July 19 via automatic, source certstream-suspicious (July 19th 2024, 2:34:30 am UTC) — Scanned from DE

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 29 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is refinancebased.com.
TLS certificate: Issued by WE1 on June 25th 2024. Valid for: 3 months.

This is the only time refinancebased.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.194.210 172.67.194.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
29	4

1 172.67.194.210 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

refinewsupdate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

refinancebased.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	refinancebased.com refinancebased.com	2 MB
2	gstatic.com fonts.gstatic.com	58 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	refinewsupdate.com 1 redirects refinewsupdate.com	489 B
29	4

	Domain	Requested by
25	refinancebased.com	refinancebased.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	refinancebased.com
1	refinewsupdate.com	1 redirects
29	4

This site contains no links.

Subject Issuer	Validity	Valid
refinancebased.com WE1	`2024-06-25` - `2024-09-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://refinancebased.com/
Frame ID: 9E7783BB95B18C834BB6852C5CD9285B
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Refinance Based

Page URL History Show full URLs

https://refinewsupdate.com/ HTTP 301
http://refinancebased.com/ HTTP 307
https://refinancebased.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1609 kB
Transfer

2177 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://refinewsupdate.com/ HTTP 301
http://refinancebased.com/ HTTP 307
https://refinancebased.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
refinancebased.com/
Redirect Chain

https://refinewsupdate.com/
http://refinancebased.com/
https://refinancebased.com/

54 KB
10 KB

1070ms
673ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8a5b00523b958578c91142acb60f28d224a31e7da6abfb669689c7127f5b885

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8a574fdcbf7639d6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 19 Jul 2024 02:34:22 GMT
expires: Fri, 19 Jul 2024 02:44:22 GMT
link: <https://refinancebased.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hl91hKQiwAN7UW%2F9Tkji0nAUGtiKV4RtMg%2B9P72XizlmbdavEu17NARdouYnsxpVIkmIwejPEeT9h2HHLI2adSex3Ahhtn1iQIzX1VnRufds1tI4gnTPCRrK6FikQMT%2FyGJSgPE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

Redirect headers

Location: https://refinancebased.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 style.min.css
refinancebased.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 477ms
477ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.6
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 29 Apr 2023 17:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sw33s4SJqiN14RpjVzb9BaZVvQfPm04Vl%2BbbqUWXxhOqyVvcA%2FQCVqpvAc75zLRnTBV95AEcBiZJCFRikYLi6Kzv3dOm5GCFAlvLS%2Fa8WereacftA3TtN5EsvSA8TFzz29q2bFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe119a639d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 classic-themes.min.css
refinancebased.com/wp-includes/css/ 291 B
680 B 371ms
370ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-includes/css/classic-themes.min.css?ver=6.2.6
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 29 Apr 2023 17:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DAwv3mDpPXh2AFZs8z6XpLksILap7TZov9h6MMp6OJNgYrsgUPAvMYOW6bkxKLJQjNocjKMf8dWcP71RPl%2Bh79vLN5W3lVd%2FJAy2UjXylD3CfJSKMYBLif%2BUDo419oeXCatguWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe119a839d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 styles.css
refinancebased.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 365ms
362ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 May 2023 16:39:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VhLeYNzo7meGrLeedIjSiS1XPb0XES1Rf%2BbjHgdKcFfkWmb%2FoUXh0LSAPZ3YcGAVE6Zf6q2riUsL0LdKq%2FxwoaeqtUpNAg3TGTN3htzQA9sJeRpxqsIZiGwuNZJcgQ58yPvvIQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe119aa39d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 style.css
refinancebased.com/wp-content/themes/cream-blog-lite/ 1 KB
1 KB 382ms
379ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-content/themes/cream-blog-lite/style.css?ver=6.2.6
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0c9f9ede639784e1acfbdf99aab5886893f07022f65c44016d6ca14e43e18bf

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Dec 2020 17:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HWSFvLoLUcOC773HqvjFqsbuhEVokmeLfi8OsUgv1FPHxWLGgI8PSUPS9LGwslHVlPbOsdmuM9Hh9Jx%2BVmYMqXUyvt0%2Fg2MNIKIwz43GkgnxSrwncn7oa%2FCME0h%2BIIcnzjKU81o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe119ab39d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 108ms
32ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM%2BSans%3A400%2C400i%2C700%2C700i%7CInter%3A400%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=6.2.6

