offers.refinerysixtythree.com Open in urlscan Pro
192.236.233.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://offers.refinerysixtythree.com/
Submission: On April 16 via api (April 16th 2021, 4:43:03 am UTC) from GB

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 15 domains to perform 55 HTTP transactions. The main IP is 192.236.233.27, located in United States and belongs to HOSTWINDS, US. The main domain is offers.refinerysixtythree.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 16th 2021. Valid for: 3 months.

This is the only time offers.refinerysixtythree.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	192.236.233.27 192.236.233.27	54290 (HOSTWINDS) (HOSTWINDS)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2606:4700::68... 2606:4700::6811:915b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.225.168.154 34.225.168.154	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:b872	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
55	17

26 192.236.233.27 (United States)

ASN54290 (HOSTWINDS, US)
PTR: host.refinedserver.com

offers.refinerysixtythree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:915b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
conversations.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.168.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-168-154.compute-1.amazonaws.com

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:b872 (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent30.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	refinerysixtythree.com offers.refinerysixtythree.com	241 KB
7	app-us1.com 1 redirects prism.app-us1.com diffuser-cdn.app-us1.com conversations.app-us1.com	228 KB
5	hsappstatic.net static.hsappstatic.net	219 KB
4	hubspot.com api.hubspot.com app.hubspot.com track.hubspot.com	18 KB
3	nr-data.net bam.nr-data.net	639 B
1	hubspotusercontent30.net f.hubspotusercontent30.net	3 KB
1	newrelic.com js-agent.newrelic.com	15 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	trackcmp.net trackcmp.net	271 B
1	hsforms.com forms.hsforms.com	589 B
1	hscollectedforms.net js.hscollectedforms.net	24 KB
1	usemessages.com js.usemessages.com	20 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	hs-banner.com js.hs-banner.com	15 KB
1	hs-scripts.com js.hs-scripts.com	1000 B
55	15

	Domain	Requested by
26	offers.refinerysixtythree.com	offers.refinerysixtythree.com
5	static.hsappstatic.net	app.hubspot.com
3	bam.nr-data.net	app.hubspot.com
3	diffuser-cdn.app-us1.com	offers.refinerysixtythree.com prism.app-us1.com diffuser-cdn.app-us1.com
2	conversations.app-us1.com	diffuser-cdn.app-us1.com
2	api.hubspot.com	js.usemessages.com
2	prism.app-us1.com	1 redirects prism.app-us1.com
1	f.hubspotusercontent30.net	app.hubspot.com
1	track.hubspot.com
1	js-agent.newrelic.com	app.hubspot.com
1	fonts.googleapis.com	offers.refinerysixtythree.com
1	app.hubspot.com	js.usemessages.com
1	trackcmp.net	prism.app-us1.com
1	forms.hsforms.com	offers.refinerysixtythree.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-scripts.com	offers.refinerysixtythree.com
55	19

This site contains no links.

Subject Issuer	Validity	Valid
offers.refinerysixtythree.com cPanel, Inc. Certification Authority	`2021-04-16` - `2021-07-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
*.trackcmp.net Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2020-07-05` - `2021-07-05`	a year	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://offers.refinerysixtythree.com/
Frame ID: 2E598FBA09B1926E3C89AA74D2F63905
Requests: 38 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/8021334/threads/utk/29ac2518b4204408bf5166c1e9f4f7a8?uuid=e3a41823dafa4251a958bc861323e9d8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=29ac2518b4204408bf5166c1e9f4f7a8&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 98DF030FA0CDD6E8CA86E1473B341F08
Requests: 11 HTTP requests in this frame

Frame: https://diffuser-cdn.app-us1.com/conversations/widget.ecf023ea698afb0c87f6.js
Frame ID: 15E63C502CA65BEF82B1F3BFB8142F8F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

55
Requests

98 %
HTTPS

75 %
IPv6

15
Domains

19
Subdomains

17
IPs

2
Countries

804 kB
Transfer

3073 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://prism.app-us1.com/prism.js HTTP 301
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

55 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
offers.refinerysixtythree.com/ 19 KB
6 KB 708ms
632ms Document
text/html 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 0576585797618528ef017a173d315dbd26b02b1231c711e1eee5a60f80486909

Request headers

Host: offers.refinerysixtythree.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:45 GMT
Server: Apache
X-Pingback: https://offers.refinerysixtythree.com/xmlrpc.php
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5414
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK base.css
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ 704 B
619 B 35ms
33ms Stylesheet
text/css 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/base.css?ver=2.5.6.1
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: d16400e6b2166cf4a5b37b2216cde40c8637e6693cf623abbee9f8cd21a7dc33

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Nov 2020 16:15:25 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 321

GET
H/1.1 200
OK blank_v2.css
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ 0
256 B 68ms
32ms Stylesheet
text/css 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/blank_v2.css?ver=2.5.6.1
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Last-Modified: Sat, 14 Nov 2020 16:15:25 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 0

GET
H/1.1 200
OK style.min.css
offers.refinerysixtythree.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 98ms
33ms Stylesheet
text/css 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.4
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Aug 2020 18:00:38 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7907

GET
H/1.1 200
OK style-index.css
offers.refinerysixtythree.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/ 70 B
365 B 101ms
32ms Stylesheet
text/css 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/style-index.css?ver=1605429926
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Nov 2020 08:45:26 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 68

