urlscan.io logo urlscan.io
SecurityTrails logo

offers.refinerysixtythree.com Open in urlscan Pro
2606:4700:3033::681c:d2d  Public Scan

Go To Rescan Add Verdict Report
URL: https://offers.refinerysixtythree.com/
Submission: On November 14 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3033::681c:d2d, located in United States and belongs to CLOUDFLARENET, US. The main domain is offers.refinerysixtythree.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 23rd 2020. Valid for: a year.
This is the only time offers.refinerysixtythree.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.0.66.212 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
44 12
25    2606:4700:3033::681c:d2d (United States)

ASN13335 (CLOUDFLARENET, US)
offers.refinerysixtythree.com
1    2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
1    2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
5    2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)
prism.app-us1.com
diffuser-cdn.app-us1.com
1    2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
5    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
track.hubspot.com
app.hubspot.com
forms.hubspot.com
1    52.0.66.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-66-212.compute-1.amazonaws.com
trackcmp.net
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)
conversations.app-us1.com
Domain Requested by
25 offers.refinerysixtythree.com offers.refinerysixtythree.com
ajax.cloudflare.com
3 diffuser-cdn.app-us1.com prism.app-us1.com
diffuser-cdn.app-us1.com
2 conversations.app-us1.com diffuser-cdn.app-us1.com
2 api.hubspot.com js.usemessages.com
2 prism.app-us1.com 1 redirects prism.app-us1.com
1 forms.hubspot.com js.hscollectedforms.net
1 app.hubspot.com js.usemessages.com
1 fonts.googleapis.com offers.refinerysixtythree.com
1 trackcmp.net prism.app-us1.com
1 track.hubspot.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-scripts.com ajax.cloudflare.com
1 ajax.cloudflare.com offers.refinerysixtythree.com
44 16

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-23 -
2021-07-23		 a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2020-07-27 -
2021-07-27		 a year crt.sh
*.trackcmp.net
Amazon		 2020-03-31 -
2021-04-30		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://offers.refinerysixtythree.com/
Frame ID: E6F88D5A3766DA44080376A129D4685A
Requests: 38 HTTP requests in this frame

Frame: https://diffuser-cdn.app-us1.com/conversations/widget.d1f4ff7646dd12c98bd4.js
Frame ID: BBF85193068872B53CAD334BA0F80820
Requests: 3 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/8021334/threads/utk/d3e7a832497e4bd0909495b8b4a7bfef?uuid=3e882f900d574e1db54023982b7589c5&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=d3e7a832497e4bd0909495b8b4a7bfef&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 579779F5CF18573B6F3D310BA95E9D2C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /prism\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

44
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

16
Subdomains

12
IPs

2
Countries

539 kB
Transfer

2187 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://prism.app-us1.com/prism.js HTTP 301
  • https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offers.refinerysixtythree.com/ 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c43b43e53efd54756fc7b63e46431601ce735cf67625d07c16f8ef5664eb67d

Request headers

:method
GET
:authority
offers.refinerysixtythree.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 14 Nov 2020 18:08:46 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d86a8dabf3b6b9552d8adaf28895b26ac1605377324; expires=Mon, 14-Dec-20 18:08:44 GMT; path=/; domain=.refinerysixtythree.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
06698b0e610000c2c285238000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sVqPFq%2B3XIXRJ1lLtTCFgfsB6IrSkLu1QbM0c5FllGLWO8kDHUb3TGFIeYGKvw%2FDeJlRtCHOFRU4Kk7b5%2Bk428Kvckkiaw47b9i4h1z5ROVuc7ZQjxbT4nfPZmFR95r9C5ZHFVlkz05Qfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f22adf709bac2c2-FRA
content-encoding
br
base.css
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ 		704 B
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/base.css?ver=2.5.6.1
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d16400e6b2166cf4a5b37b2216cde40c8637e6693cf623abbee9f8cd21a7dc33

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Nov 2020 16:15:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9d56mTlSJ025TUgtexeRND7UJvmFUSPaYvosbTm0fBu%2BysN%2FVuUA91MimAERxEY0Dc808667ra%2BbWHdA%2F04eDjdORZk%2FUWkHsi9jH9xh4ejtY1cynvLrArs2lBLKxwUOt0DkJAkVP%2BsewA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00ac06c2c2-FRA
cf-request-id
06698b146b0000c2c250a21000000001
blank_v2.css
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ 		0
288 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/blank_v2.css?ver=2.5.6.1
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
cf-cache-status
MISS
last-modified
Sat, 14 Nov 2020 16:15:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h0ztVLmLDeMl6fxJXkyb6ZWScxBqtoLkUcNqSGjlcqJASlVfGK5dad%2BlZay0T%2Bvesm5hc9%2FdHzQ8hIhh42GVC8l3W5Y73RZSW153u8F2iuf1ExbE1Q2LwI1TuoBX7%2B32kSoDqMufmXfiGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5f22ae00ac0ac2c2-FRA
content-length
0
cf-request-id
06698b146b0000c2c29f374000000001
style.min.css
offers.refinerysixtythree.com/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 18:00:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RX2WWyfW2cHLHeu%2FqD76ZP%2F%2FOzBQ5EJ9HKe46u56WycEanFWMRNUAntMFmcJDt5KoYhsoCRH5LWPgmtBC2kl2He849xIAwvyIzDSk5hNPNk2MXmO%2B5W4sM7U%2FhiVG%2BIK8iscKEYe7y0AoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00ac0cc2c2-FRA
cf-request-id
06698b146c0000c2c269225000000001
thrive_flat.css
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/editor/css/ 		593 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.5.6.1
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b778a125f809bdffee47c7393bc059e29ca589f66b998226b0d9d2ef86759a

