www.norwegian.com
Open in
urlscan Pro
2606:2800:2ab:1c27:8b7:c3f:fdd:1624
Public Scan
Effective URL: https://www.norwegian.com/dk/
Submission: On November 02 via automatic, source phishtank
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on December 21st 2017. Valid for: a year.
This is the only time www.norwegian.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 103.9.77.247 103.9.77.247 | 45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp) | |
1 2 | 185.19.184.144 185.19.184.144 | 60975 (PARVATI R...) (PARVATI Rimini (RN) Italy) | |
2 2 | 81.93.171.69 81.93.171.69 | 25148 (BASEFARM-...) (BASEFARM-ASN Oslo - Norway) | |
1 66 | 2606:2800:2ab... 2606:2800:2ab:1c27:8b7:c3f:fdd:1624 | 14153 (EDGECAST-IR) (EDGECAST-IR - MCI Communications Services) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 159.122.87.153 159.122.87.153 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
2 | 2a00:1450:400... 2a00:1450:4001:81c::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 147.75.101.25 147.75.101.25 | 54825 (PACKET) (PACKET - Packet Host) | |
1 2 | 172.217.22.70 172.217.22.70 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c02::9d | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:81c::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 147.75.100.185 147.75.100.185 | 54825 (PACKET) (PACKET - Packet Host) | |
1 | 147.75.33.209 147.75.33.209 | 54825 (PACKET) (PACKET - Packet Host) | |
2 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
81 | 12 |
ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: mta2.weirdgrounds.com
dienlanhmuoihien.com |
ASN60975 (PARVATI Rimini (RN) Italy, IT)
PTR: indra.thirdeye.it
terraritalia.com |
ASN25148 (BASEFARM-ASN Oslo - Norway, NO)
PTR: norwegian-com.osl.basefarm.net
norwegian.com |
ASN14153 (EDGECAST-IR - MCI Communications Services, Inc. d/b/a Verizon Business, US)
www.norwegian.com |
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 99.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-15
static.hotjar.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f70.1e100.net
5877806.fls.doubleclick.net |
ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-17
script.hotjar.com |
ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-13
vars.hotjar.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
68 |
norwegian.com
3 redirects
norwegian.com www.norwegian.com |
2 MB |
3 |
doubleclick.net
2 redirects
5877806.fls.doubleclick.net stats.g.doubleclick.net |
713 B |
3 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com |
82 KB |
3 |
facebook.net
connect.facebook.net |
101 KB |
2 |
facebook.com
www.facebook.com |
490 B |
2 |
google-analytics.com
www.google-analytics.com |
17 KB |
2 |
visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com |
846 B |
2 |
terraritalia.com
1 redirects
terraritalia.com |
655 B |
1 |
google.de
www.google.de |
109 B |
1 |
google.com
1 redirects
www.google.com |
179 B |
1 |
googletagmanager.com
www.googletagmanager.com |
47 KB |
1 |
dienlanhmuoihien.com
1 redirects
dienlanhmuoihien.com |
381 B |
81 | 12 |
Domain | Requested by | |
---|---|---|
66 | www.norwegian.com |
1 redirects
www.norwegian.com
|
3 | connect.facebook.net |
terraritalia.com
connect.facebook.net |
2 | www.facebook.com | |
2 | 5877806.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | dev.visualwebsiteoptimizer.com |
www.norwegian.com
|
2 | norwegian.com | 2 redirects |
2 | terraritalia.com | 1 redirects |
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | www.google.de | |
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.norwegian.com
|
1 | dienlanhmuoihien.com | 1 redirects |
81 | 16 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.norwegian.com DigiCert SHA2 Extended Validation Server CA |
2017-12-21 - 2019-03-28 |
a year | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2017-06-30 - 2020-07-06 |
3 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2017-12-15 - 2019-03-22 |
a year | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2018-10-11 - 2019-01-09 |
3 months | crt.sh |
*.doubleclick.net Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
www.google.de Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2018-10-11 - 2019-01-09 |
3 months | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2018-10-11 - 2019-01-09 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.norwegian.com/dk/
Frame ID: 24A41A3F2A73CB815217BA000D7D7E80
Requests: 79 HTTP requests in this frame
Frame:
https://5877806.fls.doubleclick.net/activityi;dc_pre=CLOm4LXitN4CFVIo4AodsO0Iqg;src=5877806;type=global;cat=nasgloba;ord=5206754438751;gtm=2wgas3;auiddc=1917238488.1541129404;u1=https%3A%2F%2Fwww.norwegian.com%2Fdk%2F;u2=DKK;u3=%20;u4=%20;u5=undefined;u7=undefined;u8=undefined;u9=FrontPage;u10=unavailable;u11=unavailable;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;u19=undefined;u21=undefined;u22=DK;u23=undefined;u24=undefined;u25=undefined;u26=-;~oref=https%3A%2F%2Fwww.norwegian.com%2Fdk%2F
Frame ID: A549073A054EAFA1E08127290C235503
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Frame ID: 0C2A82D8F610E896712CA5C3E4DC3772
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://dienlanhmuoihien.com/daarligst.php
HTTP 302
http://terraritalia.com/www-norwegian-dk/wwwnorwegian.html Page URL
-
http://terraritalia.com/www-norwegian-dk/process-index.php
HTTP 302
http://norwegian.com/dk/ HTTP 301
https://norwegian.com/dk/ HTTP 302
http://www.norwegian.com/dk/ HTTP 301
https://www.norwegian.com/dk/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- script /angular.*\.js/i
- env /^angular$/i
React (JavaScript Frameworks) Expand
Detected patterns
- env /^React$/i
RxJS (JavaScript Frameworks) Expand
Detected patterns
- env /^Rx$/i
Tengine (Web Servers) Expand
Detected patterns
- headers server /Tengine/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- env /^Modernizr$/i
Moment.js (JavaScript Libraries) Expand
Detected patterns
- env /^moment$/i
webpack (Miscellaneous) Expand
Detected patterns
- env /^webpackJsonp$/i
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Title: Storbyrejser tilektra lave priser
Search URL Search Domain Scan URL
Title: Berlin Fly + hotel **** 3 nætter Fra 1599,-
Search URL Search Domain Scan URL
Title: London Fly + hotel *** 3 nætter Fra 1899,-
Search URL Search Domain Scan URL
Title: Rom Fly + hotel *** 3 nætter Fra 1999,-
Search URL Search Domain Scan URL
Title: Krakow Fly + hotel *** 3 nætter Fra 1499,-
Search URL Search Domain Scan URL
Title: Hurra Tusind tak!
Search URL Search Domain Scan URL
Title: Optjen CashPoints og flyv
Search URL Search Domain Scan URL
Title: Gavekort
Search URL Search Domain Scan URL
Title: Parkering
Search URL Search Domain Scan URL
Title: Book et hotel
Search URL Search Domain Scan URL
Title: Lej en bil
Search URL Search Domain Scan URL
Title: Lufthavnstransfer
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://dienlanhmuoihien.com/daarligst.php
HTTP 302
http://terraritalia.com/www-norwegian-dk/wwwnorwegian.html Page URL
-
http://terraritalia.com/www-norwegian-dk/process-index.php
HTTP 302
http://norwegian.com/dk/ HTTP 301
https://norwegian.com/dk/ HTTP 302
http://www.norwegian.com/dk/ HTTP 301
https://www.norwegian.com/dk/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://dienlanhmuoihien.com/daarligst.php HTTP 302
- http://terraritalia.com/www-norwegian-dk/wwwnorwegian.html
- https://5877806.fls.doubleclick.net/activityi;src=5877806;type=global;cat=nasgloba;ord=5206754438751;gtm=2wgas3;auiddc=1917238488.1541129404;u1=https%3A%2F%2Fwww.norwegian.com%2Fdk%2F;u2=DKK;u3=%20;u4=%20;u5=undefined;u7=undefined;u8=undefined;u9=FrontPage;u10=unavailable;u11=unavailable;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;u19=undefined;u21=undefined;u22=DK;u23=undefined;u24=undefined;u25=undefined;u26=-;~oref=https%3A%2F%2Fwww.norwegian.com%2Fdk%2F HTTP 302
- https://5877806.fls.doubleclick.net/activityi;dc_pre=CLOm4LXitN4CFVIo4AodsO0Iqg;src=5877806;type=global;cat=nasgloba;ord=5206754438751;gtm=2wgas3;auiddc=1917238488.1541129404;u1=https%3A%2F%2Fwww.norwegian.com%2Fdk%2F;u2=DKK;u3=%20;u4=%20;u5=undefined;u7=undefined;u8=undefined;u9=FrontPage;u10=unavailable;u11=unavailable;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;u19=undefined;u21=undefined;u22=DK;u23=undefined;u24=undefined;u25=undefined;u26=-;~oref=https%3A%2F%2Fwww.norwegian.com%2Fdk%2F
- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j71&tid=UA-9004708-1&cid=1150989501.1541129404&jid=1567509388&gjid=2113402&_gid=661821355.1541129404&_u=YGBAgUAB~&z=983662286 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-9004708-1&cid=1150989501.1541129404&jid=1567509388&_v=j71&z=983662286 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-9004708-1&cid=1150989501.1541129404&jid=1567509388&_v=j71&z=983662286&slf_rd=1&random=2321257654
81 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
wwwnorwegian.html
terraritalia.com/www-norwegian-dk/ Redirect Chain
|
62 B 373 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.norwegian.com/dk/ Redirect Chain
|