GET
H/1.1 200
OK thrive_flat.css
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/editor/css/ 593 KB
65 KB 119ms
50ms Stylesheet
text/css 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.5.6.1
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 41b778a125f809bdffee47c7393bc059e29ca589f66b998226b0d9d2ef86759a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Nov 2020 16:15:25 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK style.css
offers.refinerysixtythree.com/wp-content/themes/thrive-theme/ 40 KB
9 KB 105ms
34ms Stylesheet
text/css 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-content/themes/thrive-theme/style.css?ver=1.1.0
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 4b5b234b88d5b5a562f8e2492a9d70fd3ce248ae234588eb18189d5df4216e1c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Nov 2020 08:41:25 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9310

GET
H/1.1 200
OK jquery.js Show response
offers.refinerysixtythree.com/wp-includes/js/jquery/ 95 KB
33 KB 112ms
41ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 May 2019 04:25:54 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33776

GET
H/1.1 200
OK header.min.js Show response
offers.refinerysixtythree.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/ 2 KB
1 KB 107ms
34ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/header.min.js?ver=1.2.8
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 61c8edca4e5b216ae3b455f479e1ab2f806fcb7924fe1e3cd1b0406a562bc8b2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Nov 2020 16:15:27 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1082

GET
H/1.1 200
OK no-campaign.min.js Show response
offers.refinerysixtythree.com/wp-content/plugins/thrive-ultimatum/js/dist/ 583 B
659 B 129ms
32ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-content/plugins/thrive-ultimatum/js/dist/no-campaign.min.js?v=2.2.16.1
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 43f2ff515050c5ee8e998578aa9d976852cd79b7906f2b2f1b9abbdfad1b4605

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Nov 2020 16:15:27 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 347

GET
H/1.1 200
OK site_tracking.js Show response
offers.refinerysixtythree.com/wp-content/plugins/activecampaign-subscription-forms/ 1 KB
869 B 133ms
33ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-content/plugins/activecampaign-subscription-forms/site_tracking.js?ver=5.5.4
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 3d0df3d4f93a86a8251376ca0ea925e3c8b813fbd65625a9cc9e44a062f111a3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Nov 2020 08:45:26 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 557

GET
H2 200 8021334.js Show response
js.hs-scripts.com/ 2 KB
1000 B 47ms
32ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef767def0d2332a6d6eda19ef5ba34b236e11c38a87e27f59ba0518d3e1740fc

Request headers

Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 53
cf-polished: origSize=1940
cf-request-id: 097a96279d0000d6e96b05e000000001
cf-bgj: minify
server: cloudflare
x-trace: 2B57B273E45F01EE2AD56809851B0950CD0AA531B5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://offers.refinerysixtythree.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 640abfb8fb65d6e9-FRA
expires: Fri, 16 Apr 2021 04:43:46 GMT

GET
H/1.1 200
OK triggers.min.js Show response
offers.refinerysixtythree.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/ 4 KB
2 KB 141ms
34ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/triggers.min.js?ver=1.2.8
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 2640bdea12602985fd77015c3eb4f3faa89f1e352ab2568a8418896477638d15

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Nov 2020 16:15:27 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1418

GET
H/1.1 200
OK imagesloaded.min.js Show response
offers.refinerysixtythree.com/wp-includes/js/ 5 KB
2 KB 140ms
33ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1834

GET
H/1.1 200
OK masonry.min.js Show response
offers.refinerysixtythree.com/wp-includes/js/ 24 KB
8 KB 161ms
32ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7382

GET
H/1.1 200
OK jquery.masonry.min.js Show response
offers.refinerysixtythree.com/wp-includes/js/jquery/ 2 KB
1 KB 164ms
32ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Aug 2016 18:55:30 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 716

GET
H/1.1 200
OK frontend.min.js Show response
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/ 155 KB
45 KB 179ms
41ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.5.6.1
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 2bd769cb6c7025ab70d81cb7ea1c4fe872669f9b36e67408944d43bffbea2e35

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Nov 2020 16:15:25 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 45300

GET
H/1.1 200
OK frontend.min.js Show response
offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 2 KB
1 KB 175ms
34ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=2.2.18.1
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 59ccd8782ca4c88247a8f972d3a71853d6209cbe3f082e391bb2e4a298b322e7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Nov 2020 16:15:25 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 909

GET
H/1.1 200
OK core.min.js Show response
offers.refinerysixtythree.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 174ms
33ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Apr 2021 02:30:21 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1811

GET
H/1.1 200
OK widget.min.js Show response
offers.refinerysixtythree.com/wp-includes/js/jquery/ui/ 7 KB
3 KB 194ms
31ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Apr 2021 02:30:21 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2543

GET
H/1.1 200
OK mouse.min.js Show response
offers.refinerysixtythree.com/wp-includes/js/jquery/ui/ 3 KB
1 KB 196ms
33ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 7e8d54d6c6a4ebd0237786d41ff5d205096eda696f2a5b591e074fe94ba3b3af

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Apr 2021 02:30:21 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 991

GET
H/1.1 200
OK resizable.min.js Show response
offers.refinerysixtythree.com/wp-includes/js/jquery/ui/ 18 KB
5 KB 202ms
35ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.11.4
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 364ba5268d11ed9fbd16763df098faf8a1c059e9681c2debddf15d0830360427

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Apr 2021 02:30:21 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5180

GET
H/1.1 200
OK frontend.min.js Show response
offers.refinerysixtythree.com/wp-content/themes/thrive-theme/inc/assets/dist/ 9 KB
4 KB 208ms
34ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-content/themes/thrive-theme/inc/assets/dist/frontend.min.js?ver=1.1.0
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: f8b431166274df67e737ab195fae33fae7c00798ee1912385501dc1a54f8aaa6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Nov 2020 08:41:25 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3770

GET
H/1.1 200
OK wp-embed.min.js Show response
offers.refinerysixtythree.com/wp-includes/js/ 1 KB
1 KB 208ms
34ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-includes/js/wp-embed.min.js?ver=5.5.4
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Apr 2021 02:30:21 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 765

