auth.api.bznav.com Open in urlscan Pro
43.201.161.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://refund.dev-2.bznav.com/
Effective URL:
https://auth.api.bznav.com/oauth/authorize?flow=SIGNIN&grant_type=authorization_code&response_type=code&stage=prd&sso_stage...
Submission: On November 13 via automatic, source certstream-suspicious (November 13th 2024, 8:02:49 am UTC) — Scanned from US

Summary HTTP 115 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 3 countries across 22 domains to perform 115 HTTP transactions. The main IP is 43.201.161.134, located in Incheon, Korea, Republic Of and belongs to AMAZON-02, US. The main domain is auth.api.bznav.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 3rd 2024. Valid for: a year.

This is the only time auth.api.bznav.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	76.76.21.164 76.76.21.164	16509 (AMAZON-02) (AMAZON-02)
1	23.205.105.27 23.205.105.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.25.36.65 184.25.36.65	16625 (AKAMAI-AS) (AKAMAI-AS)
3	18.165.83.76 18.165.83.76	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
7	2600:1f18:24e... 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c	14618 (AMAZON-AES) (AMAZON-AES)
4	2607:f8b0:400... 2607:f8b0:4004:c0b::61	15169 (GOOGLE) (GOOGLE)
1	2600:1408:c40... 2600:1408:c400:28::17da:d89a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
7	23.212.248.134 23.212.248.134	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	15.165.133.66 15.165.133.66	16509 (AMAZON-02) (AMAZON-02)
3	43.202.121.136 43.202.121.136	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c21::5f	15169 (GOOGLE) (GOOGLE)
1	110.234.246.33 110.234.246.33	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
4	172.253.115.106 172.253.115.106	15169 (GOOGLE) (GOOGLE)
3	142.251.111.154 142.251.111.154	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c21::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.31.97 142.250.31.97	15169 (GOOGLE) (GOOGLE)
6	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
5	2607:f8b0:400... 2607:f8b0:4004:c09::64	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9c	15169 (GOOGLE) (GOOGLE)
6	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
3	15.197.175.58 15.197.175.58	16509 (AMAZON-02) (AMAZON-02)
1	54.230.202.43 54.230.202.43	16509 (AMAZON-02) (AMAZON-02)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.113.31.166 13.113.31.166	16509 (AMAZON-02) (AMAZON-02)
1	54.65.44.16 54.65.44.16	16509 (AMAZON-02) (AMAZON-02)
2	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
5	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
2	210.89.167.46 210.89.167.46	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
2	121.53.105.159 121.53.105.159	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
2	43.201.161.134 43.201.161.134	16509 (AMAZON-02) (AMAZON-02)
115	35

25 76.76.21.164 (Walnut, United States) 1 redirects

ASN16509 (AMAZON-02, US)

refund.dev-2.bznav.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.105.27 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-105-27.deploy.static.akamaitechnologies.com

wcs.naver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.25.36.65 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-36-65.deploy.static.akamaitechnologies.com

ssl.pstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.165.83.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-76.iad55.r.cloudfront.net

cdn.channel.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:28::17da:d89a (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

t1.daumcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.212.248.134 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-248-134.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.165.133.66 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-165-133-66.ap-northeast-2.compute.amazonaws.com

tenping.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 43.202.121.136 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-202-121-136.ap-northeast-2.compute.amazonaws.com

gateway.api.bznav.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c21::5f (Washington, United States)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 110.234.246.33 (United States)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

nam.veta.naver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.115.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.111.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c21::9c (Washington, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c09::64 (Washington, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.175.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: adb40cc9a05f35108.awsglobalaccelerator.com

api.channel.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.202.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-202-43.msp50.r.cloudfront.net

static.airbridge.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.113.31.166 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-31-166.ap-northeast-1.compute.amazonaws.com

sdk.airbridge.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
core.airbridge.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.65.44.16 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-44-16.ap-northeast-1.compute.amazonaws.com

id.abr.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.89.167.46 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

wcs.naver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 121.53.105.159 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

bc.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.201.161.134 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-201-161-134.ap-northeast-2.compute.amazonaws.com

auth.api.bznav.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	bznav.com 1 redirects refund.dev-2.bznav.com gateway.api.bznav.com auth.api.bznav.com	795 KB
14	google.com www.google.com — Cisco Umbrella Rank: 4 analytics.google.com — Cisco Umbrella Rank: 170	1 KB
10	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 722 t.clarity.ms — Cisco Umbrella Rank: 9352 c.clarity.ms — Cisco Umbrella Rank: 1468	31 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 td.doubleclick.net — Cisco Umbrella Rank: 231 stats.g.doubleclick.net — Cisco Umbrella Rank: 171	8 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 782	138 KB
7	browser-intake-datadoghq.com browser-intake-datadoghq.com — Cisco Umbrella Rank: 602	785 B
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	634 B
6	channel.io cdn.channel.io — Cisco Umbrella Rank: 166601 api.channel.io — Cisco Umbrella Rank: 135267	248 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	483 KB
4	googleapis.com firebase.googleapis.com — Cisco Umbrella Rank: 4375 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 561	1 KB
3	airbridge.io static.airbridge.io — Cisco Umbrella Rank: 158969 sdk.airbridge.io — Cisco Umbrella Rank: 144781 core.airbridge.io — Cisco Umbrella Rank: 64457	60 KB
3	naver.com nam.veta.naver.com — Cisco Umbrella Rank: 12727 wcs.naver.com — Cisco Umbrella Rank: 14871	1 KB
2	daum.net bc.ad.daum.net — Cisco Umbrella Rank: 24059	571 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	74 KB
1	abr.ge id.abr.ge — Cisco Umbrella Rank: 192212
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 214	771 B
1	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 6502	2 KB
1	tenping.kr tenping.kr	2 KB
1	daumcdn.net t1.daumcdn.net — Cisco Umbrella Rank: 18722	20 KB
1	pstatic.net ssl.pstatic.net — Cisco Umbrella Rank: 12126	17 KB
1	naver.net wcs.naver.net — Cisco Umbrella Rank: 13272	10 KB
0	mixpanel.com Failed api-js.mixpanel.com Failed
115	22

	Domain	Requested by
25	refund.dev-2.bznav.com	1 redirects refund.dev-2.bznav.com
10	analytics.google.com	refund.dev-2.bznav.com
7	analytics.tiktok.com	refund.dev-2.bznav.com analytics.tiktok.com
7	browser-intake-datadoghq.com	refund.dev-2.bznav.com
6	www.facebook.com	refund.dev-2.bznav.com
6	t.clarity.ms	refund.dev-2.bznav.com www.clarity.ms
5	www.googletagmanager.com	refund.dev-2.bznav.com www.googletagmanager.com
4	td.doubleclick.net	www.googletagmanager.com
4	www.google.com	www.googletagmanager.com refund.dev-2.bznav.com
3	api.channel.io	cdn.channel.io
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	gateway.api.bznav.com	refund.dev-2.bznav.com
3	cdn.channel.io	refund.dev-2.bznav.com cdn.channel.io
2	auth.api.bznav.com	refund.dev-2.bznav.com
2	bc.ad.daum.net	refund.dev-2.bznav.com
2	wcs.naver.com	wcs.naver.net
2	c.clarity.ms	1 redirects
2	firebaseinstallations.googleapis.com	refund.dev-2.bznav.com
2	www.clarity.ms	refund.dev-2.bznav.com www.clarity.ms
2	connect.facebook.net	refund.dev-2.bznav.com connect.facebook.net
2	firebase.googleapis.com	refund.dev-2.bznav.com
1	core.airbridge.io	refund.dev-2.bznav.com
1	id.abr.ge	static.airbridge.io
1	sdk.airbridge.io	refund.dev-2.bznav.com
1	c.bing.com	1 redirects
1	static.airbridge.io	refund.dev-2.bznav.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	js.sentry-cdn.com	cdn.channel.io
1	nam.veta.naver.com	refund.dev-2.bznav.com
1	tenping.kr	refund.dev-2.bznav.com
1	t1.daumcdn.net	refund.dev-2.bznav.com t1.daumcdn.net
1	ssl.pstatic.net	wcs.naver.net
1	wcs.naver.net	refund.dev-2.bznav.com
0	api-js.mixpanel.com Failed	refund.dev-2.bznav.com
115	34

This site contains no links.

Subject Issuer	Validity	Valid
refund.dev-2.bznav.com R11	`2024-11-13` - `2025-02-11`	3 months	crt.sh
wcs.naver.net DigiCert TLS RSA SHA256 2020 CA1	`2024-10-03` - `2025-10-03`	a year	crt.sh
ssl.pstatic.net GeoTrust RSA CA 2018	`2024-10-30` - `2025-07-18`	9 months	crt.sh
channel.io Amazon RSA 2048 M02	`2024-03-18` - `2025-04-15`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-14` - `2025-05-17`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.daumcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-12` - `2025-04-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-22` - `2024-11-20`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.tenping.kr Amazon RSA 2048 M02	`2024-03-01` - `2025-03-31`	a year	crt.sh
prod.api.bznav.com Amazon RSA 2048 M03	`2024-11-03` - `2025-12-03`	a year	crt.sh
*.naver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-02-27` - `2025-03-15`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-04` - `2025-07-06`	a year	crt.sh
*.airbridge.io Amazon RSA 2048 M02	`2024-05-01` - `2025-05-30`	a year	crt.sh
*.abr.ge Amazon RSA 2048 M02	`2024-07-30` - `2025-08-27`	a year	crt.sh
wcs.naver.com GeoTrust TLS RSA CA G1	`2024-08-01` - `2025-08-14`	a year	crt.sh
ad.daum.net Thawte TLS RSA CA G1	`2024-01-03` - `2025-01-30`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://auth.api.bznav.com/oauth/authorize?flow=SIGNIN&grant_type=authorization_code&response_type=code&stage=prd&sso_stage=prod&client_id=bznav-refund-web&scope=sso%20bznav&state=wiQHY4mvXKbJrnRT32cP8_wFzKGIzYCC3mji2KsSV7Z&code_challenge=zfHjwWwG-DVyB9dQ8-vwHIdJj45Qv4PRFeYD2IbqM8s&code_challenge_method=S256&redirect_uri=https%3A%2F%2Frefund.dev-2.bznav.com%2Fredirect&zent_session_id=d6ce3bd2-f3db-4c92-9374-dac89e2d8b04&zent_client_session_id=69e4ee4e-e3ea-4d45-9c66-ba5cd7197533
Frame ID: B2E34F52BEA1EC5A3F6631D59940D4F8
Requests: 99 HTTP requests in this frame

Frame: https://cdn.channel.io/plugin/ch-plugin-core.bb5f2d30.vendor.js
Frame ID: AE6A1A48B581D1725F546B7A961B7EF6
Requests: 5 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/789114793?random=1731484961436&cv=11&fst=1731484961436&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.dev-2.bznav.com%2Ftax%2Frefund%2Fsummary&hn=www.googleadservices.com&frm=0&tiba=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&npa=0&pscdl=noapi&auid=1781067386.1731484961&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: AF872E026666F5F29F1872CF5A3FEBE5
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Frefund.dev-2.bznav.com
Frame ID: B85194AB2227581F12E53014720DA2D2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-QZ6ZGLFPQV&gacid=1593490478.1731484962&gtm=45je4b70v893725913za200zb884262975&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629~102077855&z=2137662643
Frame ID: DCB084C8348E08F5D2257E1A10BD9BC8
Requests: 1 HTTP requests in this frame

Frame: https://id.abr.ge/api/v2/third-party-cookie/identifier.html?requestID=223204267
Frame ID: 9D50F465D0062025AA3DDB328372E18B
Requests: 1 HTTP requests in this frame

Frame: https://t1.daumcdn.net/kas/static/third-party/cookie/ct2.html
Frame ID: E9B8999D3A2E4B218B612D4FB1F9354F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/789114793?random=1731484963586&cv=11&fst=1731484963586&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.dev-2.bznav.com%2Flogout&_dbg=1&hn=www.googleadservices.com&frm=0&tiba=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&npa=0&pscdl=noapi&auid=1781067386.1731484961&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bevent_category%3Dpdk-next%3Bapp_id%3Dbznav-mobile-v4%3Bpdk_page_location%3D%2Flogout%3Bpdk_page_title%3D%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89%3Bpdk_page_referrer%3D%2Ftax%2Frefund%2Fsummary%3Bpdk_page_first_referrer%3D%3Bpage%3D%2Flogout
Frame ID: 2A5D7FD26DD1C8BD768250F6C783AC3F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/789114793?random=1731484963975&cv=11&fst=1731484963975&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.dev-2.bznav.com%2Fsignin&_dbg=1&hn=www.googleadservices.com&frm=0&tiba=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&npa=0&pscdl=noapi&auid=1781067386.1731484961&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bevent_category%3Dpdk-next%3Bapp_id%3Dbznav-mobile-v4%3Bpdk_page_location%3D%2Fsignin%3Bpdk_page_title%3D%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89%3Bpdk_page_referrer%3D%2Flogout%3Bpdk_page_first_referrer%3D%3Bpage%3D%2Fsignin
Frame ID: 4B1C6A435BB5D1E20F8C4BB01A4D9909
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://refund.dev-2.bznav.com/ HTTP 308
https://refund.dev-2.bznav.com/tax/refund/summary Page URL
https://auth.api.bznav.com/oauth/authorize?flow=SIGNIN&grant_type=authorization_code&response_type=code... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

