portal.napratica.online Open in urlscan Pro
34.239.219.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portal.napratica.online/
Effective URL:
https://portal.napratica.online/s/login
Submission: On December 05 via api (December 5th 2024, 7:40:13 pm UTC) from GB — Scanned from GB

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 43 HTTP transactions. The main IP is 34.239.219.242, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is portal.napratica.online.
TLS certificate: Issued by E5 on December 2nd 2024. Valid for: 3 months.

This is the only time portal.napratica.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	34.239.219.242 34.239.219.242	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:205... 2600:9000:2057:5e00:8:1e17:8b00:21	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1 3	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:1fae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
4	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:80d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
4	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
43	20

5 34.239.219.242 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-219-242.compute-1.amazonaws.com

portal.napratica.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:5e00:8:1e17:8b00:21 (United States)

ASN16509 (AMAZON-02, US)

d1tumxpvm7f0a4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.164 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:1fae (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

subido.napratica.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	3 KB
6	napratica.online 1 redirects portal.napratica.online subido.napratica.online	571 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	88 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	454 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	424 B
4	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 4906	254 B
3	cloudfront.net d1tumxpvm7f0a4.cloudfront.net	1 MB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9072 prism.app-us1.com — Cisco Umbrella Rank: 9104	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96	3 KB
1	gstatic.com fonts.gstatic.com	47 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
43	14

	Domain	Requested by
5	www.googletagmanager.com	portal.napratica.online www.googletagmanager.com
5	portal.napratica.online	1 redirects portal.napratica.online
4	www.facebook.com	portal.napratica.online
4	www.google.co.uk	portal.napratica.online
4	td.doubleclick.net	www.googletagmanager.com
3	www.google.com	1 redirects www.googletagmanager.com portal.napratica.online
3	d1tumxpvm7f0a4.cloudfront.net	portal.napratica.online
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	subido.napratica.online	www.googletagmanager.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	www.googleadservices.com	www.googletagmanager.com
1	diffuser-cdn.app-us1.com	portal.napratica.online
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	portal.napratica.online
1	fonts.googleapis.com	portal.napratica.online
43	19

This site contains no links.

Subject Issuer	Validity	Valid
portal.napratica.online E5	`2024-12-02` - `2025-03-02`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-14` - `2024-12-13`	3 months	crt.sh
diffuser-cdn.app-us1.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.googleadservices.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.co.uk WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
prism.app-us1.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
subido.napratica.online WR3	`2024-10-08` - `2025-01-06`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://portal.napratica.online/s/login
Frame ID: 610C7D8C26ECB3B9E53DC8D85F29D252
Requests: 39 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fportal.napratica.online
Frame ID: 0D888C7A01E5AFB53A14A2420910191E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1010400427?random=1733427608684&cv=11&fst=1733427608684&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 0BB1FB7B82C8D823EA5977C2EA405F6E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1010400427?random=1733427608697&cv=11&fst=1733427608697&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&label=lb3gCLurwocCEKv55eED&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: DD9DBF77F0CD7CBEF5E21CA035CFF50B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-GNTDNBK3FF&gacid=1076827063.1733427609&gtm=45je4c30v9164242307z8855447031za200zb855447031&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=769142995
Frame ID: E6D521271C1708538092A1A65B2381DB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-LXYEFWEY4L&gacid=1076827063.1733427609&gtm=45je4c30v881151030z8855447031za200zb855447031&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=930022342
Frame ID: 82BC47472A99FCB65BD9179C20FE4528
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login ~ Portal Na Prática

Page URL History Show full URLs

http://portal.napratica.online/ HTTP 307
https://portal.napratica.online/ HTTP 302
https://portal.napratica.online/s/login Page URL

Detected technologies

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]{1,512}\bwire:
livewire(?:\.min)?\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 75%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