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
offers.refinerysixtythree.com/wp-includes/js/ 14 KB
5 KB 34ms
34ms Script
application/javascript 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.refinerysixtythree.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.4
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Apr 2021 02:30:21 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4662

GET
H/1.1 200
OK R63-Logo-no-clearance.png
offers.refinerysixtythree.com/wp-content/uploads/2020/03/ 34 KB
35 KB 34ms
34ms Image
image/png 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offers.refinerysixtythree.com/wp-content/uploads/2020/03/R63-Logo-no-clearance.png
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: host.refinedserver.com
Software: Apache /
Resource Hash: b6d887a8a61fd4ec4b38b0b5584dc021ffe1538a948424efff8c38c67e441922

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: offers.refinerysixtythree.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://offers.refinerysixtythree.com/
Connection: keep-alive
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
Last-Modified: Sun, 15 Nov 2020 08:41:25 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 35265

GET
H2

200

diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/
Redirect Chain

https://prism.app-us1.com/prism.js
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

24 KB
6 KB

18ms
16ms

Script
application/javascript

2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7

Request headers

Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 98
x-cache: Hit from cloudfront
cf-request-id: 097a9627c90000d7219ca18000000001
last-modified: Mon, 22 Feb 2021 18:41:52 GMT
server: cloudflare
etag: W/"1e16152334c325a4abb81f1a8ee52e51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 955acc3fed5ff84789d05d4e8c15bf09.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: VIE50-C2
cf-ray: 640abfb94800d721-FRA
x-amz-cf-id: 76o7J1504XoseVgWYx4j_v-5gjqjpxqQJoGdvXnjV3ZlnvBB32mzVA==

Redirect headers

date: Fri, 16 Apr 2021 04:42:46 GMT
cf-cache-status: HIT
server: cloudflare
age: 5342
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://diffuser-cdn.app-us1.com:443/diffuser/diffuser.js
cache-control: public, max-age=14400
cf-ray: 640abfb91fdbd721-FRA
cf-request-id: 097a9627b40000d721df268000000001
expires: Fri, 16 Apr 2021 08:42:46 GMT

POST
H/1.1 200
OK admin-ajax.php Show response
offers.refinerysixtythree.com/wp-admin/ 45 B
621 B 1300ms
1300ms XHR
application/json 192.236.233.27
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL

https://offers.refinerysixtythree.com/wp-admin/admin-ajax.php

Requested by

Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

192.236.233.27 , United States, ASN54290 (HOSTWINDS, US),

Reverse DNS

host.refinedserver.com

Software

Apache /

Resource Hash

dcd8c5494dcac3c1b8192d6fb0c5df48f4aeec9f7313495529eddd2e0a252b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
Origin: https://offers.refinerysixtythree.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: ac_enable_tracking=1
Connection: keep-alive
Content-Length: 160
Pragma: no-cache
Host: offers.refinerysixtythree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Referer: https://offers.refinerysixtythree.com/
Sec-Fetch-Site: same-origin
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://offers.refinerysixtythree.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 16 Apr 2021 04:42:46 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 45
pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://offers.refinerysixtythree.com
Cache-Control: no-cache, must-revalidate, max-age=0, no-store
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=97
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 8021334.js Show response
js.hs-banner.com/ 59 KB
15 KB 34ms
14ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/8021334.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dc18add13ebb947b82da7a3d312b557299dbe00864ba7565798baf4f4095dde

Request headers

Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 267
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: YTF7E5W45MFN6E7S
x-amz-id-2: 7hVdklCIIer97lF/mV/2qbHz9lL/1r0RrFIgWPROVCU35jzs/BTkKr/c11nyesNdLT8RirrEnVM=
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 23:29:21 GMT
server: cloudflare
etag: W/"88121b7748d8c4a3c5474ca801ea921a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: FHWYYbBMEgctytT0XXsDzhwRQAtZ5lvV
access-control-allow-origin: https://inbound.refinerysixtythree.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 097a9627da00004e199723a000000001
cf-ray: 640abfb9599b4e19-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 16 Apr 2021 04:43:19 GMT

GET
H2 200 8021334.js Show response
js.hs-analytics.net/analytics/1618548000000/ 61 KB
19 KB 34ms
15ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1618548000000/8021334.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8059291383268d5aab4a2684833902f7dfc4949b5d99dc2fa1c1fffba00831e6

Request headers

Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 53
x-amz-server-side-encryption: AES256
x-amz-request-id: E7WCPQRW07C75R5W
x-amz-id-2: GwRPA6a8Fy2WRG+FKdWiMHWFODJiAx7rLVZkRkz1nhY0Jdvlo8hVTsoJZOwb5ljxi+YEIZs854A=
last-modified: Wed, 24 Feb 2021 00:48:20 GMT
server: cloudflare
etag: W/"e6b4a446ee6c4b61d2eaaf32d6842719"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 097a9627da00000eab10bf5000000001
cf-ray: 640abfb95ca10eab-FRA
expires: Fri, 16 Apr 2021 04:46:53 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 81 KB
20 KB 37ms
19ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c4da6b04f83f5d073c60b6311895d91e6f9e258a389d1910e852dd6cc44c39

Request headers

Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:46 GMT
via: 1.1 1fa3f854976309f3d11907ad7125291a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 158
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.8631/bundles/project.js&cfRay=640abbda489797c0-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 097a9627dc00004eb096a96000000001
last-modified: Thu, 15 Apr 2021 08:59:09 UTC
server: cloudflare
etag: W/"b41d979c2ed0bd183dcf005335afaf27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: uThkHVDuMQiH_3UikXDm6jzZjJH16hdd
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 640abfb959ef4eb0-FRA
x-amz-cf-id: JdOGkWYpqg8HMY_U7oxwLa3jEIW3JAnSq3ICnvNy3b2DqSi9Y22Slw==