73 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cms-brand.css
www.norwegian.com/style-bundle/ |
410 KB 59 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.js
www.norwegian.com/script-bundle/ |
1 KB 660 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lib.js
www.norwegian.com/script-bundle/ |
779 KB 235 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instant.js
www.norwegian.com/script-bundle/ |
61 B 204 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sharedlang.da.js
www.norwegian.com/script-bundle/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmslang.da.js
www.norwegian.com/script-bundle/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteMap
www.norwegian.com/js/ |
4 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-locale_da.js
www.norwegian.com/script-bundle/ |
1 KB 886 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vwo.js
www.norwegian.com/script-bundle/ |
1 KB 597 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sharedtemplates.js
www.norwegian.com/script-bundle/ |
247 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmstemplates.js
www.norwegian.com/script-bundle/ |
23 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstraptemplates.js
www.norwegian.com/script-bundle/ |
6 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.css.svg
www.norwegian.com/Content/Styles/ |
208 KB 40 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ident.svg
www.norwegian.com/Content/img/ |
7 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ident-mobile.svg
www.norwegian.com/Content/img/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flash-sale-top-bar.css
www.norwegian.com/globalassets/ip/documents/technical/flash-sale-clock/ |
220 B 313 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usa_new-york_skyline_empire_615398376.jpg
www.norwegian.com/globalassets/ip/media/front/header/ |
173 KB 174 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
halloween_pumpkins_613872668_1200x600.jpg
www.norwegian.com/globalassets/ip/media/front/main/on-sale/1200x600/ |
137 KB 137 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1200x300_the-choice_seat-premium_787900_007.jpg
www.norwegian.com/globalassets/ip/media/front/main/on-sale/1200x300/ |
115 KB 115 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
italy_rome_couple_650114426-600x600-dk.jpg
www.norwegian.com/globalassets/ip/media/front/ancillary/600x600/ |
271 KB 271 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
300x300_crew_787900_007.jpg
www.norwegian.com/globalassets/ip/media/front/upsell/ |
87 KB 87 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
300x300-upsell-route-map.jpg
www.norwegian.com/globalassets/ip/media/front/upsell/ |
63 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
norwegian-youth-tickets.jpg
www.norwegian.com/globalassets/ip/media/front/upsell/ |
71 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gtm.js
www.googletagmanager.com/ |
212 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa-verified.png
www.norwegian.com/globalassets/ip/media/front/main/on-sale/payment-icon/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mastercard-securecode.png
www.norwegian.com/globalassets/ip/media/front/main/on-sale/payment-icon/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
klarna_logo_black3.png
www.norwegian.com/globalassets/ip/media/front/main/on-sale/payment-icon/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
globalsign.png
www.norwegian.com/globalassets/ip/media/front/main/on-sale/payment-icon/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skytrax-logo-2017.png
www.norwegian.com/globalassets/ip/media/front/main/on-sale/payment-icon/ |
41 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IAA-logo-2.png
www.norwegian.com/globalassets/ip/media/front/main/on-sale/payment-icon/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feddie-awards.png
www.norwegian.com/globalassets/ip/media/front/main/on-sale/payment-icon/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plainPageController.js
www.norwegian.com/script-bundle/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brand.js
www.norwegian.com/script-bundle/ |
69 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.js
www.norwegian.com/script-bundle/ |
181 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-cmsClient.js
www.norwegian.com/script-bundle/ |
105 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
partial-view-apps
www.norwegian.com/script-bundle/nas.front.client-apps/ |
2 MB 356 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