43
Requests

95 %
HTTPS

58 %
IPv6

14
Domains

19
Subdomains

20
IPs

3
Countries

2280 kB
Transfer

5487 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portal.napratica.online/ HTTP 307
https://portal.napratica.online/ HTTP 302
https://portal.napratica.online/s/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1010400427/?random=1228340439&cv=11&fst=1733427608697&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&label=lb3gCLurwocCEKv55eED&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&value=0&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIo8WxAgjTxbECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&eitems=ChAIgLvFugYQr77j4JfMtKxoEh0AH7RNGv7FVnHW7BwX3rLKQKKn9wwMRtmfRMZ7dw&pscrd=IhMI6Lr1hrGRigMV66uDBx1MfjsuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3BvcnRhbC5uYXByYXRpY2Eub25saW5lL0JYQ2hFSWdMdkZ1Z1lRbWVyVHJhcUppZWZZQVJJdEFDWHIyRlN6NktwUWxHZlg5UUlHWWRtZWtiV0x6cHRBQUx1VmdZd29CQW1CdW1vSE5vdVd5Nm1CR0NwZg HTTP 302
https://www.google.com/pagead/1p-conversion/1010400427/?random=1228340439&cv=11&fst=1733427608697&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&label=lb3gCLurwocCEKv55eED&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&value=0&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIo8WxAgjTxbECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI6Lr1hrGRigMV66uDBx1MfjsuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3BvcnRhbC5uYXByYXRpY2Eub25saW5lL0JYQ2hFSWdMdkZ1Z1lRbWVyVHJhcUppZWZZQVJJdEFDWHIyRlN6NktwUWxHZlg5UUlHWWRtZWtiV0x6cHRBQUx1VmdZd29CQW1CdW1vSE5vdVd5Nm1CR0NwZg&is_vtc=1&cid=CAQSKQCa7L7d8KtvSICsTABAlKRaE3OOpnkSvXfJiisgI3wudipIBtCqVZOg&eitems=ChAIgLvFugYQr77j4JfMtKxoEh0AH7RNGh2fkuY6zQd0h3Trwmqa_U6_3wGaGjyIBQ&random=2345724430 HTTP 302
https://www.google.co.uk/pagead/1p-conversion/1010400427/?random=1228340439&cv=11&fst=1733427608697&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&label=lb3gCLurwocCEKv55eED&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&value=0&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIo8WxAgjTxbECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI6Lr1hrGRigMV66uDBx1MfjsuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3BvcnRhbC5uYXByYXRpY2Eub25saW5lL0JYQ2hFSWdMdkZ1Z1lRbWVyVHJhcUppZWZZQVJJdEFDWHIyRlN6NktwUWxHZlg5UUlHWWRtZWtiV0x6cHRBQUx1VmdZd29CQW1CdW1vSE5vdVd5Nm1CR0NwZg&is_vtc=1&cid=CAQSKQCa7L7d8KtvSICsTABAlKRaE3OOpnkSvXfJiisgI3wudipIBtCqVZOg&eitems=ChAIgLvFugYQr77j4JfMtKxoEh0AH7RNGh2fkuY6zQd0h3Trwmqa_U6_3wGaGjyIBQ&random=2345724430&ipr=y

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
portal.napratica.online/s/
Redirect Chain

http://portal.napratica.online/
https://portal.napratica.online/
https://portal.napratica.online/s/login

18 KB
7 KB

263ms
262ms

Document
text/html

34.239.219.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.napratica.online/s/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.239.219.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-219-242.compute-1.amazonaws.com
Software: Caddy istio-envoy / PHP/8.1.9
Resource Hash: ade2dc1d178f87b0c3cd7a8943081d4a0fea3e8e689b6717b82fde91c6e5a31d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 05 Dec 2024 19:40:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Caddy istio-envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 151
x-powered-by: PHP/8.1.9

Redirect headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
content-type: text/html; charset=utf-8
date: Thu, 05 Dec 2024 19:40:07 GMT
location: https://portal.napratica.online/s/login
server: Caddy istio-envoy
x-envoy-upstream-service-time: 180
x-powered-by: PHP/8.1.9

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
1 KB 130ms
47ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: portal.napratica.online
URL: https://portal.napratica.online/s/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b940935460fc13778570015becb0d7b96888973785d004804a9a53be93df23d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 19:40:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 05 Dec 2024 19:09:59 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 app.css
portal.napratica.online/css/ 352 KB
54 KB 117ms
115ms Stylesheet
text/css 34.239.219.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.napratica.online/css/app.css?id=799ceb9feeb17855d8988f34fa6df25b
Requested by: Host: portal.napratica.online
URL: https://portal.napratica.online/s/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.239.219.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-219-242.compute-1.amazonaws.com
Software: Caddy, istio-envoy /
Resource Hash: 47d900d9a9923eb61e69dea1887dc8047349c288a9376e2a49b13cb683cca214

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/s/login

Response headers

content-encoding: gzip
etag: "6750b7c6-580bc"
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: text/css
last-modified: Wed, 04 Dec 2024 20:12:54 GMT
server: Caddy, istio-envoy
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 87 KB
30 KB 97ms
40ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js

Requested by

Host: portal.napratica.online
URL: https://portal.napratica.online/s/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
age: 412245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qakdefe4ue1OsZwlmUtv6XW%2BWuc4IkZfnPIYs61bENmIzbD4HayyVzx913S4JkIVqwzBccFAOpQsSKRJ1%2FlBzjbzBat03Jc9wgWluYu6sZVLBxDfMZBz5ckExxK0eSOkpHOj7zQf823vqD1UkVg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220059-FRA, cache-lga21930-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ed6819638d3654c-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30122
server: cloudflare
x-jsd-version: 3.5.1

