offers.refinerysixtythree.com Open in urlscan Pro
2606:4700:3033::681c:d2d  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response offers.refinerysixtythree.com/	24 KB 7 KB	358ms 334ms	Document text/html	2606:4700:3033::681c:d2d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offers.refinerysixtythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fddc5734cdbf3072c613d379b730c2b4c3bcac6dac5e52936a4147d91c8b37c2 Request headers :method GET :authority offers.refinerysixtythree.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Sun, 11 Oct 2020 19:50:38 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d6b5776f2c6d2c8aa1cd003932fbaa66b1602445837; expires=Tue, 10-Nov-20 19:50:37 GMT; path=/; domain=.refinerysixtythree.com; HttpOnly; SameSite=Lax link <https://offers.refinerysixtythree.com/index.php?rest_route=/>; rel="https://api.w.org/" vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 05bad01e1400001f39c9b79200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602445838"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5e0b1c768ae01f39-FRA content-encoding br
GET H2	200	style.min.css offers.refinerysixtythree.com/wp-includes/css/dist/block-library/	53 KB 7 KB	22ms 21ms	Stylesheet text/css	2606:4700:3033::681c:d2d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offers.refinerysixtythree.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1 Requested by Host: offers.refinerysixtythree.com URL: https://offers.refinerysixtythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af Request headers Referer https://offers.refinerysixtythree.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 11 Oct 2020 19:50:38 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 27 status 200 cf-request-id 05bad01f6900001f39c9b96200000001 last-modified Thu, 27 Aug 2020 18:00:38 GMT server cloudflare etag W/"d293-5addfb6b23d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602445838"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 5e0b1c78a8cf1f39-FRA
GET H2	200	style.css offers.refinerysixtythree.com/wp-content/themes/twentytwenty/	86 KB 16 KB	19ms 19ms	Stylesheet text/css	2606:4700:3033::681c:d2d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offers.refinerysixtythree.com/wp-content/themes/twentytwenty/style.css?ver=1.5 Requested by Host: offers.refinerysixtythree.com URL: https://offers.refinerysixtythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 775c5c627d0469071ecd62930a4aa051477777fdbf08f9be1164977bf9e381f2 Request headers Referer https://offers.refinerysixtythree.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 11 Oct 2020 19:50:38 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 27 cf-polished origSize=121055 status 200 cf-request-id 05bad01f6900001f39c9b97200000001 last-modified Mon, 10 Aug 2020 15:37:02 GMT server cloudflare etag W/"1d8df-5ac87b9d72380-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602445838"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 5e0b1c78a8d11f39-FRA cf-bgj minify
GET H2	200	email-decode.min.js Show response offers.refinerysixtythree.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 860 B	9ms 9ms	Script application/javascript	2606:4700:3033::681c:d2d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offers.refinerysixtythree.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: offers.refinerysixtythree.com URL: https://offers.refinerysixtythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://offers.refinerysixtythree.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 11 Oct 2020 19:50:38 GMT content-encoding gzip vary Accept-Encoding nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05bad01f6900001f39c9b98200000001 last-modified Thu, 08 Oct 2020 10:01:47 GMT server cloudflare etag W/"5f7ee38b-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602445838"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public cf-ray 5e0b1c78a8d21f39-FRA expires Tue, 13 Oct 2020 19:50:38 GMT
GET H2	200	rocket-loader.min.js Show response ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/	12 KB 4 KB	26ms 12ms	Script application/javascript	2606:4700::6810:a823 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Requested by Host: offers.refinerysixtythree.com URL: https://offers.refinerysixtythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://offers.refinerysixtythree.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 11 Oct 2020 19:50:38 GMT content-encoding gzip vary Accept-Encoding nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05bad01f770000c2864da74200000001 last-modified Thu, 08 Oct 2020 10:01:47 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"5f7ee38b-3016" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602445838"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public cf-ray 5e0b1c78b9f5c286-FRA expires Tue, 13 Oct 2020 19:50:38 GMT
GET H2	200	print.css offers.refinerysixtythree.com/wp-content/themes/twentytwenty/	1 KB 726 B	13ms 13ms	Stylesheet text/css	2606:4700:3033::681c:d2d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offers.refinerysixtythree.com/wp-content/themes/twentytwenty/print.css?ver=1.5 Requested by Host: offers.refinerysixtythree.com URL: https://offers.refinerysixtythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8ed0f5e35f50e97bcfe50eed0eac8e1d3997128055c943e35d38edd8d0aa773 Request headers Referer https://offers.refinerysixtythree.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 11 Oct 2020 19:50:38 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 27 cf-polished origSize=2574 status 200 cf-request-id 05bad01f6a00001f39c9b99200000001 last-modified Mon, 11 Nov 2019 12:29:01 GMT server cloudflare etag W/"a0e-5971146c35d40-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602445838"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 5e0b1c78a8d51f39-FRA cf-bgj minify
