www.norwegian.com Open in urlscan Pro
2606:4700::6812:c16a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11340299.151055224;dc_trk_aid=321626430;dc_trk_cid=736456...
Effective URL:
https://www.norwegian.com/dk/ipr/mynorwegian
Submission: On November 16 via api (November 16th 2024, 8:43:18 pm UTC) from US — Scanned from DE

Summary HTTP 79 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 12 domains to perform 79 HTTP transactions. The main IP is 2606:4700::6812:c16a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.norwegian.com. The Cisco Umbrella rank of the primary domain is 502945.
TLS certificate: Issued by WE1 on October 1st 2024. Valid for: 3 months.

This is the only time www.norwegian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
4 47	2606:4700::68... 2606:4700::6812:c16a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:4139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:235... 2600:9000:2359:5600:f:1b37:e600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:4239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	100.26.87.64 100.26.87.64	14618 (AMAZON-AES) (AMAZON-AES)
5	54.243.108.33 54.243.108.33	14618 (AMAZON-AES) (AMAZON-AES)
8 8	52.51.21.241 52.51.21.241	16509 (AMAZON-02) (AMAZON-02)
8	2a04:4e42::720 2a04:4e42::720	54113 (FASTLY) (FASTLY)
1	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.244.18.11 18.244.18.11	16509 (AMAZON-02) (AMAZON-02)
1	184.86.251.29 184.86.251.29	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	3.161.82.48 3.161.82.48	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:225... 2600:9000:2251:5e00:10:f40e:dd80:21	16509 (AMAZON-02) (AMAZON-02)
1	184.86.251.30 184.86.251.30	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
79	18

1 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2606:4700::6812:c16a (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

www.norwegian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:5600:f:1b37:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)

e11233f1926a.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:4239 (United States)

ASN13335 (CLOUDFLARENET, US)

a17202440929.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.26.87.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-87-64.compute-1.amazonaws.com

ffd5fce92025469cbd4269ece4fc70a8-e11233f1926a.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.243.108.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-108-33.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.51.21.241 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-21-241.eu-west-1.compute.amazonaws.com

cdn.cartrawler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42::720 (United States)

ASN54113 (FASTLY, US)

ct-supplierimage.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-11.fra56.r.cloudfront.net

product-router.cartrawler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a184-86-251-29.deploy.static.akamaitechnologies.com

widgets.hotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.161.82.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-48.fra56.r.cloudfront.net

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:5e00:10:f40e:dd80:21 (United States)

ASN16509 (AMAZON-02, US)

df45ay5pw60dy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.30 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a184-86-251-30.deploy.static.akamaitechnologies.com

widgets.hotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	norwegian.com 4 redirects www.norwegian.com — Cisco Umbrella Rank: 502945	846 KB
10	cartrawler.com 8 redirects cdn.cartrawler.com — Cisco Umbrella Rank: 314130 product-router.cartrawler.com — Cisco Umbrella Rank: 45560	86 KB
9	forter.com e11233f1926a.cdn4.forter.com ffd5fce92025469cbd4269ece4fc70a8-e11233f1926a.cdn.forter.com cdn0.forter.com — Cisco Umbrella Rank: 4475 cdn3.forter.com — Cisco Umbrella Rank: 3911	166 KB
8	imgix.net ct-supplierimage.imgix.net — Cisco Umbrella Rank: 230744	35 KB
3	cloudfront.net df45ay5pw60dy.cloudfront.net	843 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	271 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 1024 a17202440929.cdn.optimizely.com — Cisco Umbrella Rank: 959987 logx.optimizely.com — Cisco Umbrella Rank: 1766	98 KB
2	hotels.com widgets.hotels.com — Cisco Umbrella Rank: 583768	3 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
1	doubleclick.net 1 redirects ad.doubleclick.net — Cisco Umbrella Rank: 145	25 B
79	12

	Domain	Requested by
47	www.norwegian.com	4 redirects www.norwegian.com static.cloudflareinsights.com
8	ct-supplierimage.imgix.net
8	cdn.cartrawler.com	8 redirects
5	cdn0.forter.com	e11233f1926a.cdn4.forter.com
3	df45ay5pw60dy.cloudfront.net
3	www.googletagmanager.com	www.norwegian.com www.googletagmanager.com
2	cdn3.forter.com	e11233f1926a.cdn4.forter.com
2	widgets.hotels.com	www.norwegian.com widgets.hotels.com
2	product-router.cartrawler.com	www.norwegian.com product-router.cartrawler.com
2	region1.google-analytics.com	www.googletagmanager.com
1	logx.optimizely.com	cdn.optimizely.com
1	ffd5fce92025469cbd4269ece4fc70a8-e11233f1926a.cdn.forter.com	e11233f1926a.cdn4.forter.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	a17202440929.cdn.optimizely.com	cdn.optimizely.com
1	e11233f1926a.cdn4.forter.com	www.norwegian.com
1	static.cloudflareinsights.com	www.norwegian.com
1	cdn.optimizely.com	www.norwegian.com
1	ad.doubleclick.net	1 redirects
79	18

This site contains links to these domains. Also see Links.

Domain
cars.cartrawler.com

Subject Issuer	Validity	Valid
www.norwegian.com WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh
cdn.optimizely.com WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.cdn4.forter.com Amazon RSA 2048 M03	`2024-08-08` - `2025-09-06`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.cdn.forter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-10` - `2025-08-10`	a year	crt.sh
cdn0.forter.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-10` - `2025-07-08`	a year	crt.sh
logx.optimizely.com WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.cartrawler.com Amazon RSA 2048 M03	`2024-04-24` - `2025-05-23`	a year	crt.sh
hrum.hotelsapi.io R11	`2024-11-10` - `2025-02-08`	3 months	crt.sh
cdn3.forter.com Amazon RSA 2048 M02	`2024-06-19` - `2025-07-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.norwegian.com/dk/ipr/mynorwegian
Frame ID: 40F8BC2317FBAEDB500635BF47028FBE
Requests: 70 HTTP requests in this frame

Frame: https://www.norwegian.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 644218CF045ABA7D255B87EDA8EF9D78
Requests: 2 HTTP requests in this frame