115
Requests

96 %
HTTPS

31 %
IPv6

22
Domains

34
Subdomains

35
IPs

3
Countries

1891 kB
Transfer

5849 kB
Size

29
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://refund.dev-2.bznav.com/ HTTP 308
https://refund.dev-2.bznav.com/tax/refund/summary Page URL
https://auth.api.bznav.com/oauth/authorize?flow=SIGNIN&grant_type=authorization_code&response_type=code&stage=prd&sso_stage=prod&client_id=bznav-refund-web&scope=sso%20bznav&state=wiQHY4mvXKbJrnRT32cP8_wFzKGIzYCC3mji2KsSV7Z&code_challenge=zfHjwWwG-DVyB9dQ8-vwHIdJj45Qv4PRFeYD2IbqM8s&code_challenge_method=S256&redirect_uri=https%3A%2F%2Frefund.dev-2.bznav.com%2Fredirect&zent_session_id=d6ce3bd2-f3db-4c92-9374-dac89e2d8b04&zent_client_session_id=69e4ee4e-e3ea-4d45-9c66-ba5cd7197533 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://refund.dev-2.bznav.com/ HTTP 308
https://refund.dev-2.bznav.com/tax/refund/summary

Request Chain 63

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B771BFC9C7224F4C9B2044CB635E8711&RedC=c.clarity.ms&MXFR=0BA97925564C64E603396C13524C6AD5 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B771BFC9C7224F4C9B2044CB635E8711&MUID=07DCCF89818C63420828DABF801C628F

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

summary Show response
refund.dev-2.bznav.com/tax/refund/
Redirect Chain

https://refund.dev-2.bznav.com/
https://refund.dev-2.bznav.com/tax/refund/summary

4 KB
2 KB

290ms
289ms

Document
text/html

76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9bf70d016a359f91d0748bb745284a15ab933fe02e60e98946f4a99e25eda877

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
access-control-allow-methods: GET,OPTIONS,PATCH,DELETE,POST,PUT
access-control-allow-origin: https://127.0.0.1
age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 13 Nov 2024 08:02:40 GMT
etag: W/"exsk0eth2n384"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /tax/refund/summary
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
x-vercel-cache: MISS
x-vercel-id: iad1::icn1::jzhh5-1731484960272-952e4ab3d89f

Redirect headers

cache-control: public, max-age=0, must-revalidate
content-type: text/html
date: Wed, 13 Nov 2024 08:02:40 GMT
location: /tax/refund/summary
refresh: 0;url=/tax/refund/summary
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-id: iad1::jzhh5-1731484960192-69261c2b130a

GET
H2 200 be71fb0bfda50916.css
refund.dev-2.bznav.com/_next/static/css/ 240 KB
37 KB 78ms
77ms Stylesheet
text/css 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/css/be71fb0bfda50916.css

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

898a30e093ca7ad7cfb2785ea47a5640d15c64925ac5ddbc8a7277a2ccd5c6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"b4a58cad38e63965f9755aa1eaa9ceea"
age: 121
x-matched-path: /_next/static/css/be71fb0bfda50916.css
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="be71fb0bfda50916.css"
content-type: text/css; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 08:00:39 GMT
x-vercel-id: iad1::jzhh5-1731484960572-f5fbd6b061ef

GET
H2 200 a41b2083c4d0a9a3.css
refund.dev-2.bznav.com/_next/static/css/ 8 KB
2 KB 111ms
111ms Stylesheet
text/css 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/css/a41b2083c4d0a9a3.css

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b4b71f0c1ee6017dc32aa1933dbbf5571d486c338c963ef81b4771a7fca0df16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"55bbf456aa9561810eda700e6fcc784d"
age: 121
x-matched-path: /_next/static/css/a41b2083c4d0a9a3.css
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="a41b2083c4d0a9a3.css"
content-type: text/css; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 08:00:39 GMT
x-vercel-id: iad1::wk84j-1731484960572-837c09622914

GET
H/1.1 200
OK wcslog.js Show response
wcs.naver.net/ 29 KB
10 KB 277ms
59ms Script
application/javascript 23.205.105.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://wcs.naver.net/wcslog.js
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.205.105.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-105-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0f2e9075f767fd375e10c4ec5a07f3c6b5ca3e81bf9bc7f748b3127bfceb7e0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

Cache-Control: max-age=3275
Content-Encoding: gzip
ETag: "66dfedda-7483"
Connection: keep-alive
Expires: Wed, 13 Nov 2024 08:57:15 GMT
Accept-Ranges: bytes
Content-Length: 10333
Date: Wed, 13 Nov 2024 08:02:40 GMT
Last-Modified: Tue, 10 Sep 2024 06:57:30 GMT
Content-Type: application/javascript
Server: nginx
Vary: Accept-Encoding

GET
H2 200 webpack-03a835479c2d8648.js Show response
refund.dev-2.bznav.com/_next/static/chunks/ 3 KB
2 KB 235ms
232ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/chunks/webpack-03a835479c2d8648.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

631ab71682ac5836320e3d80eb2ed553bc5a593850fa409062cc9f5a602d17c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"52f20ffc2cc15815d55fecbc77a0edbe"
age: 5330
x-matched-path: /_next/static/chunks/webpack-03a835479c2d8648.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="webpack-03a835479c2d8648.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 06:33:49 GMT
x-vercel-id: iad1::jzhh5-1731484960606-fad86b120f7f

GET
H2 200 framework-8054010453002adf.js Show response
refund.dev-2.bznav.com/_next/static/chunks/ 137 KB
46 KB 179ms
175ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/chunks/framework-8054010453002adf.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ee27e75254011e489b8e7f85576672fd1de9f5535ea6b65c1db834ec5203458e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"4a387d9580fe51cf7a4945c5c6b87586"
age: 5321
x-matched-path: /_next/static/chunks/framework-8054010453002adf.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="framework-8054010453002adf.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 06:33:59 GMT
x-vercel-id: iad1::4frtb-1731484960600-ad7f55a4b3d1

GET
H2 200 main-c5c64fbff8d9bd1a.js Show response
refund.dev-2.bznav.com/_next/static/chunks/ 126 KB
39 KB 208ms
204ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/chunks/main-c5c64fbff8d9bd1a.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f78969da014d779742e5be6fafa65dcbe9bafb2b3268708360df1cb36c5c1aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"826d14053f80c22bc633c3495d3c64ed"
age: 5321
x-matched-path: /_next/static/chunks/main-c5c64fbff8d9bd1a.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="main-c5c64fbff8d9bd1a.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 06:33:59 GMT
x-vercel-id: iad1::w85kd-1731484960601-65124c7e6314

GET
H2 200 _app-aa816313b4657f8b.js Show response
refund.dev-2.bznav.com/_next/static/chunks/pages/ 998 KB
307 KB 86ms
83ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4d8dc633956948ebdc0d65e2297b4bba728fe29900d80b6ff889fd1af2bed668

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"b82aeee1aa25275a279903921b1dd294"
age: 2208
x-matched-path: /_next/static/chunks/pages/_app-aa816313b4657f8b.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="_app-aa816313b4657f8b.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 07:25:52 GMT
x-vercel-id: iad1::s68th-1731484960601-e56ced0d8c65

GET
H2 200 4416ab45-18215d04b8010991.js Show response
refund.dev-2.bznav.com/_next/static/chunks/ 299 KB
78 KB 122ms
119ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/chunks/4416ab45-18215d04b8010991.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c86b94429061b4a455eec5e4bbe412b2c20ce5644d99407a802f56811a4475be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"701890940eadab7d5b8e3becbffbf44d"
age: 5331
x-matched-path: /_next/static/chunks/4416ab45-18215d04b8010991.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="4416ab45-18215d04b8010991.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 06:33:49 GMT
x-vercel-id: iad1::qdvrj-1731484960601-cd951a586005

GET
H2 200 4270-a0a7c49d42e04f0a.js Show response
refund.dev-2.bznav.com/_next/static/chunks/ 10 KB
4 KB 88ms
85ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/chunks/4270-a0a7c49d42e04f0a.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

aa8a0aaaebf35fa45d10547bdc688e201ca63f00d1c72fd4d2d2adefb91e4968

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"4122de06e5be17087230eef442e05bed"
age: 5322
x-matched-path: /_next/static/chunks/4270-a0a7c49d42e04f0a.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="4270-a0a7c49d42e04f0a.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 06:33:58 GMT
x-vercel-id: iad1::95f8l-1731484960601-b7105a483073

GET
H2 200 9275-47170522d8e848d4.js Show response
refund.dev-2.bznav.com/_next/static/chunks/ 19 KB
9 KB 148ms
146ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/chunks/9275-47170522d8e848d4.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0c304b5133d209c3f9ba25017d5e20e4f4f783957a89f5a6a355062b11bc7542

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"696be62d9b1ca9245dcee55b08a485f2"
age: 120
x-matched-path: /_next/static/chunks/9275-47170522d8e848d4.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="9275-47170522d8e848d4.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 08:00:39 GMT
x-vercel-id: iad1::tn9zj-1731484960601-23dcf501ca1a

GET
H2 200 1160-6fc5cda4d17b7380.js Show response
refund.dev-2.bznav.com/_next/static/chunks/ 19 KB
6 KB 207ms
205ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/chunks/1160-6fc5cda4d17b7380.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

60c866bf909ac3aed129ba13ac7819104af0fa30b9cfe088cbf40b62d65f1ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"c7a9d60e04045aa38740e48d2199b3d1"
age: 5331
x-matched-path: /_next/static/chunks/1160-6fc5cda4d17b7380.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="1160-6fc5cda4d17b7380.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 06:33:49 GMT
x-vercel-id: iad1::jvwbk-1731484960601-36a1f4f1feb6

GET
H2 200 1226-e150eaed725646ba.js Show response
refund.dev-2.bznav.com/_next/static/chunks/ 26 KB
6 KB 114ms
112ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/chunks/1226-e150eaed725646ba.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5fa6e3fe0040dd0ee4e60f83b27bd4f439f91b6968d015225f3de1353400b1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"8db3456493b5fc98df6fdbba5e082c1e"
age: 120
x-matched-path: /_next/static/chunks/1226-e150eaed725646ba.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="1226-e150eaed725646ba.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 08:00:40 GMT
x-vercel-id: iad1::2nghj-1731484960601-338ae8e1d25a

GET
H2 200 summary-f2f214821b7a9c29.js Show response
refund.dev-2.bznav.com/_next/static/chunks/pages/tax/refund/ 85 KB
23 KB 234ms
233ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/chunks/pages/tax/refund/summary-f2f214821b7a9c29.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

230e4be4fa40ef9c52e97324ede8b073f169d5e7f6e8ac47c12355af8389487c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"048e6cc575d367fd5cefd9fd724134c7"
age: 5320
x-matched-path: /_next/static/chunks/pages/tax/refund/summary-f2f214821b7a9c29.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="summary-f2f214821b7a9c29.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 06:33:59 GMT
x-vercel-id: iad1::w85kd-1731484960601-0f0d01d0c820

GET
H2 200 _buildManifest.js Show response
refund.dev-2.bznav.com/_next/static/IA6OQrG-h2nwOqhoL0pfP/ 25 KB
6 KB 231ms
230ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/IA6OQrG-h2nwOqhoL0pfP/_buildManifest.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5d724b00d17705fe748ba54f5d5e798ab48b22ca53bc81206572c1ad48385397

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"2d6ec951dcb02470aa0b68d5aff04a73"
age: 5322
x-matched-path: /_next/static/IA6OQrG-h2nwOqhoL0pfP/_buildManifest.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="_buildManifest.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 06:33:58 GMT
x-vercel-id: iad1::wkcmk-1731484960601-33deb3b379f8

GET
H2 200 _ssgManifest.js Show response
refund.dev-2.bznav.com/_next/static/IA6OQrG-h2nwOqhoL0pfP/ 367 B
577 B 112ms
111ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/IA6OQrG-h2nwOqhoL0pfP/_ssgManifest.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

46ea09421bcaee529dde754958356d3edb58e50de7d44184227a9305d29706ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

etag: "08c59af0a2ca401b5a7f151f9151189d"
age: 5331
x-matched-path: /_next/static/IA6OQrG-h2nwOqhoL0pfP/_ssgManifest.js
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:40 GMT
content-disposition: inline; filename="_ssgManifest.js"
content-type: application/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 06:33:48 GMT
strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
x-vercel-cache: HIT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 367
server: Vercel
x-vercel-id: iad1::5tjpv-1731484960601-eeee3020c633