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 81 KB
24 KB 36ms
17ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8021334.js?integration=WordPress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f259c2327291fd5e68aa4ca0534851223b92e98a899004cfd1011ded9a0ce52c

Request headers

Origin: https://offers.refinerysixtythree.com
Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:46 GMT
via: 1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 53
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.233/bundles/project.js&cfRay=640abe6cfc61323c-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 097a9627db000005d896b4b000000001
cf-ray: 640abfb95f3405d8-FRA
last-modified: Fri, 05 Mar 2021 01:14:37 UTC
server: cloudflare
etag: W/"a602783565325058f8a9337405866365"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: hQzE7ksb9fEoU_Lhcxj5iunit0RvpCrN
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 6JwGrfVDDoB5SZi0mIcgZx4JLkqIw3JJwzI_hCWp8hAGvXfy1ywNGQ==

GET
H2 200 / Show response
prism.app-us1.com/ 260 B
423 B 421ms
421ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=66493512&u=https%3A%2F%2Foffers.refinerysixtythree.com%2F
Requested by: Host: prism.app-us1.com
URL: https://prism.app-us1.com/prism.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: da79316ef61c531788d8c657b998af52b67b74e20b71c82441fc0ecb4abdc249

Request headers

Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, private
cf-ray: 640abfb96822d721-FRA
cf-request-id: 097a9627e00000d7218b854000000001

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 152ms
136ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=8021334&conversations-embed=static-1.8631&mobile=false&messagesUtk=29ac2518b4204408bf5166c1e9f4f7a8&traceId=29ac2518b4204408bf5166c1e9f4f7a8

Protocol

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://offers.refinerysixtythree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 16 Apr 2021 04:42:46 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 640abfba0ddf4ed4-FRA
access-control-allow-origin: https://offers.refinerysixtythree.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-request-id: 097a96284500004ed4f806f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-trace: 2BE1F284BA9A3F946A62B642E15786BF277F078611000000000000000000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YOHVdDzjNmV4qfp18%2ByqZeil8o86ofVwoXbsbkcOiAp2XQUoCLlCHyLwlR%2BkOhEEhibDWzoGlYeDl%2BbpuOch7%2F2rSligFe7Yd%2F0Q5JHeVbZKfBmPUN64qdoPyy0%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 198ms
197ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea8b424c727e829e64a03f35cf21ab3640fe08abaa5604b0e9f74bb774a24906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://offers.refinerysixtythree.com/

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1349
cf-request-id: 097a9628cd00004ed4c4b31000000001
server: cloudflare
x-trace: 2B8667072723E524B501788E693DA5989B8857E405000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oNfBy6rNuZmjhwS%2FIldneUmfP0iNx4%2Btq2BrV9YC3HEXGWAjz1tVMalf4wxhsdXq883wm5oG5A5iPZmgl3E4%2FOF0fRnOjaEnmeZKy3fIWkoj7SKRQxkvNFgPw3A%3D"}],"max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://offers.refinerysixtythree.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 640abfbaeee44ed4-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
589 B 384ms
368ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1

Requested by

Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B40558903D2E06D5F250E8F54C5758E90E1B29E75000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 640abfba2f57dfc3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
cf-request-id: 097a9628570000dfc393149000000001

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
271 B 306ms
106ms Script
text/javascript 34.225.168.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=66493512&prismid=12c12699-b6ee-4104-8f2b-c0119c971e2e&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F
Requested by: Host: prism.app-us1.com
URL: https://prism.app-us1.com/prism.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.168.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-168-154.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
server: Apache/2.4.46 (Amazon)
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type: text/javascript;charset=UTF-8
content-length: 0

GET
H2 200 widget.js Show response
diffuser-cdn.app-us1.com/conversations/ 7 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/conversations/widget.js
Requested by: Host: prism.app-us1.com
URL: https://prism.app-us1.com/prism.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd75f08d51d2e037636e7bb7bf7abb64eeeb2143a1a0ade3340da1ec57e59639

Request headers

Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 139
x-cache: Hit from cloudfront
cf-request-id: 097a9629890000d7217719f000000001
last-modified: Thu, 11 Mar 2021 18:17:27 GMT
server: cloudflare
etag: W/"1b8c0ce6e88186f671dadb4d8f173377"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 53b16207cced8b28d8091c1ff91ffc3e.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: MXP64-C3
cf-ray: 640abfbc0afcd721-FRA
x-amz-cf-id: RnNwFSxMAEFNkNn8fQd4wIkiD2NxMc06XDN9DcQxp8W8I8JXCg3Vfw==

GET
H2 200 29ac2518b4204408bf5166c1e9f4f7a8 Show response
app.hubspot.com/conversations-visitor/8021334/threads/utk/ Frame 98DF 44 KB
15 KB 157ms
141ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/8021334/threads/utk/29ac2518b4204408bf5166c1e9f4f7a8?uuid=e3a41823dafa4251a958bc861323e9d8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=29ac2518b4204408bf5166c1e9f4f7a8&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4a7f98cae328da0820ed6fdc4edb008211db8cab93fdf047c3687605979e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: app.hubspot.com
:scheme: https
:path: /conversations-visitor/8021334/threads/utk/29ac2518b4204408bf5166c1e9f4f7a8?uuid=e3a41823dafa4251a958bc861323e9d8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=29ac2518b4204408bf5166c1e9f4f7a8&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://offers.refinerysixtythree.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://offers.refinerysixtythree.com/