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Nov 2020 16:15:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6yEhyigWxVmhGFRk8F%2FipB8YAosvotENxeLwBwkSc1WrzaGAsCRCO7lYk4ptT0DfgSJpyTH1omjoQ40hBbBU1H5o1PfXfpV%2Fw18oZjic5JSWXRXYylSgB7dSeg0WeqP37YuNaGtsGVDKEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00ac0ec2c2-FRA
cf-request-id
06698b146c0000c2c2a89cc000000001
style.css
offers.refinerysixtythree.com/wp-content/themes/thrive-theme/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/themes/thrive-theme/style.css?ver=1.1.0
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5b234b88d5b5a562f8e2492a9d70fd3ce248ae234588eb18189d5df4216e1c

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Nov 2020 16:15:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lOGpToVYh5rlNt2GZ5Tc4BfUCAh7PT%2FbfKM7nD02b6XX2TX7XB5qAJ2UUYPG3zNSqtAfq5k9xm2%2BcvBBCNi9suURicE5nrmSWwd%2BY5InPDgKCMW3ifP0M5SXIRHKfkR62ps54jz1uC0qWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00ac10c2c2-FRA
cf-request-id
06698b146d0000c2c27ca23000000001
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
status
200
vary
Accept-Encoding
cf-request-id
06698b1480000005f9d502b000000001
last-modified
Mon, 09 Nov 2020 16:26:32 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5fa96db8-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8Qfq2U7%2F7liB7%2BaE%2F7lFuRgnQWS8eI6cKM6mLwKgvsjsyBdCzTUiOmHBsm0PDIcocnfSFcw6pFYmoQbwtGgHmMgYMzCJ7NkkHTrMkddX1kOcmfQPUm3Vnms6YmyqXsU5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
5f22ae00cf2d05f9-FRA
expires
Mon, 16 Nov 2020 18:08:46 GMT
wp-embed.min.js
offers.refinerysixtythree.com/wp-includes/js/ 		1 KB
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 26 Oct 2019 00:17:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r79N8WtZ8RftdmpE7B85E%2BpA6XHBkoPGViH7TseE2y0118a04amfXbllXmnH7jjfJSnBG7pl66ChBcYYmBbU45%2FU5gcu%2BNVmZLJnMRCYsbLUGOn6HETmso5G5OwbXtAbSMokwPA6w8CDpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00ec9dc2c2-FRA
cf-request-id
06698b14950000c2c22603f000000001
frontend.min.js
offers.refinerysixtythree.com/wp-content/themes/thrive-theme/inc/assets/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/themes/thrive-theme/inc/assets/dist/frontend.min.js?ver=1.1.0
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b431166274df67e737ab195fae33fae7c00798ee1912385501dc1a54f8aaa6

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Nov 2020 16:15:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yVEMhAs%2FnQxTyzrNqDf%2BTGudaXICiWErIvXvBrE3UsontFULlI%2FY%2FRKx5hwnvRkh6qlLuH0BDhiP2uZrq7DXItg3V9LxsTC0Xq9gNeud%2FXHDLK4zffByjccEnTqBvtPEhLQlAxjO%2FGGDuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00ec9ec2c2-FRA
cf-request-id
06698b14960000c2c2359f4000000001
resizable.min.js
offers.refinerysixtythree.com/wp-includes/js/jquery/ui/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.11.4
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c92c6a06a05ebbc74655d4d596a2e169f97f1ad070ee073e4024106654441a7c

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Oct 2019 22:01:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hT8FS6p1z7OEbc1OducjVJRLjnqMBLygWaJlFmZoiSn3UmJTB6JcpssCq8bsX9w%2BrWPSJQjzgOz4Dm%2B2vi8fvWwxdgINPSjLsr2fywJauQ1GEWeimm8oicdasU7MgZly5iLv2s7myi9%2BBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fca0c2c2-FRA
cf-request-id
06698b14960000c2c272a82000000001
mouse.min.js
offers.refinerysixtythree.com/wp-includes/js/jquery/ui/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c04837b935b6d1fac0cbffc4a53bf19a6d89029742dbc4c8ad001c1078f5f957

