urlscan.io logo urlscan.io
SecurityTrails logo

overtax-refund.heumtax.com Open in urlscan Pro
2606:4700:4400::ac40:95d5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-us.mimecast.com/s/oV4BCBB70LSo4Y6JsWb7cn
Effective URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Submission: On October 04 via manual from IN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 2 countries across 28 domains to perform 74 HTTP transactions. The main IP is 2606:4700:4400::ac40:95d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is overtax-refund.heumtax.com.
TLS certificate: Issued by R3 on September 6th 2023. Valid for: 3 months.
This is the only time overtax-refund.heumtax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 207.211.31.113 14135 (NAVISITE-...)
1 1 183.111.188.178 4766 (KIXS-AS-K...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
6 35.244.137.202 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2606:4700:440... 13335 (CLOUDFLAR...)
5 2a04:4e42:400... 54113 (FASTLY)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
3 34.71.95.65 396982 (GOOGLE-CL...)
1 34.36.17.181 396982 (GOOGLE-CL...)
5 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 23.0.244.244 16625 (AKAMAI-AS)
2 2600:1408:c40... 20940 (AKAMAI-ASN1)
1 99.84.216.13 16509 (AMAZON-02)
1 18.160.41.49 16509 (AMAZON-02)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 23.4.191.206 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
1 99.84.191.43 16509 (AMAZON-02)
3 52.40.67.88 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
3 18.245.96.99 16509 (AMAZON-02)
1 3.36.241.176 16509 (AMAZON-02)
1 110.93.147.30 23576 (NHN-AS-KR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 1 121.53.105.159 38099 (KAKAO-AS-...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42::729 54113 (FASTLY)
1 43.201.87.35 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
74 33
2    207.211.31.113 (United States)

ASN14135 (NAVISITE-EAST-2, US)
PTR: service165-us.mimecast.com
protect-us.mimecast.com
1    183.111.188.178 (Seoul, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
www2.smartbill.co.kr
1    2606:4700:4400::ac40:95d5 (United States)

ASN13335 (CLOUDFLARENET, US)
overtax-refund.heumtax.com
6    35.244.137.202 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 202.137.244.35.bc.googleusercontent.com
g.fastcdn.co
1    2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c06::64 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
8    2606:4700:4400::ac40:9b7c (United States)

ASN13335 (CLOUDFLARENET, US)
v.fastcdn.co
5    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    34.71.95.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.95.71.34.bc.googleusercontent.com
heatmap-events-collector.instapage.com
ec.instapagemetrics.com
1    34.36.17.181 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 181.17.36.34.bc.googleusercontent.com
cdn.instapagemetrics.com
5    2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:20::681a:6b4 (United States)

ASN13335 (CLOUDFLARENET, US)
browser-update.org
1    23.0.244.244 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-244-244.deploy.static.akamaitechnologies.com
wcs.naver.net
2    2600:1408:c400:28::17da:d89a (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
t1.daumcdn.net
1    99.84.216.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-216-13.iad79.r.cloudfront.net
cdn.amplitude.com
1    18.160.41.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-49.iad55.r.cloudfront.net
static.hotjar.com
2    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.4.191.206 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-191-206.deploy.static.akamaitechnologies.com
static.dable.io
1    2607:f8b0:4004:c19::9d (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    99.84.191.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-43.iad89.r.cloudfront.net
script.hotjar.com
3    52.40.67.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-67-88.us-west-2.compute.amazonaws.com
api.amplitude.com
2    2607:f8b0:4004:c06::69 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    18.245.96.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-96-99.yto50.r.cloudfront.net
cdn.channel.io
1    3.36.241.176 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-36-241-176.ap-northeast-2.compute.amazonaws.com
api.dable.io
1    110.93.147.30 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)
wcs.naver.com
2    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
analytics.overtax.co.kr
1    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    121.53.105.159 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)
bc.ad.daum.net
2    2607:f8b0:4004:c1d::66 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
js.sentry-cdn.com
1    43.201.87.35 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-201-87-35.ap-northeast-2.compute.amazonaws.com
ad-log.dable.io
3    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
Apex Domain
Subdomains		 Transfer
14 fastcdn.co
g.fastcdn.co — Cisco Umbrella Rank: 68063
v.fastcdn.co — Cisco Umbrella Rank: 62641
1 MB
7 gstatic.com
fonts.gstatic.com
109 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 11
analytics.google.com — Cisco Umbrella Rank: 270
932 B
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
351 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
519 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
2 KB
4 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 3889
api.amplitude.com — Cisco Umbrella Rank: 2366
23 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1425
111 KB
3 channel.io
cdn.channel.io — Cisco Umbrella Rank: 154232
208 KB
3 dable.io
static.dable.io — Cisco Umbrella Rank: 25206
api.dable.io — Cisco Umbrella Rank: 22760
ad-log.dable.io — Cisco Umbrella Rank: 29953
11 KB
3 instapagemetrics.com
cdn.instapagemetrics.com — Cisco Umbrella Rank: 99740
ec.instapagemetrics.com — Cisco Umbrella Rank: 96728
55 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
2 overtax.co.kr
analytics.overtax.co.kr
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
87 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1261
script.hotjar.com — Cisco Umbrella Rank: 1629
60 KB
2 daumcdn.net
t1.daumcdn.net — Cisco Umbrella Rank: 21000
16 KB
2 mimecast.com
protect-us.mimecast.com — Cisco Umbrella Rank: 30156
3 KB
1 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 7870
2 KB
1 daum.net
bc.ad.daum.net — Cisco Umbrella Rank: 45833
124 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
185 B
1 naver.com
wcs.naver.com — Cisco Umbrella Rank: 35482
637 B
1 naver.net
wcs.naver.net — Cisco Umbrella Rank: 34954
7 KB
1 browser-update.org
browser-update.org — Cisco Umbrella Rank: 14322
5 KB
1 instapage.com
heatmap-events-collector.instapage.com — Cisco Umbrella Rank: 95399
9 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1780
54 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
137 KB
1 heumtax.com
overtax-refund.heumtax.com
28 KB
1 smartbill.co.kr
www2.smartbill.co.kr
537 B
74 28
Domain Requested by
8 v.fastcdn.co overtax-refund.heumtax.com
7 fonts.gstatic.com fonts.googleapis.com
6 g.fastcdn.co overtax-refund.heumtax.com
5 www.googletagmanager.com overtax-refund.heumtax.com
www.googleoptimize.com
static.dable.io
5 cdn.jsdelivr.net overtax-refund.heumtax.com
4 unpkg.com 2 redirects overtax-refund.heumtax.com
3 analytics.google.com www.googletagmanager.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 cdn.channel.io overtax-refund.heumtax.com
cdn.channel.io
3 api.amplitude.com cdn.amplitude.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ec.instapagemetrics.com cdn.instapagemetrics.com
2 analytics.overtax.co.kr www.googletagmanager.com
2 www.google.com overtax-refund.heumtax.com
2 connect.facebook.net overtax-refund.heumtax.com
connect.facebook.net
2 t1.daumcdn.net overtax-refund.heumtax.com
2 protect-us.mimecast.com 2 redirects
1 ad-log.dable.io static.dable.io
1 js.sentry-cdn.com cdn.channel.io
1 bc.ad.daum.net 1 redirects
1 www.facebook.com
1 wcs.naver.com wcs.naver.net
1 api.dable.io static.dable.io
1 script.hotjar.com static.hotjar.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 static.dable.io overtax-refund.heumtax.com
1 static.hotjar.com www.googletagmanager.com
1 cdn.amplitude.com overtax-refund.heumtax.com
1 wcs.naver.net overtax-refund.heumtax.com
1 browser-update.org overtax-refund.heumtax.com
1 cdn.instapagemetrics.com overtax-refund.heumtax.com
1 heatmap-events-collector.instapage.com overtax-refund.heumtax.com
1 www.googleoptimize.com overtax-refund.heumtax.com
1 fonts.googleapis.com overtax-refund.heumtax.com
1 overtax-refund.heumtax.com
1 www2.smartbill.co.kr 1 redirects
74 36
Subject Issuer Validity Valid
overtax-refund.heumtax.com
R3		 2023-09-06 -
2023-12-05		 3 months crt.sh
g.fastcdn.co
GTS CA 1D4		 2023-09-21 -
2023-12-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
fastcdn.co
E1		 2023-09-24 -
2023-12-23		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
heatmap-events-collector.instapage.com
R3		 2023-08-19 -
2023-11-17		 3 months crt.sh
cdn.instapagemetrics.com
GTS CA 1D4		 2023-08-24 -
2023-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
ssl.pstatic.net
GeoTrust RSA CA 2018		 2023-08-01 -
2024-08-01		 a year crt.sh
*.daumcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-07 -
2024-06-07		 a year crt.sh
cdn.amplitude.com
Amazon RSA 2048 M01		 2023-01-12 -
2024-02-11		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-13 -
2023-10-11		 3 months crt.sh
static.dable.io
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2023-01-23 -
2024-02-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
channel.io
Amazon RSA 2048 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.dable.io
Sectigo ECC Domain Validation Secure Server CA		 2022-11-17 -
2023-11-17		 a year crt.sh
wcs.naver.com
GeoTrust RSA CA 2018		 2023-08-01 -
2024-08-14		 a year crt.sh
analytics.overtax.co.kr
GTS CA 1D4		 2023-09-21 -
2023-12-20		 3 months crt.sh
ec.instapagemetrics.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Frame ID: 6E2B3E396F9177A01049600195A64076
Requests: 71 HTTP requests in this frame

