www.npaid.org Open in urlscan Pro
138.201.139.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://npaid.org/
Effective URL:
https://www.npaid.org/
Submission: On September 22 via api (September 22nd 2023, 3:40:06 pm UTC) from GB — Scanned from GB

Summary HTTP 57 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 15 domains to perform 57 HTTP transactions. The main IP is 138.201.139.102, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.npaid.org.
TLS certificate: Issued by R3 on September 12th 2023. Valid for: 3 months.

This is the only time www.npaid.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 27	138.201.139.102 138.201.139.102	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:2... 2600:1901:0:22e6::	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:2117:be00:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:217... 2600:9000:2171:2c00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
2	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:1901:0:4... 2600:1901:0:476d::	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:2... 2600:1901:0:21ea::	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:8... 2600:1901:0:891c::	15169 (GOOGLE) (GOOGLE)
57	21

27 138.201.139.102 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: ullr.norse.digital

npaid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.npaid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:148d (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:22e6:: (United States)

ASN15169 (GOOGLE, US)

app-script.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2117:be00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2171:2c00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

folkehjelp.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:476d:: (United States)

ASN15169 (GOOGLE, US)

heatmaps.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:21ea:: (United States)

ASN15169 (GOOGLE, US)

pagecorrect.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:891c:: (United States)

ASN15169 (GOOGLE, US)

tracking.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	npaid.org 2 redirects npaid.org www.npaid.org	928 KB
6	monsido.com app-script.monsido.com — Cisco Umbrella Rank: 27634 heatmaps.monsido.com — Cisco Umbrella Rank: 49098 pagecorrect.monsido.com — Cisco Umbrella Rank: 63378 tracking.monsido.com — Cisco Umbrella Rank: 23986	208 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 830 www.linkedin.com — Cisco Umbrella Rank: 951 px4.ads.linkedin.com — Cisco Umbrella Rank: 7048	5 KB
3	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 28587 folkehjelp.matomo.cloud	58 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1261 script.hotjar.com — Cisco Umbrella Rank: 1629	62 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	21 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	233 B
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5551	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	88 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1593	9 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	170 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 175	345 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 2079	370 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1 KB
57	15

	Domain	Requested by
25	www.npaid.org	www.npaid.org
3	px.ads.linkedin.com	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
2	pagecorrect.monsido.com	app-script.monsido.com pagecorrect.monsido.com
2	heatmaps.monsido.com	app-script.monsido.com heatmaps.monsido.com
2	www.facebook.com	www.npaid.org
2	folkehjelp.matomo.cloud	cdn.matomo.cloud
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	dev.visualwebsiteoptimizer.com	www.npaid.org
2	connect.facebook.net	www.npaid.org connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	snap.licdn.com	www.npaid.org snap.licdn.com
2	www.googletagmanager.com	www.npaid.org www.googletagmanager.com
2	npaid.org	2 redirects
1	tracking.monsido.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	px4.ads.linkedin.com	www.npaid.org
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	cdn.matomo.cloud	www.npaid.org
1	app-script.monsido.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	fonts.googleapis.com	www.npaid.org
57	24

This site contains links to these domains. Also see Links.

Domain
folkehjelp.whistleblowernetwork.net
folkehjelp.no
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
www.eco-lighthouse.org

Subject Issuer	Validity	Valid
folkehjelp.no R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-09-29`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
app-script.monsido.com GTS CA 1D4	`2023-09-09` - `2023-12-08`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2023-06-21` - `2024-07-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
heatmaps.monsido.com GTS CA 1D4	`2023-09-14` - `2023-12-13`	3 months	crt.sh
pagecorrect.monsido.com GTS CA 1D4	`2023-09-07` - `2023-12-06`	3 months	crt.sh
tracking.monsido.com GTS CA 1D4	`2023-08-01` - `2023-10-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.npaid.org/
Frame ID: 57A4E5A9976B71E09BEB80DF144028A3
Requests: 56 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 563DA7BC041E1CB24FE7202A3A4BE7C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Norwegian People's Aid | Folk forandrer verden

Page URL History Show full URLs

http://npaid.org/ HTTP 301
https://npaid.org/ HTTP 301
https://www.npaid.org/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

57
Requests

98 %
HTTPS

73 %
IPv6

15
Domains

24
Subdomains

21
IPs

5
Countries

1596 kB
Transfer

3008 kB
Size

24
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://folkehjelp.whistleblowernetwork.net/frontpage
Title: Whistleblow

Search URL Search Domain Scan URL

URL: https://folkehjelp.no/
Title: no

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Norwegianpeoplesaid

Search URL Search Domain Scan URL

URL: https://twitter.com/norskfolkehjelp

Search URL Search Domain Scan URL

URL: https://www.instagram.com/norwegianpeoplesaid/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/25967/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Folkehjelp/videos

Search URL Search Domain Scan URL

URL: http://www.eco-lighthouse.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://npaid.org/ HTTP 301
https://npaid.org/ HTTP 301
https://www.npaid.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2067130&time=1695397199995&url=https%3A%2F%2Fwww.npaid.org%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2067130&time=1695397199995&url=https%3A%2F%2Fwww.npaid.org%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2067130%26time%3D1695397199995%26url%3Dhttps%253A%252F%252Fwww.npaid.org%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2067130&time=1695397199995&url=https%3A%2F%2Fwww.npaid.org%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2067130&time=1695397199995&url=https%3A%2F%2Fwww.npaid.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQLCMSwqYteuOQAAAYq9jEMfCPUSfujGhG6EgLsAqcH12e3rYeNIesKMZEEUxp13xqCzteE