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Oct 2019 22:01:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c1CY8sFFAGkoiTcruZxRBHAz%2F%2Fe0nGm4qTafO%2Fuawb3AkWDvLWpRExAmt6JN8QWKxC4lIM4t4bJaEa7A5yrP5oHjkePkpTXbdfyFA%2BC%2Fsq8weweyj95HTWwDWdtEz8nS3vdErXpU%2FrREfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fca1c2c2-FRA
cf-request-id
06698b14960000c2c2852a6000000001
widget.min.js
offers.refinerysixtythree.com/wp-includes/js/jquery/ui/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd83d5a29914ad4797748d8e80fbc42c2131fbce9bbcdf2749a275fc7db875f

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Oct 2019 22:01:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nCDYc6fuf2IFvD4Hw4EW09q4YRDZPq6Gs6GzKYUv2It1h6TQ9S%2F1s8wEBvchR6e7TqiTJ%2BaQVGVdosBy80UfSdEECESXEVgIv8N%2F%2BIKzOa7udVMlbmF29UlBDWcm0j3ncKrZ1qTMtXYAiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fca2c2c2-FRA
cf-request-id
06698b14960000c2c2a0019000000001
core.min.js
offers.refinerysixtythree.com/wp-includes/js/jquery/ui/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Oct 2019 22:01:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D9g82uACOxK0VNxGidOEAls%2By9h86NLlIKHHTCoqelKlcb5yc6Bt3zgNiDHXeCkKm7rXuVGFojcBMPGkoD7MjrdTUfD4G8T4yZiTrjJobwgOayNcRB0qpqzXg%2FBga%2F%2FnjZi%2FEr%2BBEQU%2FJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fca4c2c2-FRA
cf-request-id
06698b14970000c2c29b3a6000000001
frontend.min.js
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=2.2.18.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59ccd8782ca4c88247a8f972d3a71853d6209cbe3f082e391bb2e4a298b322e7

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Nov 2020 16:15:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q%2B%2FfRZ0vY%2FECQ%2BWD0Y7jZ8BmYfbBEr93URHS4eARpBGaJ3ToU%2Fgz6uHOOdDjCTuoq0md4%2BQoSWnNNdirtnaI0eVwJyn3QKZ1g6nI1dpjbji8dqCQvwX%2B4MsC96Mnuf1RC3rMJMfijgDR3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fca6c2c2-FRA
cf-request-id
06698b14970000c2c228218000000001
frontend.min.js
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/ 		155 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.5.6.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd769cb6c7025ab70d81cb7ea1c4fe872669f9b36e67408944d43bffbea2e35

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Nov 2020 16:15:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y3ViPr7Tc18UlpzVYvVUUadasXTagO3Hi9C%2FD%2BWQP2R8xioITA%2BgP36nP57lNQf0UuWBRYi17PNGBzblMFljY2Vi9w6jF2tDUM3xHuXKeCqJJyi1uUUi7du6%2By0w%2BpuDhSn1fgS2PqXOFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fca7c2c2-FRA
cf-request-id
06698b14970000c2c247be4000000001
jquery.masonry.min.js
offers.refinerysixtythree.com/wp-includes/js/jquery/ 		2 KB
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 18 Aug 2016 18:55:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TU9NRRHjnrfUWO3ePcmAiW5fuWgxHaRopKE8UFvzWJrZ6IYorpUpAC4Y5p9EUm9wbDLfpc70AX8tGlAlgic2aoQVS9mp4nyyDXv7h4mKkwO%2FNSX%2FInaksmujnz5ywmDLxzhkDq70NvkSLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fca9c2c2-FRA
cf-request-id
06698b14970000c2c2c31ef000000001
masonry.min.js
offers.refinerysixtythree.com/wp-includes/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R2QO86qJntlpNLiS2qbNBV3gUBtojd8O2C6SUJOmmGrMrbu%2Bq2fI4XZJJIcqgpAT9TJsryt0JZ5WEcxNBpjZC%2Bj4l1FWgtPcjtsyhNN%2BptJZyyjvR%2BYccICCNeSTaq1KXqpgCUhYL2HXtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fcacc2c2-FRA
cf-request-id
06698b14980000c2c238185000000001
imagesloaded.min.js
offers.refinerysixtythree.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ET%2BOQw9QfPRwRs9%2FuSToSmUJOz3KqIzuGmZnGX6IPrFKEpc%2BfAXU%2FeKsZF8JAbR9TbR%2Bwjk4xgKgx4G81EDMTyRzXG2yYfK1iHVfnWhTkfBrdVlKTWw0BCgAuQFXBWhPtbw3YXfuGzgT0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fcafc2c2-FRA
cf-request-id
06698b14980000c2c23db07000000001
triggers.min.js
offers.refinerysixtythree.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/triggers.min.js?ver=1.2.8
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2640bdea12602985fd77015c3eb4f3faa89f1e352ab2568a8418896477638d15

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Nov 2020 16:15:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J7MaSWzEJyWz7WHqkoaVKa1ApOtt7Dx%2Fj69O4iDKxElTm48VOOXLWid8%2FzfkIR6Es5lhOVpsbHgyJFLvJd5UGO5QonA3GW%2F7KhaUr8mFpUHvBKRO9cIPc3CQJFvQiX%2BVpvloLn9GVOSdCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fcb0c2c2-FRA
cf-request-id
06698b14980000c2c2d2893000000001
8021334.js
js.hs-scripts.com/ 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/8021334.js?integration=WordPress
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a489a221785e89feb67de34011182f86ab69a5f207d8838006eda6f91ccd9dd7