GET
H2 200 principal_branco-1-(2).png
d1tumxpvm7f0a4.cloudfront.net/app/teams/logo-dark/164410/ 7 KB
7 KB 143ms
44ms Image
image/png 2600:9000:2057:5e00:8:1e17:8b00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tumxpvm7f0a4.cloudfront.net/app/teams/logo-dark/164410/principal_branco-1-(2).png?v=1647894626
Requested by: Host: portal.napratica.online
URL: https://portal.napratica.online/s/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5e00:8:1e17:8b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d4e19981967d0a44965d04f40103b2a33baea7861bfb152e78c09e357e0c8e6

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

etag: "209948da0883b7a0d12fb5e0c51f341a"
age: 71585
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: YSl7wkicgv1KEVkkChDnn_rg4vIG4XPtXSdgnpE-MfrXxF5GNsC_fA==
date: Wed, 04 Dec 2024 23:47:04 GMT
content-type: image/png
last-modified: Mon, 21 Mar 2022 20:30:27 GMT
vary: Origin
content-disposition: attachment
cache-control: max-age=604800
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 6898
x-amz-cf-pop: FRA6-C1
server: AmazonS3

GET
H2 200 Banner-login-na-pratica.png
d1tumxpvm7f0a4.cloudfront.net/app/teams/login-image-cover/464058/ 1 MB
1 MB 149ms
51ms Image
image/png 2600:9000:2057:5e00:8:1e17:8b00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tumxpvm7f0a4.cloudfront.net/app/teams/login-image-cover/464058/Banner-login-na-pratica.png?v=1658325580
Requested by: Host: portal.napratica.online
URL: https://portal.napratica.online/s/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5e00:8:1e17:8b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d10821250946306ee8fdd9353e07f16e5b309b8260e80d7477fdb210adede899

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

etag: "99c9587dc8a6b08eb59f1736e39f73da"
age: 71568
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: T6chEmvLBuMu3HYosLW9hkYBhpSDk4BM6V-UZfUXEybUWOq0ANzGzQ==
date: Wed, 04 Dec 2024 23:47:20 GMT
content-type: image/png
last-modified: Wed, 20 Jul 2022 13:59:38 GMT
vary: Origin
content-disposition: attachment
cache-control: max-age=604800
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1077437
x-amz-cf-pop: FRA6-C1
server: AmazonS3

GET
H2 200 livewire.js Show response
portal.napratica.online/livewire/ 171 KB
46 KB 256ms
256ms Script
application/javascript 34.239.219.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.napratica.online/livewire/livewire.js?id=90730a3b0e7144480175
Requested by: Host: portal.napratica.online
URL: https://portal.napratica.online/s/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.239.219.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-219-242.compute-1.amazonaws.com
Software: Caddy, istio-envoy / PHP/8.1.9
Resource Hash: 38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/s/login

Response headers

x-powered-by: PHP/8.1.9
cache-control: max-age=31536000, public
content-encoding: gzip
x-envoy-upstream-service-time: 141
expires: Fri, 05 Dec 2025 19:40:08 GMT
alt-svc: h3=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 13 Jul 2024 19:58:46 GMT
server: Caddy, istio-envoy
vary: Accept-Encoding

GET
H2 200 app.js Show response
portal.napratica.online/js/v2/ 2 MB
463 KB 114ms
113ms Script
application/javascript 34.239.219.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.napratica.online/js/v2/app.js?id=5c1bd1d728aeba9e734ddbaba146f79e
Requested by: Host: portal.napratica.online
URL: https://portal.napratica.online/s/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.239.219.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-219-242.compute-1.amazonaws.com
Software: Caddy, istio-envoy /
Resource Hash: 7cdebc31ad453cf81040e871f8a22fcee70049ea162addd7cb9fec9067aef1d7

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/s/login

Response headers

content-encoding: gzip
etag: "6750b7c6-1e5879"
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 20:12:54 GMT
server: Caddy, istio-envoy
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 387 KB
122 KB 146ms
65ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TV5QM7Q

Requested by

Host: portal.napratica.online
URL: https://portal.napratica.online/s/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17b12617880502d55b86bc5b66baac1d01d86557e18c347ce2515b42a3c567bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 05 Dec 2024 19:40:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 05 Dec 2024 19:04:24 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 124832
x-xss-protection: 0
server: Google Tag Manager

GET gtm.js
www.googletagmanager.com/ 0
0

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
47 KB 84ms
38ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin: https://portal.napratica.online
Referer: https://fonts.googleapis.com/

Response headers

age: 100908
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 04 Dec 2025 15:38:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 15:38:20 GMT
last-modified: Mon, 29 Jul 2024 22:44:12 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48556
x-xss-protection: 0
server: sffe