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.npaid.org/
Redirect Chain

http://npaid.org/
https://npaid.org/
https://www.npaid.org/

72 KB
14 KB

1038ms
914ms

Document
text/html

138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f / Craft CMS SEOmatic
Resource Hash: de78015d17f58971b739ada76080120d28c1b0081c253582aa5502cdfe69d3f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 22 Sep 2023 15:39:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.npaid.org>; rel='canonical'
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
vary: Accept-Encoding
x-powered-by: Craft CMS SEOmatic
x-robots-tag: all

Redirect headers

content-length: 230
content-type: text/html; charset=iso-8859-1
date: Fri, 22 Sep 2023 15:39:58 GMT
location: https://www.npaid.org/
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 143ms
50ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700&display=swap

Requested by

Host: www.npaid.org
URL: https://www.npaid.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0c8d8c8f08183d6cb4ab083d78351a07dd38f0659d578878b60bafa3c1416cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 15:39:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 15:39:59 GMT

GET
H2 200 styles.css
www.npaid.org/static/main/css/ 169 KB
30 KB 54ms
53ms Stylesheet
text/css 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npaid.org/static/main/css/styles.css?v=1693321284
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: f9460b1cb76d996f4210e09eca2b4a528cda031503994f7a0814282a4fc2cda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 15:01:24 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "2a347-60411159f9900-gzip"
vary: Accept-Encoding
content-type: text/css
content-length: 30103

GET
H2 200 npaid.svg
www.npaid.org/assets/logo/ 14 KB
5 KB 101ms
98ms Image
image/svg+xml 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/assets/logo/npaid.svg?1
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: c58eea278f08fd63c194897372c4453fbb7f6b0a0737f0ce35aa43c1b6d86f18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
last-modified: Mon, 03 Jul 2023 08:28:15 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "36b4-5ff90f2a7a5c0-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
content-length: 5243

GET
H2 200 DSC_5302.jpg
www.npaid.org/media/files/content/Development-and-Humanitarian-Cooperation/_392x200_crop_center-center_100_none/ 119 KB
120 KB 52ms
49ms Image
image/jpeg 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/media/files/content/Development-and-Humanitarian-Cooperation/_392x200_crop_center-center_100_none/DSC_5302.jpg?c=20200126160115
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: 88381b0763919f42a99dc1a23077fae2491f96a5f983ca3d32c518976c716768

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
last-modified: Fri, 24 Apr 2020 07:51:38 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "1dcbe-5a404a2943680"
content-length: 122046
content-type: image/jpeg

GET
H2 200 DSC_3716_200307_163331.jpg
www.npaid.org/media/files/content/Development-and-Humanitarian-Cooperation/_392x200_crop_center-center_100_none/ 134 KB
135 KB 52ms
49ms Image
image/jpeg 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/media/files/content/Development-and-Humanitarian-Cooperation/_392x200_crop_center-center_100_none/DSC_3716_200307_163331.jpg?c=20200307173331
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: 3e447c80217cf7a455a5d147498818d1154739f7afce1d5dae1a4ce4817fd262

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
last-modified: Fri, 24 Apr 2020 07:51:38 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "219ad-5a404a2943680"
content-length: 137645
content-type: image/jpeg

GET
H2 200 per-nergaard.jpg
www.npaid.org/media/files/featured/_390x245_crop_center-center_82_none/ 11 KB
11 KB 108ms
108ms Image
image/jpeg 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/media/files/featured/_390x245_crop_center-center_82_none/per-nergaard.jpg?c=20230828094836
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: 7f32d4df2c34dd09a07f6ab03252160c2d09f9e098f2e075db69567f9f1a7903

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
last-modified: Mon, 28 Aug 2023 07:48:56 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "2acb-603f6ed2dae62"
content-length: 10955
content-type: image/jpeg

GET
H2 200 Logo-standing_English_black_letters-1.jpg
www.npaid.org/media/files/Icons/_390x245_crop_center-center_82_none/ 12 KB
13 KB 85ms
85ms Image
image/jpeg 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/media/files/Icons/_390x245_crop_center-center_82_none/Logo-standing_English_black_letters-1.jpg?c=20230811102034
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: 1e44ea1fe261c57bdbaa946fe096162eed88fe97536b3b4c5e345c545000bdae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
last-modified: Fri, 11 Aug 2023 08:20:55 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "3120-602a1643d67c0"
content-length: 12576
content-type: image/jpeg

GET
H2 200 Yazidees-Zozan-Camp-Dahuk-4.jpg
www.npaid.org/media/files/content/Development-and-Humanitarian-Cooperation/_390x245_crop_center-center_82_none/ 34 KB
34 KB 91ms
91ms Image
image/jpeg 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/media/files/content/Development-and-Humanitarian-Cooperation/_390x245_crop_center-center_82_none/Yazidees-Zozan-Camp-Dahuk-4.jpg?c=20230804125439
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: c4ee0d3ed7c9b34fe753442979738ce3d75455e3d014bdc92eb4534d055db930

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
last-modified: Fri, 04 Aug 2023 11:03:26 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "8834-60216d88e3b80"
content-length: 34868
content-type: image/jpeg

GET
H2 200 e8170cd8-af09-40f3-a29f-8bafea8ec280_2023-07-21-090259_owlf.jpg
www.npaid.org/media/files/content/Mine-Action-and-Disarmament/_390x245_crop_center-center_82_none/ 31 KB
31 KB 91ms
90ms Image
image/jpeg 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/media/files/content/Mine-Action-and-Disarmament/_390x245_crop_center-center_82_none/e8170cd8-af09-40f3-a29f-8bafea8ec280_2023-07-21-090259_owlf.jpg?c=20230803100710
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: de1896dc1e5eff89ca8fe989b63e7ae4420a14dfb0c17c4858191a666d52ce4e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
last-modified: Thu, 03 Aug 2023 08:08:24 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "7b94-6020048bf0e00"
content-length: 31636
content-type: image/jpeg