Requested by

Host: refinancebased.com
URL: https://refinancebased.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be637aaa5d1b99a03bab25a5014ca9c6db8aaf6d42428b193abdbbd93e5163e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jul 2024 02:34:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jul 2024 02:34:22 GMT

GET
H3 200 main.css
refinancebased.com/wp-content/themes/cream-blog/assets/dist/css/ 155 KB
26 KB 501ms
499ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-content/themes/cream-blog/assets/dist/css/main.css?ver=2.1.1
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d772540a7c37830afbec9cbaa1f1d194703df39c35720f61f75702f15cc7e80

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Dec 2020 17:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ENQMHqbefIFlAYl6XlKJ5hCwp5UKSE2jf3IM7ev77rbPZjBtLpgVsrw4p1ZfrGhjq5DH8u8sG5MpJIMkQCVZZaZ6i5CvMHTa0n9w3aykLUMZUFRRqCkNWosIjSqnHyRJ8VutHe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe119ac39d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 style.css
refinancebased.com/wp-content/themes/cream-blog/ 2 KB
1 KB 390ms
388ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-content/themes/cream-blog/style.css?ver=6.2.6
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cbd9c39b1aa226b4538349c3c89f795cf56a576ea36787350980d7eea770daf

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Dec 2020 17:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Z7MA1xlGYBfJjLr41OZ43w9wI0B1jjwisQrrXwuXUJR84BoL3q1MzrzYYff60KEFYfY0trCfPbCWhNqpo4crSxEVCX%2FxskEgM0HeqQsVvE42lnughu5QXYZmVFv9yNEhkF9nyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe129b239d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 main.css
refinancebased.com/wp-content/themes/cream-blog/assets/dist/css/ 155 KB
26 KB 503ms
501ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-content/themes/cream-blog/assets/dist/css/main.css?ver=6.2.6
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d772540a7c37830afbec9cbaa1f1d194703df39c35720f61f75702f15cc7e80

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Dec 2020 17:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a13HrwADqoDtFddS3mJBWA%2BQSCmdx5uPFKKVAIL1MubdxUAAN9tikX5cAjRlCyh8M8jvZ4KY2tM8AZ6g5HjfiS0TgjvnH9OUWRnEuvcAuq3hxwrpTHc9nP687NMk2DedUUSfVkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe129b439d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
956 B 113ms
39ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Sans%3A400%2C400i%2C500%2C700%2C700i%7COswald%3A400%2C500%2C600%2C700%7CPacifico%3A400&subset=latin%2Clatin-ext&ver=6.2.6

Requested by

Host: refinancebased.com
URL: https://refinancebased.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16167e15be929ec4dcb31eddc273b36614cf8214c55fb18821754ebf7b65fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jul 2024 02:34:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jul 2024 02:34:22 GMT

GET
H3 200 main.css
refinancebased.com/wp-content/themes/cream-blog-lite/assets/dist/css/ 12 KB
3 KB 387ms
385ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-content/themes/cream-blog-lite/assets/dist/css/main.css?ver=6.2.6
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc383fec67c7db97514e97c9ff72968c4a629df2163dde8ad3090641d4fb8d95

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Dec 2020 17:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZBuAq%2F5lzgnXRVmFPbAtkgBokkHoS5fq406T5nx4KhOEzQoU%2FEc1APGRgleNNgEhd74k4OBV15DT%2Bopjm1Fe3gtGSSYPIVqXM6cw3g0kDi9udLN1Q2FFjXJYTmE1xRwjZjOb%2FXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe129b539d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 jquery.min.js Show response
refinancebased.com/wp-includes/js/jquery/ 88 KB
32 KB 530ms
529ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 29 Apr 2023 17:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tXvOd05ii8FInSJbOQl9L8SnYoPPWcBHhURCZkCSrBGH%2FgbzXq8AKK5wIwJSiQ542mtmm3TNNosd9mNR4xkhLIVDEpZaYuUJHUUClizzVF0z9mwqoLefapiBZWtE6rO1HTtw86E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe129b639d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 jquery-migrate.min.js Show response
refinancebased.com/wp-includes/js/jquery/ 13 KB
5 KB 383ms
382ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 29 Apr 2023 17:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9APE%2Bx%2F6mYgD4gJABjR7j3rFuyZnvrZ6JdP5QUZ5%2Bt4ePmaqYp7t%2FbqutxIBsEQyRzqnL4i3jQLoeBGSGryw4fTpzQObnflebJ7p%2BU3qGkuAze4s0coxXPfW83JmgQrBax9w9%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe129b739d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 bundle.min.js Show response
refinancebased.com/wp-content/themes/cream-blog-lite/assets/dist/js/ 451 B
785 B 387ms
385ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-content/themes/cream-blog-lite/assets/dist/js/bundle.min.js?ver=1
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e9ce0465d43621e363556bede1eb9e255602b3e90a5eef584b549d51bef6002