partial-view-apps
www.norwegian.com/style-bundle/nas.front.client-apps/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apercu_regular_pro-web.woff2
www.norwegian.com/Content/webfonts/ |
34 KB 34 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
j.php
dev.visualwebsiteoptimizer.com/ |
716 B 610 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destinations
www.norwegian.com/api/ |
36 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
progressSpinner.tpl.html
www.norwegian.com/Scripts/sharedComponents/app/core/ |
482 B 381 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
www.norwegian.com/api/busy/ |
43 B 399 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
busy-wait.core.tpl.html
www.norwegian.com/Scripts/sharedComponents/app/shared/components/busy/ |
885 B 415 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
errorMessage.tpl.html
www.norwegian.com/Scripts/sharedComponents/app/core/ |
2 KB 723 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notifier.tpl.html
www.norwegian.com/Scripts/sharedComponents/app/shared/components/notifier/ |
606 B 289 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
availabilitysearch.tpl.html
www.norwegian.com/Scripts/sharedComponents/app/availability/ |
24 KB 3 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
holidayssearch.tpl.html
www.norwegian.com/Scripts/sharedComponents/app/holidays/ |
12 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cartrawlersearch.tpl.html
www.norwegian.com/Scripts/sharedComponents/app/cartrawler/ |
6 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotelSearch.tpl.html
www.norwegian.com/Scripts/sharedComponents/app/shared/components/hotel/ |
8 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abandonedBasket.tpl.html
www.norwegian.com/ClientResources/norwegian/app/abandonedBasket/ |
2 KB 774 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.css.svg
www.norwegian.com/Content/Styles/ |
208 KB 40 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-dropdown-arrow.svg
www.norwegian.com/Content/img/icons/ |
628 B 477 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-check.svg
www.norwegian.com/Content/img/icons/ |
548 B 463 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-dropdown-arrow--light.svg
www.norwegian.com/Content/img/icons/ |
628 B 476 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
my-profile-male.svg
www.norwegian.com/Content/img/icons/small/ |
2 KB 1016 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.svg
www.norwegian.com/Content/img/icons/small/ |
895 B 591 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apercu_bold_pro-web.woff2
www.norwegian.com/Content/webfonts/ |
33 KB 33 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TiemposTextWeb-Regular.woff2
www.norwegian.com/Content/webfonts/ |
45 KB 46 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 236 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apercu_regular_italic_pro-web.woff2
www.norwegian.com/Content/webfonts/ |
36 KB 36 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apercu_bold_italic_pro-web.woff2
www.norwegian.com/Content/webfonts/ |
36 KB 36 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
infoBox.tpl.html
www.norwegian.com/Scripts/sharedComponents/app/shared/components/infoBox/ |
3 KB 1023 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
radiobutton.tpl.html
www.norwegian.com/Scripts/sharedComponents/app/shared/components/buttons/ |
554 B 349 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
domesticspaindiscounts.tpl.html
www.norwegian.com/Scripts/sharedComponents/app/shared/components/domesticspainDiscounts/ |
624 B 385 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkboxbutton.tpl.html
www.norwegian.com/Scripts/sharedComponents/app/shared/components/buttons/ |
393 B 282 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destinations
www.norwegian.com/api/ |
136 KB 10 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ident-hotels-com.png
www.norwegian.com/Content/Images/content/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
42 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
fbevents.js
connect.facebook.net/en_US/ |
73 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
hotjar-1064276.js
static.hotjar.com/c/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CLOm4LXitN4CFVIo4AodsO0Iqg;src=5877806;type=global;cat=nasgloba;ord=5206754438751;gtm=2wgas3;auiddc=1917238488.1541129404;u1=https%3A%2F%2Fwww.norwegian.com%2Fdk%2F;u2=DKK;u3=%20;u...