Frame: https://a17202440929.cdn.optimizely.com/client_storage/a17202440929.html
Frame ID: CE24E87BCFEFB8AEDBA48BE0709AF8B1
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.norwegian.com
Frame ID: 01D2F2F718144D389F402CADA7AF7BA0
Requests: 1 HTTP requests in this frame

Frame: https://product-router.cartrawler.com/product/widget/norwegian/573004/DA?ng-if=vm.model.flightList.length%20%3E%200&currency=DKK&pax=1&pnr=SX9XEB&flight-0-arrival-date-time=2024-11-26T12:25:00&flight-0-arrival-iata=OSL&flight-0-departure-date-time=2024-11-26T11:15:00&flight-0-departure-iata=BLL&flight-0-number=DY999
Frame ID: 062288905ACD35CB11BBAA445753509C
Requests: 1 HTTP requests in this frame

Frame: https://widgets.hotels.com/getXsellWidget?widgetTarget=hotel-ean-container&outboundDate=2024-11-26&inboundDate=&airportDeparture=BLL&airportArrival=OSL&noOfAdults=1&noOfChildren=0&locale=da_DK&currency=DKK&pnr=SX9XEB&flightClass=Economy&purchaseDate=2024-11-16&widgetID=61&widgetType=MB&gaLinkerParameter=null&partnerLoyaltyNumber=null&showSearchBar=true&origin=https%3A%2F%2Fwww.norwegian.com
Frame ID: BA38A84EC7FFF5257ADECA92A70B399D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bookingreference | Norwegian

Page URL History Show full URLs

https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11340299.151055224;dc_trk_aid=3216264... HTTP 302
https://www.norwegian.com/dk/start/flight/change?pnr=SX9XEB&pnrLocal=I1NUD&pnrname=BORK&utm_source=crm... HTTP 302
https://www.norwegian.com/dk/ipc/reschange/start?pnr=SX9XEB&pnrLocal=I1NUD&pnrname=BORK&utm_source=crm... HTTP 302
https://www.norwegian.com/dk/start/booking/details/?pnr=SX9XEB&pnrLocal=I1NUD&pnrName=BORK&RedirectId=10 HTTP 302
https://www.norwegian.com/dk/ipr/mynorwegian Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

79
Requests

86 %
HTTPS

47 %
IPv6

12
Domains

18
Subdomains

18
IPs

3
Countries

1507 kB
Transfer

5745 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cars.cartrawler.com/norwegian-new/da/gt/?clientID=578513
Title: Book din lufthavnstransport

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11340299.151055224;dc_trk_aid=321626430;dc_trk_cid=73645678;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?https://www.norwegian.com/dk/start/flight/change?pnr=SX9XEB&pnrLocal=I1NUD&pnrname=BORK&utm_source=crm&utm_medium=email&utm_campaign=DK-booking-confirmation&utm_content=change-flight HTTP 302
https://www.norwegian.com/dk/start/flight/change?pnr=SX9XEB&pnrLocal=I1NUD&pnrname=BORK&utm_source=crm&utm_medium=email&utm_campaign=DK-booking-confirmation&utm_content=change-flight&NAS_source=N388808.2679425NORWEGIAN&dclid=CLmnqdrb4YkDFeTsEQgd0nMAXw HTTP 302
https://www.norwegian.com/dk/ipc/reschange/start?pnr=SX9XEB&pnrLocal=I1NUD&pnrname=BORK&utm_source=crm&utm_medium=email&utm_campaign=DK-booking-confirmation&utm_content=change-flight&NAS_source=N388808.2679425NORWEGIAN&dclid=CLmnqdrb4YkDFeTsEQgd0nMAXw HTTP 302
https://www.norwegian.com/dk/start/booking/details/?pnr=SX9XEB&pnrLocal=I1NUD&pnrName=BORK&RedirectId=10 HTTP 302
https://www.norwegian.com/dk/ipr/mynorwegian Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.norwegian.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.norwegian.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

Request Chain 50

https://cdn.cartrawler.com/otaimages/vendor/chrome/Budget.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/budget.pdf?fm=jpg&w=49&bg=fff

Request Chain 51

https://cdn.cartrawler.com/otaimages/vendor/chrome/Hertz.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/hertz.pdf?fm=jpg&w=49&bg=fff

Request Chain 52

https://cdn.cartrawler.com/otaimages/vendor/chrome/Europcar.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/europcar.pdf?fm=jpg&w=49&bg=fff

Request Chain 53

https://cdn.cartrawler.com/otaimages/vendor/chrome/Firefly.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/firefly.pdf?fm=jpg&w=49&bg=fff

Request Chain 54

https://cdn.cartrawler.com/otaimages/vendor/chrome/Sixt.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/sixt.pdf?fm=jpg&w=49&bg=fff

Request Chain 55

https://cdn.cartrawler.com/otaimages/vendor/chrome/Avis.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/avis.pdf?fm=jpg&w=49&bg=fff

Request Chain 56

https://cdn.cartrawler.com/otaimages/vendor/chrome/Alamo.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/alamo.pdf?fm=jpg&w=49&bg=fff

Request Chain 57

https://cdn.cartrawler.com/otaimages/vendor/chrome/Green_Motion.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/green_motion.pdf?fm=jpg&w=49&bg=fff

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request mynorwegian Show response
www.norwegian.com/dk/ipr/
Redirect Chain

https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11340299.151055224;dc_trk_aid=321626430;dc_trk_cid=73645678;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?https://www.norwegia...
https://www.norwegian.com/dk/start/flight/change?pnr=SX9XEB&pnrLocal=I1NUD&pnrname=BORK&utm_source=crm&utm_medium=email&utm_campaign=DK-booking-confirmation&utm_content=change-flight&NAS_source=N38...
https://www.norwegian.com/dk/ipc/reschange/start?pnr=SX9XEB&pnrLocal=I1NUD&pnrname=BORK&utm_source=crm&utm_medium=email&utm_campaign=DK-booking-confirmation&utm_content=change-flight&NAS_source=N38...
https://www.norwegian.com/dk/start/booking/details/?pnr=SX9XEB&pnrLocal=I1NUD&pnrName=BORK&RedirectId=10
https://www.norwegian.com/dk/ipr/mynorwegian