GET
H2 200 synchronizer.js Show response
ssl.pstatic.net/melona/libs/gfp-nac-module/ 44 KB
17 KB 376ms
115ms Script
application/javascript 184.25.36.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.pstatic.net/melona/libs/gfp-nac-module/synchronizer.js
Requested by: Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.25.36.65 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-36-65.deploy.static.akamaitechnologies.com
Software: Testa/6.2.4 /
Resource Hash: cfa4698aaec1f629d8a77ea1687104254bc23c0aae2e27194133f6ef66de5428

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3506
content-encoding: gzip
etag: "afad-61a09bbfa502c-gzip"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17115
date: Wed, 13 Nov 2024 08:02:41 GMT
last-modified: Tue, 04 Jun 2024 05:29:31 GMT
content-type: application/javascript
server: Testa/6.2.4
access-control-allow-headers: Range

GET
H2 200 ch-plugin-web.js Show response
cdn.channel.io/plugin/ 2 KB
1 KB 229ms
58ms Script
text/javascript 18.165.83.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.channel.io/plugin/ch-plugin-web.js
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-76.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0108dbc5bc226e7fafc4b4c27f334c14e0d140d90753ef57f896c029c1fe8ec4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

vary: accept-encoding
cache-control: max-age=3600,public
content-encoding: gzip
etag: W/"20572681bfae90b8ea1be372868d35de"
age: 3081
via: 1.1 d252968c504ffe8fc53a565195348068.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: _FNagNEgctsZ4Rz0PYXoG6KVJD1u8bUo7NCKvcQyq9v-UgmSienyZg==
date: Wed, 13 Nov 2024 07:25:08 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 13:06:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P3
x-amz-server-side-encryption: AES256

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:135207226053:web:0d96d6d887dfa738e27eac/ 347 B
434 B 84ms
81ms Fetch
application/json 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:135207226053:web:0d96d6d887dfa738e27eac/webConfig

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecd09f73286c43a6432afee97d1e35350f1d502a46490f40abb5580a1b90392e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-goog-api-key: AIzaSyDXHdXZeC4Ef2WqBQnMiyweogUv3o4RmfQ
Referer: https://refund.dev-2.bznav.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://refund.dev-2.bznav.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
date: Wed, 13 Nov 2024 08:02:41 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:135207226053:web:0d96d6d887dfa738e27eac/ Frame 0
0 222ms
69ms Preflight
text/html 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:135207226053:web:0d96d6d887dfa738e27eac/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://refund.dev-2.bznav.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://refund.dev-2.bznav.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 13 Nov 2024 08:02:41 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
287 B 290ms
148ms Fetch
application/json 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Afetch%2Cenv%3Aprd%2Cservice%3Abznav-mobile-v4%2Cversion%3A24.11.200&dd-api-key=pubfbfe8a19c4d45eb72152df453ab07a50&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=3da9a40f-7d3e-4af2-8c63-9504404131f2&batch_time=1731484961015

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

20323d24a0b14b40e37f13a49aedfbf2d954e1e223cbd9dcb58a9afda718a117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Wed, 13 Nov 2024 08:02:40 GMT
content-type: application/json
dd-request-id: 3da9a40f-7d3e-4af2-8c63-9504404131f2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 396 KB
128 KB 285ms
162ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QZ6ZGLFPQV

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/main-c5c64fbff8d9bd1a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99673d98f38b8825a353a9d6adf868ff67722322403b73028013071e41f3a370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 13 Nov 2024 08:02:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 130512
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
101 KB 201ms
78ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-789114793

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/main-c5c64fbff8d9bd1a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee15a3400c69928832f6d4984265a683a0f11a6d9c538e56b972b95d95acffc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 13 Nov 2024 08:02:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102226
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 kp.js Show response
t1.daumcdn.net/kas/static/ 84 KB
20 KB 468ms
56ms Script
text/javascript 2600:1408:c400:28::17da:d89a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/kas/static/kp.js
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/main-c5c64fbff8d9bd1a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:28::17da:d89a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 6137d7a5e6f9eb2afd9b6d875ed257ca353eba540143c49a8184cd444e5d047a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

nel: {"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
cache-control: max-age=904
content-encoding: gzip
x-wcss: dC1jb21tb24wMS1id2NhY2hlNDQ6aGl0OjA=
report-to: {"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
expires: Wed, 13 Nov 2024 08:17:45 GMT
accept-ranges: bytes
content-length: 19778
date: Wed, 13 Nov 2024 08:02:41 GMT
last-modified: Thu, 10 Oct 2024 01:31:04 GMT
content-type: text/javascript
server: openresty
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/ko_KR/ 239 KB
61 KB 185ms
57ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ko_KR/fbevents.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-0JqeCrcQ' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-0JqeCrcQ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=4413, tp=9, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: hfqmfeMSiTOZGeJhXo0HE9pOD5Lj0rAs8g8td5nvXCfOV/Eybi2vm+bBHNNQuJ0ANVFA3WEQ4Y3VhsVZIrQbFQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 323ms
92ms Script
application/javascript 23.212.248.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLR9P3RC77UEPOBB23D0&lib=ttq
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.134 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-134.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2a424538fc6fbc74744b6d9e5e738f4b7ed828a4625f705623078c310671bd47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: gzip
expires: Wed, 13 Nov 2024 08:02:41 GMT
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=6, origin; dur=10
x-cache: TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 30a8d806
x-tt-trace-host: 012aaa2bb84faada2c6c8e0a4ef496eff543d0225b29ac6cb79cfb58892d80a93c97780b90e3adf8e139674673867b8bea40f78726fbaa9539d005f55453c4d491c0c63b7f5c7b55220b25dff876daa5a02a0212ab4df9291b53eb2f30529e96a6
x-origin-response-time: 10,23.220.104.155
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241113080241EB1CB099CAEB3B3B858F-556F902F1638051E-00
content-length: 1632
x-tt-logid: 20241113080241EB1CB099CAEB3B3B858F
server: nginx

GET
H2 200 les8a7b23n Show response
www.clarity.ms/tag/ 689 B
1 KB 236ms
79ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/les8a7b23n
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc9099d3c5f0344389b48a46ac3e917144ea5b465fd42a1fddc5a16fe4b321f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/x-javascript
x-azure-ref: 20241113T080241Z-17958fbc6d4v8qlmhC1MIAy5nw00000007bg00000000zwdr

GET
H2 200 tenping.cpa.V2_Domain.min.js Show response
tenping.kr/scripts/cpa/ 4 KB
2 KB 1131ms
254ms Script
application/javascript 15.165.133.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tenping.kr/scripts/cpa/tenping.cpa.V2_Domain.min.js
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/main-c5c64fbff8d9bd1a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.165.133.66 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-165-133-66.ap-northeast-2.compute.amazonaws.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 92339d1b1bb043f0851beeda265449e6c09baaf12e6cc8232934ac004a0e88b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: gzip
etag: "80212ff89e9ed91:0"
accept-ranges: bytes
content-length: 1477
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
date: Wed, 13 Nov 2024 08:02:42 GMT
content-type: application/javascript
last-modified: Wed, 14 Jun 2023 09:02:39 GMT
vary: Accept-Encoding
server: Microsoft-IIS/8.0

GET
H2 200 BZNAVSans-Regular.d0b26a5c.woff2
refund.dev-2.bznav.com/_next/static/media/ 213 KB
214 KB 70ms
70ms Font
font/woff2 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/media/BZNAVSans-Regular.d0b26a5c.woff2

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/css/be71fb0bfda50916.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

501f541f7585926814684a007a6d8a9cf3618f6cbd416f28739d6592f9013358

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://refund.dev-2.bznav.com
Referer: https://refund.dev-2.bznav.com/_next/static/css/be71fb0bfda50916.css

Response headers

etag: "53ebcb28f556bed2a7faf56595154d29"
age: 118
x-matched-path: /_next/static/media/BZNAVSans-Regular.d0b26a5c.woff2
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:41 GMT
content-disposition: inline; filename="BZNAVSans-Regular.d0b26a5c.woff2"
content-type: font/woff2
last-modified: Wed, 13 Nov 2024 08:00:42 GMT
strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
x-vercel-cache: HIT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 218244
server: Vercel
x-vercel-id: iad1::w85kd-1731484961059-1ebe4a47a215

OPTIONS
H2 204 graphql
gateway.api.bznav.com/ Frame 0
0 908ms
256ms Preflight 43.202.121.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.api.bznav.com/graphql
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.202.121.136 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-202-121-136.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,traceparent,x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id
Access-Control-Request-Method: POST
Origin: https://refund.dev-2.bznav.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,traceparent,x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Wed, 13 Nov 2024 08:02:41 GMT
vary: Access-Control-Request-Headers

POST
H2 200 graphql Show response
gateway.api.bznav.com/ 145 B
301 B 299ms
297ms Fetch
application/json 43.202.121.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.api.bznav.com/graphql
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.202.121.136 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-202-121-136.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: 2372ef149d70032d6bea7d3a13b60f2f5fb9d4cba54821b91f50d41765d5d840

Request headers

x-datadog-origin: rum
x-datadog-parent-id: 6271117408783158496
Referer: https://refund.dev-2.bznav.com/
x-datadog-trace-id: 4536652868156647006
traceparent: 00-00000000000000003ef56dbf53bbe65e-57077c0eb749cce0-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
x-datadog-sampling-priority: 1

Response headers

access-control-allow-origin: *
cache-control: no-store
content-length: 145
date: Wed, 13 Nov 2024 08:02:42 GMT
etag: W/"91-A4xMvcfHDaPN6lPVlw/DBE5M20I"
content-type: application/json; charset=utf-8

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/em-bznav/ Frame 0
0 228ms
73ms Preflight
text/html 2607:f8b0:4004:c21::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/em-bznav/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://refund.dev-2.bznav.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://refund.dev-2.bznav.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 13 Nov 2024 08:02:41 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/em-bznav/ 625 B
679 B 207ms
190ms Fetch
application/json 2607:f8b0:4004:c21::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/em-bznav/installations

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b458963f7d532afd6b178268990fa9b6a059fa6163417b40205c37f0487f40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjEwLjE1IGZpcmUtY29yZS1lc20yMDE3LzAuMTAuMTUgZmlyZS1qcy8gZmlyZS1paWQvMC42LjEwIGZpcmUtaWlkLWVzbTIwMTcvMC42LjEwIGZpcmUtYW5hbHl0aWNzLzAuMTAuOSBmaXJlLWFuYWx5dGljcy1lc20yMDE3LzAuMTAuOSBmaXJlLWpzLWFsbC1hcHAvMTEuMC4xIGZpcmUtcmMvMC40LjEwIGZpcmUtcmMtZXNtMjAxNy8wLjQuMTAiLCJkYXRlcyI6WyIyMDI0LTExLTEzIl19XX0
x-goog-api-key: AIzaSyDXHdXZeC4Ef2WqBQnMiyweogUv3o4RmfQ
Referer: https://refund.dev-2.bznav.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://refund.dev-2.bznav.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
date: Wed, 13 Nov 2024 08:02:41 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 ch-plugin-core.bb5f2d30.vendor.js Show response
cdn.channel.io/plugin/ Frame AE6A 399 KB
130 KB 67ms
66ms Script
text/javascript 18.165.83.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.channel.io/plugin/ch-plugin-core.bb5f2d30.vendor.js
Requested by: Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-76.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a7d5e8958163260f9f9632acf8e05dccada8ee9fa6a9eb08404770f3b9fabd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

vary: accept-encoding
cache-control: max-age=31536000,public
content-encoding: br
etag: W/"a75d06a3bacf87e4f3ed7e352ce86ebb"
age: 413751
via: 1.1 d252968c504ffe8fc53a565195348068.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: CnxlgH2DwPfU2TLS9n848-8cgShLFrlijQ-_50Wn7_g8m9pH6j7dug==
date: Fri, 08 Nov 2024 13:06:51 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 13:06:31 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P3
x-amz-server-side-encryption: AES256

GET
H2 200 ch-plugin-core-20241108220508.js Show response
cdn.channel.io/plugin/ Frame AE6A 446 KB
114 KB 193ms
192ms Script
text/javascript 18.165.83.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.channel.io/plugin/ch-plugin-core-20241108220508.js
Requested by: Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-76.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cdd181ea0a6515ad17779693546d642fd164491c205af0e5bc290764a4c88c69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

vary: accept-encoding
cache-control: max-age=31536000,public
content-encoding: br
etag: W/"2ea8b5d2aea08978b89cf77ce708b320"
age: 413751
via: 1.1 d252968c504ffe8fc53a565195348068.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: qpZp-RnD7qsoh2YyJ5hUDOHsJ-7FcFBLZDsNrWJVXUkgVDxy88X0cg==
date: Fri, 08 Nov 2024 13:06:51 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 13:06:23 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P3
x-amz-server-side-encryption: AES256