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d2e44ebc42427cf48449477ee9616138d1618548167; expires=Sun, 16-May-21 04:42:47 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax; Secure
cf-ray: 640abfbc4e0e177e-FRA
age: 3025
cache-control: max-age=600
etag: W/"f2e8d2ae8e4c0a93aa4753a0208cadbd"
last-modified: Thu, 15 Apr 2021 08:59:09 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 199fd61d7551d8868317c5b53cc7d24d.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
cf-request-id: 097a9629a90000177e2f8a0000000001
content-security-policy-report-only: script-src 'unsafe-inline' 'self' www.hubspot.com js.hs-analytics.net js.hsforms.net js.hsleadflows.net *.hsappstatic.net js.hs-banner.com *.hs-scripts.com js.hubspotfeedback.com js.usemessages.com js.hubspot.com js.hsadspixel.net js.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net www.google-analytics.com static.hotjar.com script.hotjar.com www.googletagmanager.com www.fullstory.com *.convertexperiments.com cdn.pdst.fm d.impactradius-event.com cdn.getambassador.com mbsy.co pixel.cdnwidget.com snap.licdn.com connect.facebook.net js.stripe.com checkout.stripe.com survey.survicate.com surveys-static.survicate.com sdk.canva.com www.dropbox.com www.google.com www.gstatic.com apis.google.com maps.googleapis.com www.googleadservices.com googleads.g.doubleclick.net static.ads-twitter.com analytics.twitter.com play.vidyard.com app.vidyard.com fast.wistia.com s.yimg.jp www.redditstatic.com 'unsafe-eval'; report-uri https://exceptions.hubspot.com/csp/report
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
x-amz-cf-id: GyDUP1fTPpcQvGunqFcGBTULLATy2UoH-igy9ZAJV7nFGzQVr1fLBQ==
x-amz-cf-pop: IAD89-C3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: KeLwMdfDREt3cUnwopnKnaHm.qweB2Bk
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget.ecf023ea698afb0c87f6.js Show response
diffuser-cdn.app-us1.com/conversations/ Frame 15E6 766 KB
219 KB 15ms
15ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/conversations/widget.ecf023ea698afb0c87f6.js
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/conversations/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40508df1beafa61621bb8cdc696df83fd366e82813004faef5723260615ee95c

Request headers

Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3061457
x-cache: Hit from cloudfront
cf-request-id: 097a9629a30000d7218b867000000001
last-modified: Thu, 11 Mar 2021 18:17:24 GMT
server: cloudflare
etag: W/"7d53960d84298dd38059e0c259554532"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 53b16207cced8b28d8091c1ff91ffc3e.cloudfront.net (CloudFront)
cache-control: public, max-age=63072000
x-amz-cf-pop: MXP64-C3
cf-ray: 640abfbc3b22d721-FRA
x-amz-cf-id: 9cw2q6LI4o9KyaP3CU9eQo9podN2727pqarmA6YUbFFo5vYuGEvhiA==

GET
H2 200 css2
fonts.googleapis.com/ Frame 15E6 12 KB
1 KB 34ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@200;300;400;500;600;700&display=swap

Requested by

Host: offers.refinerysixtythree.com
URL: https://offers.refinerysixtythree.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62aa6b8aaa18cd230ec76bf2b66a03d8bf1cf96df6017b6eef77af42ee49b9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 02:44:52 GMT
server: ESF
date: Fri, 16 Apr 2021 04:42:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Apr 2021 04:42:47 GMT

GET
H2 200 settings Show response
conversations.app-us1.com/widget/ Frame 15E6 58 B
289 B 420ms
420ms XHR
application/json 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversations.app-us1.com/widget/settings
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/conversations/widget.ecf023ea698afb0c87f6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: f1bdc425d05fb6a52d75c976cf37ac1dca1e856303e845bf5b2e53664ae6d602

Request headers

Accept: application/json, text/plain, */*
Referer: https://offers.refinerysixtythree.com/
x-tracking-id: 12c12699-b6ee-4104-8f2b-c0119c971e2e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-email
x-account-id: 66493512

Response headers

date: Fri, 16 Apr 2021 04:42:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control: no-cache, private
x-envoy-upstream-service-time: 33
cf-ray: 640abfbfcf49dfd3-FRA
cf-request-id: 097a962bdc0000dfd3e388e000000001

OPTIONS
H2 204 settings
conversations.app-us1.com/widget/ Frame 0
0 403ms
387ms Preflight 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversations.app-us1.com/widget/settings
Protocol: H2
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-account-id,x-email,x-tracking-id
Origin: https://offers.refinerysixtythree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization, X-Account-Id, X-Tracking-Id, X-Prism-Id, X-Email
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
status: 204 No Content
x-envoy-upstream-service-time: 14
x-powered-by: PHP/7.3.24
cf-cache-status: DYNAMIC
cf-request-id: 097a962a580000dfd3c722c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 640abfbd5cfedfd3-FRA