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
status
200
cf-request-id
06698b14a5000063b3e2bd5000000001
server
cloudflare
x-trace
2BD540BC7348E22273552360B89A55792815831917000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://offers.refinerysixtythree.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
5f22ae010a3863b3-FRA
expires
Sat, 14 Nov 2020 18:09:46 GMT
site_tracking.js
offers.refinerysixtythree.com/wp-content/plugins/activecampaign-subscription-forms/ 		1 KB
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/activecampaign-subscription-forms/site_tracking.js?ver=5.5.3
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29d6ce61b640e1f170c1fa01120eb42a3273cab62a46f86529f0dea3b073abb

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Nov 2020 16:15:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8qA379yDysfbNNi0EYQtkBhfVyZiBxOkWTeFc0QQ0a71Sdbc%2FaQFwMPyqi6JexJ9OliHFXBYPmkBa37gRxRWIuVjEa4wD85s%2BFjm3VPy0vVn8MMFnGzGiWieyE%2Fs4abuWo8%2BPIjiHqW75Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fcb3c2c2-FRA
cf-request-id
06698b14990000c2c28dafd000000001
no-campaign.min.js
offers.refinerysixtythree.com/wp-content/plugins/thrive-ultimatum/js/dist/ 		583 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-ultimatum/js/dist/no-campaign.min.js?v=2.2.16.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43f2ff515050c5ee8e998578aa9d976852cd79b7906f2b2f1b9abbdfad1b4605

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Nov 2020 16:15:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RkrDGI18fGoFg0R%2BswKV62VqkN8hDyu%2F2V9qn4tErXp3ZvRF1Nahl56OTUnuIBv%2BvNFwRVRir6L9sCrETMuuSpBwXt2vUQfaQ6l7unzHH1%2BTdseHtqmcYpfhhO17eMCo2mWQShmH0thtPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fcb4c2c2-FRA
cf-request-id
06698b14990000c2c2d0036000000001
header.min.js
offers.refinerysixtythree.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/header.min.js?ver=1.2.8
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c8edca4e5b216ae3b455f479e1ab2f806fcb7924fe1e3cd1b0406a562bc8b2

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Nov 2020 16:15:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kwXo49O%2Fv8z8UBudH%2Fe5tZte39Q%2FV0LmBJksSL2he42%2Bst%2BKU3VOS%2F%2Fu6p30IvP%2BHyaJ5gbe2Hcjpm0gCuTQqKf9aQRyRFqBVC0TayHng0tHuQSu%2BRDodHwiFK5ejLMZl4RpljMw4iPhTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fcb6c2c2-FRA
cf-request-id
06698b14990000c2c282184000000001
jquery.js
offers.refinerysixtythree.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ecs4TenFmbg90VYnu7MhUGT3WpgRqY0SlBSzuqk3gSkLHDviWZ8QoFHzTkkLOiK536%2FslgGAP0P1y9ffqTV2bhhJt03HxNmovLZaP9EBOZymYQ7DmXro9N%2BNn%2FvWQjrk0f%2B0GAj5miRWLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae00fcb7c2c2-FRA
cf-request-id
06698b149a0000c2c27ca27000000001
wp-emoji-release.min.js
offers.refinerysixtythree.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 15 Jun 2020 18:04:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OyqPl0%2BNhG85aINOw6wJsrD3uf%2FYsdxhZ5re9g6aRzUjEJQhkYXeJguJtY%2BcW3gZy3m7EDkDNdx2Ga5qrb1rjzNTIo9luEkKd1YMu6xYdp%2FYw56l5ryIgKoWwI6PW7msal4SOA%2BPEGbmYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f22ae024f64c2c2-FRA
cf-request-id
06698b156d0000c2c22206a000000001
R63-Logo-no-clearance.png
offers.refinerysixtythree.com/wp-content/uploads/2020/03/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.refinerysixtythree.com/wp-content/uploads/2020/03/R63-Logo-no-clearance.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d887a8a61fd4ec4b38b0b5584dc021ffe1538a948424efff8c38c67e441922

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
cf-cache-status
MISS
last-modified
Sat, 14 Nov 2020 16:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p%2FL1JVPHvnktD8hqfuHpsob5i59o69OjlXZ91ersrCpcXoytAouX15e0GoDB5HjcDo2ZjoVOab2OV%2BLW%2FuImqzDgOVA6DarhriR0UlfQTWHDZapsB8T5fc8mh6VUNMbDM8Bf5gnVaxnS3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5f22ae025f87c2c2-FRA
content-length
35265
cf-request-id
06698b15760000c2c2d004a000000001
diffuser.js
diffuser-cdn.app-us1.com/diffuser/
Redirect Chain
  • https://prism.app-us1.com/prism.js
  • https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72058501f83c1ff78df7acc5b97b5be177d66c51cc29dad4dae7ab478ebff070