5877806.fls.doubleclick.net/ Frame A549 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST S |
collect
www.google-analytics.com/ |
35 B 125 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
modules-239439752d7ca7c58c060cde4a84a63c.js
script.hotjar.com/ |
399 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1761877623864806
connect.facebook.net/signals/config/ |
167 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
vars.hotjar.com/ Frame 0C2A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
665630980212858
connect.facebook.net/signals/config/ |
167 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.facebook.com/tr/ |
44 B 291 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.facebook.com/tr/ |
44 B 199 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
65 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dataLayer object| html5 object| Modernizr function| yepnope function| moment function| inherits object| Rx object| angular number| ng339 function| _ object| React object| ReactDOM object| ngReact object| _vwo_code number| settings_timer number| _vwo_settings_timer boolean| FindApi undefined| api object| NasPlainMenuController object| NasPlainScrollToController object| NasPlainSwitchLanguageController object| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate boolean| __Zone_enable_cross_context_check function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__setImmediate function| __zone_symbol__clearImmediate function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| IntlPolyfill boolean| ngDevMode object| ng object| __zone_symbol__storagefalse object| __zone_symbol__beforeunloadfalse object| __zone_symbol__keyupfalse object| __zone_symbol__resizefalse object| vwo_iehack_queue function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5877806.fls.doubleclick.net
connect.facebook.net
dev.visualwebsiteoptimizer.com
dienlanhmuoihien.com
norwegian.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
terraritalia.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.norwegian.com
103.9.77.247
147.75.100.185
147.75.101.25
147.75.33.209
159.122.87.153
172.217.22.70
185.19.184.144
2606:2800:2ab:1c27:8b7:c3f:fdd:1624
2a00:1450:4001:806::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200e
2a00:1450:400c:c02::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
81.93.171.69
0014e1e6fd75c5e25b346d3d8b60f2d90f1fbed6f321db4f165ae3b49ae9306b
003ea5ab9122be52ed528c1006a2a638672d830f25dbf161d5d5e55fda60ee6e
024ccb1e352d9059ca28c42ac2be7e5f25d264885c270124a673c26aa4e604a2
02f2d91d50162fe73945595c803f6ddcc1f3023d8588a4d385ee80f08e6f1b6c
034855cc44a3504c389330ba50a20be31a82de4416f486b888fa2e9203807660
08b005c43c9fb6f0625c4495aadd26eb8ce7e75ba115e2b04ea6e5508861ee6b
0ee3074a21dbc8060d824daf5280f2274e292980d3ae893d67923661b1640f14
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12755e0dd43fb0377083ce4ff98332480029bb91efcea3d82ec84f35bcd8938b
1868089c9f0a2c91d0e6b8dff386d4ed63b04abd2cbf2fb22a52fad82cb2f8a5
1feafc31f5112b09da68cab1dc716d2d0ca602bafbe4d1ff8483bcb9b90d1cb7
251e2bdc5f990043cfb7334463e946b2fabe91718160457c388605ed9847e0db
26ba5b815dea25ab39b361147da05b8b0a4b6a8e3fa399fbc6f1df9c08d2f545
2d50e8fba37dbf56ff78a3e6a848694e3a41adbe56625aa9f2a115acb6b411a7
2e00a14ecb5bd07270eceadf55cbcebf879a04b4016a18e084e40ffd2767f400
2f55ef0381be60300dda9dec583cf143a7cb068438d2925420208f27f4812040
32f6742cc400656618ed00e76739191eec959c280eb21d8f1db5823ef831f16f
35aa91cd295599ae5dccbd4039812edef46a608210751d0e4276b85fea91f15b
361fab45ff1e7962a6c10b5af935e0d2d986717ccf768fdcb43b6b0c12d3671c