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.112/ Frame 98DF 44 KB
15 KB 36ms
19ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.112/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8021334/threads/utk/29ac2518b4204408bf5166c1e9f4f7a8?uuid=e3a41823dafa4251a958bc861323e9d8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=29ac2518b4204408bf5166c1e9f4f7a8&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691fe879f5da0a20cd9355a4ede2aed294d0347422d04b51fefe2c0f7b196e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 793588
x-amz-server-side-encryption: AES256
cf-ray: 640abfbd7b760614-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097a962a6700000614c60c8000000001
last-modified: Tue, 09 Mar 2021 22:52:26 GMT
server: cloudflare
etag: W/"100c2ee2a6fba786133d9e8650ef359a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xlK1fAlpOAJzzZBAi6nZf4L%2BORgp05e86sMAx5teMXmQp0WhXAzFNRLccZvMisjpSj%2BAOYw5gqDWHETpsdbJ52bBBdxfMij4jgKysmOnOLj%2BUTHmHRcbl5%2BdJ8zh7O7LxNZc"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: .jv.x0xq4z.UMbqGfudGvz8ikMDC6o1x
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: 1PPE8e-aBRJNZx6ztlbnDCyefzk3j3o-zHoLpra3rn9ysT_jS6sUaQ==
expires: Sat, 16 Apr 2022 04:42:47 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.10899/sass/ Frame 98DF 20 KB
4 KB 30ms
13ms Stylesheet
text/css 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.10899/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1320304
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097a962a67000005f1f991f000000001
last-modified: Wed, 03 Mar 2021 21:09:00 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bBYo%2FZcfadzRHz8RBNBpULXkt8DeotwgzDxRSTPwpw584Y2Fky1RObazMmJ3pQ45lpc%2B31eo2aGJKYmWLQlMrlfal35xKXVR10msulFXtLN8Nm34%2Fq%2FfDYGe5dxog6N77QST"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1rBCyHs_YjjDB1.HOpykpqteK2m6W_oL
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C2
cf-ray: 640abfbd7eee05f1-FRA
x-amz-cf-id: BaPc9jDBAKJhQvOb8wSH7Z7Gqc0HODdvaWe4UD5v05BBUqG0_I4tpg==
expires: Sat, 16 Apr 2022 04:42:47 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.129/ Frame 98DF 285 KB
84 KB 36ms
19ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.129/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85a94aca9a3bb11143fc25e69f7cddee5e42619798aea0a4595e5b85af2db47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1861091
x-amz-server-side-encryption: AES256
cf-ray: 640abfbd7b7c0614-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097a962a6900000614601ff000000001
last-modified: Thu, 25 Feb 2021 03:06:13 GMT
server: cloudflare
etag: W/"4b0d6c4998d1c189b73bf24559a044d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HJ1ip8wLB67ITlKto%2Fua%2BROeF7ZzkKdfNgQ8zv%2BK7b9AfGy1bJB1BI%2FB8%2FQy6o31BgZ0aIsOhvUDzICLB79OtaFxclEs5TACeVEVXRxsgvN3CxI1w7JWrqLlV5VAACc6xN13"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: tIgtiGaJ4EHx5PaVJ4NwnE5IaF3j9gQD
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: we7v7nYL5GxoZcXVBPDHPiMS-Rm1TQBv_j_YdM44GUHjzOf-Wp79Yw==
expires: Sat, 16 Apr 2022 04:42:47 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11087/bundles/ Frame 98DF 459 KB
114 KB 33ms
17ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11087/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89c00ff9058c6f7296464c7c0600c73f55fd054c7732d3ef6310b8cf22e5a660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 27813
x-amz-server-side-encryption: AES256
cf-ray: 640abfbd7b7e0614-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097a962a680000061493a4d000000001
last-modified: Thu, 15 Apr 2021 16:31:05 GMT
server: cloudflare
etag: W/"4b44d545ab0585fd6fadb62e2397531d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BW1IQr%2FsoYRt4XMH1pFZj56pI5KUp65cRrHh1%2BTobdWVQmeklDsEODrnm54Ej5wEdsIN8gXLlDb2T8saC7ZXxMIJQETmVFE6PT%2BbqvD5SAS25N1%2FA%2FXh5ZdeFjmFM6tvo%2FFG"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: sAlqN0d0ETFxPfvFBBOayt3sv4iq19BG
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: 0vOmOvP9lhnSA-pCswx6o1O7_rc_z4CeQTBUYuOE-bgB2JbDncyd3g==
expires: Sat, 16 Apr 2022 04:42:47 GMT

GET
H3-29 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11051/ Frame 98DF 778 B
1 KB 25ms
15ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11051/i18n-data-data-locales-en-us.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97cc0633b140cb10c42d81474d920002fa114e8daacd4f60e509f3f5080ce800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219376
x-amz-server-side-encryption: AES256
cf-ray: 640abfbe490c4a98-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097a962aed00004a9800937000000001
last-modified: Mon, 12 Apr 2021 17:29:37 GMT
server: cloudflare
etag: W/"c99f9b411b556affdeafa25c4ee17b0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cKqTvbSY8KJFi7rrZh3Hkdq0YmWqkXPUMcX5uOsztZ%2FJD9y2Ibh%2BOWxxseq5UZUI4Pxm9d4ClTboGmREX5FsFNq14vmYX1TRDYuLM4ZevgFGOIEt4KZORjiRIdg47rtaIWyv"}],"max_age":604800}
x-amz-version-id: HhMRlLrSWb3dcjJWG27dedc63wM.Y0.i
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: xLCef8EqqZsMlh8HpaBH3r-4zKzYVYWsp_Pj9N5Lw7HPhjhQmixGrg==
expires: Sat, 16 Apr 2022 04:42:47 GMT

GET
H2 200 nr-spa-1198.min.js Show response
js-agent.newrelic.com/ Frame 98DF 38 KB
15 KB 97ms
30ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1198.min.js
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8021334/threads/utk/29ac2518b4204408bf5166c1e9f4f7a8?uuid=e3a41823dafa4251a958bc861323e9d8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=29ac2518b4204408bf5166c1e9f4f7a8&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ec272b76ebdf8756da8e60cbec342b26e1e314d223b828e34b02aedea5d6d5a