39 KB
12 KB

116ms
116ms

Document
text/html

2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31a1ec1d6a3c1495f8c39efa0500ac7c66bbd516b6f5860e6896cb7ca0e81361

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8e3a4fd2b9f9dcca-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
content-type: text/html; charset=utf-8
date: Sat, 16 Nov 2024 20:43:11 GMT
permissions-policy: camera=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8e3a4fd19f34dcca-FRA
content-length: 0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
date: Sat, 16 Nov 2024 20:43:11 GMT
location: /dk/ipr/mynorwegian#/my-reservation?pnr=SX9XEB&pnrLocal=I1NUD&pnrName=BORK&RedirectId=10
permissions-policy: camera=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 NewNasStyles
www.norwegian.com/resourceipr/style-bundle/ 590 KB
79 KB 226ms
225ms Stylesheet
text/css 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

050e286217cafc4c190830be2943b80bb7d8c2347abfa6559509b53c2ae447f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 94
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 15:10:17 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 16 Nov 2024 15:10:17 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd3ac10dcca-FRA
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 lib.js Show response
www.norwegian.com/resourceipr/script-bundle/ 779 KB
235 KB 229ms
229ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bde7e72d2732047c21f850a38f799362b8e8e4af8a40db62f3189585ecd22deb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 370
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 07:41:20 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 03:20:50 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=80245
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd3ac16dcca-FRA
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 instant.js Show response
www.norwegian.com/resourceipr/script-bundle/ 61 B
243 B 229ms
228ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/instant.js?v=NCFsRGnlyO1pPdusxPsLbzoaFIqQoddJ-vdO0GuOvLg1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7dbc05557a28e311b7b2ec5c9cb47c978bcf7adc3ebc81f794362f6d4e6e3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 94
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 12:17:28 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 12:17:28 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=8250
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd3ac1bdcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 81
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sharedlang.da.js Show response
www.norwegian.com/resourceipr/script-bundle/ 26 KB
10 KB 69ms
69ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/sharedlang.da.js?v=wShdPJD0Uj3sVfP56qKEJXLLb3mrqDoOJhyAlfDspF81

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c727d646dddde66ff7110e82f22063628a2361da9ea385d512fc5945417764b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 977
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 19:50:17 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 19:50:17 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd5d91adcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 9719
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 iprlang.da.js Show response
www.norwegian.com/resourceipr/script-bundle/ 72 KB
22 KB 67ms
65ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/iprlang.da.js?v=fPXAW4gtWvLzoj6tnuxH3QXhxrX5k7L9KnFKHAa1V5s1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdcdb1aeae432c9ce661373ef44025b766b010f5472ca6e87d0c35dd0e03a28b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 977
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 18:19:55 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 18:19:55 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd68acddcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 22741
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 siteMap Show response
www.norwegian.com/resourceipr/js/ 5 KB
2 KB 135ms
127ms Script
text/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/js/siteMap?culture=da-DK&marketCode=dk&v=19e06f38-238e-4bf2-8df7-298b4b59a222

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6faf8a0ec2fc7ba128654414cd78421f71fef831f276819d697d8a808d03ae1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
age: 546
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=3540
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd68b14dcca-FRA
permissions-policy: camera=(), microphone=()
content-length: 1503
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 angular-locale_da.js Show response
www.norwegian.com/resourceipr/script-bundle/ 1 KB
971 B 130ms
122ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/angular-locale_da.js?v=yWGEWD8iUCcZ82PPtWk0BzJ-z4wo1lxXl_cdh3z30ho1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e00a14ecb5bd07270eceadf55cbcebf879a04b4016a18e084e40ffd2767f400

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 977
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 21:10:06 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 21:10:06 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=66810
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd69b22dcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 834
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sharedtemplates.js Show response
www.norwegian.com/resourceipr/script-bundle/ 290 KB
41 KB 128ms
121ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/sharedtemplates.js?v=aN6iFmpQhdMzqeHESAvQfLYL4ek-6XpdKVMGdcAfD8c1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6134671a28095404b6ba1e6a5e4fc100f4b0cdb7161de6335d688f2409c2b772

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 369
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 13:11:22 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 07:28:42 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=57182
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd69b2fdcca-FRA
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bootstraptemplates.js Show response
www.norwegian.com/resourceipr/script-bundle/ 6 KB
1 KB 135ms
128ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/bootstraptemplates.js?v=34gwjN6IWa4J4XvX8kgh7BbjBHF3fEunqz6hpkjIfw41

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7194ce485b0e241acb96ab8e1f6fa260065ce8b533080867d4b68f42d3cb7653

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 369
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 10:56:15 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 10:34:53 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd69b35dcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 1328
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 templates.js Show response
www.norwegian.com/resourceipr/script-bundle/ 620 KB
79 KB 84ms
77ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/templates.js?v=QiLUQ4ojOyWOVZClHK2HoDVhYGCithlgvhiXFISgmM41

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4457c75812d482fa9fd327f1b6a68ba162961c48ee3b2a653f926b4abf48c10a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 369
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 10:56:15 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 16:02:01 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=41325
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd69b38dcca-FRA
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 amadeus.js Show response
cdn.optimizely.com/public/17202440929/s/ 329 KB
98 KB 181ms
56ms Script
text/javascript 2606:4700::6812:4139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optimizely.com/public/17202440929/s/amadeus.js
Requested by: Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fcbb650f4416d5b030f447207f615e94862a52a7c55f1a03c9c60d34abe3550

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
content-encoding: gzip
cf-cache-status: HIT
etag: "142d222ad89de90caaa45fb454eabffb"
x-amz-version-id: I4yhL74BKSs3sjPJ62foUjyXU8Op9fEN
age: 61
access-control-allow-methods: GET, HEAD
date: Sat, 16 Nov 2024 20:43:11 GMT
x-amz-meta-revision: 197
content-type: text/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 17:32:05 GMT
vary: Accept-Encoding
x-amz-id-2: UpD+WNzVG5nVoowJubVTlZJjG61w9f6MlNFps7TJboeSOG+cqtu0hxbgTbeGZc1a8PHetxSZKCE=
access-control-allow-headers: *
x-amz-replication-status: PENDING
cache-control: max-age=120
timing-allow-origin: *
x-amz-meta-pci_enabled: False
access-control-allow-credentials: false
x-amz-request-id: K8WMNJJPSV2P00MT
cf-ray: 8e3a4fd74fea039a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 99167
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 sprite.css.svg
www.norwegian.com/resourceipr/Content/Styles/ 287 KB
60 KB 68ms
68ms Image
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/resourceipr/Content/Styles/sprite.css.svg?v=90.20.2.3321