POST
H3 200 collect
www.google.com/ccm/ 0
0 130ms
50ms Ping
text/plain 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&scrsrc=www.googletagmanager.com&frm=0&rnd=978948285.1733427609&auid=2064634478.1733427609&npa=0&gtm=45He4c30v855447031za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&tft=1733427608565&tfd=2211&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV5QM7Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 410 KB
132 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LXYEFWEY4L&l=dataLayer&cx=c&gtm=45He4c30v855447031za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV5QM7Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae0fe062d2f1a047b538dd4da9c62d639a2cd901e5bac90beb8a8c741e466af4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 05 Dec 2024 19:40:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 135114
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 326 KB
108 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GNTDNBK3FF&l=dataLayer&cx=c&gtm=45He4c30v855447031za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV5QM7Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d80f0c495a4e5655f5df4a9b39fb685038c2d35803f29aec498c92d79c22d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 05 Dec 2024 19:40:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110239
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 256 KB
91 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1010400427&l=dataLayer&cx=c&gtm=45He4c30v855447031za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV5QM7Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1188f39ec944108354cba08e0f4350930ccf3e2b433318309ce744ee3f3a7b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 05 Dec 2024 19:40:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 05 Dec 2024 19:04:24 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93243
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV5QM7Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-encoding: gzip
age: 3523
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 20:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 18:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 83ms
40ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV5QM7Q

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-a023wWAX' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-a023wWAX' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4423, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: PpCx46u11vsQcTBVMyfR3UjnfvQyXktIlcDhMSIVscij6cYNZqtOx+0MGvuhTa3pQIOeTklVqtOPUDASfD0Mgg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62212
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 32 KB
8 KB 117ms
51ms Script
application/javascript 2606:4700::6811:1fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: portal.napratica.online
URL: https://portal.napratica.online/s/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"234346615b452270c8ee1158258c83bb"
age: 79
x-cache: Hit from cloudfront
x-amz-cf-id: XNHRvLDrOcCieQ1rUifF957OB6T5-AEoOFwXD6czTPWXSHHNsiVTDg==
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:47:53 GMT
vary: accept-encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=300
via: 1.1 67ef3abac0a476e3c8690ff0f09febb8.cloudfront.net (CloudFront)
cf-ray: 8ed6819a0e0671c3-LHR
x-amz-cf-pop: LHR62-C3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 0D88 0
0 131ms
46ms Document
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fportal.napratica.online

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV5QM7Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Dec 2024 19:40:08 GMT
expires: Fri, 05 Dec 2025 19:40:08 GMT
last-modified: Tue, 03 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1010400427/ 5 KB
2 KB 165ms
85ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1010400427/?random=1733427608684&cv=11&fst=1733427608684&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1010400427&l=dataLayer&cx=c&gtm=45He4c30v855447031za200

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

d923c7918b651b2b0009bb875b1849e5e06411a31b5d1b60162acd18d23b1f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2340
date: Thu, 05 Dec 2024 19:40:08 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 1010400427
td.doubleclick.net/td/rul/ Frame 0BB1 0
0 171ms
86ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/1010400427?random=1733427608684&cv=11&fst=1733427608684&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1010400427&l=dataLayer&cx=c&gtm=45He4c30v855447031za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.napratica.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Dec 2024 19:40:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1010400427/ 5 KB
3 KB 105ms
52ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1010400427/?random=1733427608697&cv=11&fst=1733427608697&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&label=lb3gCLurwocCEKv55eED&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1010400427&l=dataLayer&cx=c&gtm=45He4c30v855447031za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

1391213233e63fbb0d12ca36384c105ac2103388fd5440f2eb0ddef0a0a43872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2705
date: Thu, 05 Dec 2024 19:40:08 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 1010400427
td.doubleclick.net/td/rul/ Frame DD9D 0
0 144ms
61ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/1010400427?random=1733427608697&cv=11&fst=1733427608697&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&label=lb3gCLurwocCEKv55eED&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1010400427&l=dataLayer&cx=c&gtm=45He4c30v855447031za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.napratica.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Dec 2024 19:40:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 105ms
33ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GNTDNBK3FF&gtm=45je4c30v9164242307z8855447031za200zb855447031&_p=1733427608310&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1076827063.1733427609&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1733427608&sct=1&seg=0&dl=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&dt=Login%20~%20Portal%20Na%20Pr%C3%A1tica&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2364
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GNTDNBK3FF&l=dataLayer&cx=c&gtm=45He4c30v855447031za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://portal.napratica.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
550 B 103ms
32ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GNTDNBK3FF&cid=1076827063.1733427609&gtm=45je4c30v9164242307z8855447031za200zb855447031&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GNTDNBK3FF&l=dataLayer&cx=c&gtm=45He4c30v855447031za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://portal.napratica.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame E6D5 0
0 109ms
57ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-GNTDNBK3FF&gacid=1076827063.1733427609&gtm=45je4c30v9164242307z8855447031za200zb855447031&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=769142995