GET
H2 200 IMG_1546_cc.jpg
www.npaid.org/media/files/featured/_390x245_crop_center-center_82_none/ 23 KB
24 KB 124ms
123ms Image
image/jpeg 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/media/files/featured/_390x245_crop_center-center_82_none/IMG_1546_cc.jpg?c=20230709151545
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: 8790e6c02a8dd7ffee4d19b63a541f2006a46546761f5f717378e8b1b85dfcdc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
last-modified: Tue, 11 Jul 2023 06:08:23 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "5dfc-6002fed2ee3c0"
content-length: 24060
content-type: image/jpeg

GET
H2 200 Untitled-design-1.jpg
www.npaid.org/media/files/featured/_390x245_crop_center-center_82_none/779681/ 13 KB
14 KB 121ms
120ms Image
image/jpeg 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/media/files/featured/_390x245_crop_center-center_82_none/779681/Untitled-design-1.jpg?c=20230706112942
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: aa1a108585600548dd67fc431362b944c6e43e2c958210a580560c67d869fffe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
last-modified: Thu, 06 Jul 2023 11:05:34 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "356a-5ffcf7ec97b80"
content-length: 13674
content-type: image/jpeg

GET
H2 200 npaid.svg
www.npaid.org/assets/logo/ 14 KB
5 KB 56ms
50ms Image
image/svg+xml 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/assets/logo/npaid.svg
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: c58eea278f08fd63c194897372c4453fbb7f6b0a0737f0ce35aa43c1b6d86f18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
last-modified: Mon, 03 Jul 2023 08:28:15 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "36b4-5ff90f2a7a5c0-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
content-length: 5243

GET
H2 200 Eco-lighthouse-logo-color-f9e98d56.png
www.npaid.org/assets/logo/ 10 KB
10 KB 50ms
49ms Image
image/png 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/assets/logo/Eco-lighthouse-logo-color-f9e98d56.png
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: 4337f77a7b7778d645de1901c0db343b6fc2ed1074d8a782aef9fcccf54f7c8b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
last-modified: Wed, 01 Feb 2023 09:47:17 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "272e-5f3a0556bd340"
content-length: 10030
content-type: image/png

GET
H2 200 app.js Show response
www.npaid.org/static/main/js/ 323 KB
100 KB 102ms
99ms Script
application/javascript 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npaid.org/static/main/js/app.js?v=1693321284
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: 64ce602df4608c0e46d3ebd0654bb21d5c10ae14006caf557dfb2b9dbc7e5e99

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 15:01:24 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "50d76-60411159f9900-gzip"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 script.js Show response
www.npaid.org/cpresources/d2e48e4a/ 7 KB
2 KB 100ms
97ms Script
application/javascript 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npaid.org/cpresources/d2e48e4a/script.js?v=1664713452
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: b9271203436f43c50a5818e74e26a361cdc73c52cbee74db0efa0fc004e8256b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
last-modified: Sun, 02 Oct 2022 12:24:12 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "1c70-5ea0c4df59300-gzip"
vary: Accept-Encoding
content-type: application/javascript
content-length: 1657

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
81 KB 150ms
64ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M49W8L5

Requested by

Host: www.npaid.org
URL: https://www.npaid.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23c57a455b914f3a5fb29d966d55d745ab920c244f4ddd9f90f789d2940d2abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82136
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Sep 2023 15:39:59 GMT

GET
H2 200 check.svg
www.npaid.org/assets/ 984 B
825 B 94ms
94ms Image
image/svg+xml 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/assets/check.svg
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/static/main/css/styles.css?v=1693321284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: a761d0aafe417f9578620fabf07dc485a576933ee464bd313c76b527d49f9078

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/static/main/css/styles.css?v=1693321284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 09:47:17 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "3d8-5f3a0556bd340-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
content-length: 546

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 140ms
37ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.npaid.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 157676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2024 19:52:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 150ms
47ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.npaid.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 16:50:19 GMT
x-content-type-options: nosniff
age: 168580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2024 16:50:19 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 134ms
38ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.npaid.org
URL: https://www.npaid.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=18537
accept-ranges: bytes
content-length: 3822

GET
H2 200 icon.svg
www.npaid.org/assets/icons/norway/ 462 B
577 B 85ms
84ms Image
image/svg+xml 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/assets/icons/norway/icon.svg
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/static/main/css/styles.css?v=1693321284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: 382b918ee12bef0033e3f8d43f42c4227b796989a8106d05a79560429c4e7f6f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/static/main/css/styles.css?v=1693321284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 09:47:17 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "1ce-5f3a0556bd340-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
content-length: 298

GET
H2 200 icon.svg
www.npaid.org/assets/icons/search/ 274 B
484 B 86ms
85ms Image
image/svg+xml 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/assets/icons/search/icon.svg
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/static/main/css/styles.css?v=1693321284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: 756e23097ea32c091d5f76749ea36e89be8e8a468749bf01c12014e9502bd7f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/static/main/css/styles.css?v=1693321284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 09:47:17 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "112-5f3a0556bd340-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
content-length: 205

GET
H2 200 3K7A0028-web.jpg
www.npaid.org/media/files/content/Development-and-Humanitarian-Cooperation/_1920x480_crop_center-center_82_none/ 209 KB
209 KB 85ms
84ms Image
image/jpeg 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/media/files/content/Development-and-Humanitarian-Cooperation/_1920x480_crop_center-center_82_none/3K7A0028-web.jpg
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: c8a70c909f9612466a3de222d850b87062ef52a575fee9c9baf4655ea21013b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
last-modified: Wed, 15 Dec 2021 10:41:54 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "34398-5d32cf4490080"
content-length: 213912
content-type: image/jpeg