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.49/ 64 KB
27 KB 62ms
62ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.49/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/les8a7b23n
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

x-azure-ref: 20241113T080241Z-17958fbc6d4v8qlmhC1MIAy5nw00000007bg00000000zwe0
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 5df73997-801e-0067-71b5-333e27000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 01:20:43 GMT

GET
H3 200 502000872243975 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 155ms
154ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/502000872243975?v=2.9.176&r=stable&domain=refund.dev-2.bznav.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ko_KR/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

0e3505708e74540d25a9f34eaa14346f791e7730c1ce21b377581aeadcdf4d59

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-Y3x3fYaM' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-Y3x3fYaM' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=77, mss=1232, tbw=70897, tp=67, tpl=0, uplat=100, ullat=0
pragma: public
x-fb-debug: BgULoH2VmO2868lk1cuxpXtUpWVKOeaFcmCa2wlGc3899HWwl2PnEUjR1AAcBxoN4IZVEEmacms6QiVXR5R9RQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 2 Show response
nam.veta.naver.com/nac/ 23 B
242 B 474ms
65ms XHR
application/json 110.234.246.33
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://nam.veta.naver.com/nac/2
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 110.234.246.33 , United States, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: nfront /
Resource Hash: 25c06c1bde8a5ff52563d7c07650497130d805cd5be9386acf440cca1b5243d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
referrer-policy: unsafe-url
access-control-allow-origin: https://refund.dev-2.bznav.com
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/json
vary: Origin
server: nfront

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 396 KB
127 KB 80ms
78ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-QZ6ZGLFPQV

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1dba4d69c42f1156f4b3e0db6b64e42258d9a0c00ec1970f000493be53aa485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 13 Nov 2024 08:02:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 130374
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 main.MWQ2ODQwNTg2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 335 KB
93 KB 64ms
63ms Script
application/javascript 23.212.248.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLR9P3RC77UEPOBB23D0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.134 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-134.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e510525512914182f11c0b1928d19bf4623a2cbd897694b007e0e31a93b7a605

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

x-cache: TCP_MEM_HIT from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-241107125612932A7308BC69FE9A6D08-1AC6DAFF7650990F-00
content-length: 94967
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241107125612932A7308BC69FE9A6D08
server: nginx
x-akamai-request-id: 30a8da99
x-tt-trace-host: 011bf6abdcf1c6af5cf557d48db99fb67c1c6440a02fce1201a6f6c58913efee69c1b5acce9574d90beaa1e506e5b04472924b49d87f488ba2bffb5f377a9b5658488136dd8760d41b1c21d0d8d94b80933673bec8b99acfcf9bee7990a3d15d22

POST
H3 200 collect
www.google.com/ccm/ 0
0 197ms
78ms Ping
text/plain 172.253.115.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Ftax%2Frefund%2Fsummary&scrsrc=www.googletagmanager.com&frm=0&rnd=185423761.1731484961&auid=1781067386.1731484961&npa=0&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&tft=1731484961444&tfd=1598&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-789114793
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.115.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f106.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/789114793/ 5 KB
2 KB 190ms
77ms Script
text/javascript 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/789114793/?random=1731484961436&cv=11&fst=1731484961436&bg=ffffff&guid=ON&async=1&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.dev-2.bznav.com%2Ftax%2Frefund%2Fsummary&hn=www.googleadservices.com&frm=0&tiba=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&npa=0&pscdl=noapi&auid=1781067386.1731484961&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-789114793

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

cafe /

Resource Hash

ac43778ff32cf16cef5cf12c327d1c17ab2c7ffd8024158b6866a69062c95f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2354
date: Wed, 13 Nov 2024 08:02:41 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 789114793
td.doubleclick.net/td/rul/ Frame AF87 0
0 189ms
73ms Document
text/html 2607:f8b0:4004:c21::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/789114793?random=1731484961436&cv=11&fst=1731484961436&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.dev-2.bznav.com%2Ftax%2Frefund%2Fsummary&hn=www.googleadservices.com&frm=0&tiba=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&npa=0&pscdl=noapi&auid=1781067386.1731484961&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-789114793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refund.dev-2.bznav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Nov 2024 08:02:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 396 KB
128 KB 77ms
77ms Script
application/javascript 142.250.31.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QZ6ZGLFPQV&l=dataLayer&cx=c&gtm=45be4b70v884262975za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-789114793

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7a479143190242379fa35485024b45f8011577575242836e4b44e441c02ab351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 13 Nov 2024 08:02:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 130625
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame B851 0
0 173ms
60ms Document
text/html 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Frefund.dev-2.bznav.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-789114793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Nov 2024 08:02:41 GMT
expires: Thu, 13 Nov 2025 08:02:41 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
286 B 212ms
55ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://refund.dev-2.bznav.com/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://refund.dev-2.bznav.com
Date: Wed, 13 Nov 2024 08:02:41 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 b05367f6be924bb49e15838987b99ce6.min.js Show response
js.sentry-cdn.com/ Frame AE6A 3 KB
2 KB 103ms
30ms Script
text/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/b05367f6be924bb49e15838987b99ce6.min.js

Requested by

Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-core-20241108220508.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7586d643089827df563c7a7714023b99d544da78d97ba8770a9e42f0785f394d

Security Headers

Name	Value
Content-Security-Policy	media-src ; worker-src blob:; img-src blob: data:; object-src 'none'; font-src * data:; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; style-src * 'unsafe-inline'; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; frame-ancestors 'self' *.sentry.io; default-src 'none'; base-uri 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=05f5674caefd3f59f7eaa233770d4feac33769d7
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://refund.dev-2.bznav.com
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: gzip
age: 18
x-envoy-attempt-count: 1
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: text/javascript
x-served-by: getsentry-web-default-common-production-769f56996d-bbmlm, cache-chi-klot8100052-CHI, cache-mia-kmia1760039-MIA
vary: Accept-Encoding
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: media-src *; worker-src blob:; img-src * blob: data:; object-src 'none'; font-src * data:; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; style-src * 'unsafe-inline'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; frame-ancestors 'self' *.sentry.io; default-src 'none'; base-uri 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=05f5674caefd3f59f7eaa233770d4feac33769d7
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
timing-allow-origin: *
x-envoy-upstream-service-time: 23
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1318
x-xss-protection: 1; mode=block

POST
H2 204 collect Show response
analytics.google.com/g/ 0
550 B 191ms
66ms Fetch
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QZ6ZGLFPQV&gtm=45je4b70v893725913za200zb884262975&_p=1731484961022&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077855&_fid=e64ZJpq76aXTAoV-ztmQJb&cid=1593490478.1731484962&ecid=2143507929&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1731484961&sct=1&seg=0&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Ftax%2Frefund%2Fsummary&dt=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&ep.origin=firebase&tfd=1797
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
559 B 190ms
65ms Ping
text/plain 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QZ6ZGLFPQV&cid=1593490478.1731484962&gtm=45je4b70v893725913za200zb884262975&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101925629~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZ6ZGLFPQV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame DCB0 0
0 72ms
71ms Document
text/html 2607:f8b0:4004:c21::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-QZ6ZGLFPQV&gacid=1593490478.1731484962&gtm=45je4b70v893725913za200zb884262975&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629~102077855&z=2137662643

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZ6ZGLFPQV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refund.dev-2.bznav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Nov 2024 08:02:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect Show response
analytics.google.com/g/ 0
57 B 226ms
112ms Fetch
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QZ6ZGLFPQV&gtm=45je4b70v893725913za200zb884262975&_p=1731484961022&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077855&cid=1593490478.1731484962&ecid=2143507929&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_eu=AAAC&_s=2&dp=%2Ftax%2Frefund%2Fsummary&sid=1731484961&sct=1&seg=1&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Ftax%2Frefund%2Fsummary&dt=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&en=page_view&_ee=1&ep.debug_mode=true&_et=7&tfd=1809
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect Show response
analytics.google.com/g/ 0
48 B 177ms
68ms Fetch
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QZ6ZGLFPQV&gtm=45je4b70v893725913za200zb884262975&_p=1731484961022&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077855&cid=1593490478.1731484962&ecid=2143507929&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=3&dp=%2Ftax%2Frefund%2Fsummary&dl=%2Ftax%2Frefund%2Fsummary&dt=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&dr=&sid=1731484961&sct=1&seg=1&en=page_view&_ee=1&ep.debug_mode=true&ep.app_id=bznav-mobile-v4&_et=2&tfd=1815
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: text/plain
server: Golfe2

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
136 B 170ms
166ms XHR
application/json 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Axhr%2Cenv%3Aprd%2Cservice%3Abznav-mobile-v4%2Cversion%3A24.11.200&dd-api-key=pubfbfe8a19c4d45eb72152df453ab07a50&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=fc0e8a48-5fcb-4529-b0af-ea0b303afcb6&batch_time=1731484961669

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

48baa351d454ee1f0e14bd42ce49de471b4df13eb356187cee078d39f2b9236b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/json
dd-request-id: fc0e8a48-5fcb-4529-b0af-ea0b303afcb6

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 115ms
55ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=502000872243975&ev=PageView&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Ftax%2Frefund%2Fsummary&rl=&if=false&ts=1731484961680&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1731484961679.647421001454087049&ler=empty&cdl=API_unavailable&it=1731484961309&coo=false&rqm=GET

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=4495, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
200 B 272ms
213ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=502000872243975&ev=PageView&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Ftax%2Frefund%2Fsummary&rl=&if=false&ts=1731484961680&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1731484961679.647421001454087049&ler=empty&cdl=API_unavailable&it=1731484961309&coo=false&rqm=FGET

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436671283013657395"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436671283013657395", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: vOPtB622ijXte7ci0KhujJowyi73pd+1FbFinBZgM666JPW0b+hrG7CxT752U3XQo7IQLFSwYjzGtsAJBq4iFw==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=4863, tp=13, tpl=0, uplat=159, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 90ms
90ms Script
application/javascript 23.212.248.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.134 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-134.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

x-cache: TCP_MEM_HIT from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=2
x-tt-trace-id: 00-2408300225313C49191DE03D83868122-1B7A078E655BE1AD-00
content-length: 39456
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202408300225313C49191DE03D83868122
server: nginx
x-akamai-request-id: 30a8e28d
x-tt-trace-host: 014de5d167f06aed9987df94efdd40055e0cfefe36646fc12fd8c238248907a24e9df1a1b8600baca619a5e66bc8bf7fe61a324096ececd98ba3d55caed2681f6fcfaa68ffea786df4132e037620453897254996ab02a2e99e649aeff0b78424fb

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
716 B 127ms
126ms Ping
text/plain 23.212.248.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.134 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-134.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 13 Nov 2024 08:02:41 GMT
server-timing: inner; dur=26, cdn-cache; desc=MISS, edge; dur=11, origin; dur=29
x-cache: TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Wed, 13 Nov 2024 08:02:41 GMT
x-akamai-request-id: 30a8e31e
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012aaa2bb84faada2c6c8e0a4ef496eff543d0225b29ac6cb79cfb58892d80a93c772ad8275c2d0e479d4d6ba8172e17e9b95e47647c7f8b2313f7d908db36aefb2e58c6520618eb5f0b684ba8e445307d10488183b5d73d31bc787a966dda8a4e
x-origin-response-time: 29,23.220.104.155
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24111308024186BA14972221713A9F52-6CB41FCF7E62B295-00
content-length: 0
x-tt-logid: 2024111308024186BA14972221713A9F52
server: nginx

GET
H2 200 40a5adae-8bc8-4ef7-9a0d-eb53171fb886 Show response
api.channel.io/front/v7/elastic/plugins/ Frame AE6A 870 B
751 B 234ms
234ms Fetch
application/json 15.197.175.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.channel.io/front/v7/elastic/plugins/40a5adae-8bc8-4ef7-9a0d-eb53171fb886?
Requested by: Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-core-20241108220508.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.197.175.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: adb40cc9a05f35108.awsglobalaccelerator.com
Software: /
Resource Hash: f1a36b139374f050b99ef6c2793b8fb93af0c507c80ef6aa5e9db05cfe90eacb

Request headers

Referer: https://refund.dev-2.bznav.com/
Accept-Language: en
Accept: application/json
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: Date,Content-Disposition,x-account,x-session
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://refund.dev-2.bznav.com
content-length: 513
date: Wed, 13 Nov 2024 08:02:42 GMT
content-type: application/json
vary: Origin, Accept-Encoding