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GNTDNBK3FF&l=dataLayer&cx=c&gtm=45He4c30v855447031za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.napratica.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Dec 2024 19:40:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 363ms
317ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GNTDNBK3FF&cid=1076827063.1733427609&gtm=45je4c30v9164242307z8855447031za200zb855447031&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485&tag_exp=101925629~102067555~102067808~102081485&z=72006518

Requested by

Host: portal.napratica.online
URL: https://portal.napratica.online/s/login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 05 Dec 2024 19:40:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer

Response headers

Content-Type: image/jpg

GET
H3 200 640314034128162 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 305ms
304ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/640314034128162?v=2.9.178&r=stable&domain=portal.napratica.online&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

99090aaafe96711c1c33d82c1a44e76b424b359be676f5433a58b2757081020c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-XgBvMYtc' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 05 Dec 2024 19:40:09 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-XgBvMYtc' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=77, mss=1232, tbw=71076, tp=67, tpl=0, uplat=265, ullat=0
pragma: public
x-fb-debug: 3iX4XLOO0QI2zRQ07aC011Hz43Wou4B6OX+i4ge5x7FFmgsH5xmt3goacOpw4mfrozMuIivX44Bd/11uRUgIHw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 35ms
35ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LXYEFWEY4L&gtm=45je4c30v881151030z8855447031za200zb855447031&_p=1733427608310&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1076827063.1733427609&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1733427608&sct=1&seg=0&dl=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&dt=Login%20~%20Portal%20Na%20Pr%C3%A1tica&en=page_view&_fv=1&_ss=1&tfd=2437
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LXYEFWEY4L&l=dataLayer&cx=c&gtm=45He4c30v855447031za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://portal.napratica.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
48 B 33ms
33ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LXYEFWEY4L&cid=1076827063.1733427609&gtm=45je4c30v881151030z8855447031za200zb855447031&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LXYEFWEY4L&l=dataLayer&cx=c&gtm=45He4c30v855447031za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://portal.napratica.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 82BC 0
0 51ms
51ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-LXYEFWEY4L&gacid=1076827063.1733427609&gtm=45je4c30v881151030z8855447031za200zb855447031&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=930022342

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LXYEFWEY4L&l=dataLayer&cx=c&gtm=45He4c30v855447031za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.napratica.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Dec 2024 19:40:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 318ms
318ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LXYEFWEY4L&cid=1076827063.1733427609&gtm=45je4c30v881151030z8855447031za200zb855447031&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485&tag_exp=101925629~102067555~102067808~102081485&z=85031088

Requested by

Host: portal.napratica.online
URL: https://portal.napratica.online/s/login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 05 Dec 2024 19:40:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 / Show response
prism.app-us1.com/ 0
313 B 320ms
256ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=90472414&u=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.29

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, private
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 99
cf-ray: 8ed6819b8b5e94a6-LHR
content-length: 0
date: Thu, 05 Dec 2024 19:40:09 GMT
content-type: application/javascript
x-powered-by: PHP/8.1.29
server: cloudflare

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
426 B 43ms
43ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=298573101&t=pageview&_s=1&dl=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&ul=en-gb&de=UTF-8&dt=Login%20~%20Portal%20Na%20Pr%C3%A1tica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1971835560&gjid=1583336051&cid=1076827063.1733427609&tid=UA-16336666-22&_gid=1050308925.1733427609&_r=1&_slc=1&gtm=45He4c30n81TV5QM7Qv855447031za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&z=1830490812

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: text/plain
Referer: https://portal.napratica.online/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 19:40:08 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://portal.napratica.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect
subido.napratica.online/g/ 0
0 2866ms
1851ms Fetch
text/html 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subido.napratica.online/g/collect?v=2&tid=G-LXYEFWEY4L&gtm=45je4c30v881151030z8855447031za200zb855447031&_p=1733427608310&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1076827063.1733427609&ul=en-gb&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sid=1733427608&sct=1&seg=0&dl=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&dt=Login%20~%20Portal%20Na%20Pr%C3%A1tica&_s=2&tfd=2489
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LXYEFWEY4L&l=dataLayer&cx=c&gtm=45He4c30v855447031za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: text/plain;charset=UTF-8
Referer: https://portal.napratica.online/

Response headers

expires: Thu, 05 Dec 2024 19:40:11 GMT
cache-control: private
content-length: 0
date: Thu, 05 Dec 2024 19:40:11 GMT
x-cloud-trace-context: bc25d733023eb521f661e7d29510f84f;o=1
content-type: text/html
server: Google Frontend

GET
H3

200

/
www.google.co.uk/pagead/1p-conversion/1010400427/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1010400427/?random=1228340439&cv=11&fst=1733427608697&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gc...
https://www.google.com/pagead/1p-conversion/1010400427/?random=1228340439&cv=11&fst=1733427608697&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&...
https://www.google.co.uk/pagead/1p-conversion/1010400427/?random=1228340439&cv=11&fst=1733427608697&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=...