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1727abba112c6f1b37d7dcad93d6660f6912d893ea32af79870b9e1686f6c85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "01927571f35db1:0-gzip"
age: 37565
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd3ac1edcca-FRA
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ident.svg
www.norwegian.com/Content/img/ 5 KB
2 KB 225ms
224ms Image
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/Content/img/ident.svg

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67f12170cfd9e52545cb17e3051c4f218fbf5a1991922e754cdc2f702cd61449

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1db352072defd68"
age: 37557
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:17:14 GMT
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:32:22 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
permissions-policy: camera=(), microphone=()
cf-ray: 8e3a4fd3ac21dcca-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ident-mobile.svg
www.norwegian.com/Content/img/ 1 KB
835 B 80ms
79ms Image
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/Content/img/ident-mobile.svg

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0996e1e27267e75e64247fd46b750a73181b917fc53ee492b7a73fd83ebd94f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1db352072deea4b"
age: 37557
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:17:14 GMT
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:32:22 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
permissions-policy: camera=(), microphone=()
cf-ray: 8e3a4fd51f6cdcca-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 plainPageController.js Show response
www.norwegian.com/resourceipr/script-bundle/ 3 KB
2 KB 101ms
100ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/plainPageController.js?v=gepiPTpoDX4E9q8yQCPN3ZTJZKgiiZm8yQzFTB-DS3w1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3f869a0da4d69221cb18aae69551bc31585f1267b5ef419058735d23a25f4e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 370
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 06:42:40 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 06:42:40 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=85121
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd53fb0dcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 1343
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bootstrap.js Show response
www.norwegian.com/resourceipr/script-bundle/ 287 B
338 B 82ms
75ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/bootstrap.js?v=AKlRlTz6t-6zHLGKRC0THkPXCwFLEtG-mBEJBtqTA3I1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14112a43ed9320e7297894829ec60e5f9820c4902cd16c923459aedbf009a071

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 562
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 23:07:23 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 08:55:07 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=66171
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd69b3cdcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 207
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 brand.js Show response
www.norwegian.com/resourceipr/script-bundle/ 69 KB
18 KB 76ms
70ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/brand.js?v=9khjiw2C_Ipt9aE1WZdUn6BdecUMz7qo0M0Y64BGWIY1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7260c15d4a38a5e62c528695ecc3b5ca53f5874c20f2e185ea4cca29b051ec55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 562
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 16:23:25 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 16:24:44 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd69b3fdcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 18291
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 shared.js Show response
www.norwegian.com/resourceipr/script-bundle/ 221 KB
52 KB 72ms
66ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/shared.js?v=kg2lRVFaQCyrthErHPdCFh03XT3YOM7CTSoZVWklf_I1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebaf8e7a486e9f36de2c23ddcc76826d071660091466928637c17083ede99b12

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 369
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 06:59:55 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 18:06:12 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd69b42dcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 53331
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 mynorwegian.js Show response
www.norwegian.com/resourceipr/script-bundle/ 202 KB
26 KB 136ms
129ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/mynorwegian.js?v=Ik4E8-oExpwWLGOsjSh-K5FGcq8RUviscIhcJ57oQ241

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37d0e0ee296c203daf1e885a7498008cc6a3f1fe41619385cf8ddb7ce47fe19f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 660
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 21:52:19 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 21:52:19 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=0
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd6bbcadcca-FRA
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 layoutConfig.js Show response
www.norwegian.com/resourceipr/script-bundle/ 506 B
360 B 135ms
129ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/layoutConfig.js?v=X7iiclmNyG5AmREmpWEfSQtG7Dxapkjzsqjjou33Qn41

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d981c4434600f81280bb51381ff132b2b5b04b15f316ecafccb45a8d4f3c9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 383
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 18:36:14 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 18:36:14 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd6bbcbdcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 241
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bootstrappedData.js Show response
www.norwegian.com/resourceipr/script-bundle/ 201 B
288 B 133ms
126ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/bootstrappedData.js?v=Zb3iJl42GARYPhC9wqr3gDV_zZGIG64oA5-xQzguemM1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16465bbb64011d29c4c045b009fc75cf5738e5fded0c2486f1644875d8f93960

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 651
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 23:50:21 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 18:29:21 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd6bbcddcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 170
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 cookie-consent Show response
www.norwegian.com/resourceipr/script-bundle/ 3 KB
1 KB 132ms
125ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/cookie-consent?v=ld6M4LjH128YD3UaGlOnWvKlWLtjG3KghWn3vcuJXBM1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6193e02d2c7aaf91fd5b7e23b4c9ec2ad42795d25b808aba51705068b51e3ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 168
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 14:11:02 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 14:11:02 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=0
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd6bbcfdcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 1233
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 169ms
60ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norwegian.com
Referer: https://www.norwegian.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e3a4fd73d863621-FRA
access-control-allow-origin: *
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 577 KB
153 KB 258ms
150ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8dcdf9181002c1df45c10a17fd4ba37e161b5b29b7ef591848ca656d40336660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 16 Nov 2024 20:43:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 16 Nov 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 155603
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 apercu_regular_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ 34 KB
34 KB 63ms
63ms Font
application/font-woff2 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Content/webfonts/apercu_regular_pro-web.woff2

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af5a56f0a9eb13d4238b5780ddf731237e65492bba73a37f4896edcec9a46562

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norwegian.com
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Response headers

cf-cache-status: HIT
etag: "01927571f35db1:0"
age: 37565
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 20:43:11 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/font-woff2
last-modified: Tue, 12 Nov 2024 16:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd65a5bdcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 34728
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 script.js Show response
e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/ 353 KB
163 KB 181ms
48ms Script
application/javascript 2600:9000:2359:5600:f:1b37:e600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:5600:f:1b37:e600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7d07c68b0bdf101c8c9fb455513f34b8f5b099a405dbc2ff5d7609a8c0974401