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Mar 2022 00:27:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8kmK4jVkvorJEsBeWD4rj7zld5vTdxf4oWG0yEYoo4Z4nFGnuhx72Wn1GORYmnUSjAWX3Y2z67nVTp9zExFGuBKQHXlU79fUTrTsAZS2j%2FFinXkE30cklxIQPTWqFPWT2dMsqoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe129b939d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 logo.png
refinancebased.com/wp-content/uploads/2018/08/ 7 KB
8 KB 389ms
388ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refinancebased.com/wp-content/uploads/2018/08/logo.png
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc84c249e19ad1126737530ca52f190ed31b83d5eb065ce59b1e331b0c55c96

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Mar 2019 18:34:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WUbZFxq2p607q33Ohm%2BgwkMOeZ1GfPzKSfw5Uh06fRXgz5ix4pSEX3lI%2FsnMv4hqbQdMW2yu45Lu8IluMA4dftwL2Kvig5hI3sJLhIjIA329jHRBU8zysc0sqPBfipyOu%2FtYT0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8a574fe129ba39d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7482
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 index.js Show response
refinancebased.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 412ms
411ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 May 2023 16:39:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2B9GAFGbJyyClQiyQ1JCeyOdNP1sQn%2BOOhqAJvmKDZ8NoSK6tuMWGg5Lg%2BGeRaPPqPTccTy%2F9PtU9gG%2FwPRA%2BOT6h2RVVzoiyTuglp%2FH59Uaa%2F4iVQl2HUf72C1K2eKGoSRkdF8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe129bb39d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 index.js Show response
refinancebased.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 388ms
388ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 May 2023 16:39:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cOTLnDlVYYa7BbgnJXQeEZtx%2Fom5N%2B3fNiXPYwFMcH7anK0gLt7njHFCj2h%2BrbySOzNGc9youg8CVT%2BANVGdNWkUoY5cjQWnSM8Nnot%2BsLjPpDSLIbyCiwUQ9AQSqf8NgYsXayw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe3ab6c39d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 imagesloaded.min.js Show response
refinancebased.com/wp-includes/js/ 5 KB
2 KB 377ms
377ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 14 Jun 2020 06:53:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2B9dMIhxvPj21pF896GE4GUQ267Gk4G%2BzmGkHxXzvZZwaRlJ3MPST71GsuJPLOd8vJEMHoPOo6ZkDu%2F84wCq9PCzflcAbXIqrTce%2BXRXTThUEbTBdyuzoiRU4r6a0ilbpfaowG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe3ab6e39d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:22 GMT

GET
H3 200 masonry.min.js Show response
refinancebased.com/wp-includes/js/ 24 KB
8 KB 365ms
364ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 14 Jun 2020 06:53:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ynfSK0aNnDib9yF302VRVciONX4lnzktZzh%2FkxpR7J%2FDiGtvC9DEZMPp5CuIzVGzY3K9e143DxdZvS6llu%2BQ2%2Fjc%2BEziktjVFsXv%2BeY4L6wqTyttYtANgYOBqRkOI9Axb33s0OA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe49bda39d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:23 GMT

GET
H3 200 bundle.min.js Show response
refinancebased.com/wp-content/themes/cream-blog/assets/dist/js/ 62 KB
19 KB 481ms
480ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-content/themes/cream-blog/assets/dist/js/bundle.min.js?ver=2.1.1
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04c38423b9c4dac6ef7b147781f9091047d5de057a519473ad5e3172de23de2

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Mar 2022 00:27:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d27gxZZISY743ZBD7A9%2FWpcVeKmtGm2d0%2FyC2F6xw5gormgVQVQtTQ5OgARGxidgYS1kAIohdr4IpwH1VtYG2JXd%2BR1WaSB4aDtcphL0SIqp3Dqd4o70ZZ6h%2FBvahdMJqaCxqC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe49bdb39d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:23 GMT