OPTIONS
H2 200 40a5adae-8bc8-4ef7-9a0d-eb53171fb886
api.channel.io/front/v7/elastic/plugins/ Frame 0
0 427ms
286ms Preflight 15.197.175.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.channel.io/front/v7/elastic/plugins/40a5adae-8bc8-4ef7-9a0d-eb53171fb886?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.197.175.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: adb40cc9a05f35108.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://refund.dev-2.bznav.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin,content-type,accept,accept-language,x-access-key,x-access-secret,x-account,x-session,x-personal,x-cafe24-iam,x-shopify-iam,x-color-me-iam,x-iwchannel-iam,x-shopby-iam
access-control-allow-methods: OPTIONS,GET,PUT,POST,DELETE,HEAD,PATCH
access-control-allow-origin: https://refund.dev-2.bznav.com
access-control-max-age: 1800
content-length: 0
date: Wed, 13 Nov 2024 08:02:42 GMT
vary: Origin

GET
H3 200 /
www.google.com/pagead/1p-user-list/789114793/ 42 B
64 B 71ms
71ms Image
image/gif 172.253.115.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/789114793/?random=1731484961436&cv=11&fst=1731484800000&bg=ffffff&guid=ON&async=1&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.dev-2.bznav.com%2Ftax%2Frefund%2Fsummary&hn=www.googleadservices.com&frm=0&tiba=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&npa=0&pscdl=noapi&auid=1781067386.1731484961&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dLBdmM2EOqJsqD-CM1RkeaJPjZyAtdg&random=3208178316&rmt_tld=0&ipr=y

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 13 Nov 2024 08:02:41 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
114 B 122ms
117ms Fetch
application/json 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Afetch%2Cenv%3Aprd%2Cservice%3Abznav-mobile-v4%2Cversion%3A24.11.200&dd-api-key=pubfbfe8a19c4d45eb72152df453ab07a50&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=5c7dcd7b-d34f-4767-a57d-0192bd536fed&batch_time=1731484961885

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

12cf0f0c01e1ad4946c3d777839a470e215932d1b69091ec873ba86eafd46cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Wed, 13 Nov 2024 08:02:41 GMT
content-type: application/json
dd-request-id: 5c7dcd7b-d34f-4767-a57d-0192bd536fed

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
717 B 109ms
108ms Ping
text/plain 23.212.248.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.134 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-134.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 13 Nov 2024 08:02:42 GMT
server-timing: inner; dur=25, cdn-cache; desc=MISS, edge; dur=23, origin; dur=28
x-cache: TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Wed, 13 Nov 2024 08:02:42 GMT
x-akamai-request-id: 30a8e6ab
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012aaa2bb84faada2c6c8e0a4ef496eff543d0225b29ac6cb79cfb58892d80a93c53c2de5f79f4ceacd9cf4d1aba94bdeec561fca1095b2e40ebb85b746e3f9caf32dcffb8e64b19383fd0e1bc44ff800d098c7f696e1962724cab63f2a8643422
x-origin-response-time: 31,23.220.104.155
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2411130802420E8EFE2106A8943C9C3B-66AF9F5B50FEDEDA-00
content-length: 0
x-tt-logid: 202411130802420E8EFE2106A8943C9C3B
server: nginx

GET
H2 200 airbridge.min.js Show response
static.airbridge.io/sdk/latest/ 230 KB
59 KB 280ms
73ms Script
text/javascript 54.230.202.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airbridge.io/sdk/latest/airbridge.min.js
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/tax/refund/summary
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.202.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-202-43.msp50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57236b3dbf2a01bb760e60bc88c6ffa111f8dd020d209da9458743e51cf95390

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

x-amz-cf-pop: MSP50-C2
content-encoding: gzip
etag: W/"c29bf63589f3c1a7057e37e62a140263"
age: 306043
via: 1.1 ec1b46a9bc28e57dd5c602e080468132.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ZGnoqGGenP839XwNaUOoaf2YpY9VwcniA25agLmOoQDI9kdNiQyrIQ==
date: Sat, 09 Nov 2024 19:02:00 GMT
content-type: text/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Thu, 17 Oct 2024 08:00:33 GMT
x-amz-server-side-encryption: AES256

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B771BFC9C7224F4C9B2044CB635E8711&RedC=c.clarity.ms&MXFR=0BA97925564C64E603396C13524C6AD5
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B771BFC9C7224F4C9B2044CB635E8711&MUID=07DCCF89818C63420828DABF801C628F

42 B
442 B

57ms
57ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B771BFC9C7224F4C9B2044CB635E8711&MUID=07DCCF89818C63420828DABF801C628F
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Wed, 13 Nov 2024 08:02:42 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B771BFC9C7224F4C9B2044CB635E8711&MUID=07DCCF89818C63420828DABF801C628F
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD54DF0DBD6A4683AD6B66B8B46A7753 Ref B: MIAEDGE1805 Ref C: 2024-11-13T08:02:42Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Wed, 13 Nov 2024 08:02:42 GMT
x-powered-by: ASP.NET

GET
H2 200 favicon.svg
refund.dev-2.bznav.com/ 496 B
832 B 77ms
76ms Other
image/svg+xml 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/favicon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d77ba8c9a5d0c92f0a069222a3b9f748d34d31f591ded6636cbbe7e783efabf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

etag: "18397b2ce7c30be86184c884e43d8491"
age: 539
x-matched-path: /favicon.svg
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:42 GMT
content-disposition: inline; filename="favicon.svg"
content-type: image/svg+xml
last-modified: Wed, 13 Nov 2024 07:53:42 GMT
strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
x-vercel-cache: HIT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 496
server: Vercel
x-vercel-id: iad1::6hb4l-1731484962195-21acc1c132cb

POST
H2 200 boot Show response
api.channel.io/front/v7/elastic/plugins/40a5adae-8bc8-4ef7-9a0d-eb53171fb886/ Frame AE6A 3 KB
2 KB 337ms
241ms Fetch
application/json 15.197.175.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.channel.io/front/v7/elastic/plugins/40a5adae-8bc8-4ef7-9a0d-eb53171fb886/boot
Requested by: Host: cdn.channel.io
URL: https://cdn.channel.io/plugin/ch-plugin-core-20241108220508.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.197.175.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: adb40cc9a05f35108.awsglobalaccelerator.com
Software: /
Resource Hash: 55f77098ebb5c2836b526043f5703b1e89550be1a900fb8ce7334b998b3c965b

Request headers

Referer: https://refund.dev-2.bznav.com/
Accept-Language: en
Accept: application/json
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: Date,Content-Disposition,x-account,x-session
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://refund.dev-2.bznav.com
content-length: 1684
date: Wed, 13 Nov 2024 08:02:42 GMT
content-type: application/json
vary: Origin, Accept-Encoding

POST
H2 200 bznav Show response
sdk.airbridge.io/data/1.10.58/ 770 B
887 B 642ms
197ms Fetch
application/json 13.113.31.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.airbridge.io/data/1.10.58/bznav
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.31.166 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-31-166.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 81eb01cf09b9b27fff62508e7a438a613d9da14acca5c98a5c45af506f0a94ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

access-control-allow-origin: *
content-length: 770
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: application/json; charset=utf-8
server: nginx

GET
H2 200 identifier.html
id.abr.ge/api/v2/third-party-cookie/ Frame 9D50 0
0 658ms
209ms Document
text/html 54.65.44.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.abr.ge/api/v2/third-party-cookie/identifier.html?requestID=223204267
Requested by: Host: static.airbridge.io
URL: https://static.airbridge.io/sdk/latest/airbridge.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.65.44.16 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-44-16.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://refund.dev-2.bznav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 535
content-type: text/html; charset=utf-8
date: Wed, 13 Nov 2024 08:02:43 GMT
server: nginx

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
286 B 57ms
55ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://refund.dev-2.bznav.com/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://refund.dev-2.bznav.com
Date: Wed, 13 Nov 2024 08:02:42 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 logout.json Show response
refund.dev-2.bznav.com/_next/data/IA6OQrG-h2nwOqhoL0pfP/ 4 KB
2 KB 278ms
277ms Fetch
text/html 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/data/IA6OQrG-h2nwOqhoL0pfP/logout.json

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

631885fc0283f4844908f5612902ec0709ad9f38af707f5f6e752619c833b0d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-nextjs-data: 1
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: MISS
etag: W/"5fixz773lt2y7"
age: 0
x-nextjs-matched-path: /logout
x-matched-path: /logout
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: text/html; charset=utf-8
server: Vercel
x-vercel-id: iad1::icn1::wkcmk-1731484963105-eb4d48165ba3

POST
H2 204 collect Show response
analytics.google.com/g/ 0
57 B 70ms
68ms Fetch
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QZ6ZGLFPQV&gtm=45je4b70v893725913za200zb884262975&_p=1731484961022&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077855&cid=1593490478.1731484962&ecid=2143507929&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=4&dp=%2Ftax%2Frefund%2Fsummary&sid=1731484961&sct=1&seg=1&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Ftax%2Frefund%2Fsummary&dt=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&en=scroll&ep.debug_mode=true&epn.percent_scrolled=90&_et=110&tfd=3240
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect Show response
analytics.google.com/g/ 0
48 B 66ms
66ms Fetch
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QZ6ZGLFPQV&gtm=45je4b70v893725913za200zb884262975&_p=1731484961022&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077855&cid=1593490478.1731484962&ecid=2143507929&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=5&dp=%2Ftax%2Frefund%2Fsummary&dl=%2Flogout&dt=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&dr=%2Ftax%2Frefund%2Fsummary&sid=1731484961&sct=1&seg=1&en=page_view&_ee=1&ep.debug_mode=true&ep.app_id=bznav-mobile-v4&_et=1302&tfd=3241
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: text/plain
server: Golfe2

GET ct2.html
t1.daumcdn.net/kas/static/third-party/cookie/ Frame E9B8 0
0

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
135 B 129ms
124ms Fetch
application/json 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Afetch%2Cenv%3Aprd%2Cservice%3Abznav-mobile-v4%2Cversion%3A24.11.200&dd-api-key=pubfbfe8a19c4d45eb72152df453ab07a50&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=4da24cc4-0fbf-4d98-9668-2126ff448488&batch_time=1731484963479

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

6fd9558af0a50053cb24c3aa652304bebd9e46c90366c2e123ea150f613a7b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: application/json
dd-request-id: 4da24cc4-0fbf-4d98-9668-2126ff448488

GET
H2 200 logout-4eb6125188985d60.js Show response
refund.dev-2.bznav.com/_next/static/chunks/pages/ 14 KB
6 KB 79ms
78ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/chunks/pages/logout-4eb6125188985d60.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/main-c5c64fbff8d9bd1a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

821c8c647d09c449c8d1594a165aa08317048fdd4f9b28f04ef6d23cc611e104

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"83a4efe53930d06d7d7fe8cb9dc46105"
age: 116
x-matched-path: /_next/static/chunks/pages/logout-4eb6125188985d60.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:43 GMT
content-disposition: inline; filename="logout-4eb6125188985d60.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 08:00:47 GMT
x-vercel-id: iad1::jvwbk-1731484963514-2cd1924ba194

GET
H2 200 8ad9c8d99d791c64.css Show response
refund.dev-2.bznav.com/_next/static/css/ 8 KB
2 KB 71ms
70ms Fetch
text/css 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/css/8ad9c8d99d791c64.css

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ddbb4982a105264d7ab7808fce04f7cf526724593f46ca72178cf025f0729bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/tax/refund/summary

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"dff6eb7ca1c9cd993cbf6f3117ced9af"
age: 118
x-matched-path: /_next/static/css/8ad9c8d99d791c64.css
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:43 GMT
content-disposition: inline; filename="8ad9c8d99d791c64.css"
content-type: text/css; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 08:00:44 GMT
x-vercel-id: iad1::wkcmk-1731484963514-02f01d348026

POST
H2 200 9120 Show response
core.airbridge.io/api/v3.1/apps/bznav/events/web/ 102 B
250 B 248ms
198ms Fetch
application/json 13.113.31.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://core.airbridge.io/api/v3.1/apps/bznav/events/web/9120
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.31.166 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-31-166.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0b6c2148be824298822b9a21c9d142d92c43790a6e0f2d06c20bc1fdb69f2951

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 102
date: Wed, 13 Nov 2024 08:02:43 GMT
pragma: no-cache
content-type: application/json; charset=utf-8
server: nginx

POST
H/1.1 204
No Content collect
t.clarity.ms/ 0
286 B 56ms
54ms Ping
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://refund.dev-2.bznav.com
Date: Wed, 13 Nov 2024 08:02:43 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 55ms
54ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=502000872243975&ev=PageView&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Flogout&rl=&if=false&ts=1731484963575&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=4126&fbp=fb.1.1731484961679.647421001454087049&ler=empty&cdl=API_unavailable&it=1731484961309&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=26, mss=1232, tbw=8415, tp=19, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 94ms
92ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=502000872243975&ev=PageView&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Flogout&rl=&if=false&ts=1731484963575&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=4126&fbp=fb.1.1731484961679.647421001454087049&ler=empty&cdl=API_unavailable&it=1731484961309&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436671290764805773"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: BNsbHAqwaVi/7bB7Sr49CxWi4MxOBgwdIJ9rqzaJMTkn0v6+eSErHjIXDRNAlNPhJD5CgOfhHzac56Jo+GvdEw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436671290764805773", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=26, mss=1232, tbw=8607, tp=21, tpl=0, uplat=37, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 favicon.svg
refund.dev-2.bznav.com/ 496 B
53 B 71ms
69ms Other
image/svg+xml 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://refund.dev-2.bznav.com/favicon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Vercel /
Resource Hash: d77ba8c9a5d0c92f0a069222a3b9f748d34d31f591ded6636cbbe7e783efabf5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/logout