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
166
x-cache
Hit from cloudfront
status
200
cf-request-id
06698b15ad000005f1ec89d000000001
last-modified
Thu, 03 Sep 2020 15:21:34 GMT
server
cloudflare
etag
W/"72b6f46e57e66ab97fe05eb07b6bdc45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
FRA50-C1
cf-ray
5f22ae02acd805f1-FRA
x-amz-cf-id
T8a0PbLHQhGrj3Z-GBYyrUuPWU4fHZL2KcLR5sdW0IxcpUpvut-v9g==

Redirect headers

date
Sat, 14 Nov 2020 18:08:46 GMT
cf-cache-status
HIT
server
cloudflare
age
6556
status
301
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
location
https://diffuser-cdn.app-us1.com:443/diffuser/diffuser.js
cache-control
public, max-age=14400
cf-ray
5f22ae028c7605f1-FRA
cf-request-id
06698b1594000005f1ddb76000000001
expires
Sat, 14 Nov 2020 22:08:46 GMT
admin-ajax.php
offers.refinerysixtythree.com/wp-admin/ 		45 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://offers.refinerysixtythree.com/wp-admin/admin-ajax.php
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd8c5494dcac3c1b8192d6fb0c5df48f4aeec9f7313495529eddd2e0a252b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://offers.refinerysixtythree.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 14 Nov 2020 18:08:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
06698b15ae0000c2c2852bf000000001
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rOIdOhxfrTrt8yMMYjnifHZce2ZSLxN3qBMoSgUQHiqsDnJO70kc%2FKz0qWZ%2B4q6IHI4PiHnxjOOaoKtvw24yjp6Oa0CXbIBsnHhaxdi0fIKbqOpN3ERJkzeMTDyklGj3y3JjJ0R4P9mdRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://offers.refinerysixtythree.com
cache-control
no-cache, must-revalidate, max-age=0, no-store
access-control-allow-credentials
true
cf-ray
5f22ae02a827c2c2-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
/
prism.app-us1.com/ 		260 B
403 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prism.app-us1.com/?a=66493512&u=https%3A%2F%2Foffers.refinerysixtythree.com%2F
Requested by
Host: prism.app-us1.com
URL: https://prism.app-us1.com/prism.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.25
Resource Hash
3c140fece0f933b0fda7ff24b7caba0f04e51d4badca1b2838a252638d8bc5d6

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.2.25
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
status
200
cache-control
no-cache, private
cf-ray
5f22ae02dd2b05f1-FRA
cf-request-id
06698b15c2000005f1f03a3000000001
8021334.js
js.hs-analytics.net/analytics/1605377100000/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1605377100000/8021334.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6c8aba46091614a9413026c36db49aa24df83688b2f6289f289ee30c87908f9

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
81E779A1E4C253BC
x-amz-server-side-encryption
AES256
cf-ray
5f22ae03ac912b12-FRA
status
200
x-amz-id-2
t4KVjIRuWZrq+zFp8PHOZF0q1eUWvYUqNVQdDZrWB1hVGpUqHZ1sAoF3wZU7HiDzeQh3c4jUOZA=
last-modified
Mon, 02 Nov 2020 21:07:32 GMT
server
cloudflare
etag
W/"b42404c49f0dbfe01124847135dc6549"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-request-id
06698b164c00002b12fb237000000001
content-type
text/javascript
expires
Sat, 14 Nov 2020 18:13:46 GMT
collectedforms.js
js.hscollectedforms.net/ 		90 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c277da20a770eea8a7b34967e336fbbec3c0060f7acac2d65e427bfd5d9874f

Request headers

Origin
https://offers.refinerysixtythree.com
Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:47 GMT
via
1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
cf-ray
5f22ae03aa810746-FRA
x-cache
RefreshHit from cloudfront
status
200
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
06698b164c00000746d4acf000000001
last-modified
Thu, 20 Aug 2020 10:23:03 UTC
server
cloudflare
etag
W/"421b26f95ea43197174fcb344facb242"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
IDP52L7B1Fr.Tl8ZOvcH4PutJxHgMsyE
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
content-type
application/javascript; charset=utf-8
x-amz-cf-id
CyGT6m0xrYkvWNbAPnDhPZIyevhULHhCk3KDJsNRoBaUZMp-O96OLA==
8021334.js
js.hs-banner.com/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/8021334.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1641b35fdd35ff1b9a9db92efb28abfaff927a99343d2a4ab1c3123eb8cdbc

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=87JouQ==, md5=L4yrT3Y9N/EXuxTkKK5TsA==
date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABg5-UxBhnJsawQs1FuZwDyzrTxpt79cLd7ZbE5YaJzIzbdb13uZGf0TuIIGTWyGLq2L_jyG5X_l58_ojqcY0Aeq-A
x-goog-storage-class
STANDARD
status
200
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript; charset=UTF-8
cf-request-id
06698b164e00009730a60b9000000001
timing-allow-origin
*
last-modified
Mon, 26 Oct 2020 22:27:30 GMT
server
cloudflare
etag
W/"2f8cab4f763d37f117bb14e428ae53b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1603751250107502
access-control-allow-origin
https://inspirationavenue.academy
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
47009
cf-ray
5f22ae03afdf9730-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Sat, 14 Nov 2020 18:13:46 GMT
conversations-embed.js
js.usemessages.com/ 		79 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36591f06d91bca173997fbecb9a3f9b07709850df396e4134781ed3bdffd2df