Frame: https://cdn.channel.io/plugin/ch-plugin-core.22223fab.vendor.js
Frame ID: E9BC97FEC7F9F652300C6F7D48B0D6B7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

더낸세금 제휴 - 비지니스온

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/oV4BCBB70LSo4Y6JsWb7cn HTTP 307
    https://protect-us.mimecast.com/r/yDkjMQ274y_QXoRJWLuH6hKi_KWuELwI-yI375wpXU644uluUs0Zccw5LVq9Csi_iu2nBdGrVS... HTTP 307
    http://www2.smartbill.co.kr/xDti/common/process/EmailBannerClickAndRedirect.aspx?bnrIdx=1486&bnrgroup=MA... HTTP 302
    https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

74
Requests

97 %
HTTPS

54 %
IPv6

28
Domains

36
Subdomains

33
IPs

2
Countries

3011 kB
Transfer

6505 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/oV4BCBB70LSo4Y6JsWb7cn HTTP 307
    https://protect-us.mimecast.com/r/yDkjMQ274y_QXoRJWLuH6hKi_KWuELwI-yI375wpXU644uluUs0Zccw5LVq9Csi_iu2nBdGrVSrCgPe3zDVPIzOm2P42PJdm8YLYTpvgX4f3F0IbM0oi9SBvRf8DYynOPLVZHGOVsrFQSgVfB6xJrjFnESRJZrP3ilCu1is0p4BWv5ID8NL-EUGNPTT8Wujq9PSMagm_hhgDJTzYqCoEuVB7FjZslagJ3hjQj73ecJr4cgz-ifLG56r97V-zL75Yp_fPiCJbeJn2VHfibk2mJzgUFHyclnX54inqQcY_K7SwF5JY4HVzQk1khOcEgDPDesM-DnAu707m2Gc2yojlfSaMdIxXRSzg0hJK0kjnHvtgzdQ5Odjq35a4qtIzGqPnHib9rJB-au0FgjuTPZ3_fBny8x_-2hP4chqxx24XH9_fd_idr3q63wYMRdG4C-fToRZ-ewU-mlq9w5FPee50BjKjyg-OZ0Mv-ZE0Zg3hjFFVVAVJGsQ0_vY3A_TGRcwCPG1-nYqhb3weRKnNide9QY-mvOp4CVTMLgqyn0oxIu-EMd-wjLsNO4v5_0lcng3RteVoLYG0hCIHy7yf53BUPuEZ-VCn4qYfzKKKqOQQUiPVU1DhwdKYEKnKMcVORPmfj3jp8UB-8jwc-aorRFMh_e1R-xpfohw0vnHQlREO8oCan_qQ0WHgM4Mg7U5gcEO4TQlNP0AMTAb-7Z4TXlQouWX5BYDS8mQox8MW-AjVbm9QsI30_zc7p90rSjo4SYZlzzH2pnASFiYpSdfTWsNj-oCT4m8WNaJuQMlEOPSxsRxlsmAeR0YDyHdX3jV-l0IHbv3w4CHl5hTgTXWmVd8QY_3VUj2vXRv4fhg0BSBcCF-8GRukd8vp-hHWRVRVivcHB-PIO8deiGzs7U6Qg7obBnRyTbmDp6qOluEl8GhYmUXjRNyPRcs8yQzuApP2FY9s781MVbYXy8id_kvtNNf9zFbTNxbyKP0pivTiQv_sCAAUcoxek4LGLG0D8as223tuv9zp0oS-gbxyC3FIgtw91TJCtsPx4x69-8JLPGwl3Ixv7D0Sn6_0hik1-fv0GduCeJpA_EKXIjNYh36BXEFN9M1s4XUvYXf_WAO7aetzxYHnYcRXDGfoYIsHz2mFwuXsFpZ6KS-ismDhBN4RG5J2oqx39S4gTk1y42-qhTqdoCcu09o1JCfGcq3XWWaCq9nK1LiStH8h0ggipKuy6H8qK9YaIJOHHfessmUXipJ-yZT5HNcC352t5au5eZGH8f2t9v0EtXeoV-HSB73u5d_T5Lpss_Rdkn0vRZOpD8Xlb7hDMSntWR391Kq7GoUEwfwkZVofsGmOLmwO7Qvdrvn8JDpsO-VTcpxC6wjBIM_qdACadOuVFAhHhS6Eqek7-ltBWa6OIahk7CbDIAHlA49Lj2QjxMt5HvJbKk4vTZmdxgYXZJjs7UtbnopzWw3McrAh5zwbDJN5R1C0o68nnjjA5ag2OeN7UVKgZt7fHnXKcrcByMlw9fhOIpYltL7vjraPh9YFNEmuyHvQVrO0HPYFkctlRJ-5gozPMEy0WQVluiA9BzK2_-dSn3En5xSkWWcj3c_0lQ22xULP13N74ZdF5g7WgMq7h-RHuD0NLEJqxrRAy9qw4y_a94fAHfw07UBvmfHG_CNpYcRATVq7OQ3DC-NgLK3zfEei1OQVPe5w_JfpWS7quAziHrlO9SWdgAF3PP-O2KoPEhh3Q3CF8XVBi6dKp2jvMSl8quQgrbST_VPc48lyCTDs6lm4LF4FJ19cX4JMvQL_O_vCvM0i8QDcVDcsz6PbvXotDUqZeVv0jLYYSSP9g4BlMS3RZlTz9hXsqc2_arjOBEEdXnn7qjBC7LM62C095ha9cpi47cYYzjeYQA5cWalFMjF1jUAa0plGrztPF_I1oGwWqtD101p1DE_8GYq1-gZ9qr6An7hRYpReOSlMV1zqZnd1AGx2xq508-7eN-pxpIkspY3Yc7b5lAYFLkzVkL-ym0tq6FukT5C5tdwnKBIIXTbHDGM9FbcOgbawsGo47MMNMDq5a0E9m_oI_2svTi1fZP6m1MaR_Od_-Se8E3fE1zWJ3YJwnHgmiN0xKyPvsWgWWSpNOABr9gr2Ys_gEQI15ROyRUA6GFEOQwVUKtAH1t3rhkifac9TqIkyNLb5aPa7sIbTzaf6oi5prVU_9X2CjBTZ1FK1Ts1rklyXFPFhJisznX1oq-31 HTTP 307
    http://www2.smartbill.co.kr/xDti/common/process/EmailBannerClickAndRedirect.aspx?bnrIdx=1486&bnrgroup=MAILBANNER HTTP 302
    https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://unpkg.com/vue@3 HTTP 302
  • https://unpkg.com/vue@3.3.4 HTTP 302
  • https://unpkg.com/vue@3.3.4/dist/vue.global.js
Request Chain 56
  • https://bc.ad.daum.net/bc?d=%7B%22track_id%22%3A%225720639894110948327%22%2C%22event_code%22%3A%22PageView%22%2C%22params%22%3A%7B%7D%2C%22props%22%3A%7B%22lmt%22%3A%22N%22%7D%2C%22site%22%3A%7B%22identifier%22%3A%22overtax-refund.heumtax.com%22%7D%2C%22sdk%22%3A%7B%22type%22%3A%22WEB%22%2C%22version%22%3A%221.0.1%22%7D%2C%22page%22%3A%7B%22url%22%3A%22https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner%22%2C%22is_frame_env%22%3Afalse%7D%2C%22device%22%3A%7B%22dnt%22%3A%22N%22%2C%22device_type%22%3A%22pc%22%2C%22is_mobile%22%3A%22N%22%7D%7D&r=i1 HTTP 302
  • https://t1.daumcdn.net/tessera/s.gif

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request businesson
overtax-refund.heumtax.com/
Redirect Chain
  • https://protect-us.mimecast.com/s/oV4BCBB70LSo4Y6JsWb7cn
  • https://protect-us.mimecast.com/r/yDkjMQ274y_QXoRJWLuH6hKi_KWuELwI-yI375wpXU644uluUs0Zccw5LVq9Csi_iu2nBdGrVSrCgPe3zDVPIzOm2P42PJdm8YLYTpvgX4f3F0IbM0oi9SBvRf8DYynOPLVZHGOVsrFQSgVfB6xJrjFnESRJZrP3ilC...
  • http://www2.smartbill.co.kr/xDti/common/process/EmailBannerClickAndRedirect.aspx?bnrIdx=1486&bnrgroup=MAILBANNER
  • https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
194 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d02b96fcebb482f7435c511b877d430ab86418b4b4068a130b2c73592a86d011
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
810b29677d1a09fe-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 05:52:57 GMT
etag
W/"307ac-8lb1Hj/2vVYt7dezKL0G3vcAWYc"
server
cloudflare
strict-transport-security
max-age=2592000
vary
Accept-Encoding
via
1.1 google, 1.1 google

Redirect headers

Access-Control-Allow-Headers
content-type, dext5-encoded
Access-Control-Allow-Methods
POST,GET,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
211
Content-Type
text/html; charset=utf-8
Date
Wed, 04 Oct 2023 05:52:57 GMT
Location
https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
P3P
CP="ALL DSP COR MON LAW OUR LEG SAM"
SERVER
utils.b4c8feedb36b8ec3c007.js
g.fastcdn.co/js/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.fastcdn.co/js/utils.b4c8feedb36b8ec3c007.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.137.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5b593e7ab0339a6fa51df85b039fbf0c671ad227a47c34e9f06f4b2b27fe4105