GET
H3 200 wp-emoji-release.min.js Show response
refinancebased.com/wp-includes/js/ 18 KB
5 KB 362ms
361ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.6
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 29 Apr 2023 17:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUz3Q%2BRmsvgHVm3FBBcNromGsY%2BC1i9VgKcHSabp8xfc3wQ9g8YOxtRvBf%2FNivItJlgMXBOQlYiPP%2B2cQ2lROCa46YxQODYHLO0O2XCeUQwCAF4vtMmwZnGUlQcNI6eXsZ37okU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe49bde39d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Aug 2024 02:34:23 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v15/ 36 KB
37 KB 77ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans%3A400%2C400i%2C500%2C700%2C700i%7COswald%3A400%2C500%2C600%2C700%7CPacifico%3A400&subset=latin%2Clatin-ext&ver=6.2.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://refinancebased.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 05:22:17 GMT
x-content-type-options: nosniff
age: 249125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36848
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 23:58:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 05:22:17 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v53/ 21 KB
21 KB 108ms
54ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://refinancebased.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 14:44:56 GMT
x-content-type-options: nosniff
age: 215366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21444
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 14:44:56 GMT

GET
H3 200 home-2112652_1280.jpg
refinancebased.com/wp-content/uploads/2018/07/ 303 KB
304 KB 619ms
619ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refinancebased.com/wp-content/uploads/2018/07/home-2112652_1280.jpg
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a1d58a7313ef40487fc1f2a11f0a3754a3d7e7a1fda9617300ad2584dc2633a

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:23 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Mar 2019 18:34:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SSH2KUHXSMWv0Jfc4NEj6tjQkvJNdxGgVCZU1HX1wqAFnO4serXfC75OXG4NlXs1eHOuFfT%2FyAPedsxOwlcBOq4F1UhSIG9DS992BsWQ2ttKJZo565WN5aJvad5469zqGvjxTeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8a574fe7ad5a39d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 310389
expires: Sun, 18 Aug 2024 02:34:23 GMT

GET
H3 200 tools-498202_1280.jpg
refinancebased.com/wp-content/uploads/2018/07/ 414 KB
415 KB 621ms
620ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refinancebased.com/wp-content/uploads/2018/07/tools-498202_1280.jpg
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d01d0f90a0d05fd81ee8667752dbdf62c848de5dc1793d31037ab95a3c93ad1

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:23 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Mar 2019 18:34:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=INx4b2pET8%2BRFfmz%2FjvRl%2B7TtnjAq0gaVkbjqZt1XWxsHgxil%2FSZl70L6BSX4mGm8KHP5P%2Fk9XrZgHvinlf2QvGxXzaiPodopefA6CbTuHSygZdiyr3%2Byw4cry9uuv83HmJXokg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8a574fe7ad5b39d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 424161
expires: Sun, 18 Aug 2024 02:34:23 GMT

GET
H3 200 building-1080592_1280.jpg
refinancebased.com/wp-content/uploads/2018/07/ 288 KB
289 KB 632ms
631ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refinancebased.com/wp-content/uploads/2018/07/building-1080592_1280.jpg
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ec0d71f89032091acec60fe90d8e40d2d76017f4d17df920cb7d334bfb2596e

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:23 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Mar 2019 18:34:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WBBkBQA57C%2FL3cLbD%2F55x7q4VxxrfGz9GAT7U3XaTgxI%2Bd3oDoq%2BV5v%2B0XWCbp2DTfU%2Bgl5kMYyza%2Bm4AJ2sKSBIJdRkvHaQ9QmMpUdX5yDfzICXcSyrOdQxEmDfz6g6Qh8TJRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8a574fe7cd7639d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 295423
expires: Sun, 18 Aug 2024 02:34:23 GMT

GET
H3 200 gardening-3248249_1280.jpg
refinancebased.com/wp-content/uploads/2018/07/ 365 KB
366 KB 633ms
632ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refinancebased.com/wp-content/uploads/2018/07/gardening-3248249_1280.jpg
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b3e26c2e9e8b5174b510d830078fcf5b6ac1d437f838c480f0bc72098a08aa