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "498f8d87fcfe5e90fda6a3ae4c47c6b0"
x-amz-request-id: A9W9BZ2SNRSFD428
x-cache: HIT
content-length: 14594
x-amz-id-2: S1eRkcdnAA/p5cs/PzKDaHfw5ueU/vdgvC5xgnCLxNRpU8LGFB/QCwBNZQTIo7/9lVdwcvCkeaE=
x-served-by: cache-hhn4067-HHN
last-modified: Fri, 29 Jan 2021 19:19:10 GMT
server: AmazonS3
x-timer: S1618548168.523911,VS0,VE0
date: Fri, 16 Apr 2021 04:42:47 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 518

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
463 B 27ms
26ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=8021334&ct=standard-page&rcu=https%3A%2F%2Foffers.refinerysixtythree.com%2F&pu=https%3A%2F%2Foffers.refinerysixtythree.com%2F&t=Refinery+Sixty+Three+%E2%80%93+Marketing.+Refined.&cts=1618548167454&vi=3ac187df8d9a6a15b131ba07b65b2005&nc=true&u=59854642.3ac187df8d9a6a15b131ba07b65b2005.1618548167450.1618548167450.1618548167450.1&b=59854642.1.1618548167450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://offers.refinerysixtythree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 640abfbe98bc177e-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 097a962b220000177e45ba0000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x2d%2FzruGFAx46cMW8NEsRqqzYh7YEi0ANqVrCFNjLz8PEmXOSsDKRV%2B2SJdq97cviUcx%2B3hZNkNa6AE%2FKUltO6k6o6XK7rce%2Fh5Y%2BEJI5sxUBoO0vN3RH2vTMp7%2F1w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 R63%20Logo%20Square%20-%20white%20background.jpg
f.hubspotusercontent30.net/hub/8021334/hubfs/ Frame 98DF 2 KB
3 KB 36ms
17ms Image
image/webp 2606:4700::6810:b872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent30.net/hub/8021334/hubfs/R63%20Logo%20Square%20-%20white%20background.jpg?width=108&height=108

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b872 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df96a2945ccc9ccb3bc80567a12fabee2f866c468c2a798224e05c48edd93c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 04:42:47 GMT
via: 1.1 7a99ed3f39c18af8fe138a695e5f657d.cloudfront.net (CloudFront)
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 160
cf-polished: qual=85, origFmt=jpeg, origSize=3432
edge-cache-tag: F-34658929515,P-8021334,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="R63%20Logo%20Square%20-%20white%20background.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 1838
cf-request-id: 097a962b5c00004a8b0c32b000000001
x-amz-server-side-encryption: AES256
last-modified: Thu, 01 Apr 2021 22:57:33 GMT
server: cloudflare
x-cache: Miss from cloudfront
etag: "43c5169e79847a313fc0f69e14de19a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 640abfbeffee4a8b-FRA
x-amz-cf-id: 0eRVZm8EhP1miQd0Xi-9Dvz8jNh5XElr2D_CN8QDPzxr4-avfoxRRw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H/1.1 200
OK f9d051f404 Show response
bam.nr-data.net/1/ Frame 98DF 57 B
275 B 451ms
113ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=503&ck=1&ref=https://app.hubspot.com/conversations-visitor/8021334/threads/utk/29ac2518b4204408bf5166c1e9f4f7a8&be=238&fe=382&dc=333&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1618548167063,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:2,%22c%22:2,%22s%22:7,%22ce%22:16,%22rq%22:16,%22rp%22:157,%22rpe%22:162,%22dl%22:176,%22di%22:333,%22ds%22:333,%22de%22:333,%22dc%22:382,%22l%22:382,%22le%22:383%7D,%22navigation%22:%7B%7D%7D&fp=450&fcp=458&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36%22,%22supportsPromiseRejectionEvent%22:true,%22deviceMemory%22:8,%22cpuCores%22:16,%22downloadSpeedMbps%22:9.6,%22effectiveConnectionType%22:%224g%22,%22networkLatencyMs%22:0,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:8021334,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.11087%22,%22template%22:%22html/visitor-index.html.jade%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22reactRhumbVersion%22:%221.6148%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8021334/threads/utk/29ac2518b4204408bf5166c1e9f4f7a8?uuid=e3a41823dafa4251a958bc861323e9d8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=29ac2518b4204408bf5166c1e9f4f7a8&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

POST
H/1.1 200
OK f9d051f404 Show response
bam.nr-data.net/events/1/ Frame 98DF 24 B
182 B 113ms
112ms XHR
image/gif 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=965&ck=1&ref=https://app.hubspot.com/conversations-visitor/8021334/threads/utk/29ac2518b4204408bf5166c1e9f4f7a8
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8021334/threads/utk/29ac2518b4204408bf5166c1e9f4f7a8?uuid=e3a41823dafa4251a958bc861323e9d8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=29ac2518b4204408bf5166c1e9f4f7a8&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://app.hubspot.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