42 B
64 B

54ms
54ms

Image
image/gif

142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-conversion/1010400427/?random=1228340439&cv=11&fst=1733427608697&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&label=lb3gCLurwocCEKv55eED&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&value=0&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIo8WxAgjTxbECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI6Lr1hrGRigMV66uDBx1MfjsuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3BvcnRhbC5uYXByYXRpY2Eub25saW5lL0JYQ2hFSWdMdkZ1Z1lRbWVyVHJhcUppZWZZQVJJdEFDWHIyRlN6NktwUWxHZlg5UUlHWWRtZWtiV0x6cHRBQUx1VmdZd29CQW1CdW1vSE5vdVd5Nm1CR0NwZg&is_vtc=1&cid=CAQSKQCa7L7d8KtvSICsTABAlKRaE3OOpnkSvXfJiisgI3wudipIBtCqVZOg&eitems=ChAIgLvFugYQr77j4JfMtKxoEh0AH7RNGh2fkuY6zQd0h3Trwmqa_U6_3wGaGjyIBQ&random=2345724430&ipr=y

Requested by

Host: portal.napratica.online
URL: https://portal.napratica.online/s/login

Protocol

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 05 Dec 2024 19:40:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.uk/pagead/1p-conversion/1010400427/?random=1228340439&cv=11&fst=1733427608697&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&label=lb3gCLurwocCEKv55eED&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&value=0&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIo8WxAgjTxbECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI6Lr1hrGRigMV66uDBx1MfjsuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3BvcnRhbC5uYXByYXRpY2Eub25saW5lL0JYQ2hFSWdMdkZ1Z1lRbWVyVHJhcUppZWZZQVJJdEFDWHIyRlN6NktwUWxHZlg5UUlHWWRtZWtiV0x6cHRBQUx1VmdZd29CQW1CdW1vSE5vdVd5Nm1CR0NwZg&is_vtc=1&cid=CAQSKQCa7L7d8KtvSICsTABAlKRaE3OOpnkSvXfJiisgI3wudipIBtCqVZOg&eitems=ChAIgLvFugYQr77j4JfMtKxoEh0AH7RNGh2fkuY6zQd0h3Trwmqa_U6_3wGaGjyIBQ&random=2345724430&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 05 Dec 2024 19:40:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/1010400427/ 42 B
64 B 50ms
50ms Image
image/gif 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1010400427/?random=1733427608684&cv=11&fst=1733425200000&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dEKE50xsBr7etF1OmnHiG6aSOkrXZ4w&random=981238549&rmt_tld=0&ipr=y

Requested by

Host: portal.napratica.online
URL: https://portal.napratica.online/s/login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 05 Dec 2024 19:40:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/1010400427/ 42 B
64 B 50ms
49ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/1010400427/?random=1733427608684&cv=11&fst=1733425200000&bg=ffffff&guid=ON&async=1&gtm=45be4c30v883958472z8855447031za201zb855447031&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Login%20~%20Portal%20Na%20Pr%C3%A1tica&npa=0&pscdl=noapi&auid=2064634478.1733427609&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dEKE50xsBr7etF1OmnHiG6aSOkrXZ4w&random=981238549&rmt_tld=1&ipr=y

Requested by

Host: portal.napratica.online
URL: https://portal.napratica.online/s/login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 05 Dec 2024 19:40:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 87ms
39ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=640314034128162&ev=ViewContent&dl=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&rl=&if=false&ts=1733427609104&sw=1600&sh=1200&v=2.9.178&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1733427609101.465416456683185430&ler=empty&cdl=API_unavailable&it=1733427608772&coo=false&eid=1733427608569.127590.1&tm=1&chmd=&chpv=&chfv=undefined&rqm=GET

Requested by

Host: portal.napratica.online
URL: https://portal.napratica.online/s/login

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4469, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 05 Dec 2024 19:40:09 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
199 B 265ms
216ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=640314034128162&ev=ViewContent&dl=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&rl=&if=false&ts=1733427609104&sw=1600&sh=1200&v=2.9.178&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1733427609101.465416456683185430&ler=empty&cdl=API_unavailable&it=1733427608772&coo=false&eid=1733427608569.127590.1&tm=1&chmd=&chpv=&chfv=undefined&rqm=FGET