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 11:24:57 GMT
content-encoding
gzip
age
1535280
x-guploader-uploadid
ADPycdu-JE-O8Y_UN0JOhyYosjE88Fgbd0RQ9fAiNTI9eoPRzoEL9qRRWOvrdHNXyGNn-tWmoyF4-GgYnIdLeHanucX84IiIAp2W
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19563
last-modified
Wed, 16 Aug 2023 13:40:31 GMT
server
UploadServer
etag
"3adfd30dd3e9db51e331049995899d6c"
vary
Accept-Encoding
x-goog-generation
1692193231170938
x-goog-hash
crc32c=ZAEvsQ==, md5=Ot/TDdPp21HjMQSZlYmdbA==
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
19563
accept-ranges
bytes
expires
Sun, 15 Sep 2024 11:24:57 GMT
Cradle.c9144221d5b5d6147353.js
g.fastcdn.co/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.fastcdn.co/js/Cradle.c9144221d5b5d6147353.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.137.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ecc3883f7b177edcd6a59dcdb4f957cba8a1df5180202fcd3f30bd33dd6f7d7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:03:58 GMT
content-encoding
gzip
age
1630139
x-guploader-uploadid
ADPycdtBHq9Av40e-qiUtcC9pHo9FfAb3XzafUgyZat7Ivi_gyNCTb1OKMwTaf2DNjuw2Ok3Un3mvU-y1ah-W_p1776BFK5ORk9k
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4001
last-modified
Thu, 17 Aug 2023 08:46:03 GMT
server
UploadServer
etag
"83131494fd187537d0742a06ac0791a9"
vary
Accept-Encoding
x-goog-generation
1692169949985884
x-goog-hash
crc32c=Tt9fJA==, md5=gxMUlP0YdTfQdCoGrAeRqQ==
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
4001
accept-ranges
bytes
expires
Sat, 14 Sep 2024 09:03:58 GMT
Popup.ea024e85dc5043444492.js
g.fastcdn.co/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.fastcdn.co/js/Popup.ea024e85dc5043444492.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.137.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e01c2469427f03ea2386c7fc32ec51918a3e8813320465b59aa50be1a26d952d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:51:12 GMT
content-encoding
gzip
age
1627305
x-guploader-uploadid
ADPycdtwqcVlag9e0qCOflqUODfAaQe5DXUFoKQ2PWEO5MMNO67e3CU5aKhMO8KF02RCCHoWPrW42Ke1gxhWAzh0ANyN7w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2722
last-modified
Thu, 17 Aug 2023 08:46:04 GMT
server
UploadServer
etag
"93e7a46a7bed1c69ee9c550c53a93f4d"
vary
Accept-Encoding
x-goog-generation
1692177692378864
x-goog-hash
crc32c=w1drDQ==, md5=k+ekanvtHGnunFUMU6k/TQ==
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
2722
accept-ranges
bytes
expires
Sat, 14 Sep 2024 09:51:12 GMT
css
fonts.googleapis.com/ 		552 KB
137 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900&subset=latin&display=swap
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab9701cf5d00e4e0d7b754bc7358d0554614422a3c23a677d75b06154531552f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Oct 2023 05:52:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 05:52:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Oct 2023 05:52:57 GMT
optimize.js
www.googleoptimize.com/ 		145 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-WM6S974
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
499fb4c42cd1f055547feffa62eca590845fac127436bb89511636d98b924b41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
54550
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Oct 2023 05:52:57 GMT
64286753-0-Group-8779.png
v.fastcdn.co/u/b5fdc644/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/b5fdc644/64286753-0-Group-8779.png
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ece90a99a8e82729a5a932d9fc46f78ded178dd2f722b6be9bc0250f187cd48c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtuXjHDOsspjSaFfCpqOPSuSXspEJVuOQ0_sTixziVEfHhmgJBpsq2LmlrA98rB5b09N4APof-wwAH00jB1DFKVDA
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Mon, 22 Jul 2024 10:43:34 GMT
content-length
13024
last-modified
Thu, 01 Jun 2023 18:43:34 GMT
server
cloudflare
etag
"3eb7c9556777472b0240d499a909bed7"
vary
Accept-Encoding
x-goog-generation
1685645014177056
content-type
image/png
x-goog-hash
crc32c=s/dPww==, md5=PrfJVWd3RysCQNSZqQm+1w==
cache-control
public, max-age=315360000
x-goog-stored-content-length
13024
accept-ranges
bytes
cf-ray
810b296c2ede2589-MIA
expires
Sat, 01 Oct 2033 05:52:58 GMT
64230916-0-main.png
v.fastcdn.co/u/b5fdc644/ 		442 KB
442 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/b5fdc644/64230916-0-main.png
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4753d884ca67e2c4908e0915b64133a5e49069a1a566692ca9d81ebe3ce21460

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsAB4XooP2MTSYB_V6zKOwds5Ajkzb8QRHHx3dPtfGNX6uEhKuv2Ds8ZSPa0WBO-KGihJ17umWiBSnUXJJs0rnf6g
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Sun, 14 Jul 2024 05:56:14 GMT
content-length
452229
last-modified
Wed, 24 May 2023 13:56:14 GMT
server
cloudflare
etag
"d1416ece54985f9c4463331fb998032d"
vary
Accept-Encoding
x-goog-generation
1684936574434863
content-type
image/png
x-goog-hash
crc32c=YJE69g==, md5=0UFuzlSYX5xEYzMfuZgDLQ==
cache-control
public, max-age=315360000
x-goog-stored-content-length
452229
accept-ranges
bytes
cf-ray
810b296c2ee22589-MIA
expires
Sat, 01 Oct 2033 05:52:58 GMT
64253625-0-app.sole.overtax.co..png
v.fastcdn.co/u/b5fdc644/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/b5fdc644/64253625-0-app.sole.overtax.co..png
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbf7636e9baa542579a42cb46667da9ef80bfebd263dddbe851d022a3fef8b6d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtUyR-t4dsa_Hi98kHAyDwt0ne7EJr2lPApnc2Rpqkyivt--wsxWk2PPYebhz_OrtARBJ09VMWX1x7pgUk-dl9mGQ
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Wed, 17 Jul 2024 04:07:03 GMT
content-length
5014
last-modified
Sat, 27 May 2023 12:07:03 GMT
server
cloudflare
etag
"e254256030edb6f284ac44d91f041806"
vary
Accept-Encoding
x-goog-generation
1685189223658804
content-type
image/png
x-goog-hash
crc32c=W4UgaA==, md5=4lQlYDDttvKErETZHwQYBg==
cache-control
public, max-age=315360000
x-goog-stored-content-length
5014
accept-ranges
bytes
cf-ray
810b296c2ee32589-MIA
expires
Sat, 01 Oct 2033 05:52:58 GMT
splide.min.css
cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/css/splide.min.css
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6e2a25c4c1b69087d720776ff9569e9698c9ec52bdd5659c346bcaca9ce28d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Oct 2023 05:52:58 GMT
x-content-type-options
nosniff
content-encoding
br
age
6749022
x-jsd-version
4.1.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1383
x-served-by
cache-fra-eddf8230135-FRA, cache-mia-kmia1760057-MIA
x-jsd-version-type
version
etag
W/"138a-nCVqx5aWVkM0NV+MS4SFkGd/1YM"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
splide.min.js
cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/js/ 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/js/splide.min.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
159b16ec7d95e57f531a29d28e3c18278d7d5e46b6ec8f173c3996af21a55adc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Oct 2023 05:52:58 GMT
x-content-type-options
nosniff
content-encoding
br
age
2407273
x-jsd-version
4.1.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13512
x-served-by
cache-fra-eddf8230117-FRA, cache-mia-kmia1760057-MIA
x-jsd-version-type
version
etag
W/"746b-2972YX1vt/FBmWw6HVrvIC6t+Gc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
splide-extension-auto-scroll.min.js
cdn.jsdelivr.net/npm/@splidejs/splide-extension-auto-scroll@0.5.3/dist/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@splidejs/splide-extension-auto-scroll@0.5.3/dist/js/splide-extension-auto-scroll.min.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03eda8a72aa1bdb055f2d6ddf6620cf30f73bef3181ce6b0634dc1411b6aecac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Oct 2023 05:52:58 GMT
x-content-type-options
nosniff
content-encoding
br
age
1228641
x-jsd-version
0.5.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2595
x-served-by
cache-fra-etou8220046-FRA, cache-mia-kmia1760057-MIA
x-jsd-version-type
version
etag
W/"15d3-zI4qfACOkW7eXUrpiCll5O5jpLk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
accordion.min.js
unpkg.com/accordion-js@3.3.4/dist/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/accordion-js@3.3.4/dist/accordion.min.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4d7921938ca6abe87a6d4534f98c001c2bb76ec9fd5eb79d1ff556768e0e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7215977
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H55J83D86M1NGVQCEKPGTAZ0-mia
server
cloudflare
etag
W/"1e93-l3VGcYnucxZgjAzGVn1U/Bjuaqg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
810b296c1c55336a-MIA
vue.global.js
unpkg.com/vue@3.3.4/dist/
Redirect Chain
  • https://unpkg.com/vue@3
  • https://unpkg.com/vue@3.3.4
  • https://unpkg.com/vue@3.3.4/dist/vue.global.js
463 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/vue@3.3.4/dist/vue.global.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21755031dfd12b4d329ff9923ababc9dca8e61432b1223338cd63dd072326a2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11999847
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H0PZZZ3FJ3GC3BZEF37QFJTW-mia
server
cloudflare
etag
W/"73b2c-4okjvXBLweSylyJtGUFv0c1rdFc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
810b296dbd7e336a-MIA