Response headers

last-modified: Wed, 13 Nov 2024 07:53:42 GMT
cache-control: public, max-age=0, must-revalidate
x-vercel-cache: HIT
etag: "18397b2ce7c30be86184c884e43d8491"
age: 539
x-matched-path: /favicon.svg
accept-ranges: bytes
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
content-length: 496
date: Wed, 13 Nov 2024 08:02:43 GMT
content-disposition: inline; filename="favicon.svg"
content-type: image/svg+xml
server: Vercel
x-vercel-id: iad1::wkcmk-1731484963609-b14a77c351d4

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
718 B 126ms
124ms Ping
text/plain 23.212.248.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.134 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-134.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 13 Nov 2024 08:02:43 GMT
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=10, origin; dur=25
x-cache: TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Wed, 13 Nov 2024 08:02:43 GMT
x-akamai-request-id: 30a9014d
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012aaa2bb84faada2c6c8e0a4ef496eff543d0225b29ac6cb79cfb58892d80a93c84004d2ea7ab5e3f28fcd034739423bcb87101293332c16cbc2e0e89803c173ec3a3d6b6be7a3b4c9028239bba6335893f88af7e47f0bdf5a66437dcc8ebff73
x-origin-response-time: 25,23.220.104.155
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241113080243F96D61D95E6AF7F9A1A0-530F04388F0AFCE1-00
content-length: 0
x-tt-logid: 20241113080243F96D61D95E6AF7F9A1A0
server: nginx

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/789114793/ 5 KB
2 KB 78ms
78ms Script
text/javascript 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/789114793/?random=1731484963586&cv=11&fst=1731484963586&bg=ffffff&guid=ON&async=1&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.dev-2.bznav.com%2Flogout&_dbg=1&hn=www.googleadservices.com&frm=0&tiba=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&npa=0&pscdl=noapi&auid=1781067386.1731484961&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bevent_category%3Dpdk-next%3Bapp_id%3Dbznav-mobile-v4%3Bpdk_page_location%3D%2Flogout%3Bpdk_page_title%3D%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89%3Bpdk_page_referrer%3D%2Ftax%2Frefund%2Fsummary%3Bpdk_page_first_referrer%3D%3Bpage%3D%2Flogout&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-789114793

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

cafe /

Resource Hash

725a5b5eecc1a984b10cc3805c82c5a0a9c546415c0fc4de236c39e907d0f0f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2460
date: Wed, 13 Nov 2024 08:02:43 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 789114793
td.doubleclick.net/td/rul/ Frame 2A5D 0
0 74ms
73ms Document
text/html 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/789114793?random=1731484963586&cv=11&fst=1731484963586&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.dev-2.bznav.com%2Flogout&_dbg=1&hn=www.googleadservices.com&frm=0&tiba=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&npa=0&pscdl=noapi&auid=1781067386.1731484961&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bevent_category%3Dpdk-next%3Bapp_id%3Dbznav-mobile-v4%3Bpdk_page_location%3D%2Flogout%3Bpdk_page_title%3D%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89%3Bpdk_page_referrer%3D%2Ftax%2Frefund%2Fsummary%3Bpdk_page_first_referrer%3D%3Bpage%3D%2Flogout

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-789114793

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refund.dev-2.bznav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Nov 2024 08:02:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect Show response
analytics.google.com/g/ 0
20 B 55ms
54ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QZ6ZGLFPQV&gtm=45je4b70v893725913za200zb884262975&_p=1731484961022&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077855&cid=1593490478.1731484962&ecid=2143507929&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=6&dp=%2Ftax%2Frefund%2Fsummary&sid=1731484961&sct=1&seg=1&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Flogout&dt=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&en=page_view&_ee=1&ep.debug_mode=true&ep.event_category=pdk-next&ep.app_id=bznav-mobile-v4&ep.pdk_page_location=%2Flogout&ep.pdk_page_title=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&ep.pdk_page_referrer=%2Ftax%2Frefund%2Fsummary&ep.pdk_page_first_referrer=&ep.page=%2Flogout&_et=508&tfd=3755
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 b
wcs.naver.com/ 0
636 B 1079ms
228ms Ping
text/plain 210.89.167.46
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL

https://wcs.naver.com/b

Requested by

Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

210.89.167.46 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),

Reverse DNS

Software

wcs /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Tue, 01 Jan 1980 09:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
p3p: CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
date: Wed, 13 Nov 2024 08:02:44 GMT
server: wcs

GET
H2 200 signin.json Show response
refund.dev-2.bznav.com/_next/data/IA6OQrG-h2nwOqhoL0pfP/ 91 B
210 B 271ms
270ms Fetch
application/json 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/data/IA6OQrG-h2nwOqhoL0pfP/signin.json

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0583a630195726dfb9ab6aae6a52b0c22a5adcaf4549d947758d1385d8af1893

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-nextjs-data: 1
Referer: https://refund.dev-2.bznav.com/logout

Response headers

strict-transport-security: max-age=63072000
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
x-vercel-cache: MISS
etag: "16gg8oczsqy2j"
age: 0
x-nextjs-matched-path: /signin
x-matched-path: /signin
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
content-length: 91
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: application/json
server: Vercel
x-vercel-id: iad1::icn1::jzhh5-1731484963640-871ea1079372

POST
H3 204 collect Show response
analytics.google.com/g/ 0
20 B 55ms
55ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QZ6ZGLFPQV&gtm=45je4b70v893725913za200zb884262975&_p=1731484961022&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077855&cid=1593490478.1731484962&ecid=2143507929&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=7&dp=%2Ftax%2Frefund%2Fsummary&sid=1731484961&sct=1&seg=1&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Flogout&dt=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&en=page_view&_ee=1&ep.debug_mode=true&ep.app_id=bznav-mobile-v4&ep.pdk_page_location=%2Flogout&ep.pdk_page_title=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&ep.pdk_page_referrer=%2Ftax%2Frefund%2Fsummary&ep.pdk_page_first_referrer=&ep.page=%2Flogout&_et=10&tfd=3768
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect Show response
analytics.google.com/g/ 0
20 B 55ms
55ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QZ6ZGLFPQV&gtm=45je4b70v893725913za200zb884262975&_p=1731484961022&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077855&cid=1593490478.1731484962&ecid=2143507929&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=8&dp=%2Ftax%2Frefund%2Fsummary&dl=%2Fsignin&dt=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&dr=%2Flogout&sid=1731484961&sct=1&seg=1&en=page_view&_ee=1&ep.debug_mode=true&ep.app_id=bznav-mobile-v4&_et=2&tfd=3775
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: text/plain
server: Golfe2

GET
H2 204 bc
bc.ad.daum.net/ 0
286 B 877ms
227ms Fetch 121.53.105.159
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.ad.daum.net/bc?d=%7B%22track_id%22%3A%227903855864718668902%22%2C%22event_code%22%3A%22PageView%22%2C%22params%22%3A%7B%7D%2C%22props%22%3A%7B%22lmt%22%3A%22N%22%7D%2C%22site%22%3A%7B%22identifier%22%3A%22refund.dev-2.bznav.com%22%7D%2C%22sdk%22%3A%7B%22type%22%3A%22WEB%22%2C%22version%22%3A%221.6.2%22%7D%2C%22page%22%3A%7B%22url%22%3A%22https%3A%2F%2Frefund.dev-2.bznav.com%2Ftax%2Frefund%2Fsummary%22%2C%22is_frame_env%22%3Afalse%7D%2C%22device%22%3A%7B%22dnt%22%3A%22N%22%2C%22device_type%22%3A%22pc%22%2C%22is_mobile%22%3A%22N%22%7D%7D

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

121.53.105.159 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 3600
access-control-expose-headers: x-kakao-aid
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://refund.dev-2.bznav.com
date: Wed, 13 Nov 2024 08:02:44 GMT
x-kakao-aid
access-control-allow-headers: x-kakao-aid

GET
H2 204 bc
bc.ad.daum.net/ 0
285 B 879ms
229ms Fetch 121.53.105.159
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.ad.daum.net/bc?d=%7B%22track_id%22%3A%227903855864718668902%22%2C%22event_code%22%3A%22PageView%22%2C%22params%22%3A%7B%7D%2C%22props%22%3A%7B%22lmt%22%3A%22N%22%7D%2C%22site%22%3A%7B%22identifier%22%3A%22refund.dev-2.bznav.com%22%7D%2C%22sdk%22%3A%7B%22type%22%3A%22WEB%22%2C%22version%22%3A%221.6.2%22%7D%2C%22page%22%3A%7B%22url%22%3A%22https%3A%2F%2Frefund.dev-2.bznav.com%2Flogout%22%2C%22is_frame_env%22%3Afalse%7D%2C%22device%22%3A%7B%22dnt%22%3A%22N%22%2C%22device_type%22%3A%22pc%22%2C%22is_mobile%22%3A%22N%22%7D%7D

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

121.53.105.159 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 3600
access-control-expose-headers: x-kakao-aid
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://refund.dev-2.bznav.com
date: Wed, 13 Nov 2024 08:02:44 GMT
x-kakao-aid
access-control-allow-headers: x-kakao-aid

GET
H3 200 /
www.google.com/pagead/1p-user-list/789114793/ 42 B
64 B 69ms
69ms Image
image/gif 172.253.115.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/789114793/?random=1731484963586&cv=11&fst=1731484800000&bg=ffffff&guid=ON&async=1&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.dev-2.bznav.com%2Flogout&_dbg=1&hn=www.googleadservices.com&frm=0&tiba=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&npa=0&pscdl=noapi&auid=1781067386.1731484961&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bevent_category%3Dpdk-next%3Bapp_id%3Dbznav-mobile-v4%3Bpdk_page_location%3D%2Flogout%3Bpdk_page_title%3D%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89%3Bpdk_page_referrer%3D%2Ftax%2Frefund%2Fsummary%3Bpdk_page_first_referrer%3D%3Bpage%3D%2Flogout&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dJJWEuTRIZWlrQMI_L1yruYJrK_VDTZ6nfX4U4Wvkbs2wFtiJ&random=2850485127&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 13 Nov 2024 08:02:43 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
113 B 116ms
111ms Fetch
application/json 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Afetch%2Cenv%3Aprd%2Cservice%3Abznav-mobile-v4%2Cversion%3A24.11.200&dd-api-key=pubfbfe8a19c4d45eb72152df453ab07a50&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=1b8c0ffd-56bc-4eac-8ea4-b80fa79ed3b6&batch_time=1731484963679

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

ce1e449df537c6a52663acbe9428b7465ac5aff138806d5c23369f131f453280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: application/json
dd-request-id: 1b8c0ffd-56bc-4eac-8ea4-b80fa79ed3b6

POST
H2 200 graphql
gateway.api.bznav.com/ 41 B
197 B 284ms
283ms Fetch
application/json 43.202.121.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.api.bznav.com/graphql
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.202.121.136 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-202-121-136.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

x-datadog-origin: rum
x-datadog-parent-id: 9201179285681331261
Referer: https://refund.dev-2.bznav.com/
x-datadog-trace-id: 5365782836592345359
traceparent: 00-00000000000000004a77170f8cf9810f-7fb127cf75b7dc3d-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
x-datadog-sampling-priority: 1

Response headers

access-control-allow-origin: *
cache-control: no-store
content-length: 41
date: Wed, 13 Nov 2024 08:02:43 GMT
etag: W/"29-ttm+YTHRsaEJKTfAhkKcSqrQ+CY"
content-type: application/json; charset=utf-8

GET
H2 200 signin-051528c3c2518cc7.js Show response
refund.dev-2.bznav.com/_next/static/chunks/pages/ 7 KB
2 KB 77ms
76ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://refund.dev-2.bznav.com/_next/static/chunks/pages/signin-051528c3c2518cc7.js

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/main-c5c64fbff8d9bd1a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

219705fd81c516b07fa7f6de749c20caf51892a6875254e7cc77e0869f2916d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/logout

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"f9ae8b6f4d93383e94d5b217ab1bf86d"
age: 114
x-matched-path: /_next/static/chunks/pages/signin-051528c3c2518cc7.js
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 13 Nov 2024 08:02:43 GMT
content-disposition: inline; filename="signin-051528c3c2518cc7.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Wed, 13 Nov 2024 08:00:48 GMT
x-vercel-id: iad1::jzhh5-1731484963914-7be7e03814ff