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norwegian.com
Referer: https://www.norwegian.com/

Response headers

strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-id: jzOlbvk0LoGiOFN3vFVk2IUBMJ6Pfv5x1_EU9T0DqgPRRsRj28yeCw==
cache-control: private, immutable, max-age=31536000
timing-allow-origin: *
content-encoding: br
etag: W/"e24cc4ed79ec0d74999e321c582ed235"
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 20:43:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 15:33:01 GMT
vary: Accept-Encoding
x-amz-cf-pop: FRA60-P10

GET
H2 200 destinations Show response
www.norwegian.com/resourceipr/api/ 38 KB
5 KB 94ms
93ms XHR
application/json 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/api/destinations?channelId=IP&culture=da-DK&destinationModel=AirportModel&includeRelations=false&marketCode=dk&sortByCountryAndName=false&v=19e06f38-238e-4bf2-8df7-298b4b59a222

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6783991150cb346ec0615a4316e866ea8fe8bd422e34f5a9133b04c15b26c21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
age: 548
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=3600
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd83f77dcca-FRA
permissions-policy: camera=(), microphone=()
content-length: 5108
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 config Show response
www.norwegian.com/resourceipr/api/busy/ 43 B
242 B 170ms
169ms XHR
application/json 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/api/busy/config?channelId=IP&culture=da-DK&marketCode=dk

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

390369c902eda88f878841b48184c2ae13d723ac7611500b3ad3517ed005a8f0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: -1
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: no-cache
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd83f7adcca-FRA
permissions-policy: camera=(), microphone=()
content-length: 43
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 mynorwegian.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/ 80 B
336 B 155ms
155ms XHR
text/html 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/app/mynorwegian/mynorwegian.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48d4d205f988b921f7afe244dfd8a995c6f4bbaa1794bf720abe929283dd1b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

ApiRequestVerificationToken: 0dcO905yMKc6aCYTU1srYvYgRz1fxpy-rOmTTgAH660lNB47tuYeT65ycWR7iIoyeK9mCPLcpjQJuNvFc7KoAxSHKyM1:OODdlxvmSoi9WKYf1e57kB2040JyqNrqGJAyLfjc6Onpbhyk412hvzB3giKMh3M3-bp0xc_7IG8hGCjYmYUKHc922UM1
Referer: https://www.norwegian.com/dk/ipr/mynorwegian
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: text/html

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
age: 28
x-content-type-options: nosniff
server-timing: cfCacheStatus;desc="DYNAMIC"
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: text/html
last-modified: Tue, 12 Nov 2024 16:24:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd85fbfdcca-FRA
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2

200

main.js Show response
www.norwegian.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 6442
Redirect Chain

https://www.norwegian.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.norwegian.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

61ms
56ms

Script
application/javascript

2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

594a5726b3ac7b42db17e67363d62eee9e5c1aaf0c5ee29fd1c199eb5f23ca01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd95a2bdcca-FRA
permissions-policy: camera=(), microphone=()
date: Sat, 16 Nov 2024 20:43:12 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

Redirect headers

report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=OQwgRmOGwJ2zgAjnvxOlIEkvtfi3.rhY1YS2aLYHjcY-1731789792-1.0.1.1-90pWNojxBd906n_tFkEYpotQjP7jtiC1hpcCzErh1nRGMNLQD63JvuH5KwE.5Rfqj0KE_mFOAWJODGVFHWQVvxJodMX4BGMO1it5UxyiD0o.1jMyzxQHIUiu9x871y7c9knbR03NiT0_Eejc2..0y9uocwJk7qQbRQNZynPltl0"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options: nosniff
date: Sat, 16 Nov 2024 20:43:12 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OQwgRmOGwJ2zgAjnvxOlIEkvtfi3.rhY1YS2aLYHjcY-1731789792-1.0.1.1-90pWNojxBd906n_tFkEYpotQjP7jtiC1hpcCzErh1nRGMNLQD63JvuH5KwE.5Rfqj0KE_mFOAWJODGVFHWQVvxJodMX4BGMO1it5UxyiD0o.1jMyzxQHIUiu9x871y7c9knbR03NiT0_Eejc2..0y9uocwJk7qQbRQNZynPltl0; report-to cf-csp-endpoint
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd85fc3dcca-FRA
permissions-policy: camera=(), microphone=()
access-control-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sprite.css.svg
www.norwegian.com/resourceipr/Content/Styles/ 287 KB
60 KB 74ms
74ms Image
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/resourceipr/Content/Styles/sprite.css.svg?v=d425d607

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1727abba112c6f1b37d7dcad93d6660f6912d893ea32af79870b9e1686f6c85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "01927571f35db1:0-gzip"
age: 37566
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd85fc6dcca-FRA
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 apercu_bold_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ 33 KB
33 KB 127ms
126ms Font
application/font-woff2 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Content/webfonts/apercu_bold_pro-web.woff2

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc3c23b01386976cefe20780dc329a13910f736baec0af707bcdce7824f41fb2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norwegian.com
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Response headers

cf-cache-status: HIT
etag: "01927571f35db1:0"
age: 36663
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 20:43:12 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: application/font-woff2
last-modified: Tue, 12 Nov 2024 16:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd85fdcdcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 34092
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 apercu_medium_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ 35 KB
35 KB 64ms
63ms Font
application/font-woff2 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Content/webfonts/apercu_medium_pro-web.woff2

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e8b79d8908650efc29905f2915687e05d152b6c5f6f542f9987cc7656c2e49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norwegian.com
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Response headers

cf-cache-status: HIT
etag: "01927571f35db1:0"
age: 37548
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 20:43:12 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: application/font-woff2
last-modified: Tue, 12 Nov 2024 16:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd85fdedcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 35344
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 a17202440929.html
a17202440929.cdn.optimizely.com/client_storage/ Frame CE24 0
0 186ms
60ms Document
text/html 2606:4700::6812:4239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a17202440929.cdn.optimizely.com/client_storage/a17202440929.html
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17202440929/s/amadeus.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.norwegian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 538
cache-control: max-age=120
cf-cache-status: HIT
cf-ray: 8e3a4fd9da451c73-FRA
content-encoding: gzip
content-length: 835
content-type: text/html; charset=utf-8
date: Sat, 16 Nov 2024 20:43:12 GMT
etag: "94e2a6c9447a588c913ad81f36202d66"
last-modified: Fri, 15 Nov 2024 17:32:04 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT"
vary: Accept-Encoding
x-amz-id-2: LCn/7LozNMH6Zt0A7bYs+kcH1grK927N58mrfrow3wQ7ybI28qmONynOqg7zhLA/Gc5MV74NXq4=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: KG3QFR4RM23M4H7H
x-amz-server-side-encryption: AES256
x-amz-version-id: klvQHu0cWpK4TfLCd.dfuQrRPsg8sLgf