Redirect headers

date
Wed, 04 Oct 2023 05:52:58 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HAMNVHJW2M6ZWHHRCKY1V7ZF-mia
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1340169
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/vue@3.3.4/dist/vue.global.js
cache-control
public, max-age=31536000
cf-ray
810b296cacc9336a-MIA
LazyImage.59626ef3f961b8927cb6.js
g.fastcdn.co/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.fastcdn.co/js/LazyImage.59626ef3f961b8927cb6.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.137.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
047794317b70504540fd8504bd67eec9a33e7e7b9558fb2f73a0a0de663a51c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 03:33:47 GMT
content-encoding
gzip
age
1649951
x-guploader-uploadid
ADPycdundIlvXNeoNjGrFB9RjsX2eARCpVBiqziOZEHiB_HSv00WP5Dd9s8AZj5dsk9cdQms4QMu7_aa6rUBJUT-LuyKoA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1022
last-modified
Thu, 17 Aug 2023 08:46:03 GMT
server
UploadServer
etag
"b0ae2275f5d011ac64917080661e4956"
vary
Accept-Encoding
x-goog-generation
1692155002776353
x-goog-hash
crc32c=ZP0ifA==, md5=sK4idfXQEaxkkXCAZh5JVg==
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
1022
accept-ranges
bytes
expires
Sat, 14 Sep 2024 03:33:47 GMT
lib.js
heatmap-events-collector.instapage.com/static/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatmap-events-collector.instapage.com/static/lib.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.95.71.34.bc.googleusercontent.com
Software
/
Resource Hash
5adf96e308da99ff859ce9f9def91ab592aaf77f0cd528a09727c40dbccaac5a
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 03 Oct 2023 17:08:02 GMT
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
sameorigin
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, must-revalidate, public
access-control-allow-credentials
true
accept-ranges
bytes
expires
Wed, 04 Oct 2023 05:57:58 GMT
it.js
cdn.instapagemetrics.com/t/js/3/ 		54 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.instapagemetrics.com/t/js/3/it.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.17.181 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
181.17.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:08:14 GMT
age
2684
x-guploader-uploadid
ADPycdsEPeO_ZJM6yi_2tWqKDoQun0Mot9GwVAkop97Q34jBVtNrp9ZVAcoDFILMyOgR_OsGkKnbGskWQPOieZhL5aba3U-usdsI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55266
last-modified
Tue, 13 Jun 2023 11:21:34 GMT
server
UploadServer
etag
"eee931187060719ab17a352de2424e0c"
x-goog-generation
1686655294888925
x-goog-hash
crc32c=JVvUKA==, md5=7ukxGHBgcZqxejUt4kJODA==
content-type
text/javascript
cache-control
public,max-age=3600
x-goog-stored-content-length
55266
accept-ranges
bytes
sptw.2ab2ac49302c4b984117.js
g.fastcdn.co/js/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.fastcdn.co/js/sptw.2ab2ac49302c4b984117.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.137.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c1a80fb2192398e6c5ca97d4a7efc7bb92bb734dc8ee6fefc25399dc1d555a81