POST
H/1.1 204
No Content collect
t.clarity.ms/ 0
286 B 59ms
55ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://refund.dev-2.bznav.com/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://refund.dev-2.bznav.com
Date: Wed, 13 Nov 2024 08:02:43 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 204
No Content collect
t.clarity.ms/ 0
286 B 89ms
53ms Ping
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://refund.dev-2.bznav.com
Date: Wed, 13 Nov 2024 08:02:44 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 56ms
55ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=502000872243975&ev=PageView&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Fsignin&rl=&if=false&ts=1731484963968&sw=1600&sh=1200&v=2.9.176&r=stable&ec=2&o=4126&fbp=fb.1.1731484961679.647421001454087049&ler=empty&cdl=API_unavailable&it=1731484961309&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=27, mss=1232, tbw=9679, tp=26, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 13 Nov 2024 08:02:43 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 94ms
94ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=502000872243975&ev=PageView&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Fsignin&rl=&if=false&ts=1731484963968&sw=1600&sh=1200&v=2.9.176&r=stable&ec=2&o=4126&fbp=fb.1.1731484961679.647421001454087049&ler=empty&cdl=API_unavailable&it=1731484961309&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436671293955376925"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 08:02:44 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: pOwfZOCkHIrrxp10BaIe4WNd1sIpksGnpdLuhM1RlE4+i3FGTT+VpfhuotTGwjPhqBZvljGa1OY9R7WCr6wtBg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436671293955376925", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=27, mss=1232, tbw=9839, tp=28, tpl=0, uplat=38, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
719 B 345ms
343ms Ping
text/plain 23.212.248.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.134 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-134.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 13 Nov 2024 08:02:44 GMT
server-timing: inner; dur=24, cdn-cache; desc=MISS, edge; dur=81, origin; dur=117
x-cache: TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Wed, 13 Nov 2024 08:02:44 GMT
x-akamai-request-id: 30a9096d
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012aaa2bb84faada2c6c8e0a4ef496eff543d0225b29ac6cb79cfb58892d80a93c84004d2ea7ab5e3f28fcd034739423bc19bc4b26de315a9960a55fe4411b9f71b82b00f6a53e25dfb8ba48fc8544d688cd770913eeb2d8cf09e0da9d26492706
x-origin-response-time: 118,23.220.104.155
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241113080244F96D61D95E6AF7F9A1BD-7860D20B4D02B718-00
content-length: 0
x-tt-logid: 20241113080244F96D61D95E6AF7F9A1BD
server: nginx

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/789114793/ 5 KB
2 KB 79ms
79ms Script
text/javascript 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/789114793/?random=1731484963975&cv=11&fst=1731484963975&bg=ffffff&guid=ON&async=1&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.dev-2.bznav.com%2Fsignin&_dbg=1&hn=www.googleadservices.com&frm=0&tiba=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&npa=0&pscdl=noapi&auid=1781067386.1731484961&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bevent_category%3Dpdk-next%3Bapp_id%3Dbznav-mobile-v4%3Bpdk_page_location%3D%2Fsignin%3Bpdk_page_title%3D%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89%3Bpdk_page_referrer%3D%2Flogout%3Bpdk_page_first_referrer%3D%3Bpage%3D%2Fsignin&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-789114793

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2453
date: Wed, 13 Nov 2024 08:02:44 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 789114793
td.doubleclick.net/td/rul/ Frame 4B1C 0
0 79ms
78ms Document
text/html 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/789114793?random=1731484963975&cv=11&fst=1731484963975&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.dev-2.bznav.com%2Fsignin&_dbg=1&hn=www.googleadservices.com&frm=0&tiba=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&npa=0&pscdl=noapi&auid=1781067386.1731484961&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bevent_category%3Dpdk-next%3Bapp_id%3Dbznav-mobile-v4%3Bpdk_page_location%3D%2Fsignin%3Bpdk_page_title%3D%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89%3Bpdk_page_referrer%3D%2Flogout%3Bpdk_page_first_referrer%3D%3Bpage%3D%2Fsignin

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-789114793

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refund.dev-2.bznav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Nov 2024 08:02:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
analytics.google.com/g/ 0
20 B 57ms
57ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QZ6ZGLFPQV&gtm=45je4b70v893725913za200zb884262975&_p=1731484961022&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077855&cid=1593490478.1731484962&ecid=2143507929&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=9&dp=%2Ftax%2Frefund%2Fsummary&sid=1731484961&sct=1&seg=1&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Fsignin&dt=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&en=page_view&_ee=1&ep.debug_mode=true&ep.event_category=pdk-next&ep.app_id=bznav-mobile-v4&ep.pdk_page_location=%2Fsignin&ep.pdk_page_title=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&ep.pdk_page_referrer=%2Flogout&ep.pdk_page_first_referrer=&ep.page=%2Fsignin&_et=360&tfd=4140
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:44 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 b
wcs.naver.com/ 0
635 B 700ms
229ms Ping
text/plain 210.89.167.46
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL

https://wcs.naver.com/b

Requested by

Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

210.89.167.46 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),

Reverse DNS

Software

wcs /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Tue, 01 Jan 1980 09:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
p3p: CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
date: Wed, 13 Nov 2024 08:02:44 GMT
server: wcs

POST
H3 204 collect
analytics.google.com/g/ 0
20 B 54ms
54ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QZ6ZGLFPQV&gtm=45je4b70v893725913za200zb884262975&_p=1731484961022&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077855&cid=1593490478.1731484962&ecid=2143507929&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=10&dp=%2Ftax%2Frefund%2Fsummary&sid=1731484961&sct=1&seg=1&dl=https%3A%2F%2Frefund.dev-2.bznav.com%2Fsignin&dt=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&en=page_view&_ee=1&ep.debug_mode=true&ep.app_id=bznav-mobile-v4&ep.pdk_page_location=%2Fsignin&ep.pdk_page_title=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&ep.pdk_page_referrer=%2Flogout&ep.pdk_page_first_referrer=&ep.page=%2Fsignin&_et=3&tfd=4146
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refund.dev-2.bznav.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 08:02:44 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 favicon.svg
refund.dev-2.bznav.com/ 496 B
77 B 71ms
71ms Other
image/svg+xml 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://refund.dev-2.bznav.com/favicon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Vercel /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/signin

Response headers

last-modified: Wed, 13 Nov 2024 07:53:42 GMT
cache-control: public, max-age=0, must-revalidate
x-vercel-cache: HIT
etag: "18397b2ce7c30be86184c884e43d8491"
age: 539
x-matched-path: /favicon.svg
accept-ranges: bytes
access-control-allow-origin: *
x-middleware-set-cookie: serviceDown=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
content-length: 496
date: Wed, 13 Nov 2024 08:02:44 GMT
content-disposition: inline; filename="favicon.svg"
content-type: image/svg+xml
server: Vercel
x-vercel-id: iad1::jzhh5-1731484964024-45b5c610cb73

GET
H2 400 Primary Request authorize Show response
auth.api.bznav.com/oauth/ 95 B
235 B 853ms
262ms Document
application/json 43.201.161.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.api.bznav.com/oauth/authorize?flow=SIGNIN&grant_type=authorization_code&response_type=code&stage=prd&sso_stage=prod&client_id=bznav-refund-web&scope=sso%20bznav&state=wiQHY4mvXKbJrnRT32cP8_wFzKGIzYCC3mji2KsSV7Z&code_challenge=zfHjwWwG-DVyB9dQ8-vwHIdJj45Qv4PRFeYD2IbqM8s&code_challenge_method=S256&redirect_uri=https%3A%2F%2Frefund.dev-2.bznav.com%2Fredirect&zent_session_id=d6ce3bd2-f3db-4c92-9374-dac89e2d8b04&zent_client_session_id=69e4ee4e-e3ea-4d45-9c66-ba5cd7197533
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.201.161.134 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-201-161-134.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: c667e3852c45385d669e7a764a77138183802290c7308021f0be4dbd3564af7a

Request headers

Referer: https://refund.dev-2.bznav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-length: 95
content-type: application/json; charset=utf-8
date: Wed, 13 Nov 2024 08:02:44 GMT
etag: W/"5f-gYLpTF3W7BiRIESveJgLO+T1VUw"

POST
H2 202 rum
browser-intake-datadoghq.com/api/v2/ 0
0 265ms
150ms Ping
application/json 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Abeacon%2Cenv%3Aprd%2Cservice%3Abznav-mobile-v4%2Cversion%3A24.11.200&dd-api-key=pubfbfe8a19c4d45eb72152df453ab07a50&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=77ea4fc0-6944-4fe0-b91b-3e40d467431d&batch_time=1731484963996
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/789114793/ 42 B
64 B 71ms
71ms Image
image/gif 172.253.115.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/789114793/?random=1731484963975&cv=11&fst=1731484800000&bg=ffffff&guid=ON&async=1&gtm=45be4b70v884262975za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.dev-2.bznav.com%2Fsignin&_dbg=1&hn=www.googleadservices.com&frm=0&tiba=%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89&npa=0&pscdl=noapi&auid=1781067386.1731484961&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bevent_category%3Dpdk-next%3Bapp_id%3Dbznav-mobile-v4%3Bpdk_page_location%3D%2Fsignin%3Bpdk_page_title%3D%EB%B9%84%EC%A6%88%EB%84%B5%20%ED%99%98%EA%B8%89%3Bpdk_page_referrer%3D%2Flogout%3Bpdk_page_first_referrer%3D%3Bpage%3D%2Fsignin&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dNHR3zbQ0bFxpjrhSoQiZmV8bUmRlgIhGNlU5Bil4rXQ3LzHE&random=1201754044&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f106.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://refund.dev-2.bznav.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 13 Nov 2024 08:02:44 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H/1.1 204
No Content collect
t.clarity.ms/ 0
286 B 110ms
106ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://refund.dev-2.bznav.com/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://refund.dev-2.bznav.com
Date: Wed, 13 Nov 2024 08:02:44 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 202 rum
browser-intake-datadoghq.com/api/v2/ 53 B
0 155ms
151ms Fetch
application/json 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Afetch%2Cenv%3Aprd%2Cservice%3Abznav-mobile-v4%2Cversion%3A24.11.200&dd-api-key=pubfbfe8a19c4d45eb72152df453ab07a50&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=c3d571d0-ca8a-413d-8d6e-8664f9431ec9&batch_time=1731484964690

Requested by

Host: refund.dev-2.bznav.com
URL: https://refund.dev-2.bznav.com/_next/static/chunks/pages/_app-aa816313b4657f8b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://refund.dev-2.bznav.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Wed, 13 Nov 2024 08:02:44 GMT
content-type: application/json
dd-request-id: c3d571d0-ca8a-413d-8d6e-8664f9431ec9

POST collect
t.clarity.ms/ 0
0

POST rum
browser-intake-datadoghq.com/api/v2/ 0
0

POST /
api-js.mixpanel.com/track/ 0
0

GET
H2 404 favicon.ico
auth.api.bznav.com/ 60 B
197 B 258ms
257ms Other
application/json 43.201.161.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.api.bznav.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.201.161.134 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-201-161-134.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: 5aec886d51ed810e61b21cb47947da90ec20058f8f6a57986a096d00d1fc5a39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auth.api.bznav.com/oauth/authorize?flow=SIGNIN&grant_type=authorization_code&response_type=code&stage=prd&sso_stage=prod&client_id=bznav-refund-web&scope=sso%20bznav&state=wiQHY4mvXKbJrnRT32cP8_wFzKGIzYCC3mji2KsSV7Z&code_challenge=zfHjwWwG-DVyB9dQ8-vwHIdJj45Qv4PRFeYD2IbqM8s&code_challenge_method=S256&redirect_uri=https%3A%2F%2Frefund.dev-2.bznav.com%2Fredirect&zent_session_id=d6ce3bd2-f3db-4c92-9374-dac89e2d8b04&zent_client_session_id=69e4ee4e-e3ea-4d45-9c66-ba5cd7197533

Response headers

access-control-allow-origin: *
content-length: 60
date: Wed, 13 Nov 2024 08:02:45 GMT
etag: W/"3c-iGdPlbKrPcXx3QR9f2hgRDsYTDg"
content-type: application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t1.daumcdn.net
URL: https://t1.daumcdn.net/kas/static/third-party/cookie/ct2.html

Domain: t.clarity.ms
URL: https://t.clarity.ms/collect

Domain: browser-intake-datadoghq.com
URL: https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Abeacon%2Cenv%3Aprd%2Cservice%3Abznav-mobile-v4%2Cversion%3A24.11.200&dd-api-key=pubfbfe8a19c4d45eb72152df453ab07a50&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=8d125bbf-1e8a-4780-96e9-74a02faa394e&batch_time=1731484964858

Domain: api-js.mixpanel.com
URL: https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1731484964860