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
via
1.1 600860a2fda807ac628822c14b5de861.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
437
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
cf-request-id
06698b16520000177ac689b000000001
last-modified
Fri, 13 Nov 2020 07:59:06 UTC
server
cloudflare
etag
W/"0831b89aec05998ece6e915e3dbb0613"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
3WwoWpmjiqWK2SjnNIpz6njkb951Blzk
cache-control
max-age=600
x-amz-cf-pop
IAD89-C3
cf-ray
5f22ae03baed177a-FRA
x-amz-cf-id
Cxpf6kILIX2uYjaOjR_fqv7LOU-X0ZkDH6zEZDmT78JEIDhskiTIzg==
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=8021334&conversations-embed=static-1.7858&mobile=false&messagesUtk=d3e7a832497e4bd0909495b8b4a7bfef&traceId=d3e7a832497e4bd0909495b8b4a7bfef
Protocol
H2
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-hubspot-messages-uri
Origin
https://offers.refinerysixtythree.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Sat, 14 Nov 2020 18:08:46 GMT
content-type
text/plain; charset=utf-8
content-length
18
x-trace
2BD10B757D11D2D81DB22BACDF35107B0FD19158F3000000000000000000
allow
HEAD,GET,OPTIONS
vary
Accept-Encoding
access-control-allow-credentials
false
access-control-allow-origin
https://offers.refinerysixtythree.com
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-cache-status
DYNAMIC
cf-request-id
06698b1699000017663835e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
5f22ae04299d1766-FRA
public
api.hubspot.com/livechat-public/v1/message/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=8021334&conversations-embed=static-1.7858&mobile=false&messagesUtk=d3e7a832497e4bd0909495b8b4a7bfef&traceId=d3e7a832497e4bd0909495b8b4a7bfef
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3026d625562286f74dc6ef04659c87222cd752f5fba6b8539b73db89b8406f21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://offers.refinerysixtythree.com/

Response headers

date
Sat, 14 Nov 2020 18:08:47 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
content-length
1375
cf-request-id
06698b17330000176638372000000001
server
cloudflare
x-trace
2BAA6BE48FB2D40859A5CECD72371174B0DD5C37EF000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://offers.refinerysixtythree.com
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
5f22ae051b831766-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
__ptq.gif
track.hubspot.com/ 		45 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=8021334&ct=standard-page&rcu=https%3A%2F%2Foffers.refinerysixtythree.com%2F&pu=https%3A%2F%2Foffers.refinerysixtythree.com%2F&t=Refinery+Sixty+Three+%E2%80%93+Marketing.+Refined.&cts=1605377326878&vi=8904a7591bbe6b212d1cec90bf0c9546&nc=true&u=59854642.8904a7591bbe6b212d1cec90bf0c9546.1605377326874.1605377326874.1605377326874.1&b=59854642.1.1605377326874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5f22ae051855dfbb-FRA
date
Sat, 14 Nov 2020 18:08:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
06698b172f0000dfbba3061000000001
x-robots-tag
none
t_prism_sitemessages.php
trackcmp.net/ 		0
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackcmp.net/t_prism_sitemessages.php?trackid=66493512&prismid=0448708d-1103-434a-a892-bf8db0a574a3&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F
Requested by
Host: prism.app-us1.com
URL: https://prism.app-us1.com/prism.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.66.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-66-212.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:47 GMT
server
Apache/2.4.46 (Amazon)
x-powered-by
PHP/7.1.33
p3p
CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
status
200
cache-control
no-cache, private
x-privacy-policy
You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type
text/javascript;charset=UTF-8
content-length
0
widget.js
diffuser-cdn.app-us1.com/conversations/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/conversations/widget.js
Requested by
Host: prism.app-us1.com
URL: https://prism.app-us1.com/prism.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce5b7a1847dc06253838e5f6e660c2fb08cf07ed7819619a754116e09f4a523

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
23
x-cache
Hit from cloudfront
status
200
cf-request-id
06698b1780000005f1a0a15000000001
last-modified
Tue, 10 Nov 2020 20:39:55 GMT
server
cloudflare
etag
W/"1aa6581a4cc8ab471f68cb4573ee9857"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
FRA6-C1
cf-ray
5f22ae059d6805f1-FRA
x-amz-cf-id
1ilgvlBo9p8RFtjhJwGwCKmQqkkBz9iPzxY-r-Djl1aiPmgvRFB_0Q==
widget.d1f4ff7646dd12c98bd4.js
diffuser-cdn.app-us1.com/conversations/ Frame BBF8 		765 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/conversations/widget.d1f4ff7646dd12c98bd4.js
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/conversations/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef2120d764ef7f6b435d01af459c870f54113996ec52c78e2fad5d430b0de66