Requested by

Host: portal.napratica.online
URL: https://portal.napratica.online/s/login

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7c1a4ca519aac096","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["7754495741233356"]},"debug_reporting":true,"debug_key":"1971894014641515749"}
date: Thu, 05 Dec 2024 19:40:09 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: YbzUC5nKjS5e7L5BKfqvSft+N4qaSRqkZl1fpoFEVe9we/GgtemsOFWSVRwQhqF4mmxm8WdsEaH7EYCaXMuSqw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4837, tp=13, tpl=0, uplat=176, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 41ms
41ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=640314034128162&ev=viewpage75&dl=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&rl=&if=false&ts=1733427609377&sw=1600&sh=1200&v=2.9.178&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1733427609101.465416456683185430&ler=empty&cdl=API_unavailable&it=1733427608772&coo=false&eid=1733427608569.127590.18&tm=2&chmd=&chpv=&chfv=undefined&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=26, mss=1232, tbw=8341, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 05 Dec 2024 19:40:09 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 160ms
159ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=640314034128162&ev=viewpage75&dl=https%3A%2F%2Fportal.napratica.online%2Fs%2Flogin&rl=&if=false&ts=1733427609377&sw=1600&sh=1200&v=2.9.178&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1733427609101.465416456683185430&ler=empty&cdl=API_unavailable&it=1733427608772&coo=false&eid=1733427608569.127590.18&tm=2&chmd=&chpv=&chfv=undefined&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 05 Dec 2024 19:40:09 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: tOcGbJHM4pAfhKygaorI19YEd+LVysUht+xyz2xGR0XpcDmGfdC4Rula9z5gyVVadu8r+z1rW4z9f5V+YLLzJw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=26, mss=1232, tbw=8581, tp=21, tpl=0, uplat=120, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 Group-7-favicon-fit.png
d1tumxpvm7f0a4.cloudfront.net/app/teams/favicon/121447/conversions/ 6 KB
6 KB 43ms
43ms Other
image/png 2600:9000:2057:5e00:8:1e17:8b00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tumxpvm7f0a4.cloudfront.net/app/teams/favicon/121447/conversions/Group-7-favicon-fit.png?v=1646249443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5e00:8:1e17:8b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66ed44925d25e1ae5bd90c768267c5217ab4c09bd85ba2d42e2404031e5a6394

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://portal.napratica.online/

Response headers

etag: "3d3944fd6293f8009a4ec681ba29be67"
age: 244349
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: qAWndYIJsZOA5jRH_733BbXOrfyX82LifORVpVkrL40TODhMQECOWw==
date: Mon, 02 Dec 2024 23:47:41 GMT
content-type: image/png
last-modified: Wed, 02 Mar 2022 19:30:44 GMT
vary: Origin
content-disposition: attachment
cache-control: max-age=604800
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 5941
x-amz-cf-pop: FRA6-C1
server: AmazonS3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX96QHJ5