GET
H2 200 loas-6069.jpg
www.npaid.org/media/files/content/Mine-Action-and-Disarmament/_1240xAUTO_fit_center-center_82_none/ 165 KB
165 KB 88ms
86ms Image
image/jpeg 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/media/files/content/Mine-Action-and-Disarmament/_1240xAUTO_fit_center-center_82_none/loas-6069.jpg
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: 8e101db46c2865c645c69cec661cc8598e4a480ae0e3599a8ee4191e009e58d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
last-modified: Mon, 28 Sep 2020 13:46:31 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "29418-5b05fe4d37bc0"
content-length: 168984
content-type: image/jpeg

GET
H2 200 icon.svg
www.npaid.org/assets/icons/skull/ 6 KB
3 KB 52ms
51ms Image
image/svg+xml 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/assets/icons/skull/icon.svg
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/static/main/css/styles.css?v=1693321284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: 288d9cd502b8b6dc4d5e05fa8dcdd3f53aa20174c11d333c9f584f7248608b88

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/static/main/css/styles.css?v=1693321284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 09:47:17 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "1787-5f3a0556bd340-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
content-length: 2869

GET
H2 200 icon.svg
www.npaid.org/assets/icons/help-hands/ 653 B
690 B 55ms
54ms Image
image/svg+xml 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/assets/icons/help-hands/icon.svg
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/static/main/css/styles.css?v=1693321284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: f2c69f0bc5475acba1abd4dd99940c75748c19c0a0dda98005b663ebb31550e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/static/main/css/styles.css?v=1693321284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 09:47:17 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "28d-5f3a0556bd340-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
content-length: 411

GET
H2 200 icon.svg
www.npaid.org/assets/icons/heart-rhythm/ 512 B
620 B 56ms
56ms Image
image/svg+xml 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/assets/icons/heart-rhythm/icon.svg
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/static/main/css/styles.css?v=1693321284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: 6527048b132997789545b708e13d588328f8f947005325d53a9961838e4bab0c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/static/main/css/styles.css?v=1693321284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 09:47:17 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "200-5f3a0556bd340-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
content-length: 341

GET
H2 200 icon.svg
www.npaid.org/assets/icons/planet-love/ 485 B
608 B 49ms
49ms Image
image/svg+xml 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.npaid.org/assets/icons/planet-love/icon.svg
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/static/main/css/styles.css?v=1693321284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f /
Resource Hash: e92411464eda5527aa28d1e4e1c51080355eac662b497bcfb71cfffcd4da05ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/static/main/css/styles.css?v=1693321284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 09:47:17 GMT
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
accept-language: bytes
etag: "1e5-5f3a0556bd340-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
content-length: 329

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 168ms
80ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.npaid.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 252825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2024 17:26:14 GMT

GET
H2 200 show Show response
www.npaid.org//cookie-consent/ 4 B
313 B 219ms
217ms XHR
application/json 138.201.139.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npaid.org//cookie-consent/show
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/cpresources/d2e48e4a/script.js?v=1664713452
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.139.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ullr.norse.digital
Software: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f / Craft CMS
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Fri, 22 Sep 2023 15:39:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.25 OpenSSL/1.0.1f
x-powered-by: Craft CMS
content-type: application/json; charset=UTF-8

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 38ms
38ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=14457
accept-ranges: bytes
content-length: 4862

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 146ms
38ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M49W8L5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 13:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6617
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 22 Sep 2023 15:49:43 GMT

GET
H2 200 hotjar-2042677.js Show response
static.hotjar.com/c/ 10 KB
4 KB 177ms
69ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2042677.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M49W8L5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

4a5675f612a4b11cbcb31e0bf116a911312001606bc53d4948dd6adf757d6f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 15:40:00 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/7bc55bd74d4e68c8881b92d31d9bd52e
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: N2Rb70AySVVvGmoq9ZWnf-JkE2c60Wtpl6ec_l4XBX_q5eaIABaGIg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 132ms
39ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.npaid.org
URL: https://www.npaid.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 22 Sep 2023 15:40:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53243
x-xss-protection: 0
pragma: public
x-fb-debug: DztF/NUDRtZl6hQ/bTe8ZBPkM6eJkYRMyN8FGCDHF+3Js9kIlSEean2OcZXZaW2xDg42DAf75VN/nusuLOYXHA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
2 KB 117ms
46ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=531699&u=https%3A%2F%2Fwww.npaid.org%2F&f=1&r=0.6122987715232628
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: d28e083f3d9cc072c19988ba5e11a513089427bb2791dcb3100ab96933435823