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.refund.dev-2.bznav.com/	1970-01-21 10:34:04	Name: _fwb Value: 143fWNfi0mGbOggyi1ljCfR.1731484960853
.bznav.com/	1970-01-21 00:58:05	Name: _dd_s Value: rum=2&id=8b8fa9eb-a058-41a2-af4e-68fa3b2a41f5&created=1731484960970&expire=1731485860970
www.clarity.ms/	1970-01-21 09:43:40	Name: CLID Value: 7b862683510e442f8e2eb770cac567bc.20241113.20251113
.tiktok.com/	1970-01-21 10:19:40	Name: _ttp Value: 2omqBGVGBYdi1RGjRn4gXal6KBX
.bznav.com/	1970-01-21 09:43:40	Name: _clck Value: jd3rpa%7C2%7Cfqu%7C0%7C1778
.bznav.com/	1970-01-21 03:07:40	Name: _gcl_au Value: 1.1.1781067386.1731484961
.bznav.com/	1970-01-21 10:34:04	Name: _ga Value: GA1.1.1593490478.1731484962
.bznav.com/	1970-01-21 03:07:40	Name: _fbp Value: fb.1.1731484961679.647421001454087049
.doubleclick.net/	1970-01-21 10:34:04	Name: IDE Value: AHWqTUl8h566auStNlfIXTHxV7oMMJH1x8SoyPk19MU2f6zweoJwczglvW0QrgNB
.bznav.com/	1970-01-21 10:19:40	Name: _tt_enable_cookie Value: 1
.bznav.com/	1970-01-21 10:19:40	Name: _ttp Value: 9JYwF0iU_1aY7Fg0KF1CotN0DQN
.bznav.com/	1970-01-21 10:34:04	Name: ab180ClientId Value: 9eb9adc5-4c4a-4e5a-ae0f-63b849fefe51
.bing.com/	1970-01-21 10:19:40	Name: MUID Value: 07DCCF89818C63420828DABF801C628F
.c.bing.com/	1970-01-21 01:08:09	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:19:40	Name: SRM_B Value: 07DCCF89818C63420828DABF801C628F
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:19:40	Name: MUID Value: 07DCCF89818C63420828DABF801C628F
.c.clarity.ms/	1970-01-21 01:08:09	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 00:58:05	Name: ANONCHK Value: 0
.channel.io/	1970-01-21 09:43:40	Name: x-veil-id Value: a35d2dab-539c-4310-96fb-5cb186d5b892
.bznav.com/	1970-01-21 09:43:40	Name: ch-veil-id Value: a35d2dab-539c-4310-96fb-5cb186d5b892
.bznav.com/	1970-01-21 00:58:06	Name: ch-session-94881 Value: eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJzZXMiLCJrZXkiOiI5NDg4MS02NzM0NWQyMmFiNTQ5ZTM3NjljMiIsImlhdCI6MTczMTQ4NDk2MiwiZXhwIjoxNzM0MDc2OTYyfQ.Ge2hHIibm98svbWcVKls9ZtcYTheGLHl1psoHkf4NOs
.abr.ge/	1970-01-21 10:34:04	Name: ab180ClientId Value: e79adf10-f72d-444b-a5af-2e8781ff2436
.bznav.com/	1970-01-21 10:34:04	Name: airbridge_session Value: %7B%22id%22%3A%22ad65ef92-2bb9-44df-948b-f4d8a1bcefc5%22%2C%22timeout%22%3A1800000%2C%22start%22%3A1731484963495%2C%22end%22%3A1731484963495%7D
refund.dev-2.bznav.com/	1970-01-21 10:34:04	Name: wcs_bt Value: s_133de642c08b:1731484963
.bznav.com/	1970-01-21 10:34:04	Name: _ga_QZ6ZGLFPQV Value: GS1.1.1731484961.1.1.1731484963.58.0.2143507929
.bznav.com/	1970-01-21 00:59:31	Name: _clsk Value: q1uekj%7C1731484964442%7C2%7C1%7Ct.clarity.ms%2Fcollect
.wcs.naver.com/	1970-01-21 10:34:04	Name: NWB Value: 3dbde6cfe9db98a47371f6a711d24ec4.1731484964573
refund.dev-2.bznav.com/	1970-01-21 00:58:05	Name: _dd_s Value: rum=2&id=8b8fa9eb-a058-41a2-af4e-68fa3b2a41f5&created=1731484960970&expire=1731485860970&lock=07c4a2ca-24ec-48d4-b456-d09114579ca6

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auth.api.bznav.com/oauth/authorize?flow=SIGNIN&grant_type=authorization_code&response_type=code&stage=prd&sso_stage=prod&client_id=bznav-refund-web&scope=sso%20bznav&state=wiQHY4mvXKbJrnRT32cP8_wFzKGIzYCC3mji2KsSV7Z&code_challenge=zfHjwWwG-DVyB9dQ8-vwHIdJj45Qv4PRFeYD2IbqM8s&code_challenge_method=S256&redirect_uri=https%3A%2F%2Frefund.dev-2.bznav.com%2Fredirect&zent_session_id=d6ce3bd2-f3db-4c92-9374-dac89e2d8b04&zent_client_session_id=69e4ee4e-e3ea-4d45-9c66-ba5cd7197533 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://auth.api.bznav.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.tiktok.com
api-js.mixpanel.com
api.channel.io
auth.api.bznav.com
bc.ad.daum.net
browser-intake-datadoghq.com
c.bing.com
c.clarity.ms
cdn.channel.io
connect.facebook.net
core.airbridge.io
firebase.googleapis.com
firebaseinstallations.googleapis.com
gateway.api.bznav.com
googleads.g.doubleclick.net
id.abr.ge
js.sentry-cdn.com
nam.veta.naver.com
refund.dev-2.bznav.com
sdk.airbridge.io
ssl.pstatic.net
static.airbridge.io
stats.g.doubleclick.net
t.clarity.ms
t1.daumcdn.net
td.doubleclick.net
tenping.kr
wcs.naver.com
wcs.naver.net
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
api-js.mixpanel.com
browser-intake-datadoghq.com
t.clarity.ms
t1.daumcdn.net
110.234.246.33
121.53.105.159
13.113.31.166
142.250.31.155
142.250.31.97
142.251.111.154
15.165.133.66
15.197.175.58
172.253.115.106
18.165.83.76
184.25.36.65
20.110.205.119
20.114.189.70
210.89.167.46
216.239.36.181
23.205.105.27
23.212.248.134
2600:1408:c400:28::17da:d89a
2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c
2607:f8b0:4004:c09::64
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1b::9c
2607:f8b0:4004:c21::5f
2607:f8b0:4004:c21::9c
2620:1ec:bdf::40
2620:1ec:c11::237
2a04:4e42:600::729
31.13.66.19
31.13.66.35
43.201.161.134
43.202.121.136
54.230.202.43
54.65.44.16
76.76.21.164
0108dbc5bc226e7fafc4b4c27f334c14e0d140d90753ef57f896c029c1fe8ec4
0583a630195726dfb9ab6aae6a52b0c22a5adcaf4549d947758d1385d8af1893
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0b6c2148be824298822b9a21c9d142d92c43790a6e0f2d06c20bc1fdb69f2951
0c304b5133d209c3f9ba25017d5e20e4f4f783957a89f5a6a355062b11bc7542
0e3505708e74540d25a9f34eaa14346f791e7730c1ce21b377581aeadcdf4d59
0f2e9075f767fd375e10c4ec5a07f3c6b5ca3e81bf9bc7f748b3127bfceb7e0b
12cf0f0c01e1ad4946c3d777839a470e215932d1b69091ec873ba86eafd46cec
1a7d5e8958163260f9f9632acf8e05dccada8ee9fa6a9eb08404770f3b9fabd8
20323d24a0b14b40e37f13a49aedfbf2d954e1e223cbd9dcb58a9afda718a117
219705fd81c516b07fa7f6de749c20caf51892a6875254e7cc77e0869f2916d7
230e4be4fa40ef9c52e97324ede8b073f169d5e7f6e8ac47c12355af8389487c
2372ef149d70032d6bea7d3a13b60f2f5fb9d4cba54821b91f50d41765d5d840
25c06c1bde8a5ff52563d7c07650497130d805cd5be9386acf440cca1b5243d9
2a424538fc6fbc74744b6d9e5e738f4b7ed828a4625f705623078c310671bd47
2b458963f7d532afd6b178268990fa9b6a059fa6163417b40205c37f0487f40c
46ea09421bcaee529dde754958356d3edb58e50de7d44184227a9305d29706ed
48baa351d454ee1f0e14bd42ce49de471b4df13eb356187cee078d39f2b9236b
4d8dc633956948ebdc0d65e2297b4bba728fe29900d80b6ff889fd1af2bed668
501f541f7585926814684a007a6d8a9cf3618f6cbd416f28739d6592f9013358
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
55f77098ebb5c2836b526043f5703b1e89550be1a900fb8ce7334b998b3c965b
57236b3dbf2a01bb760e60bc88c6ffa111f8dd020d209da9458743e51cf95390
5aec886d51ed810e61b21cb47947da90ec20058f8f6a57986a096d00d1fc5a39
5d724b00d17705fe748ba54f5d5e798ab48b22ca53bc81206572c1ad48385397
5fa6e3fe0040dd0ee4e60f83b27bd4f439f91b6968d015225f3de1353400b1ab
60c866bf909ac3aed129ba13ac7819104af0fa30b9cfe088cbf40b62d65f1ec9
6137d7a5e6f9eb2afd9b6d875ed257ca353eba540143c49a8184cd444e5d047a
631885fc0283f4844908f5612902ec0709ad9f38af707f5f6e752619c833b0d5
631ab71682ac5836320e3d80eb2ed553bc5a593850fa409062cc9f5a602d17c6
6fd9558af0a50053cb24c3aa652304bebd9e46c90366c2e123ea150f613a7b28
725a5b5eecc1a984b10cc3805c82c5a0a9c546415c0fc4de236c39e907d0f0f0
7586d643089827df563c7a7714023b99d544da78d97ba8770a9e42f0785f394d
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7a479143190242379fa35485024b45f8011577575242836e4b44e441c02ab351
81eb01cf09b9b27fff62508e7a438a613d9da14acca5c98a5c45af506f0a94ac
821c8c647d09c449c8d1594a165aa08317048fdd4f9b28f04ef6d23cc611e104
898a30e093ca7ad7cfb2785ea47a5640d15c64925ac5ddbc8a7277a2ccd5c6eb
92339d1b1bb043f0851beeda265449e6c09baaf12e6cc8232934ac004a0e88b1
99673d98f38b8825a353a9d6adf868ff67722322403b73028013071e41f3a370
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bf70d016a359f91d0748bb745284a15ab933fe02e60e98946f4a99e25eda877
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa8a0aaaebf35fa45d10547bdc688e201ca63f00d1c72fd4d2d2adefb91e4968
ac43778ff32cf16cef5cf12c327d1c17ab2c7ffd8024158b6866a69062c95f1f
b4b71f0c1ee6017dc32aa1933dbbf5571d486c338c963ef81b4771a7fca0df16
c667e3852c45385d669e7a764a77138183802290c7308021f0be4dbd3564af7a
c86b94429061b4a455eec5e4bbe412b2c20ce5644d99407a802f56811a4475be
cdd181ea0a6515ad17779693546d642fd164491c205af0e5bc290764a4c88c69
ce1e449df537c6a52663acbe9428b7465ac5aff138806d5c23369f131f453280
cfa4698aaec1f629d8a77ea1687104254bc23c0aae2e27194133f6ef66de5428
d77ba8c9a5d0c92f0a069222a3b9f748d34d31f591ded6636cbbe7e783efabf5
dc9099d3c5f0344389b48a46ac3e917144ea5b465fd42a1fddc5a16fe4b321f8
ddbb4982a105264d7ab7808fce04f7cf526724593f46ca72178cf025f0729bf0
e1dba4d69c42f1156f4b3e0db6b64e42258d9a0c00ec1970f000493be53aa485
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e510525512914182f11c0b1928d19bf4623a2cbd897694b007e0e31a93b7a605
ecd09f73286c43a6432afee97d1e35350f1d502a46490f40abb5580a1b90392e
ee15a3400c69928832f6d4984265a683a0f11a6d9c538e56b972b95d95acffc9
ee27e75254011e489b8e7f85576672fd1de9f5535ea6b65c1db834ec5203458e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a36b139374f050b99ef6c2793b8fb93af0c507c80ef6aa5e9db05cfe90eacb
f78969da014d779742e5be6fafa65dcbe9bafb2b3268708360df1cb36c5c1aa4

auth.api.bznav.com Open in urlscan Pro 43.201.161.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

96 %HTTPS

31 %IPv6

22 Domains

34 Subdomains

35 IPs

3 Countries

1891 kBTransfer

5849 kBSize

29 Cookies

0 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

auth.api.bznav.com Open in urlscan Pro
43.201.161.134 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

96 %
HTTPS

31 %
IPv6

22
Domains

34
Subdomains

35
IPs

3
Countries

1891 kB
Transfer

5849 kB
Size

29
Cookies

115 HTTP transactions
0 data transactions