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 11:24:57 GMT
content-encoding
gzip
age
1535281
x-guploader-uploadid
ADPycdsSc1MeQXL6v-aGcu9McT4-mXbHCAVfYbfTSLLm0ykSxdZlQGQVfo3536PivTns1QSK-g-pmDaGSR5clBKQxNZe
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20036
last-modified
Wed, 16 Aug 2023 13:40:31 GMT
server
UploadServer
etag
"f45dd54250d70fea6f62da3471aa05e9"
vary
Accept-Encoding
x-goog-generation
1692193231030023
x-goog-hash
crc32c=GfzCLA==, md5=9F3VQlDXD+pvYto0caoF6Q==
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
20036
accept-ranges
bytes
expires
Sun, 15 Sep 2024 11:24:57 GMT
cm.js
g.fastcdn.co/js/ 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.fastcdn.co/js/cm.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.137.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:32:51 GMT
content-encoding
gzip
age
1646407
x-guploader-uploadid
ADPycdu9FEvH6U4EfYXOD9Q5xhNtLUYIsCN6Rbv9XjcYO5uXjnlCraO2fJsDD1VvUpD8P1OjbpZmUfMcNSpdR3txyQb9LnyUSgtI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17906
last-modified
Thu, 30 Jun 2022 02:12:17 GMT
server
UploadServer
etag
"8e466d98fa1f746c74b1b409d20a0cf3"
vary
Accept-Encoding
x-goog-generation
1656555137097208
x-goog-hash
crc32c=ZpZBfw==, md5=jkZtmPofdGx0sbQJ0goM8w==
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
17906
accept-ranges
bytes
expires
Sat, 14 Sep 2024 04:32:51 GMT
gtm.js
www.googletagmanager.com/ 		334 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KHZPHRX
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
657a0b1301ba242691fc61abe0f0c5af81d979ad63efb3fa89a02e6458125d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106425
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 04 Oct 2023 05:52:58 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
SpoqaHanSansNeo-Bold.ttf
cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/ 		488 KB
251 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/SpoqaHanSansNeo-Bold.ttf
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4994160140ba2376041a57adb73b1ceede0199110ae7d562e555e64e3e9b6888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://overtax-refund.heumtax.com/
Origin
https://overtax-refund.heumtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Oct 2023 05:52:58 GMT
x-content-type-options
nosniff
content-encoding
br
age
7869
x-jsd-version
3.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
256284
x-served-by
cache-fra-etou8220048-FRA, cache-mia-kmia1760094-MIA
x-jsd-version-type
version
etag
W/"7a0bc-oFzL8ghKUMpMzEUpmb3qc91KlFs"
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
SpoqaHanSansNeo-Regular.ttf
cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/ 		500 KB
250 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/SpoqaHanSansNeo-Regular.ttf
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f319143b52af38d9793de783875140f4c23f7cecb2bb1121f5319bb742028af9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://overtax-refund.heumtax.com/
Origin
https://overtax-refund.heumtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Oct 2023 05:52:58 GMT
x-content-type-options
nosniff
content-encoding
br
age
22250
x-jsd-version
3.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
255611
x-served-by
cache-fra-eddf8230023-FRA, cache-mia-kmia1760094-MIA
x-jsd-version-type
version
etag
W/"7ce6c-r1VpFI3/Lfav5w7NGUi2Sb2Qjrk"
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
64254251-0-counsel-1.png
v.fastcdn.co/u/b5fdc644/ 		443 KB
444 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/b5fdc644/64254251-0-counsel-1.png
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99b000b19f0e88b12a653e5101f21af584906f3422f5412f16861e7322d4d1b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdt7oFuN8mkWS8VjnCEFf7QuRMKfHS_rssi54eNGsY2gycgyAXIkvw0BDz8d5lihCLd8TGsmRj2gsKG8nVBHa5kF-g
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Wed, 17 Jul 2024 23:47:08 GMT
content-length
453784
last-modified
Sun, 28 May 2023 07:47:08 GMT
server
cloudflare
etag
"35752d0daaf63483bc3c49e4ba18e8b9"
vary
Accept-Encoding
x-goog-generation
1685260028278215
content-type
image/png
x-goog-hash
crc32c=7QwGRg==, md5=NXUtDar2NIO8PEnkuhjouQ==
cache-control
public, max-age=315360000
x-goog-stored-content-length
453784
accept-ranges
bytes
cf-ray
810b296c6f112589-MIA
expires
Sat, 01 Oct 2033 05:52:58 GMT
64254246-0---1.png
v.fastcdn.co/u/b5fdc644/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/b5fdc644/64254246-0---1.png
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df5848368a9a33a6b0a891283d0bcef2dab3a5877092116cf0cbfd4df63a613a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsqXVDu-_jEbFfDc5oKqESDlBfFz_00kNXPBjo88TgUyae5JTe6LjPmMmqe0fqU0fLejWpBCRY_dNTYB0r1ZkaIIQ
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Wed, 17 Jul 2024 23:47:07 GMT
content-length
119434
last-modified
Sun, 28 May 2023 07:47:07 GMT
server
cloudflare
etag
"4cb7025931804080fad7d8985c3fec52"
vary
Accept-Encoding
x-goog-generation
1685260027308903
content-type
image/png
x-goog-hash
crc32c=5ALQzQ==, md5=TLcCWTGAQID619iYXD/sUg==
cache-control
public, max-age=315360000
x-goog-stored-content-length
119434
accept-ranges
bytes
cf-ray
810b296caf482589-MIA
expires
Sat, 01 Oct 2033 05:52:58 GMT
62395558-0-logo-full.png
v.fastcdn.co/u/b5fdc644/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/b5fdc644/62395558-0-logo-full.png
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
146dcb91e6813fa8aee0f1f65db3235f07f4072843c53a2a9b86f8ad28a9509e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtJHQM31BIhb9t3xk_Ukwzd0yuMlh6JpkMu4dP-mOObk4NbU4ECnucpSG9s8U-G3VLSHCGrzOAHrNeIyyJFHglqRQ
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Sun, 15 Oct 2023 22:22:59 GMT
content-length
2576
last-modified
Thu, 25 Aug 2022 06:22:59 GMT
server
cloudflare
etag
"e87642b12a547afeffe05b03368578fc"
vary
Accept-Encoding
x-goog-generation
1661408579517549
content-type
image/png
x-goog-hash
crc32c=wbvnFw==, md5=6HZCsSpUev7/4FsDNoV4/A==
cache-control
public, max-age=315360000
x-goog-stored-content-length
2576
accept-ranges
bytes
cf-ray
810b296caf492589-MIA
expires
Sat, 01 Oct 2033 05:52:58 GMT
PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.114.woff2
fonts.gstatic.com/s/notosanskr/v36/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
270d6a130b11f25f8d2423607674f4aa218b0f829b2df3a286d6a1b43c76af75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://overtax-refund.heumtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:34:16 GMT
x-content-type-options
nosniff
age
101922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16072
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:37:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2024 01:34:16 GMT
PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.118.woff2
fonts.gstatic.com/s/notosanskr/v36/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bcc4e96f1cf00230baefd446120c1e0d85d08335ffa8d07dd67da2535b93dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://overtax-refund.heumtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:01:01 GMT
x-content-type-options
nosniff
age
103917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14504
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:19:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2024 01:01:01 GMT
PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.119.woff2
fonts.gstatic.com/s/notosanskr/v36/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90f48a71b4ff0b07308674b4a8d3f73faef08cf0529fe1311b2f2dc95824efae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://overtax-refund.heumtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:17:06 GMT
x-content-type-options
nosniff
age
102952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16700
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:42:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2024 01:17:06 GMT
PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.117.woff2
fonts.gstatic.com/s/notosanskr/v36/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82d1b96059dc0b80248c1479fd57f467c051afd33cfdd4d1ae925dc2d5adad97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://overtax-refund.heumtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 05:58:18 GMT
x-content-type-options
nosniff
age
518080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:22:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 05:58:18 GMT
PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.116.woff2
fonts.gstatic.com/s/notosanskr/v36/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4274a8517ab6de432e5c268c7be4d3714e4ebf0195304fac838e0a554575afa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://overtax-refund.heumtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 06:14:12 GMT
x-content-type-options
nosniff
age
517126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15968
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 06:14:12 GMT
PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.115.woff2
fonts.gstatic.com/s/notosanskr/v36/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
377b1cab84eff8ab7ae41600307bb1cae178f2dea582d2658133a628cb42b65b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://overtax-refund.heumtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 06:14:45 GMT
x-content-type-options
nosniff
age
517093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16140
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:21:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 06:14:45 GMT
PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.113.woff2
fonts.gstatic.com/s/notosanskr/v36/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR%3A100%2C300%2C400%2C500%2C700%2C900&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7d9347ee436bce21bc7e27c564113e3ab9f19fb39abce8fe57126481389a75a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://overtax-refund.heumtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:16:48 GMT
x-content-type-options
nosniff
age
102970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16312
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:37:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2024 01:16:48 GMT
update.min.js
browser-update.org/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser-update.org/update.min.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3ed6fe6c571fcd206ddc31e5bfa22aa77fad2f4ef11cf9c4ef5f3fa3e32df1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 05:32:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
778801
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSVvpv%2FO%2FdW6FC81KYFddulC2qXp7VC1VEa9f6cVAmweHO9Gh4NUM63rP79Z0vm4ndCw%2BK6Nwz6E3BHfuHTQZgtwf52lXYyQ0PiU9l5pi%2BCt5DB%2BQ2WrWqmbIhrypxkNVO%2FqMI3mk0nsaYVmoytEGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
content-disposition
inline; filename=update.min.js
cf-ray
810b297038cd25a3-MIA
expires
Tue, 26 Sep 2023 05:32:56 GMT
64524132-0-1.-886x72.png
v.fastcdn.co/u/b5fdc644/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/b5fdc644/64524132-0-1.-886x72.png
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc0ee0849c14f33b4a4725fc8bc3dc94a149b9738ccbb4073dd02f8ffe2f17ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdvG3lxG93yFUxOa8w8pV66EwleHHugt2RdkF-R9F1iqmy-7Cc6bBB81ikK3g5AWxBphoo3tZXMVMK0ALjgxOjxKVg
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Mon, 28 Oct 2024 02:35:04 GMT
content-length
55852
last-modified
Thu, 07 Sep 2023 10:35:04 GMT
server
cloudflare
etag
"e32a84c975b8f2583d593164e0cc7901"
vary
Accept-Encoding
x-goog-generation
1694082904341227
content-type
image/png
x-goog-hash
crc32c=sIysoQ==, md5=4yqEyXW48lg9WTFk4Mx5AQ==
cache-control
public, max-age=315360000
x-goog-stored-content-length
55852
accept-ranges
bytes
cf-ray
810b296f79d12589-MIA
expires
Sat, 01 Oct 2033 05:52:58 GMT
64524083-0-3.--eDM-3.png
v.fastcdn.co/u/b5fdc644/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/b5fdc644/64524083-0-3.--eDM-3.png
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f913faadb8704339c305029126a854f3f043bc3dbb173c9ea7ec1c9fbc2eb24c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdvgkeEZlKwAuCCJzo4YBuLdXGXNpIte6WQXVOrFbCISMuJupvxZPTOqHW-H9aUTxHeLShUexOMsf-8ftCBol4cNWg
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Mon, 28 Oct 2024 02:07:50 GMT
content-length
50161
last-modified
Thu, 07 Sep 2023 10:07:50 GMT
server
cloudflare
etag
"7381da9914f114ce1a376550b8224f84"
vary
Accept-Encoding
x-goog-generation
1694081270725135
content-type
image/png
x-goog-hash
crc32c=620hiw==, md5=c4HamRTxFM4aN2VQuCJPhA==
cache-control
public, max-age=315360000
x-goog-stored-content-length
50161
accept-ranges
bytes
cf-ray
810b296f79d22589-MIA
expires
Sat, 01 Oct 2033 05:52:58 GMT
wcslog.js
wcs.naver.net/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wcs.naver.net/wcslog.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.0.244.244 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-244-244.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9dacfcf9410f6668fb5d537146dc3f6016ef8a93e42c02afc2359fa3cc384c85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 05:52:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Mar 2023 06:30:22 GMT
Server
nginx
ETag
"6400427e-4e4d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1385
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6784
Expires
Wed, 04 Oct 2023 06:16:04 GMT
kp.js
t1.daumcdn.net/kas/static/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t1.daumcdn.net/kas/static/kp.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:28::17da:d89a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
76da3bc5647c16f122573f511ca45b75c4f1671260200e2087a145f5fb80ecb2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:59 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2023 05:35:13 GMT
server
openresty
nel
{"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
vary
Accept-Encoding
report-to
{"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
content-type
text/javascript
cache-control
max-age=675
x-wcss
dC1jb21tb24wMS1id2NhY2hlNDQ6aGl0OjA=
accept-ranges
bytes
content-length
15415
expires
Wed, 04 Oct 2023 06:04:14 GMT
amplitude-8.5.0-min.gz.js
cdn.amplitude.com/libs/ 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-216-13.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