370cb6b8be59ef7d8d14613be7ae4e87d373016664230b237a1518f2bd9d6780
390369c902eda88f878841b48184c2ae13d723ac7611500b3ad3517ed005a8f0
3dd525448ef621bba3f9ede58d8c41037474a391da133e5fb40bcd3b1e812e97
3fa5531cc79aecd787879bbe14f16e40fd09ee2988289320f23aa108fafcb0b4
400d57220fe0deb719aa3ad75b9bbc68998136fa6458881aa2dacf5aef86bf2e
4294fcb29d281cf8318576b868d747fc892960fffbfce0935c435943df8e1b82
42df6d5cc9ae79e3b3d6e5588919b23882522683ffd4eaa2ed637dbd30d91d9c
459f9be241ca79b723b3c707ed7896ecbb839f4223640e2e3d29dfa0f3bf0dd1
46ebd856a78cf6d2f379ef4a176101f4aa428dcf7a3e572fd001bb6468ed9094
57fc1ed2f13f081eed5c44e948a704acc92a92ceca702bd3e5b35a747f3d4cb0
5871782fc9a0ddfc53ffe860dab7315d3b862d76a9d53e7bef9fc604bed1069a
617146c46aadbea907df1568ee06b94a3d8e34dc6983ba61cfa3de9057365ab9
635ed3a53497059d8c7a27133c87a294ce251dc4a59185e713c66af1d552e9a6
688ba051be574710c037f535b2a3d7df7490d1e0b16eae4d2e985d67de3d77a6
7085ccb8192b061c5f56424947bba0baf97d4099e94c18364768dd28a8c6c66a
7beb861132ee58edc1060dc4fd413ca5843f2de7ce1a3d524e31768d5161caa8
7ccc0e3bd9bb1fae63a2385225a250a88f72b01a37b53d12eb465e215cb42cce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84573f8c7e8b59540619e623df1ab7ee0067f08a330303dac1341398bb847d65
86a296340c36d07f985e41429fca3e5a543247227dfbaff6000b988a46228ae9
87268b338ec3e95a878ea49241e0cbbe5723cfc239a48420016c9b631bb24798
87b40342ab167ec3f223f0aba046652fddecc03168997577ebbcc4ab7a7f7196
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
9001e96e82e0826c07b45f47118e2215e8d5c869a6f96c1ac57e591535c1b940
95ad51dd464cb2a496abc5ccee006b2c83f1bf739bacae156b9130bf30ac1af2
ab71a53903b9a4390909b27e432cfcaf8f3b098e4cb81bccbf6199a17b4d23d5
af5a56f0a9eb13d4238b5780ddf731237e65492bba73a37f4896edcec9a46562
b0ea94133b3dbdb9c4d0ca807074efd4c5b65936fe7ec37cf76363e08633e2a3
b3f869a0da4d69221cb18aae69551bc31585f1267b5ef419058735d23a25f4e5
b5d75cff2bbdba2b0e4c7b471da81f4583a3883cc564cd4226b26abc3388bdbc
b74ddadd76e2e804b4d26ff5baf19ea5590a6c6479a1da34b15aacb15e1a44b8
bb338f8be0d2c557cdf30b485de0f9d41c6398b89aec125920065b77bbe41590
bb754e985b8e33bd6da350a990a722d4dafa1eec16464bcf8b1e201538dcff1f
bd2b1a84b9a418944646e21950c7a34f8b2cf0897b17b6f1ae7c27e132b53814
bde7e72d2732047c21f850a38f799362b8e8e4af8a40db62f3189585ecd22deb
be55ac645cfbb1ca0ea7ffccf43aa1ac8d6c809c47169c29a90748bb5b039d65
bfcb34b3897991c9d92d5179c76aaaa7561da147348753b4fddbbc6e85d42b7a
bfebac8f83adab1cf93c06c8223f6fd7f3e805e6fb71e55c9c0d9546b3a50257
c7f18aa8b21dc17fa672bd9bb0b92a1f70b2daa04e54a2070ad264bed9eb4c72
d17ea7f38ba0acd5b1dfc4131655626a2353277fe99c97936765e4f6ae55a56c
d239fd4a5991d58f431d40831a80f026e59e76f326e092825bd3f15c091c958b
d712aa92713a1cb42d4a1196ce7e663ed60da469b937224ffe45eda9dcc09ce7
dc3c23b01386976cefe20780dc329a13910f736baec0af707bcdce7824f41fb2
e0561e9d30e3a97d139437ba22855aabe547a4d72a4451eb8e83b2e8b031fdf6
e10e88b7d198adf9eea71630d08b7ef76b1cb59f2e72dfc70b059f3e013e3f26
e3195b33f2b04d44c0b69ca6412744973d99782b2eeb61d07826a1c7e4d0c20b
e458a8bacbae0bb83ad4b6a770ae8252c959f336a310e969ef1ead6dd17a4848
e619175028af3cd69286694b5c178409366db95991ab69f8d7a67067c8c42011
e9173af26aa034a7c66c22a8665d06984c0d4b2566ddc994e74977aeb4eba0f6
e99940b285fdaf221426115179e96b4f1dbe2e603d22193e5b8261fcb7dd9e2f
ea7dbc05557a28e311b7b2ec5c9cb47c978bcf7adc3ebc81f794362f6d4e6e3a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f63703308029dff013d5d67da6f9fab4d67b79db6e80fa09d6482b6d44eae6fd
f7f2982584fc9d0bc2c292a5e32c5cbf650e72a2c479fbc960f5e9df391119c8
fe10a1997c5254117d77f54651131ad298a03aaab770025abdf4e5437e79e16e
ff26edab71789eb1579a9515bf9a237b5c9d51cac836b10ff6131c5082afa812