GET
H2 200 reservationDetails Show response
www.norwegian.com/resourceipr/api/mynorwegian/ 14 KB
4 KB 524ms
524ms XHR
application/json 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/api/mynorwegian/reservationDetails?channelId=IP&culture=da-DK&marketCode=dk&pnr=SX9XEB&pnrLocal=I1NUD&pnrName=BORK

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98f0dbed328529f99f8c1e03c9eb08272dfae185759c46c230a3750a30a16b1c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

ApiRequestVerificationToken: 0dcO905yMKc6aCYTU1srYvYgRz1fxpy-rOmTTgAH660lNB47tuYeT65ycWR7iIoyeK9mCPLcpjQJuNvFc7KoAxSHKyM1:OODdlxvmSoi9WKYf1e57kB2040JyqNrqGJAyLfjc6Onpbhyk412hvzB3giKMh3M3-bp0xc_7IG8hGCjYmYUKHc922UM1
Referer: https://www.norwegian.com/dk/ipr/mynorwegian
CheckUserAgent: true
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: -1
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: no-cache
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd9aaf0dcca-FRA
permissions-policy: camera=(), microphone=()
content-length: 3223
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 reservation.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ 42 KB
7 KB 88ms
87ms XHR
text/html 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/reservation.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ae5bc4de176e8d520bc8b992c75216a96ad9ab6ccef75ea9635f1fcec0647f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

ApiRequestVerificationToken: 0dcO905yMKc6aCYTU1srYvYgRz1fxpy-rOmTTgAH660lNB47tuYeT65ycWR7iIoyeK9mCPLcpjQJuNvFc7KoAxSHKyM1:OODdlxvmSoi9WKYf1e57kB2040JyqNrqGJAyLfjc6Onpbhyk412hvzB3giKMh3M3-bp0xc_7IG8hGCjYmYUKHc922UM1
Referer: https://www.norwegian.com/dk/ipr/mynorwegian
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: text/html

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
age: 555
x-content-type-options: nosniff
server-timing: cfCacheStatus;desc="DYNAMIC"
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: text/html
last-modified: Tue, 12 Nov 2024 16:24:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fd9aaf3dcca-FRA
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET 3e050b52-bc0c-4946-918a-d1cfc338e4c3
https://www.norwegian.com/ Frame 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 354 KB
119 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XMQZZ1BMXF&l=dataLayer&cx=c&gtm=45He4bc0h1v76365325za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed260017952fc82901c4be66bfba579e3643a5bef723c6a58d19e8af5484bbe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 16 Nov 2024 20:43:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 120977
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
pagead2.googlesyndication.com/ccm/ 0
0 142ms
49ms Ping
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.norwegian.com%2Fdk%2Fipr%2Fmynorwegian&scrsrc=www.googletagmanager.com&frm=0&rnd=292421677.1731789792&npa=1&gtm=45He4bc0h1v76365325za200&gcs=G100&gcd=13q3q3q2q5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855&tft=1731789792373&tfd=1944&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

POST
H2 200 8e3a4fd2b9f9dcca Show response
www.norwegian.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6442 0
620 B 95ms
90ms XHR
text/plain 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e3a4fd2b9f9dcca

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fdb6f63dcca-FRA
permissions-policy: camera=(), microphone=()
content-length: 0
date: Sat, 16 Nov 2024 20:43:12 GMT
x-xss-protection: 1; mode=block
content-type: text/plain; charset=UTF-8
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 01D2 0
0 139ms
50ms Document
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.norwegian.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 124111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 10:14:41 GMT
expires: Sat, 15 Nov 2025 10:14:41 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 149ms
48ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XMQZZ1BMXF&gtm=45je4bc0v9172276097z876365325za200zb76365325&_p=1731789791314&gcs=G100&gcd=13q3qPq2q5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067554~102067808~102077855&cid=1273180414.1731789793&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&cu=DKK&dl=https%3A%2F%2Fwww.norwegian.com%2Fdk%2Fipr%2Fmynorwegian%2Fmy-reservation&dr=&sid=1731789792&sct=1&seg=0&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=DK&ep.content_type=ipr&ep.gtm_event_trigger=gtm.js&ep.country_code=DK&ep.event_group=content&tfd=2228
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XMQZZ1BMXF&l=dataLayer&cx=c&gtm=45He4bc0h1v76365325za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.norwegian.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: text/plain
server: Golfe2

GET fd8d7476-c630-481c-9bc5-166c6076626b
https://www.norwegian.com/ Frame 0
0

POST
H/1.1 200
OK prop.json
ffd5fce92025469cbd4269ece4fc70a8-e11233f1926a.cdn.forter.com/ 2 B
625 B 387ms
119ms Ping
application/json 100.26.87.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ffd5fce92025469cbd4269ece4fc70a8-e11233f1926a.cdn.forter.com/prop.json
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 100.26.87.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-87-64.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.norwegian.com/

Response headers

ETag: "2-626f1904f5836"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Date: Sat, 16 Nov 2024 20:43:13 GMT
Last-Modified: Fri, 15 Nov 2024 11:06:50 GMT
Content-Type: application/json
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Timing-Allow-Origin: *
Pragma: no-cache
Connection: close
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://www.norwegian.com
Content-Length: 2
Server: Apache

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/e11233f1926a/ffd5fce92025469cbd4269ece4fc70a8/ 20 B
361 B 383ms
120ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/ffd5fce92025469cbd4269ece4fc70a8/prop.json?_=1731789792677
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Timing-Allow-Origin: *
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: -1
Access-Control-Allow-Origin: https://www.norwegian.com
Date: Sat, 16 Nov 2024 20:43:13 GMT
Content-Type: application/json
Vary: Origin