GET H2	200	wp-embed.min.js Show response offers.refinerysixtythree.com/wp-includes/js/	1 KB 801 B	13ms 12ms	Script application/javascript	2606:4700:3033::681c:d2d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offers.refinerysixtythree.com/wp-includes/js/wp-embed.min.js?ver=5.5.1 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0 Request headers Referer https://offers.refinerysixtythree.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 11 Oct 2020 19:50:38 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 26 status 200 cf-request-id 05bad01fa900001f39c9b9c200000001 last-modified Sat, 26 Oct 2019 00:17:07 GMT server cloudflare etag W/"59a-595c52fd2e6c0-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602445838"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 5e0b1c7909b51f39-FRA
GET H2	200	index.js Show response offers.refinerysixtythree.com/wp-content/themes/twentytwenty/assets/js/	14 KB 4 KB	14ms 13ms	Script application/javascript	2606:4700:3033::681c:d2d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offers.refinerysixtythree.com/wp-content/themes/twentytwenty/assets/js/index.js?ver=1.5 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1faa9821aa925dc81c1c3e023c98eafa6f20ce5cd2982dd8323b0bf492bd42e2 Request headers Referer https://offers.refinerysixtythree.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 11 Oct 2020 19:50:38 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 26 cf-polished origSize=25570 status 200 cf-request-id 05bad01fa900001f39c9b9d200000001 last-modified Sat, 20 Jun 2020 12:16:10 GMT server cloudflare etag W/"63e2-5a882f9941680-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602445838"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 5e0b1c7909b91f39-FRA cf-bgj minify
GET H2	200	Inter-upright-var.woff2 offers.refinerysixtythree.com/wp-content/themes/twentytwenty/assets/fonts/inter/	219 KB 219 KB	18ms 18ms	Font application/octet-stream	2606:4700:3033::681c:d2d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offers.refinerysixtythree.com/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2 Requested by Host: offers.refinerysixtythree.com URL: https://offers.refinerysixtythree.com/wp-content/themes/twentytwenty/style.css?ver=1.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03 Request headers Origin https://offers.refinerysixtythree.com Referer https://offers.refinerysixtythree.com/wp-content/themes/twentytwenty/style.css?ver=1.5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 11 Oct 2020 19:50:38 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 107 status 200 content-length 223892 cf-request-id 05bad01fb000001f39c9b9f200000001 last-modified Tue, 22 Oct 2019 18:27:08 GMT server cloudflare etag "36a94-59583f2a97700" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602445838"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 accept-ranges bytes cf-ray 5e0b1c7919d51f39-FRA
GET DATA	200 OK	truncated /	808 B 808 B		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0e82505b30144c1df925f9e2b41576a1126a9168e5a2d7f4913f6304763dcdc8 Request headers Origin https://offers.refinerysixtythree.com Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type application/font-woff2;charset=utf-8
GET H2	200	wp-emoji-release.min.js Show response offers.refinerysixtythree.com/wp-includes/js/	14 KB 4 KB	18ms 17ms	Script application/javascript	2606:4700:3033::681c:d2d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offers.refinerysixtythree.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1 Requested by Host: offers.refinerysixtythree.com URL: https://offers.refinerysixtythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e Request headers Referer https://offers.refinerysixtythree.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 11 Oct 2020 19:50:38 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 26 status 200 cf-request-id 05bad0207c00001f39c9bb1200000001 last-modified Mon, 15 Jun 2020 18:04:26 GMT server cloudflare etag W/"37a6-5a82341dede80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602445838"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 5e0b1c7a6cd61f39-FRA

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| __cfQR object| _wpemojiSettings object| twentytwenty function| twentytwentyDomReady function| twentytwentyToggleAttribute function| twentytwentyMenuToggle function| twentytwentyFindParents object| wp boolean| __cfRLUnblockHandlers object| twemoji

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.refinerysixtythree.com/	1970-01-19 13:50:37	Name: __cfduid Value: d6b5776f2c6d2c8aa1cd003932fbaa66b1602445837

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
offers.refinerysixtythree.com
2606:4700:3033::681c:d2d
2606:4700::6810:a823
0e82505b30144c1df925f9e2b41576a1126a9168e5a2d7f4913f6304763dcdc8
1faa9821aa925dc81c1c3e023c98eafa6f20ce5cd2982dd8323b0bf492bd42e2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
775c5c627d0469071ecd62930a4aa051477777fdbf08f9be1164977bf9e381f2
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
d8ed0f5e35f50e97bcfe50eed0eac8e1d3997128055c943e35d38edd8d0aa773
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03
fddc5734cdbf3072c613d379b730c2b4c3bcac6dac5e52936a4147d91c8b37c2