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:40:00 GMT
content-encoding: gzip
via: 1.1 google
server: glon1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 monsido-script.js Show response
app-script.monsido.com/v2/ 8 KB
3 KB 103ms
27ms Script
text/javascript 2600:1901:0:22e6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://app-script.monsido.com/v2/monsido-script.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M49W8L5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:22e6:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:35:39 GMT
content-encoding: gzip
age: 261
x-guploader-uploadid: ADPycdsvEHnQrwKhosckfk5Urq_rDReQ5vACuGvUOhQ8vTB8wvSJLyUSSbO32RtPQKJdXEVDyTXz44bD4LoQacmrKUhHQgRIv5jL
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2757
last-modified: Thu, 01 Jun 2023 11:12:59 GMT
server: UploadServer
etag: "fce0a6a1f924b9c6816bdc5bc679506e"
vary: Accept-Encoding
x-goog-generation: 1685617979609837
x-goog-hash: crc32c=dMVJbw==, md5=/OCmofkkucaBa9xbxnlQbg==
content-type: text/javascript
cache-control: public, max-age=300
x-goog-stored-content-length: 2757
accept-ranges: bytes
expires: Fri, 22 Sep 2023 15:40:39 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/folkehjelp.matomo.cloud/ 199 KB
58 KB 140ms
41ms Script
application/javascript 2600:9000:2117:be00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/folkehjelp.matomo.cloud/matomo.js
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2117:be00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb80085ad0a71622611dc510c46bd86edd53d05a653fc6d3f1c07c5bc21263fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:39:55 GMT
x-amz-version-id: 11TXDNR68t45Fu5yHxqeIw.B8UVU8Ox7
content-encoding: gzip
via: 1.1 4dacb01807cb4c0e8eb52307b7de1392.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C1
age: 10806
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 22 Sep 2023 08:32:08 GMT
server: AmazonS3
etag: W/"ac6976c577d35263e75c996234e0088a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: W0QnNy9yM4C7hD0P3_Cq1tuN4hDzSE-UssTHt6D02AjBjwN7mruEeA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JW08RG02YT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M49W8L5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d66fae6570cc212f2ab3a85d3a6226f1de9e13595e87e64a619d5eab8c6484c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91162
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 15:39:59 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2067130/domain/npaid.org/ 36 B
370 B 260ms
172ms XHR
application/json 2600:9000:2171:2c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2067130/domain/npaid.org/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:2c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.npaid.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:40:00 GMT
content-encoding: gzip
via: 1.1 4d3c039385e1d4ab0e1d024dacb2fd62.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 4RcqOf_jhjAqN3WsLbaCTZWkqLTKk0qDYdlwaGGJKC66WA35kC2grw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2067130&time=1695397199995&url=https%3A%2F%2Fwww.npaid.org%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2067130&time=1695397199995&url=https%3A%2F%2Fwww.npaid.org%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2067130%26time%3D1695397199995%26url%3Dhttps%253A%252F%252Fwww.npaid.org%252F%26c...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2067130&time=1695397199995&url=https%3A%2F%2Fwww.npaid.org%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2067130&time=1695397199995&url=https%3A%2F%2Fwww.npaid.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQLCMSwqYteuOQAAAYq9jEMfCPUSfujGhG6EgLsAqcH12e3...

0
265 B

235ms
161ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2067130&time=1695397199995&url=https%3A%2F%2Fwww.npaid.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQLCMSwqYteuOQAAAYq9jEMfCPUSfujGhG6EgLsAqcH12e3rYeNIesKMZEEUxp13xqCzteE
Requested by: Host: www.npaid.org
URL: https://www.npaid.org/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:40:00 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8B42F1AD59D944F780C5AA0DF5D470BF Ref B: LTSEDGE1509 Ref C: 2023-09-22T15:40:00Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYF9GvpuUKVxMk047PluQ==

Redirect headers

date: Fri, 22 Sep 2023 15:40:00 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A089119FFD3B44E4B6FFE28E92571BEF Ref B: LON04EDGE0812 Ref C: 2023-09-22T15:40:00Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2067130&time=1695397199995&url=https%3A%2F%2Fwww.npaid.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQLCMSwqYteuOQAAAYq9jEMfCPUSfujGhG6EgLsAqcH12e3rYeNIesKMZEEUxp13xqCzteE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYF9GvmCHCWxaYCnSm0Bg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
244 B 108ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JW08RG02YT&gtm=45je39k0&_p=1801062936&cid=678273712.1695397200&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695397200&sct=1&seg=0&dl=https%3A%2F%2Fwww.npaid.org%2F&dt=Norwegian%20People%27s%20Aid%20%7C%20Folk%20forandrer%20verden&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=www.npaid.org
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JW08RG02YT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 15:40:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.npaid.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 107ms
107ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=531699&d=npaid.org&u=D77E2FE0CFE22258C5525687004475C03&h=d6dd0c3303e57a4559cbbefcd28d36e8&t=false&r=0.7425737643902872

Requested by

Host: www.npaid.org
URL: https://www.npaid.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 15:39:59 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 modules.87c64ece4c32532efcb6.js Show response
script.hotjar.com/ 225 KB
55 KB 160ms
44ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.87c64ece4c32532efcb6.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2042677.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

535b2abfe5021a4ebd5577db4ff0bcc358dd30d4943df49d02a26feb8c1a4ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 93773
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56133
last-modified: Thu, 21 Sep 2023 13:36:45 GMT
etag: "df814a1255030223e6ab003f27b95f6f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Ybh8CW3G6zISgkFyxyGscV7IrZo9LN36Lq0uFWbmBzoeHuxQFqCf8A==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 46ms
44ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1801062936&t=pageview&_s=1&dl=https%3A%2F%2Fwww.npaid.org%2F&ul=en-us&de=UTF-8&dt=Norwegian%20People%27s%20Aid%20%7C%20Folk%20forandrer%20verden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=627302092&gjid=1062199442&cid=678273712.1695397200&tid=UA-3767777-10&_gid=1366529692.1695397200&_r=1&_slc=1&gtm=45He39k0n81M49W8L5&z=1262911077

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.npaid.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 15:40:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.npaid.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 matomo.php
folkehjelp.matomo.cloud/ 0
167 B 261ms
105ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://folkehjelp.matomo.cloud/matomo.php?action_name=Norwegian%20People%27s%20Aid%20%7C%20Folk%20forandrer%20verden&idsite=1&rec=1&r=341711&h=16&m=40&s=0&url=https%3A%2F%2Fwww.npaid.org%2F&_id=bf66064a455c297a&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=nBROIR&fa_pv=1&fa_fp[0][fa_vid]=Q0sBNQ&fa_fp[0][fa_id]=elc-cookie-consent-form&fa_fp[0][fa_fv]=1&fa_fp[2][fa_vid]=6BGeKi&fa_fp[2][fa_fv]=1&pf_net=0&pf_srv=914&pf_tfr=2&pf_dm1=281&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/folkehjelp.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.npaid.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.npaid.org
date: Fri, 22 Sep 2023 15:40:00 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 668312833647691 Show response
connect.facebook.net/signals/config/ 136 KB
35 KB 128ms
127ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/668312833647691?v=2.9.128&r=stable&domain=www.npaid.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b543c3236d7fe3528112012f19feebae396123e58e55e4b3168ca756b4111ac