POST
H2 204 rum Show response
www.norwegian.com/cdn-cgi/ 0
150 B 52ms
50ms XHR
text/plain 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e3a4fdcba84dcca-FRA
access-control-allow-origin: https://www.norwegian.com
date: Sat, 16 Nov 2024 20:43:12 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 citypairWithdrawnAcceptBox.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/sharedComponents/app/shared/components/cancellation/ 863 B
592 B 80ms
76ms XHR
text/html 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/sharedComponents/app/shared/components/cancellation/citypairWithdrawnAcceptBox.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3096717f928323a1bdc8e8438b18786a467f8f14ff1574970d34995374c66b78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

ApiRequestVerificationToken: 0dcO905yMKc6aCYTU1srYvYgRz1fxpy-rOmTTgAH660lNB47tuYeT65ycWR7iIoyeK9mCPLcpjQJuNvFc7KoAxSHKyM1:OODdlxvmSoi9WKYf1e57kB2040JyqNrqGJAyLfjc6Onpbhyk412hvzB3giKMh3M3-bp0xc_7IG8hGCjYmYUKHc922UM1
Referer: https://www.norwegian.com/dk/ipr/mynorwegian
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "0846c4c1f35db1:0-gzip"
age: 106
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: text/html
last-modified: Tue, 12 Nov 2024 16:24:08 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fdd4be7dcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 363
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 canceledFlightBox.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ 430 B
1 KB 98ms
95ms XHR
text/html 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/canceledFlightBox.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9239a632efcaa8c3862c968424f78742c19f586d7c9dcbc600031ad5bedfe3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

ApiRequestVerificationToken: 0dcO905yMKc6aCYTU1srYvYgRz1fxpy-rOmTTgAH660lNB47tuYeT65ycWR7iIoyeK9mCPLcpjQJuNvFc7KoAxSHKyM1:OODdlxvmSoi9WKYf1e57kB2040JyqNrqGJAyLfjc6Onpbhyk412hvzB3giKMh3M3-bp0xc_7IG8hGCjYmYUKHc922UM1
Referer: https://www.norwegian.com/dk/ipr/mynorwegian
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "0573b4b1f35db1:0-gzip"
age: 18
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=poo.kTb_fzwjWVgZRCOrWeZ9L_Uq8I_1dEV4oHtMuXA-1731789792-1.0.1.1-Y1O7mXIkNv3qhxWvqHRTH9_iGvnBNHjCedVh1CPeGGmamzOo6yuJS_mJJstfX4JsEBBf1LAkv17exfX18nMf09tnCc1OX_rpN2OBonf1Uuv25VnSzIMJWwnoZVJFm4wdWG4QzkFD0_VjQmeAgC8ZOgrmZeV2EsTdKjweaL8MmKM"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: text/html
last-modified: Tue, 12 Nov 2024 16:24:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=poo.kTb_fzwjWVgZRCOrWeZ9L_Uq8I_1dEV4oHtMuXA-1731789792-1.0.1.1-Y1O7mXIkNv3qhxWvqHRTH9_iGvnBNHjCedVh1CPeGGmamzOo6yuJS_mJJstfX4JsEBBf1LAkv17exfX18nMf09tnCc1OX_rpN2OBonf1Uuv25VnSzIMJWwnoZVJFm4wdWG4QzkFD0_VjQmeAgC8ZOgrmZeV2EsTdKjweaL8MmKM; report-to cf-csp-endpoint
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fdd5bf5dcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 258
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 upgradesAndChanges.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ 2 KB
831 B 152ms
149ms XHR
text/html 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/upgradesAndChanges.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd278b86cceac75fbfa08b15e84ad0c1039c59dbbb06f6f56cce8ad03e6e1f73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

ApiRequestVerificationToken: 0dcO905yMKc6aCYTU1srYvYgRz1fxpy-rOmTTgAH660lNB47tuYeT65ycWR7iIoyeK9mCPLcpjQJuNvFc7KoAxSHKyM1:OODdlxvmSoi9WKYf1e57kB2040JyqNrqGJAyLfjc6Onpbhyk412hvzB3giKMh3M3-bp0xc_7IG8hGCjYmYUKHc922UM1
Referer: https://www.norwegian.com/dk/ipr/mynorwegian
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "0573b4b1f35db1:0-gzip"
age: 207
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: text/html
last-modified: Tue, 12 Nov 2024 16:24:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fdd5bf8dcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 648
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 reservationContent.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ 60 B
311 B 88ms
88ms XHR
text/html 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/reservationContent.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3800731f5a412c6a76700f8c1e620ef71f7f0554db8cc873e2679890d2633247

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

ApiRequestVerificationToken: 0dcO905yMKc6aCYTU1srYvYgRz1fxpy-rOmTTgAH660lNB47tuYeT65ycWR7iIoyeK9mCPLcpjQJuNvFc7KoAxSHKyM1:OODdlxvmSoi9WKYf1e57kB2040JyqNrqGJAyLfjc6Onpbhyk412hvzB3giKMh3M3-bp0xc_7IG8hGCjYmYUKHc922UM1
Referer: https://www.norwegian.com/dk/ipr/mynorwegian
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"0573b4b1f35db1:0"
age: 316
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: text/html
last-modified: Tue, 12 Nov 2024 16:24:06 GMT
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fdd5bfbdcca-FRA
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2

200

budget.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Budget.jpg
https://ct-supplierimage.imgix.net/car/budget.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

140ms
64ms

Image
image/jpeg

2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/budget.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

98385d30754ca6bcac12ece467ac9778a757ea5b835cb11896a79884cfe51fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

x-served-by: cache-chi-kigq8000101-CHI, cache-fra-etou8220112-FRA, cache-mxp6981-MXP
cache-control: public, max-age=604800
timing-allow-origin: *
age: 469768
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT, HIT, HIT
content-length: 4246
date: Sat, 16 Nov 2024 20:43:13 GMT
last-modified: Mon, 11 Nov 2024 10:13:44 GMT
content-type: image/jpeg
server: imgix
x-imgix-id: 1a18666d8be22c15c154c0799acc32f3043d68f2