Request headers

Referer
https://overtax-refund.heumtax.com/
Origin
https://overtax-refund.heumtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 23:34:57 GMT
content-encoding
gzip
via
1.1 de6760156d781e28f72545a2e9243b26.cloudfront.net (CloudFront)
x-amz-version-id
NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
x-amz-cf-pop
IAD79-C1
age
22683
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22154
last-modified
Fri, 13 Aug 2021 22:37:42 GMT
server
AmazonS3
etag
"660c3b546f2a131de50b69b91f26c636"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
1Ln3EZ2leHOQzZGbGXfzHy-5MdoI3wMtm4036vFH4SYpwATBKJx2Eg==
hotjar-2007913.js
static.hotjar.com/c/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2007913.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHZPHRX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-49.iad55.r.cloudfront.net
Software
/
Resource Hash
741679455c77788753617e23a6ef86a4aa9519012f35cc9e124e70f3c075ba48
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:43 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 eb30892e0d329aead17e943e1b1cc5ae.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P1
age
16
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/5560344e4605b59c1992c1a54c0db488
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
IxRE2U0soyAH1w2-6IAWf-GKfQKrQc1UKku743zD6BZpJMP0Cnj8DA==
js
www.googletagmanager.com/gtag/ 		283 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KXWTDS280G&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-WM6S974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f6184b9a750b10207ab70ec5018c568e9c29184bba8ccdc563f5da5923a1b6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94463
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Oct 2023 05:52:58 GMT
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 04 Oct 2023 05:52:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53356
x-xss-protection
0
pragma
public
x-fb-debug
duqDpZU7yemdYShqWS536U4v33V0eR66M+6YHNe0VCpCqxlGDJRy7PHTqiSnsaSUCic/eEln0JIse6wt/DV3AQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
dablena.min.js
static.dable.io/dist/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/dablena.min.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.4.191.206 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-191-206.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
ba4efbb8e532b0ba50920bad2c0f79758dd992e8790db1f04e01621e5df271dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
EA1QmvcwdvJeyN_X_9UAmkeH4YOgDOZD
content-encoding
gzip
date
Wed, 04 Oct 2023 05:52:59 GMT
last-modified
Mon, 25 Sep 2023 10:23:52 GMT
server
nginx/1.20.0
x-amz-request-id
VZQY6GEPMG2VQQD1
etag
"506646795704a27154f55926490448d3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
9234
x-amz-id-2
MRTqAF5zt79+GDE4qnKwkOdbX/ECoRXyktGTaEkSUi4kW6zQRqNWKvcECsUYvSa9Vwtgs9ic+fY=
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/865393566/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/865393566/?random=1696398778828&cv=11&fst=1696398778828&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner&hn=www.googleadservices.com&frm=0&tiba=%EB%8D%94%EB%82%B8%EC%84%B8%EA%B8%88%20%EC%A0%9C%ED%9C%B4%20-%20%EB%B9%84%EC%A7%80%EB%8B%88%EC%8A%A4%EC%98%A8&auid=868310899.1696398779&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHZPHRX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
197241b42f3bb4afc4b162c39d0f88c06811bbc62eee3ce53fd076848bd40611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 05:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1378
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.cf637fb03b42388e3bf3.js
script.hotjar.com/ 		225 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.cf637fb03b42388e3bf3.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2007913.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-43.iad89.r.cloudfront.net
Software
/
Resource Hash
e887a4e091adb3d75a4092a652fdd7cf34c979a2fb1a6c2128f34c9c51921e29
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 07:35:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 6ec872fa8051a500a5a9ab5ec50a79ba.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C2
age
80272
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55981
last-modified
Tue, 03 Oct 2023 07:34:56 GMT
etag
"ad2bdee77732c468dfebb1d2d894abc8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
OUothdDTDL4CnfGHYpL7wfjnPbyA3PssKall5pemDmAHTaX6NbjCrA==
/
api.amplitude.com/ 		7 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.67.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-67-88.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://overtax-refund.heumtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 04 Oct 2023 05:52:59 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-651cfdbb-5e9bdd1f57a944486887038b
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
/
www.google.com/pagead/1p-user-list/865393566/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/865393566/?random=1696398778828&cv=11&fst=1696395600000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner&frm=0&tiba=%EB%8D%94%EB%82%B8%EC%84%B8%EA%B8%88%20%EC%A0%9C%ED%9C%B4%20-%20%EB%B9%84%EC%A7%80%EB%8B%88%EC%8A%A4%EC%98%A8&fmt=3&is_vtc=1&random=896464005&rmt_tld=0&ipr=y
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 05:52:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
274583821018292
connect.facebook.net/signals/config/ 		131 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/274583821018292?v=2.9.132&r=stable&domain=overtax-refund.heumtax.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8341593880980361ac6b2c07bebd06fe3c8b90b3937ec2e6661e08b94bdfc625
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 04 Oct 2023 05:52:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34838
x-xss-protection
0
pragma
public
x-fb-debug
twW20okuSc2GXQ6dI2VokLmnSc7jVbdWus/y467v/iO8X1ox7MjgPfSbx7MxqStwPpA8XO3g5OTraXM0FnI9WA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
ch-plugin-web.js
cdn.channel.io/plugin/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.channel.io/plugin/ch-plugin-web.js
Requested by
Host: overtax-refund.heumtax.com
URL: https://overtax-refund.heumtax.com/businesson?utm_source=businesson&utm_medium=emailbanner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.96.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-96-99.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5faf86707f47db330970ae7cfb0861731ac99cf347394f9c1efca2140c69ff97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:09 GMT
content-encoding
gzip
via
1.1 fe5c0b9f43ae01762b72e245c0496ac6.cloudfront.net (CloudFront)
last-modified
Mon, 25 Sep 2023 06:46:42 GMT
server
AmazonS3
x-amz-cf-pop
YTO50-P3
age
56
x-amz-server-side-encryption
AES256
etag
W/"946013570d210ec0493689c28e450f00"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600,public
x-amz-cf-id
fudXGG1q_UcYUprvme3V594Kwh-i6Dyr3GUL96ERHISlFenjub_Eig==
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.67.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-67-88.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://overtax-refund.heumtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 04 Oct 2023 05:52:59 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-651cfdbb-3570e34a6906bd193d62d4e6
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
prefs2
api.dable.io/plugin/services/001-007-776/ 		733 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/plugin/services/001-007-776/prefs2?paramUid=&cached_uid=&requestId=&callback=dbljson1
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/dablena.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.36.241.176 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-36-241-176.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1d91ed2d090ed0cb0118a0c62dd75158ea28784399884908e4ea68950e34f3a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
etag
W/"2dd-KBlAqJcDFvMfRtulDDFZSCWjTl8"
content-type
text/javascript; charset=utf-8
b
wcs.naver.com/ 		0
637 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://wcs.naver.com/b
Requested by
Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
110.93.147.30 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
wcs /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://overtax-refund.heumtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 05:53:00 GMT
x-content-type-options
nosniff
server
wcs
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
p3p
CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin
https://overtax-refund.heumtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Tue, 01 Jan 1980 09:00:00 GMT
collect
analytics.overtax.co.kr/g/ 		396 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.overtax.co.kr/g/collect?v=2&tid=G-KXWTDS280G&gtm=45je3a20&_p=1045206851&cid=226092769.1696398780&ul=en-us&sr=1600x1200&_fplc=0&ur=US-FL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=US&sst.gse=1&sst.tft=1696398777848&_s=1&sid=1696398779&sct=1&seg=0&dl=https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner&dt=%EB%8D%94%EB%82%B8%EC%84%B8%EA%B8%88%20%EC%A0%9C%ED%9C%B4%20-%20%EB%B9%84%EC%A7%80%EB%8B%88%EC%8A%A4%EC%98%A8&en=page_view&_fv=1&_nsi=1&_ss=2&_c=1&ep.node_environment=prod&epn.variant_id=1&ep.event_id=ff60267f-7180-4e62-a848-a94eec9d2bd8_1696398778091.95&ep.event_name=gtm.load&ep.page_url=https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner&ep.user_data._tag_mode=AUTO&up.source=businesson&tfd=19534&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KXWTDS280G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6994263c49d20ed374ffa8a17c7d2976846f065c3ec3162158c3432cea7e82ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://overtax-refund.heumtax.com
cache-control
no-cache
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=274583821018292&ev=PageView&dl=https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner&rl=&if=false&ts=1696398779808&cd[refferer]=&cd[page_path]=%2Fbusinesson&cd[page_hostname]=overtax-refund.heumtax.com&cd[page_url]=https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner&cd[variant_id]=1&cd[variant_name]=Variation%20A&cd[variant_hash]=4910faba1e3db304b52d143751500c26b050a548&cd[variant_code]=A&sw=1600&sh=1200&v=2.9.132&r=stable&a=gtmss&ec=0&o=30&fbp=fb.1.1696398779806.314855171&ler=empty&it=1696398779446&coo=false&eid=ff60267f-7180-4e62-a848-a94eec9d2bd8_1696398778091.95&exp=a1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 04 Oct 2023 05:53:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=OPT-WM6S974&cv=158&t=ol&p=opts&l=221&q=1&f=444&e=15&i=4&d=-653&c=-50&hc=0&sr=0.050000&ps=0.026924765819165364&cb=1213905654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:52:59 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
two
ec.instapagemetrics.com/t/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ec.instapagemetrics.com/t/two
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.95.71.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://overtax-refund.heumtax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://overtax-refund.heumtax.com
access-control-max-age
5
content-length
0
date
Wed, 04 Oct 2023 05:53:00 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
sameorigin
two
ec.instapagemetrics.com/t/ 		2 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ec.instapagemetrics.com/t/two
Requested by
Host: cdn.instapagemetrics.com
URL: https://cdn.instapagemetrics.com/t/js/3/it.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.95.71.34.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://overtax-refund.heumtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 04 Oct 2023 05:53:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
sameorigin
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://overtax-refund.heumtax.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
content-length
2
s.gif
t1.daumcdn.net/tessera/
Redirect Chain
  • https://bc.ad.daum.net/bc?d=%7B%22track_id%22%3A%225720639894110948327%22%2C%22event_code%22%3A%22PageView%22%2C%22params%22%3A%7B%7D%2C%22props%22%3A%7B%22lmt%22%3A%22N%22%7D%2C%22site%22%3A%7B%22...
  • https://t1.daumcdn.net/tessera/s.gif
842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.daumcdn.net/tessera/s.gif
Protocol
H2
Server
2600:1408:c400:28::17da:d89a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
63e8352da534a05dafb13e5aa106693d66074b5f96aaf7b9b0949d026f578f49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:53:00 GMT
last-modified
Sat, 15 Oct 2022 23:40:44 GMT
server
openresty
content-type
image/gif
cache-control
max-age=17881
x-wcss
dC1jb21tb24wMS1id2NhY2hlNDI6MDpjaHR0cDoxMg==
accept-ranges
bytes
content-length
842
expires
Wed, 04 Oct 2023 10:51:01 GMT