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 22 Sep 2023 15:40:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: s9bzOcdWOuYfTFxttwiuHVypvMHRBNbF+zV+r9HGVgfcVC8jbcIksd2i1RiArhKGrXyYKtGiXV1pIDFaNXdIXg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 configs.php Show response
folkehjelp.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 200ms
59ms Script
application/javascript 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://folkehjelp.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=CB1IIj&url=https%3A%2F%2Fwww.npaid.org%2F
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/folkehjelp.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 8fb6d5644104b6a3f8ffa7e2b269e8efe9abc45948aed68acac2ebb0d0c1e64a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:40:00 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 102ms
35ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3767777-10&cid=678273712.1695397200&jid=627302092&gjid=1062199442&_gid=1366529692.1695397200&_u=YADAAEAAAAAAACAAI~&z=1073482315

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.npaid.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 22 Sep 2023 15:40:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.npaid.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 117ms
39ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=668312833647691&ev=PageView&dl=https%3A%2F%2Fwww.npaid.org%2F&rl=&if=false&ts=1695397200363&sw=1600&sh=1200&v=2.9.128&r=stable&ec=0&o=30&fbp=fb.1.1695397200361.905279416&it=1695397200203&coo=false&rqm=GET

Requested by

Host: www.npaid.org
URL: https://www.npaid.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 22 Sep 2023 15:40:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 browser-perf.c1da22870fa5ce83083f.js Show response
script.hotjar.com/ 6 KB
2 KB 39ms
39ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.c1da22870fa5ce83083f.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.87c64ece4c32532efcb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

f0039eb207cb6c336b9813fc9b1a3ad69e1d534090c9c61e2d2cc2c04c755ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:45:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 784493
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2016
last-modified: Wed, 13 Sep 2023 13:44:22 GMT
etag: "227a6992e3df42fd9197482ecf6d4fb0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: H6Og5TUHr6uLKHwod_0EnbwJwATu-P6sckdd207Y_09kDDd3ljgOqg==

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 563D 0
48 B 39ms
39ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.npaid.org
URL: https://www.npaid.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.npaid.org
Referer: https://www.npaid.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.npaid.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 22 Sep 2023 15:40:00 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 heatmaps.js Show response
heatmaps.monsido.com/v1/ 8 KB
3 KB 109ms
29ms Script
text/javascript 2600:1901:0:476d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heatmaps.monsido.com/v1/heatmaps.js
Requested by: Host: app-script.monsido.com
URL: https://app-script.monsido.com/v2/monsido-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:476d:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 699e1427474c3daa7932aa405a51762e6ab51ba12a19775321a7357deb31f384

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:39:08 GMT
content-encoding: gzip
age: 53
x-guploader-uploadid: ADPycdsF_kzYZXlieu2DHxQLJXYZu6aNA1OaEd-yp2uxaRL6DM0e0L1PapZb-boYWnoNedRch93DTi-JaeEQFdG4Nzc_iN2YZdw9
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2870
last-modified: Thu, 01 Jun 2023 07:10:33 GMT
server: UploadServer
etag: "6bd8810f93d4046aec0007f3db64ca67"
vary: Accept-Encoding
x-goog-generation: 1685603433813852
x-goog-hash: crc32c=uwyl4w==, md5=a9iBD5PUBGrsAAfz22TKZw==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300
x-goog-stored-content-length: 2870
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 22 Sep 2023 15:44:08 GMT

GET
H2 200 page-correct.js Show response
pagecorrect.monsido.com/v1/ 15 KB
6 KB 103ms
29ms Script
text/javascript 2600:1901:0:21ea::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagecorrect.monsido.com/v1/page-correct.js
Requested by: Host: app-script.monsido.com
URL: https://app-script.monsido.com/v2/monsido-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:21ea:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d141769570c57f86e87777d2093d36608c97f30872dbc3ce9c918b35793c180f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:37:39 GMT
content-encoding: gzip
age: 142
x-guploader-uploadid: ADPycdu7ba1mPN8cXse5Cauc86cvFByB-HOCzxmG2yCBfXIsAUUqdaFRHPb6l3B5CQUP2IewGqhI8by7EtzfpmIgTGG86zZhziSr
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5178
last-modified: Thu, 06 Oct 2022 07:44:18 GMT
server: UploadServer
etag: "462a91667ac49521f34a03a7abc942f5"
vary: Accept-Encoding
x-goog-generation: 1665042258321151
x-goog-hash: crc32c=hee7Lw==, md5=RiqRZnrElSHzSgOnq8lC9Q==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300
x-goog-stored-content-length: 5178
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 22 Sep 2023 15:42:39 GMT

GET
H2 200 /
tracking.monsido.com/ 43 B
205 B 108ms
36ms Image
image/gif 2600:1901:0:891c::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.monsido.com/?a=ei6Oq0y7C0lWLwe0Vv-BQw&b=https%3A%2F%2Fwww.npaid.org%2F&c=6141695397200987&d=1600x1200&f=1C21695397200988&h=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:891c:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: 2023-09-22T15:40:01Z
date: Fri, 22 Sep 2023 15:40:01 GMT
cache-control: private, no-store, max-age=0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 ei6Oq0y7C0lWLwe0Vv-BQw.json Show response
pagecorrect.monsido.com/v1/settings/ 2 B
30 B 181ms
126ms XHR
application/json 2600:1901:0:21ea::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagecorrect.monsido.com/v1/settings/ei6Oq0y7C0lWLwe0Vv-BQw.json
Requested by: Host: pagecorrect.monsido.com
URL: https://pagecorrect.monsido.com/v1/page-correct.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:21ea:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:40:01 GMT
age: 0
x-guploader-uploadid: ADPycds0R9tDfaHJ2g-WdzVclF3HZdZ_b7baz2CEt_ZpNMVgN8DjqWhoYALV7l0PUFlWG6IlXnBAAZ6N1pBcuStg7aYjHOcb2yjs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
last-modified: Sun, 17 Sep 2023 11:51:20 GMT
server: UploadServer
etag: "d751713988987e9331980363e24189ce"
x-goog-generation: 1691928012699232
x-goog-hash: crc32c=dk29dg==, md5=11FxOYiYfpMxmANj4kGJzg==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300
x-goog-stored-content-length: 2
accept-ranges: bytes
content-type: application/json
expires: Fri, 22 Sep 2023 15:45:01 GMT