POST
H/1.1 200
OK f9d051f404 Show response
bam.nr-data.net/events/1/ Frame 98DF 24 B
182 B 114ms
114ms XHR
image/gif 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=10504&ck=1&ref=https://app.hubspot.com/conversations-visitor/8021334/threads/utk/29ac2518b4204408bf5166c1e9f4f7a8
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8021334/threads/utk/29ac2518b4204408bf5166c1e9f4f7a8?uuid=e3a41823dafa4251a958bc861323e9d8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=offers.refinerysixtythree.com&inApp53=false&messagesUtk=29ac2518b4204408bf5166c1e9f4f7a8&url=https%3A%2F%2Foffers.refinerysixtythree.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://app.hubspot.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.offers.refinerysixtythree.com/	1970-01-20 02:57:24	Name: messagesUtk Value: 29ac2518b4204408bf5166c1e9f4f7a8
.refinerysixtythree.com/	1970-01-19 17:35:49	Name: __hssc Value: 59854642.1.1618548167450
.refinerysixtythree.com/	1970-01-20 02:57:24	Name: __hstc Value: 59854642.3ac187df8d9a6a15b131ba07b65b2005.1618548167450.1618548167450.1618548167450.1
.refinerysixtythree.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.refinerysixtythree.com/	1970-01-20 02:57:24	Name: hubspotutk Value: 3ac187df8d9a6a15b131ba07b65b2005
.refinerysixtythree.com/	1970-01-19 18:19:00	Name: prism_66493512 Value: 12c12699-b6ee-4104-8f2b-c0119c971e2e
offers.refinerysixtythree.com/	1970-01-19 18:19:07	Name: ac_enable_tracking Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
bam.nr-data.net
conversations.app-us1.com
diffuser-cdn.app-us1.com
f.hubspotusercontent30.net
fonts.googleapis.com
forms.hsforms.com
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.usemessages.com
offers.refinerysixtythree.com
prism.app-us1.com
static.hsappstatic.net
track.hubspot.com
trackcmp.net
151.101.114.110
162.247.242.18
192.236.233.27
2606:4700::6810:5605
2606:4700::6810:b872
2606:4700::6811:47b0
2606:4700::6811:7d2
2606:4700::6811:81ab
2606:4700::6811:915b
2606:4700::6811:d6cc
2606:4700::6811:eccc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:800::200a
34.225.168.154
0576585797618528ef017a173d315dbd26b02b1231c711e1eee5a60f80486909
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2640bdea12602985fd77015c3eb4f3faa89f1e352ab2568a8418896477638d15
2bd769cb6c7025ab70d81cb7ea1c4fe872669f9b36e67408944d43bffbea2e35
364ba5268d11ed9fbd16763df098faf8a1c059e9681c2debddf15d0830360427
3d0df3d4f93a86a8251376ca0ea925e3c8b813fbd65625a9cc9e44a062f111a3
3dc18add13ebb947b82da7a3d312b557299dbe00864ba7565798baf4f4095dde
40508df1beafa61621bb8cdc696df83fd366e82813004faef5723260615ee95c
41b778a125f809bdffee47c7393bc059e29ca589f66b998226b0d9d2ef86759a
43f2ff515050c5ee8e998578aa9d976852cd79b7906f2b2f1b9abbdfad1b4605
4b5b234b88d5b5a562f8e2492a9d70fd3ce248ae234588eb18189d5df4216e1c
55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2
59ccd8782ca4c88247a8f972d3a71853d6209cbe3f082e391bb2e4a298b322e7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
61c8edca4e5b216ae3b455f479e1ab2f806fcb7924fe1e3cd1b0406a562bc8b2
62aa6b8aaa18cd230ec76bf2b66a03d8bf1cf96df6017b6eef77af42ee49b9ae
691fe879f5da0a20cd9355a4ede2aed294d0347422d04b51fefe2c0f7b196e43
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7e8d54d6c6a4ebd0237786d41ff5d205096eda696f2a5b591e074fe94ba3b3af
8059291383268d5aab4a2684833902f7dfc4949b5d99dc2fa1c1fffba00831e6
85a94aca9a3bb11143fc25e69f7cddee5e42619798aea0a4595e5b85af2db47e
89c00ff9058c6f7296464c7c0600c73f55fd054c7732d3ef6310b8cf22e5a660
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8ec272b76ebdf8756da8e60cbec342b26e1e314d223b828e34b02aedea5d6d5a
97cc0633b140cb10c42d81474d920002fa114e8daacd4f60e509f3f5080ce800
a68ced9bf3600aac812a146702e5e951eadb5e0312a8eaa7b54484534c979067
b0c4da6b04f83f5d073c60b6311895d91e6f9e258a389d1910e852dd6cc44c39
b6d887a8a61fd4ec4b38b0b5584dc021ffe1538a948424efff8c38c67e441922
bd4a7f98cae328da0820ed6fdc4edb008211db8cab93fdf047c3687605979e39
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
d16400e6b2166cf4a5b37b2216cde40c8637e6693cf623abbee9f8cd21a7dc33
da79316ef61c531788d8c657b998af52b67b74e20b71c82441fc0ecb4abdc249
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcd8c5494dcac3c1b8192d6fb0c5df48f4aeec9f7313495529eddd2e0a252b94
dd75f08d51d2e037636e7bb7bf7abb64eeeb2143a1a0ade3340da1ec57e59639
df96a2945ccc9ccb3bc80567a12fabee2f866c468c2a798224e05c48edd93c9e
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8b424c727e829e64a03f35cf21ab3640fe08abaa5604b0e9f74bb774a24906
ef767def0d2332a6d6eda19ef5ba34b236e11c38a87e27f59ba0518d3e1740fc
f1bdc425d05fb6a52d75c976cf37ac1dca1e856303e845bf5b2e53664ae6d602
f259c2327291fd5e68aa4ca0534851223b92e98a899004cfd1011ded9a0ce52c
f8b431166274df67e737ab195fae33fae7c00798ee1912385501dc1a54f8aaa6
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

offers.refinerysixtythree.com Open in urlscan Pro 192.236.233.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

75 %IPv6

15 Domains

19 Subdomains

17 IPs

2 Countries

804 kBTransfer

3073 kBSize

7 Cookies

0 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

offers.refinerysixtythree.com Open in urlscan Pro
192.236.233.27 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

75 %
IPv6

15
Domains

19
Subdomains

17
IPs

2
Countries

804 kB
Transfer

3073 kB
Size

7
Cookies

55 HTTP transactions
-1 data transactions