Redirect headers

location
https://t1.daumcdn.net/tessera/s.gif
date
Wed, 04 Oct 2023 05:53:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
content-type
image/gif
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHZPHRX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 04:33:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4762
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 04 Oct 2023 06:33:38 GMT
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.67.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-67-88.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://overtax-refund.heumtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 04 Oct 2023 05:53:00 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-651cfdbc-6c10e3282bfdb5447581149b
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
ch-plugin-core.22223fab.vendor.js
cdn.channel.io/plugin/ Frame E9BC 		402 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.channel.io/plugin/ch-plugin-core.22223fab.vendor.js
Requested by
Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.96.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-96-99.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89ed63d28d0e9c3f713486e8dcb70b5d3afa38a4ce0a98a1cf41f8eca56a368b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 06:46:54 GMT
content-encoding
br
via
1.1 fe5c0b9f43ae01762b72e245c0496ac6.cloudfront.net (CloudFront)
last-modified
Mon, 25 Sep 2023 06:46:19 GMT
server
AmazonS3
x-amz-cf-pop
YTO50-P3
age
774367
etag
W/"36df83e387f6bdca98aa208431a89e6c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
m7Q1iJX6h0Oy1rY6wBGVFJFDR2hcXCyQvh6o_uEjIgew6zJyM_KBQA==
ch-plugin-core-20230925154455.js
cdn.channel.io/plugin/ Frame E9BC 		354 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.channel.io/plugin/ch-plugin-core-20230925154455.js
Requested by
Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.96.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-96-99.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c931b9178992a6dff2065e2bc0928ab7e82ecf4ce8fb1b3a81ba0d7a0dd27b8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 06:46:47 GMT
content-encoding
br
via
1.1 fe5c0b9f43ae01762b72e245c0496ac6.cloudfront.net (CloudFront)
last-modified
Mon, 25 Sep 2023 06:46:17 GMT
server
AmazonS3
x-amz-cf-pop
YTO50-P3
age
774374
etag
W/"b254815408118b5f509809d6c2c3f66a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
zEQ7zjI2vt19ZTANinWntQqhNwi8ZlBENPP8brVWO_Di1A00UTzaaw==
collect
www.google-analytics.com/j/ 		4 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1045206851&t=pageview&_s=1&dl=https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner&ul=en-us&de=UTF-8&dt=%EB%8D%94%EB%82%B8%EC%84%B8%EA%B8%88%20%EC%A0%9C%ED%9C%B4%20-%20%EB%B9%84%EC%A7%80%EB%8B%88%EC%8A%A4%EC%98%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1714488822&gjid=621592621&cid=226092769.1696398780&tid=UA-212448869-1&_gid=1434023118.1696398780&_r=1&_slc=1&gtm=45He3a20n81KHZPHRX&cd1=https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner&cd4=1&z=1861993445
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://overtax-refund.heumtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 05:53:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://overtax-refund.heumtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-212448869-1&cid=226092769.1696398780&jid=1714488822&gjid=621592621&_gid=1434023118.1696398780&_u=YCDACEAABAAAACAAI~&z=904225517
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://overtax-refund.heumtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 04 Oct 2023 05:53:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://overtax-refund.heumtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
b05367f6be924bb49e15838987b99ce6.min.js
js.sentry-cdn.com/ Frame E9BC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sentry-cdn.com/b05367f6be924bb49e15838987b99ce6.min.js
Requested by
Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-core-20230925154455.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6dae5feb7375c225952ae53fe9b076dbca0fa134b56d72734ebc6abe67728170
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.sentry.io; img-src * blob: data:; connect-src *; font-src * data:; object-src 'self'; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; base-uri 'none'; default-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=f67c3eed79175eecd1b191d6c4f5f998559239a5
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://overtax-refund.heumtax.com/
Origin
https://overtax-refund.heumtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.sentry.io; img-src * blob: data:; connect-src *; font-src * data:; object-src 'self'; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; base-uri 'none'; default-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=f67c3eed79175eecd1b191d6c4f5f998559239a5
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 05:53:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
76
x-envoy-upstream-service-time
22
content-length
1212
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-7fd8b48fcf-sswtw, cache-chi-klot8100052-CHI, cache-mia-kmia1760062-MIA
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-212448869-1&cid=226092769.1696398780&jid=1714488822&_u=YCDACEAABAAAACAAI~&z=809564993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 05:53:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit
ad-log.dable.io/logs/clients/001-007-776/users/66242738.1696398780466/ 		54 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-log.dable.io/logs/clients/001-007-776/users/66242738.1696398780466/visit?url=https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner&ref=&cid=66242738.1696398780466&client_id=7776&utm_source=businesson&utm_medium=emailbanner&z=775900&callback=dbljson2
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/dablena.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.201.87.35 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-201-87-35.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:53:01 GMT
x-content-type-options
nosniff
server
nginx
content-length
54
content-type
text/javascript; charset=utf-8
collect
analytics.google.com/g/s/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/s/collect?gtm=45j91e3a21&_gsid=KXWTDS280Gh-uX2RAR4d6mtn4FFvy1Pg
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KXWTDS280G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 05:53:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://overtax-refund.heumtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KXWTDS280G&cid=6JcnwxWBUWUZ%2Buw%2B7kiHWulYaS%2FVsUcC4Q8eZjRb0xg%3D.1696398780&gtm=45j91e3a21&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KXWTDS280G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 05:53:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://overtax-refund.heumtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0ZLWSJ955R
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/dablena.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c8c86f39857668cb166862b6c2387bb357fdc2d20150aeaca2931bd86348abc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:53:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79113
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Oct 2023 05:53:01 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0ZLWSJ955R&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-WM6S974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2149ae3ff293e58672f412a36f3435e0527624ee2d16378eb31d182fdb3776f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:53:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79144
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Oct 2023 05:53:01 GMT
collect
analytics.overtax.co.kr/g/ 		202 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.overtax.co.kr/g/collect?v=2&tid=G-KXWTDS280G&gtm=45je3a20&_p=1045206851&cid=226092769.1696398780&ul=en-us&sr=1600x1200&_fplc=0&ur=US-FL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=US&sst.gse=1&sst.tft=1696398777848&_s=2&sid=1696398779&sct=1&seg=1&dl=https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner&dt=%EB%8D%94%EB%82%B8%EC%84%B8%EA%B8%88%20%EC%A0%9C%ED%9C%B4%20-%20%EB%B9%84%EC%A7%80%EB%8B%88%EC%8A%A4%EC%98%A8&en=page_view&_c=1&ep.node_environment=prod&ep.page_url=https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner&ep.event_id=ff60267f-7180-4e62-a848-a94eec9d2bd8_1696398781540.178&ep.event_name=PageView&ep.event_type=page_view&_et=1715&ep.user_data._tag_mode=AUTO&tfd=21251&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KXWTDS280G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6061aa47f353d00a40680f21ab28d1e9590899fa31a755cc865a90bd6eb8b8aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://overtax-refund.heumtax.com
cache-control
no-cache
access-control-allow-credentials
true
collect
analytics.google.com/g/s/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/s/collect?gtm=45j91e3a21&_gsid=KXWTDS280GFSy6jqnYlhqbFcyO_bqKkA
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KXWTDS280G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 05:53:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://overtax-refund.heumtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-0ZLWSJ955R&gtm=45je3a20&_p=1045206851&_gaz=1&cid=226092769.1696398780&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696398781&sct=1&seg=0&dl=https%3A%2F%2Fovertax-refund.heumtax.com%2Fbusinesson%3Futm_source%3Dbusinesson%26utm_medium%3Demailbanner&dt=%EB%8D%94%EB%82%B8%EC%84%B8%EA%B8%88%20%EC%A0%9C%ED%9C%B4%20-%20%EB%B9%84%EC%A7%80%EB%8B%88%EC%8A%A4%EC%98%A8&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0ZLWSJ955R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 05:53:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://overtax-refund.heumtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0ZLWSJ955R&cid=226092769.1696398780&gtm=45je3a20&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0ZLWSJ955R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://overtax-refund.heumtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 05:53:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://overtax-refund.heumtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture object| __variantsData number| __page_id number| __customer_id number| __default_experience_id number| __version string| __variant number| __variant_id string| __variant_custom_name boolean| __preview number| __page_type string| __variant_hash string| __page_domain boolean| __page_generator object| __experiment_id boolean| __new_tracker object| _Translate object| trackingData object| GlobalSnowplowNamespace function| instapageSp function| _instapageSnowplow function| _instapageConsentManagement object| webpackChunk string| CURRENT_PAGE object| dataLayer object| google_tag_manager object| google_tag_data object| google_optimize object| __eventBus function| r function| Jt object| n function| t function| Splide object| splide function| Accordion object| $buoop function| $buo_f object| Vue object| __VUE_HMR_RUNTIME__ object| devtoolsFormatters boolean| __VUE__ object| __VUE_DEVTOOLS_HOOK_REPLAY__ object| unknown object| __config number| __workspaceWidth object| __session boolean| __cradleReady object| __featuresReady function| _wcs_logAll function| nvwcs object| s object| f function| kpx object| initParams undefined| deviceId object| amplitude function| hj object| _hjSettings function| fbq function| _fbq function| ChannelIO function| dablena object| GooglebQhCsO object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| __AMPLITUDE__ function| Jackdaw function| kakaoPixel object| wcs string| wcs_SerName object| wcs_add function| wcs_do object| _htmp boolean| ChannelIOInitialized object| identify object| _kpx_q function| dbljson1 object| _wcs_q object| _nasa string| index object| _snowplowTrackerWrapper string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| CHPlugin function| dbljson2 function| gtag