GET
H3 404 ei6Oq0y7C0lWLwe0Vv-BQw.json Show response
heatmaps.monsido.com/v1/settings/ 196 KB
196 KB 184ms
128ms XHR
text/html 2600:1901:0:476d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heatmaps.monsido.com/v1/settings/ei6Oq0y7C0lWLwe0Vv-BQw.json
Requested by: Host: heatmaps.monsido.com
URL: https://heatmaps.monsido.com/v1/heatmaps.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:476d:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0755b086bb0e291eced6f08137d7d079099487c43a4dbb0f33ba45269d63969b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.npaid.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:40:01 GMT
age: 0
x-guploader-uploadid: ADPycdvqCfXYbMqzLarOzUVuZOugqB6wi7il9BaTsGnVIWPZkr-fqBIKdeF0PrICducK9uArTVY_ML812bNZ56a2yJGIdA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200528
last-modified: Mon, 15 Jul 2019 09:34:56 GMT
server: UploadServer
etag: "8abb7c686d4c3a50d26512f36949c413"
x-goog-generation: 1563183296417892
x-goog-hash: crc32c=Ob01Ow==, md5=irt8aG1MOlDSZRLzaUnEEw==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 200528
accept-ranges: bytes
content-type: text/html
expires: Fri, 22 Sep 2023 16:40:01 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.npaid.org/	1969-12-31 23:59:59	Name: CraftSessionId Value: t6mqmfc43sbm336rmftu7me3uc
www.npaid.org/	1969-12-31 23:59:59	Name: CRAFT_CSRF_TOKEN Value: a823dfc7cc002f8ac24429eb16c0652c9f69396203558967f238034ef8078c90a%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22En1Xr9ONjQUWopdrv5fNhFQ27UO09DqMsEcb-iT_%22%3B%7D
.npaid.org/	1970-01-21 00:32:37	Name: _ga_JW08RG02YT Value: GS1.1.1695397200.1.0.1695397200.0.0.0
.npaid.org/	1970-01-20 23:43:39	Name: _vwo_uuid_v2 Value: D77E2FE0CFE22258C5525687004475C03\|d6dd0c3303e57a4559cbbefcd28d36e8
.npaid.org/	1970-01-21 00:32:37	Name: _ga Value: GA1.2.678273712.1695397200
.npaid.org/	1970-01-20 14:58:03	Name: _gid Value: GA1.2.1366529692.1695397200
.npaid.org/	1970-01-20 14:56:37	Name: _gat_UA-3767777-10 Value: 1
www.npaid.org/	1970-01-21 00:22:32	Name: _pk_id.1.3a02 Value: bf66064a455c297a.1695397200.
www.npaid.org/	1970-01-20 14:56:39	Name: _pk_ses.1.3a02 Value: 1
.linkedin.com/	1970-01-20 17:06:13	Name: li_sugr Value: 7a9576a7-010e-4caf-a29e-f479fcd0050b
.linkedin.com/	1970-01-20 23:42:13	Name: bcookie Value: "v=2&8beee07d-f093-4987-80d1-d2237ff77edd"
.linkedin.com/	1970-01-20 14:58:03	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3084:u=1:x=1:i=1695397200:t=1695483600:v=2:sig=AQHnrmS7adNLhQ6UAZpmVluvdgqdtojV"
www.npaid.org/	1970-01-20 14:58:03	Name: ln_or Value: eyIyMDY3MTMwIjoiZCJ9
.npaid.org/	1970-01-20 17:06:13	Name: _fbp Value: fb.1.1695397200361.905279416
.linkedin.com/	1970-01-20 15:39:49	Name: UserMatchHistory Value: AQLvZz3PqWKtggAAAYq9jEGnbuGophaVgrbqTVefHdpz1-llC9ekexqVD8a0tYRGnUUxVewSLJHS8w
.linkedin.com/	1970-01-20 15:39:49	Name: AnalyticsSyncHistory Value: AQLDba7WrK-WowAAAYq9jEGnMmtmB49AjwgdyNl0SQHASq1NEF7Idn2ZBtr46ipz5po6lGOWlYPOY1IHtss0fA
.npaid.org/	1970-01-20 23:42:13	Name: _hjSessionUser_2042677 Value: eyJpZCI6IjQ3ZmJjZTBkLTc0MDUtNTcxZi1hNmJkLTNjYTFkY2Y0NTIwNiIsImNyZWF0ZWQiOjE2OTUzOTcyMDA0MTEsImV4aXN0aW5nIjpmYWxzZX0=
.npaid.org/	1970-01-20 14:56:39	Name: _hjFirstSeen Value: 1
.npaid.org/	1970-01-20 14:56:37	Name: _hjIncludedInSessionSample_2042677 Value: 0
.npaid.org/	1970-01-20 14:56:39	Name: _hjSession_2042677 Value: eyJpZCI6IjRlZmMxOGE2LTQ2MGQtNGNkMy1hYTlkLTQyNzFjNjkxMzFlNCIsImNyZWF0ZWQiOjE2OTUzOTcyMDA0MTIsImluU2FtcGxlIjpmYWxzZX0=
.npaid.org/	1970-01-20 14:56:39	Name: _hjAbsoluteSessionInProgress Value: 0
.www.linkedin.com/	1970-01-20 23:42:13	Name: bscookie Value: "v=1&20230922154000431db869-f298-4aee-8bb4-6c28c4b293cfAQGUt9kQaOOqxq4uk5JOFiHxbn-1Cohv"
.linkedin.com/	1970-01-20 19:15:49	Name: li_gc Value: MTswOzE2OTUzOTcyMDA7MjswMjGbbgxF/5WBThCCDl3fkQ/ervGBbVG5cuiwbT6yIjHxQA==
www.npaid.org/	1970-01-20 15:39:49	Name: monsido Value: 6141695397200987