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:47 GMT
content-encoding
gzip
cf-cache-status
HIT
age
336300
x-cache
Hit from cloudfront
status
200
cf-request-id
06698b17b5000005f1e78bb000000001
last-modified
Tue, 10 Nov 2020 20:39:53 GMT
server
cloudflare
etag
W/"bc2c6ff74ed780e1450cf704c3a109e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
cache-control
public, max-age=63072000
x-amz-cf-pop
FRA6-C1
cf-ray
5f22ae05ee6005f1-FRA
x-amz-cf-id
ur9FX_qMX5z4kqRux5anfMrWrMabizheOzpexnH1ETVxSWzthTnQYA==
css2
fonts.googleapis.com/ Frame BBF8 		14 KB
975 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@200;300;400;500;600;700&display=swap
Requested by
Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc000729939f54c165d95a9c8b1cfc63ee46d29bad43902e4e563143e45a1d34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 14 Nov 2020 18:07:26 GMT
server
ESF
date
Sat, 14 Nov 2020 18:08:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Nov 2020 18:08:47 GMT
settings
conversations.app-us1.com/widget/ Frame BBF8 		58 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://conversations.app-us1.com/widget/settings
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/conversations/widget.d1f4ff7646dd12c98bd4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.17
Resource Hash
f1bdc425d05fb6a52d75c976cf37ac1dca1e856303e845bf5b2e53664ae6d602

Request headers

Accept
application/json, text/plain, */*
Referer
https://offers.refinerysixtythree.com/
x-tracking-id
0448708d-1103-434a-a892-bf8db0a574a3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-email
x-account-id
66493512

Response headers

date
Sat, 14 Nov 2020 18:08:47 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.3.17
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-envoy-upstream-service-time
24
cf-ray
5f22ae08085b1f19-FRA
cf-request-id
06698b190900001f19979ca000000001
settings
conversations.app-us1.com/widget/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://conversations.app-us1.com/widget/settings
Protocol
H2
Server
2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.17
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-account-id,x-email,x-tracking-id
Origin
https://offers.refinerysixtythree.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Sat, 14 Nov 2020 18:08:47 GMT
content-type
text/html; charset=UTF-8
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization, X-Account-Id, X-Tracking-Id, X-Prism-Id, X-Email
access-control-allow-methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, private
x-envoy-upstream-service-time
10
x-powered-by
PHP/7.3.17
cf-cache-status
DYNAMIC
cf-request-id
06698b188b00001f197335e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5f22ae074eab1f19-FRA
content-encoding
gzip
d3e7a832497e4bd0909495b8b4a7bfef
app.hubspot.com/conversations-visitor/8021334/threads/utk/ Frame 5797 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/conversations-visitor/8021334/threads/utk/d3e7a832497e4bd0909495b8b4a7bfef?uuid=3e882f900d574e1db54023982b7589c5&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=d3e7a832497e4bd0909495b8b4a7bfef&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
app.hubspot.com
:scheme
https
:path
/conversations-visitor/8021334/threads/utk/d3e7a832497e4bd0909495b8b4a7bfef?uuid=3e882f900d574e1db54023982b7589c5&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=d3e7a832497e4bd0909495b8b4a7bfef&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://offers.refinerysixtythree.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://offers.refinerysixtythree.com/

Response headers

status
200
date
Sat, 14 Nov 2020 18:08:47 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=db70e9fe5901d8d93a0ddd879dbd431211605377327; expires=Mon, 14-Dec-20 18:08:47 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax
x-amz-replication-status
COMPLETED
last-modified
Fri, 13 Nov 2020 07:59:06 UTC
x-amz-server-side-encryption
AES256
x-amz-version-id
RjBqz3p8Mg6BPlS2a94EhSmJyrlJmkEC
etag
W/"10d2329bfb937bb8d3caf0deb0086361"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-cf-id
J0xnreK1IExTdvLHZfWnPCgduo9NU_uxeL6vC-X7AlsGGbP7umlQ0w==
age
2300
access-control-allow-credentials
false
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-request-id
06698b186c0000dfbbb4222000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
5f22ae071c77dfbb-FRA
content-encoding
br
json
forms.hubspot.com/collected-forms/v1/config/ 		115 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8021334&utk=8904a7591bbe6b212d1cec90bf0c9546
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65738e204282832cf4e4ed7e8f6048fe944dbc2b0ce3274d2e7055eae8766a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://offers.refinerysixtythree.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 18:08:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
06698b18e400001766260a1000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://offers.refinerysixtythree.com
access-control-allow-credentials
false
cf-ray
5f22ae07d96b1766-FRA
access-control-allow-headers
*