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:23 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Mar 2019 18:34:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v3Z0Pcd30EXaUsvwuuxQ3wszDbIvSQ32EovnKNkanerJ8%2BAbm9kYGi8Q6pcQiiqa1Yf%2BjZ%2FiCz4ArZD5khKNLB86nc%2BYidSFgS9z1j%2BTIpFPU9vDmo7GVq%2B%2Bo6ghjZYAS6SqEPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8a574fe7cd7839d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 373912
expires: Sun, 18 Aug 2024 02:34:23 GMT

GET
H3 200 creamblog.ttf
refinancebased.com/wp-content/themes/cream-blog/assets/dist/fonts/creamblog/ 8 KB
5 KB 397ms
397ms Font
font/ttf 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/wp-content/themes/cream-blog/assets/dist/fonts/creamblog/creamblog.ttf?tr0xkb
Requested by: Host: refinancebased.com
URL: https://refinancebased.com/wp-content/themes/cream-blog/assets/dist/css/main.css?ver=2.1.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a46b50ad7763d627c63f47dbbab061429600ef7ea8e3c3bd66bc3272813ab9e5

Request headers

Referer: https://refinancebased.com/wp-content/themes/cream-blog/assets/dist/css/main.css?ver=2.1.1
Origin: https://refinancebased.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Dec 2020 17:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rnWBl%2B0w3sRCWcSREnzqKmjJxOEmwepgtk7hScNCG%2B%2FfN3Og8JaywMByJJbhosbdUaY2QznsMFPUkIND9m9GDR88TqPLj%2FKwatN6%2BM%2FHAKE2foxy9k2RWkVnXZzpRiE%2FIPoM%2BFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fe80d8b39d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 26 Jul 2024 02:34:23 GMT

GET
H3 404 favicon.ico
refinancebased.com/ 1 KB
1 KB 144ms
144ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refinancebased.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

Referer: https://refinancebased.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 02:34:24 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3YUZvNAcUcfuMVrggV2kJ02UO8OI%2BNfWOrQ9AC6lvJHkH0X49LRjfYGsUZGEmi7LIfUvvhob%2FRxvLXJlcYNqjSkuv8Mwgsx4w4ArxX2M1XE9P%2FICgCUGSnrgzb2cqgaCqKFzbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 8a574fef8adc39d6-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://refinancebased.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
refinancebased.com
refinewsupdate.com
172.67.194.210
188.114.97.3
2a00:1450:4001:829::200a
2a00:1450:4001:831::2003
0a1d58a7313ef40487fc1f2a11f0a3754a3d7e7a1fda9617300ad2584dc2633a
0cbd9c39b1aa226b4538349c3c89f795cf56a576ea36787350980d7eea770daf
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
16167e15be929ec4dcb31eddc273b36614cf8214c55fb18821754ebf7b65fec6
19b3e26c2e9e8b5174b510d830078fcf5b6ac1d437f838c480f0bc72098a08aa
1d772540a7c37830afbec9cbaa1f1d194703df39c35720f61f75702f15cc7e80
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
4e9ce0465d43621e363556bede1eb9e255602b3e90a5eef584b549d51bef6002
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
7ec0d71f89032091acec60fe90d8e40d2d76017f4d17df920cb7d334bfb2596e
8d01d0f90a0d05fd81ee8667752dbdf62c848de5dc1793d31037ab95a3c93ad1
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
a46b50ad7763d627c63f47dbbab061429600ef7ea8e3c3bd66bc3272813ab9e5
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b8a5b00523b958578c91142acb60f28d224a31e7da6abfb669689c7127f5b885
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be637aaa5d1b99a03bab25a5014ca9c6db8aaf6d42428b193abdbbd93e5163e6
c0c9f9ede639784e1acfbdf99aab5886893f07022f65c44016d6ca14e43e18bf
dc383fec67c7db97514e97c9ff72968c4a629df2163dde8ad3090641d4fb8d95
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
edc84c249e19ad1126737530ca52f190ed31b83d5eb065ce59b1e331b0c55c96
f04c38423b9c4dac6ef7b147781f9091047d5de057a519473ad5e3172de23de2
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

refinancebased.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

1609 kBTransfer

2177 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

refinancebased.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1609 kB
Transfer

2177 kB
Size

0
Cookies

29 HTTP transactions
1 data transactions