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://heatmaps.monsido.com/v1/settings/ei6Oq0y7C0lWLwe0Vv-BQw.json Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-script.monsido.com
cdn.linkedin.oribi.io
cdn.matomo.cloud
connect.facebook.net
dev.visualwebsiteoptimizer.com
folkehjelp.matomo.cloud
fonts.googleapis.com
fonts.gstatic.com
heatmaps.monsido.com
npaid.org
pagecorrect.monsido.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
tracking.monsido.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.npaid.org
13.107.42.14
138.201.139.102
18.66.97.53
2001:4860:4802:32::36
2600:1901:0:21ea::
2600:1901:0:22e6::
2600:1901:0:476d::
2600:1901:0:891c::
2600:9000:2117:be00:c:7d55:b3c0:93a1
2600:9000:2171:2c00:2:53b2:240:93a1
2620:1ec:21::14
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:828::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9b
2a02:26f0:3500:16::215:148d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.126.133.169
34.96.102.137
52.222.236.122
0755b086bb0e291eced6f08137d7d079099487c43a4dbb0f33ba45269d63969b
1d66fae6570cc212f2ab3a85d3a6226f1de9e13595e87e64a619d5eab8c6484c
1e44ea1fe261c57bdbaa946fe096162eed88fe97536b3b4c5e345c545000bdae
23c57a455b914f3a5fb29d966d55d745ab920c244f4ddd9f90f789d2940d2abe
288d9cd502b8b6dc4d5e05fa8dcdd3f53aa20174c11d333c9f584f7248608b88
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
382b918ee12bef0033e3f8d43f42c4227b796989a8106d05a79560429c4e7f6f
3e447c80217cf7a455a5d147498818d1154739f7afce1d5dae1a4ce4817fd262
4337f77a7b7778d645de1901c0db343b6fc2ed1074d8a782aef9fcccf54f7c8b
4a5675f612a4b11cbcb31e0bf116a911312001606bc53d4948dd6adf757d6f64
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
535b2abfe5021a4ebd5577db4ff0bcc358dd30d4943df49d02a26feb8c1a4ea4
64ce602df4608c0e46d3ebd0654bb21d5c10ae14006caf557dfb2b9dbc7e5e99
64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35
6527048b132997789545b708e13d588328f8f947005325d53a9961838e4bab0c
699e1427474c3daa7932aa405a51762e6ab51ba12a19775321a7357deb31f384
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
756e23097ea32c091d5f76749ea36e89be8e8a468749bf01c12014e9502bd7f8
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b543c3236d7fe3528112012f19feebae396123e58e55e4b3168ca756b4111ac
7f32d4df2c34dd09a07f6ab03252160c2d09f9e098f2e075db69567f9f1a7903
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8790e6c02a8dd7ffee4d19b63a541f2006a46546761f5f717378e8b1b85dfcdc
88381b0763919f42a99dc1a23077fae2491f96a5f983ca3d32c518976c716768
8e101db46c2865c645c69cec661cc8598e4a480ae0e3599a8ee4191e009e58d7
8fb6d5644104b6a3f8ffa7e2b269e8efe9abc45948aed68acac2ebb0d0c1e64a
a761d0aafe417f9578620fabf07dc485a576933ee464bd313c76b527d49f9078
aa1a108585600548dd67fc431362b944c6e43e2c958210a580560c67d869fffe
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
b9271203436f43c50a5818e74e26a361cdc73c52cbee74db0efa0fc004e8256b
bb80085ad0a71622611dc510c46bd86edd53d05a653fc6d3f1c07c5bc21263fc
c4ee0d3ed7c9b34fe753442979738ce3d75455e3d014bdc92eb4534d055db930
c58eea278f08fd63c194897372c4453fbb7f6b0a0737f0ce35aa43c1b6d86f18
c8a70c909f9612466a3de222d850b87062ef52a575fee9c9baf4655ea21013b3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c8d8c8f08183d6cb4ab083d78351a07dd38f0659d578878b60bafa3c1416cf
d141769570c57f86e87777d2093d36608c97f30872dbc3ce9c918b35793c180f
d28e083f3d9cc072c19988ba5e11a513089427bb2791dcb3100ab96933435823
de1896dc1e5eff89ca8fe989b63e7ae4420a14dfb0c17c4858191a666d52ce4e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de78015d17f58971b739ada76080120d28c1b0081c253582aa5502cdfe69d3f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92411464eda5527aa28d1e4e1c51080355eac662b497bcfb71cfffcd4da05ed
f0039eb207cb6c336b9813fc9b1a3ad69e1d534090c9c61e2d2cc2c04c755ddf
f2c69f0bc5475acba1abd4dd99940c75748c19c0a0dda98005b663ebb31550e4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9460b1cb76d996f4210e09eca2b4a528cda031503994f7a0814282a4fc2cda1
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

www.npaid.org Open in urlscan Pro 138.201.139.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

73 %IPv6

15 Domains

24 Subdomains

21 IPs

5 Countries

1596 kBTransfer

3008 kBSize

24 Cookies

8 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.npaid.org Open in urlscan Pro
138.201.139.102 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

73 %
IPv6

15
Domains

24
Subdomains

21
IPs

5
Countries

1596 kB
Transfer

3008 kB
Size

24
Cookies

57 HTTP transactions
0 data transactions