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| __cfQR object| _wpemojiSettings undefined| $ function| jQuery object| THO_Head function| tho_change_titles function| tho_brute_search_replace function| tho_get_title_variation function| tho_output_title function| tho_random_key function| tho_get_cookie function| tho_set_cookie string| THO_Titles object| THO_Variations number| tho_title_interval object| _hsq function| hbsptReady object| TVE_Ult_Data undefined| __thrive_$oJ object| ThriveGlobal object| php_data function| acEnableTracking string| prismGlobalObjectAlias function| pgo object| leadin_wordpress object| THO_Front function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| tve_frontend_options function| ownKeys function| _objectSpread function| _defineProperty function| _possibleConstructorReturn function| _assertThisInitialized function| _get function| _superPropBase function| _getPrototypeOf function| _inherits function| _setPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| _typeof object| TVE_jQFn object| TCB_Front function| tve_add_http function| tve_is_email function| tve_unserialize object| tve_dash_front object| TVE_Dash object| thrive_front_localize object| ThriveTheme object| wp object| tcb_post_lists object| TL_Const boolean| __cfRLUnblockHandlers object| jQuery1124020875169505964086 object| tcb_autofill number| TCB_PAGE_INDEX object| twemoji string| visitorGlobalObjectAlias object| visitorGlobalObject boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsp boolean| _hspb_ran boolean| _hspb_loaded object| _paq boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hstc_loaded object| conversationsGlobalObject function| bindToWindowOnError function| OutpostErrorReporter function| setImmediate function| clearImmediate object| __hsCollectedFormsDebug

1 Cookies

Domain/Path Name / Value
.refinerysixtythree.com/ Name: __cfduid
Value: d86a8dabf3b6b9552d8adaf28895b26ac1605377324

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
api.hubspot.com
app.hubspot.com
conversations.app-us1.com
diffuser-cdn.app-us1.com
fonts.googleapis.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.usemessages.com
offers.refinerysixtythree.com
prism.app-us1.com
track.hubspot.com
trackcmp.net
2606:4700:3033::681c:d2d
2606:4700::6810:a723
2606:4700::6811:47b0
2606:4700::6811:81ab
2606:4700::6811:915b
2606:4700::6811:925b
2606:4700::6811:d6cc
2606:4700::6811:eccc
2606:4700::6812:15bf
2606:4700::6813:9a53
2a00:1450:4001:80b::200a
52.0.66.212
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2640bdea12602985fd77015c3eb4f3faa89f1e352ab2568a8418896477638d15
2bd769cb6c7025ab70d81cb7ea1c4fe872669f9b36e67408944d43bffbea2e35
2cd83d5a29914ad4797748d8e80fbc42c2131fbce9bbcdf2749a275fc7db875f
3026d625562286f74dc6ef04659c87222cd752f5fba6b8539b73db89b8406f21
3c140fece0f933b0fda7ff24b7caba0f04e51d4badca1b2838a252638d8bc5d6
3c43b43e53efd54756fc7b63e46431601ce735cf67625d07c16f8ef5664eb67d
41b778a125f809bdffee47c7393bc059e29ca589f66b998226b0d9d2ef86759a
43f2ff515050c5ee8e998578aa9d976852cd79b7906f2b2f1b9abbdfad1b4605
46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251
4b5b234b88d5b5a562f8e2492a9d70fd3ce248ae234588eb18189d5df4216e1c
59ccd8782ca4c88247a8f972d3a71853d6209cbe3f082e391bb2e4a298b322e7
61c8edca4e5b216ae3b455f479e1ab2f806fcb7924fe1e3cd1b0406a562bc8b2
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6ef2120d764ef7f6b435d01af459c870f54113996ec52c78e2fad5d430b0de66
72058501f83c1ff78df7acc5b97b5be177d66c51cc29dad4dae7ab478ebff070
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
9c277da20a770eea8a7b34967e336fbbec3c0060f7acac2d65e427bfd5d9874f
a489a221785e89feb67de34011182f86ab69a5f207d8838006eda6f91ccd9dd7
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b6d887a8a61fd4ec4b38b0b5584dc021ffe1538a948424efff8c38c67e441922
bc000729939f54c165d95a9c8b1cfc63ee46d29bad43902e4e563143e45a1d34
c04837b935b6d1fac0cbffc4a53bf19a6d89029742dbc4c8ad001c1078f5f957
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c65738e204282832cf4e4ed7e8f6048fe944dbc2b0ce3274d2e7055eae8766a4
c92c6a06a05ebbc74655d4d596a2e169f97f1ad070ee073e4024106654441a7c
cf1641b35fdd35ff1b9a9db92efb28abfaff927a99343d2a4ab1c3123eb8cdbc
d16400e6b2166cf4a5b37b2216cde40c8637e6693cf623abbee9f8cd21a7dc33
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcd8c5494dcac3c1b8192d6fb0c5df48f4aeec9f7313495529eddd2e0a252b94
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e29d6ce61b640e1f170c1fa01120eb42a3273cab62a46f86529f0dea3b073abb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c8aba46091614a9413026c36db49aa24df83688b2f6289f289ee30c87908f9
f1bdc425d05fb6a52d75c976cf37ac1dca1e856303e845bf5b2e53664ae6d602
f36591f06d91bca173997fbecb9a3f9b07709850df396e4134781ed3bdffd2df
f8b431166274df67e737ab195fae33fae7c00798ee1912385501dc1a54f8aaa6
fce5b7a1847dc06253838e5f6e660c2fb08cf07ed7819619a754116e09f4a523
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869