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portal.napratica.online/	1970-01-21 01:40:32	Name: XSRF-TOKEN Value: eyJpdiI6Im4yUndSRmppL0VLZGJSQmJtQlBHQlE9PSIsInZhbHVlIjoiR21tdlhYU0grb0JQZHp3SHBkS3l6c0xEZTd2N0k5ZlZ1ajU3aDlRZlkzejIzTldNcitpVUZNVUhYSkdpV05mMmJtLzZRYnJGZzFtQTBEc1JoOVNBOGpqM1BacmRNSWlkQSs5TGMzNEJDUW1wUHZSdy9UQ3dTb2dDN3hWbUczM0QiLCJtYWMiOiJlYjhjMDQ0NjQyZGExMWI5ZDVlMGJhMjJjZDIzYjdkY2EzZWQ0NzJjNzAwNDRhZjFiN2Y1MDE3YWQ1ZGNlNDFjIiwidGFnIjoiIn0%3D
portal.napratica.online/	1970-01-21 01:40:32	Name: alpaclass_session Value: eyJpdiI6Ik42SThtcVhvcTR5ZXdEdFhYSHJHeUE9PSIsInZhbHVlIjoiQU54V2V4aGpUUDkzUHZpeU80MFNQZ2tGTFNMZnpVczlDck1GY1ZQK29vZ3pjRGhLSEJLbDB1RlIyY05GT1I1NEl0aXlTdlNDc2NpN1Z5dVlLdUhWU2theDZoWDdQZ0J4QjRMTXZDRklvK3h3RFVWY2dScDNyUXhGY0xNWnlseVUiLCJtYWMiOiIyNDgzMTNiODU5ODExOTE1YTIyMTAxODA3MmQyMzFmZDM4MjljOTRiMWEwNTFlNTE3ZWJjN2EzZDBiNTU1NzQzIiwidGFnIjoiIn0%3D
.napratica.online/	1970-01-21 03:40:03	Name: _gcl_au Value: 1.1.2064634478.1733427609
.napratica.online/	1970-01-21 11:06:27	Name: _ga_GNTDNBK3FF Value: GS1.1.1733427608.1.0.1733427608.60.0.0
.napratica.online/	1970-01-21 11:06:27	Name: _ga Value: GA1.2.1076827063.1733427609
.napratica.online/	1970-01-21 01:31:54	Name: _gid Value: GA1.2.1050308925.1733427609
.napratica.online/	1970-01-21 01:30:27	Name: _gat_UA-16336666-22 Value: 1
.napratica.online/	1970-01-21 11:06:27	Name: _ga_LXYEFWEY4L Value: GS1.1.1733427608.1.0.1733427608.60.0.0
.doubleclick.net/	1970-01-21 10:52:03	Name: IDE Value: AHWqTUmOCH89sPcmPgl8Nn_fFVDFyuJ_JZ-SWUuDuFPTzjWwYlzwuhakA01S1nqi
.napratica.online/	1970-01-21 03:40:03	Name: _fbp Value: fb.1.1733427609101.465416456683185430
prism.app-us1.com/	1970-01-21 02:13:39	Name: prism_90472414 Value: bb3890d2-8621-463f-85e4-0b6bb141e83c
.napratica.online/	1970-01-21 11:06:27	Name: FPID Value: FPID2.2.rrLzQrWvExgEX0pbtlbqV9EuYZyXylNUpc8QaAHS01I%3D.1733427609
.napratica.online/	1970-01-21 01:31:39	Name: FPLC Value: Lk2N484%2FEbMQULIOr2aSUb2EkRLqVx%2FcsuNJKw02IXo%2Bw231b0I834En1BdhFB3YRPvbJz3ssP1jhT9pgo94rU5nbaAwLvS0RERFE1HWFuejFFj4Ndn5L3kmw%2BDPSw%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
connect.facebook.net
d1tumxpvm7f0a4.cloudfront.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
portal.napratica.online
prism.app-us1.com
region1.analytics.google.com
stats.g.doubleclick.net
subido.napratica.online
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagmanager.com
142.250.185.131
142.250.185.194
142.250.186.164
142.250.186.35
157.240.0.35
157.240.0.6
2001:4860:4802:32::15
2001:4860:4802:34::36
216.58.212.162
2600:9000:2057:5e00:8:1e17:8b00:21
2606:4700::6811:1fae
2606:4700::6812:80d8
2606:4700::6812:ba1f
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:400c:c0b::9a
34.239.219.242
1188f39ec944108354cba08e0f4350930ccf3e2b433318309ce744ee3f3a7b2a
1391213233e63fbb0d12ca36384c105ac2103388fd5440f2eb0ddef0a0a43872
17b12617880502d55b86bc5b66baac1d01d86557e18c347ce2515b42a3c567bd
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be
47d900d9a9923eb61e69dea1887dc8047349c288a9376e2a49b13cb683cca214
66ed44925d25e1ae5bd90c768267c5217ab4c09bd85ba2d42e2404031e5a6394
7cdebc31ad453cf81040e871f8a22fcee70049ea162addd7cb9fec9067aef1d7
7d80f0c495a4e5655f5df4a9b39fb685038c2d35803f29aec498c92d79c22d5b
99090aaafe96711c1c33d82c1a44e76b424b359be676f5433a58b2757081020c
9d4e19981967d0a44965d04f40103b2a33baea7861bfb152e78c09e357e0c8e6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ade2dc1d178f87b0c3cd7a8943081d4a0fea3e8e689b6717b82fde91c6e5a31d
ae0fe062d2f1a047b538dd4da9c62d639a2cd901e5bac90beb8a8c741e466af4
b940935460fc13778570015becb0d7b96888973785d004804a9a53be93df23d1
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
d10821250946306ee8fdd9353e07f16e5b309b8260e80d7477fdb210adede899
d923c7918b651b2b0009bb875b1849e5e06411a31b5d1b60162acd18d23b1f01
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785

portal.napratica.online Open in urlscan Pro 34.239.219.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

95 %HTTPS

58 %IPv6

14 Domains

19 Subdomains

20 IPs

3 Countries

2280 kBTransfer

5487 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portal.napratica.online Open in urlscan Pro
34.239.219.242 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

95 %
HTTPS

58 %
IPv6

14
Domains

19
Subdomains

20
IPs

3
Countries

2280 kB
Transfer

5487 kB
Size

13
Cookies

43 HTTP transactions
1 data transactions