27 Cookies

Domain/Path Name / Value
.smartbill.co.kr/ Name: ASP.NET_SessionId
Value: 0oihzu55qafgcyn3n2wwqxrp
.overtax-refund.heumtax.com/ Name: __cf_bm
Value: 7RKbZlpwzcUDqXewSA8DuYvjG5_g_chvAp4376yN0cE-1696398777-0-AVLSubJlpPNUyfpS0WG8f6yyolETtT8DFYQW51gDtvQOp2+Q39KoWyWKtnQRsY3unn2vlw07uhTKZjbgLlIjP1s=
.heumtax.com/ Name: _gcl_au
Value: 1.1.868310899.1696398779
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.heumtax.com/ Name: _hjSessionUser_2007913
Value: eyJpZCI6Ijg4Y2ZiZDVkLTQxZDEtNTM4Yi1hNDU0LTViMmU4ZWFlZmYzYyIsImNyZWF0ZWQiOjE2OTYzOTg3Nzk1MDcsImV4aXN0aW5nIjpmYWxzZX0=
.heumtax.com/ Name: _hjFirstSeen
Value: 1
.heumtax.com/ Name: _hjIncludedInSessionSample_2007913
Value: 0
.heumtax.com/ Name: _hjSession_2007913
Value: eyJpZCI6IjZhOTZjNGM0LTU5ODMtNDI0MC04MDdiLWUyM2ZjNWZlNzI0NyIsImNyZWF0ZWQiOjE2OTYzOTg3Nzk1MDgsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.heumtax.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.heumtax.com/ Name: amp_d70b79
Value: NR3NVW-nopocACAWR6BFiS...1hbsju8nf.1hbsju9cq.1.2.3
.heumtax.com/ Name: _fbp
Value: fb.1.1696398779806.314855171
overtax-refund.heumtax.com/ Name: wcs_bt
Value: s_4370a8f346c3:1696398779
overtax-refund.heumtax.com/ Name: instap-spses.df30
Value: *
overtax-refund.heumtax.com/ Name: instap-spid.df30
Value: 74af8e25-2502-46ce-bd16-15b4af963ace.1696398780.1.1696398780.1696398780.b1aec7e5-b960-4dba-a0d8-04644a7fd334
.heumtax.com/ Name: _gid
Value: GA1.2.1434023118.1696398780
.heumtax.com/ Name: _gat_UA-212448869-1
Value: 1
.dable.io/ Name: uid
Value: 66242738.1696398780466
.dable.io/ Name: _gg_ck_match
Value: 1
.dable.io/ Name: _nas_ck_match
Value: 1
.dable.io/ Name: _nh_ck_match
Value: 1
.dable.io/ Name: _gn_ck_match
Value: 1
.dable.io/ Name: _kko_ck_match
Value: 1
.wcs.naver.com/ Name: NWB
Value: cebd5a02521f81463418af5de0172c2d.1696398780577
.overtax-refund.heumtax.com/ Name: dable_uid
Value: 66242738.1696398780466
.heumtax.com/ Name: _ga_KXWTDS280G
Value: GS1.1.1696398779.1.1.1696398781.0.0.0
.heumtax.com/ Name: _ga
Value: GA1.1.226092769.1696398780
.heumtax.com/ Name: _ga_0ZLWSJ955R
Value: GS1.1.1696398781.1.1.1696398781.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-log.dable.io
analytics.google.com
analytics.overtax.co.kr
api.amplitude.com
api.dable.io
bc.ad.daum.net
browser-update.org
cdn.amplitude.com
cdn.channel.io
cdn.instapagemetrics.com
cdn.jsdelivr.net
connect.facebook.net
ec.instapagemetrics.com
fonts.googleapis.com
fonts.gstatic.com
g.fastcdn.co
googleads.g.doubleclick.net
heatmap-events-collector.instapage.com
js.sentry-cdn.com
overtax-refund.heumtax.com
protect-us.mimecast.com
script.hotjar.com
static.dable.io
static.hotjar.com
stats.g.doubleclick.net
t1.daumcdn.net
unpkg.com
v.fastcdn.co
wcs.naver.com
wcs.naver.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www2.smartbill.co.kr
110.93.147.30
121.53.105.159
18.160.41.49
18.245.96.99
183.111.188.178
2001:4860:4802:32::181
2001:4860:4802:36::15
207.211.31.113
23.0.244.244
23.4.191.206
2600:1408:c400:28::17da:d89a
2606:4700:20::681a:6b4
2606:4700:4400::ac40:95d5
2606:4700:4400::ac40:9b7c
2606:4700::6810:7eaf
2607:f8b0:4004:c06::64
2607:f8b0:4004:c06::69
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c19::9d
2607:f8b0:4004:c1d::66
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:400::485
2a04:4e42::729
3.36.241.176
34.36.17.181
34.71.95.65
35.244.137.202
43.201.87.35
52.40.67.88
99.84.191.43
99.84.216.13
03eda8a72aa1bdb055f2d6ddf6620cf30f73bef3181ce6b0634dc1411b6aecac
047794317b70504540fd8504bd67eec9a33e7e7b9558fb2f73a0a0de663a51c3
0f6184b9a750b10207ab70ec5018c568e9c29184bba8ccdc563f5da5923a1b6a
146dcb91e6813fa8aee0f1f65db3235f07f4072843c53a2a9b86f8ad28a9509e
159b16ec7d95e57f531a29d28e3c18278d7d5e46b6ec8f173c3996af21a55adc
197241b42f3bb4afc4b162c39d0f88c06811bbc62eee3ce53fd076848bd40611
1d91ed2d090ed0cb0118a0c62dd75158ea28784399884908e4ea68950e34f3a2
2149ae3ff293e58672f412a36f3435e0527624ee2d16378eb31d182fdb3776f8
21755031dfd12b4d329ff9923ababc9dca8e61432b1223338cd63dd072326a2d
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
270d6a130b11f25f8d2423607674f4aa218b0f829b2df3a286d6a1b43c76af75
377b1cab84eff8ab7ae41600307bb1cae178f2dea582d2658133a628cb42b65b
3c8c86f39857668cb166862b6c2387bb357fdc2d20150aeaca2931bd86348abc
4274a8517ab6de432e5c268c7be4d3714e4ebf0195304fac838e0a554575afa0
4753d884ca67e2c4908e0915b64133a5e49069a1a566692ca9d81ebe3ce21460
4994160140ba2376041a57adb73b1ceede0199110ae7d562e555e64e3e9b6888
499fb4c42cd1f055547feffa62eca590845fac127436bb89511636d98b924b41
4bcc4e96f1cf00230baefd446120c1e0d85d08335ffa8d07dd67da2535b93dfb
5adf96e308da99ff859ce9f9def91ab592aaf77f0cd528a09727c40dbccaac5a
5b593e7ab0339a6fa51df85b039fbf0c671ad227a47c34e9f06f4b2b27fe4105
5faf86707f47db330970ae7cfb0861731ac99cf347394f9c1efca2140c69ff97
6061aa47f353d00a40680f21ab28d1e9590899fa31a755cc865a90bd6eb8b8aa
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
63e8352da534a05dafb13e5aa106693d66074b5f96aaf7b9b0949d026f578f49
657a0b1301ba242691fc61abe0f0c5af81d979ad63efb3fa89a02e6458125d3b
6994263c49d20ed374ffa8a17c7d2976846f065c3ec3162158c3432cea7e82ca
6dae5feb7375c225952ae53fe9b076dbca0fa134b56d72734ebc6abe67728170
741679455c77788753617e23a6ef86a4aa9519012f35cc9e124e70f3c075ba48
76da3bc5647c16f122573f511ca45b75c4f1671260200e2087a145f5fb80ecb2
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
82d1b96059dc0b80248c1479fd57f467c051afd33cfdd4d1ae925dc2d5adad97
8341593880980361ac6b2c07bebd06fe3c8b90b3937ec2e6661e08b94bdfc625
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29
89ed63d28d0e9c3f713486e8dcb70b5d3afa38a4ce0a98a1cf41f8eca56a368b
90f48a71b4ff0b07308674b4a8d3f73faef08cf0529fe1311b2f2dc95824efae
99b000b19f0e88b12a653e5101f21af584906f3422f5412f16861e7322d4d1b2
9dacfcf9410f6668fb5d537146dc3f6016ef8a93e42c02afc2359fa3cc384c85
a7d9347ee436bce21bc7e27c564113e3ab9f19fb39abce8fe57126481389a75a
ab9701cf5d00e4e0d7b754bc7358d0554614422a3c23a677d75b06154531552f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
ba4efbb8e532b0ba50920bad2c0f79758dd992e8790db1f04e01621e5df271dc
bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486
c1a80fb2192398e6c5ca97d4a7efc7bb92bb734dc8ee6fefc25399dc1d555a81
c931b9178992a6dff2065e2bc0928ab7e82ecf4ce8fb1b3a81ba0d7a0dd27b8d
cc3ed6fe6c571fcd206ddc31e5bfa22aa77fad2f4ef11cf9c4ef5f3fa3e32df1
d02b96fcebb482f7435c511b877d430ab86418b4b4068a130b2c73592a86d011
d8b4d7921938ca6abe87a6d4534f98c001c2bb76ec9fd5eb79d1ff556768e0e8
dc0ee0849c14f33b4a4725fc8bc3dc94a149b9738ccbb4073dd02f8ffe2f17ee
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5848368a9a33a6b0a891283d0bcef2dab3a5877092116cf0cbfd4df63a613a
e01c2469427f03ea2386c7fc32ec51918a3e8813320465b59aa50be1a26d952d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e2a25c4c1b69087d720776ff9569e9698c9ec52bdd5659c346bcaca9ce28d5
e887a4e091adb3d75a4092a652fdd7cf34c979a2fb1a6c2128f34c9c51921e29
ecc3883f7b177edcd6a59dcdb4f957cba8a1df5180202fcd3f30bd33dd6f7d7b
ece90a99a8e82729a5a932d9fc46f78ded178dd2f722b6be9bc0250f187cd48c
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f319143b52af38d9793de783875140f4c23f7cecb2bb1121f5319bb742028af9
f913faadb8704339c305029126a854f3f043bc3dbb173c9ea7ec1c9fbc2eb24c
fbf7636e9baa542579a42cb46667da9ef80bfebd263dddbe851d022a3fef8b6d