Redirect headers

location: https://ct-supplierimage.imgix.net/car/budget.pdf?fm=jpg&w=49&bg=fff
content-length: 284
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2

200

hertz.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Hertz.jpg
https://ct-supplierimage.imgix.net/car/hertz.pdf?fm=jpg&w=49&bg=fff

4 KB
5 KB

194ms
64ms

Image
image/jpeg

2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/hertz.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

fc9405646369703b5fb08e33654fd8308546d959c7cf778e3d794443b08fb89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

x-served-by: cache-chi-klot8100054-CHI, cache-fra-etou8220067-FRA, cache-mxp6981-MXP
cache-control: public, max-age=604800
timing-allow-origin: *
age: 358096
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, HIT, HIT
content-length: 4371
date: Sat, 16 Nov 2024 20:43:13 GMT
last-modified: Tue, 12 Nov 2024 17:14:56 GMT
content-type: image/jpeg
server: imgix
x-imgix-id: 7960d98563524929bdf6b333f03fb9f73b2a0f24

Redirect headers

location: https://ct-supplierimage.imgix.net/car/hertz.pdf?fm=jpg&w=49&bg=fff
content-length: 283
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2

200

europcar.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Europcar.jpg
https://ct-supplierimage.imgix.net/car/europcar.pdf?fm=jpg&w=49&bg=fff

4 KB
5 KB

180ms
50ms

Image
image/jpeg

2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/europcar.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

faf9ca9aea0994e36d0e85672a62e6f1844de86cefda1dbeab6aa4690f08f2fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

x-served-by: cache-chi-kigq8000115-CHI, cache-fra-etou8220143-FRA, cache-mxp6981-MXP
cache-control: public, max-age=604800
timing-allow-origin: *
age: 513210
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, HIT, HIT
content-length: 4311
date: Sat, 16 Nov 2024 20:43:13 GMT
last-modified: Sun, 10 Nov 2024 22:09:43 GMT
content-type: image/jpeg
server: imgix
x-imgix-id: 4cbe5d88d899e7f840b0149e0b0ffcfff2215ca5

Redirect headers

location: https://ct-supplierimage.imgix.net/car/europcar.pdf?fm=jpg&w=49&bg=fff
content-length: 286
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2

200

firefly.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Firefly.jpg
https://ct-supplierimage.imgix.net/car/firefly.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

138ms
56ms

Image
image/jpeg

2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/firefly.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cdcc7d6a1815225d69b4ff42c6e86b266579e2aa44af5a7bdedac353f3e78633

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

x-served-by: cache-chi-klot8100050-CHI, cache-fra-eddf8230139-FRA, cache-mxp6981-MXP
cache-control: public, max-age=604800
timing-allow-origin: *
age: 282143
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, HIT, HIT
content-length: 4159
date: Sat, 16 Nov 2024 20:43:13 GMT
last-modified: Wed, 13 Nov 2024 14:20:49 GMT
content-type: image/jpeg
server: imgix
x-imgix-id: fcb5126fcb507a16ebf548d1885fe6e1917d2404

Redirect headers

location: https://ct-supplierimage.imgix.net/car/firefly.pdf?fm=jpg&w=49&bg=fff
content-length: 285
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2

200

sixt.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Sixt.jpg
https://ct-supplierimage.imgix.net/car/sixt.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

192ms
62ms

Image
image/jpeg

2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/sixt.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

feba6c303dd08052f3495a22c91593095ddc29cdbce78c6cbfd5cedb6cede493

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

x-served-by: cache-chi-klot8100155-CHI, cache-fra-eddf8230105-FRA, cache-mxp6981-MXP
cache-control: public, max-age=604800
timing-allow-origin: *
age: 528058
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, HIT, HIT
content-length: 4239
date: Sat, 16 Nov 2024 20:43:13 GMT
last-modified: Sun, 10 Nov 2024 18:02:15 GMT
content-type: image/jpeg
server: imgix
x-imgix-id: 0792ac3cc0fcf86ab088b28873e023ffa7f0154e

Redirect headers

location: https://ct-supplierimage.imgix.net/car/sixt.pdf?fm=jpg&w=49&bg=fff
content-length: 282
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2

200

avis.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Avis.jpg
https://ct-supplierimage.imgix.net/car/avis.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

181ms
51ms

Image
image/jpeg

2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/avis.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

507ce0fc9b536c628808a0668b78b0800a9f02daf2d8847bd9fe0649cc16e395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

x-served-by: cache-chi-klot8100055-CHI, cache-fra-eddf8230139-FRA, cache-mxp6981-MXP
cache-control: public, max-age=604800
timing-allow-origin: *
age: 545327
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, HIT, HIT
content-length: 4258
date: Sat, 16 Nov 2024 20:43:13 GMT
last-modified: Sun, 10 Nov 2024 13:14:26 GMT
content-type: image/jpeg
server: imgix
x-imgix-id: 50b56db62b1657d0b90ce4cf994017ff581e9246

Redirect headers

location: https://ct-supplierimage.imgix.net/car/avis.pdf?fm=jpg&w=49&bg=fff
content-length: 282
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2

200

alamo.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Alamo.jpg
https://ct-supplierimage.imgix.net/car/alamo.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

135ms
59ms

Image
image/jpeg

2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/alamo.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e8a65d4e2f9cb7b7c68127e9ad4ebe86d4f1ad84e10f715f5cc2a94af762abae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

x-served-by: cache-chi-klot8100128-CHI, cache-fra-etou8220039-FRA, cache-mxp6981-MXP
cache-control: public, max-age=604800
timing-allow-origin: *
age: 267459
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, HIT, HIT
content-length: 4321
date: Sat, 16 Nov 2024 20:43:13 GMT
last-modified: Wed, 13 Nov 2024 18:25:34 GMT
content-type: image/jpeg
server: imgix
x-imgix-id: 003ba7235c87f2de86e0b45f2c013c2b50c41726

Redirect headers

location: https://ct-supplierimage.imgix.net/car/alamo.pdf?fm=jpg&w=49&bg=fff
content-length: 283
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2

200

green_motion.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Green_Motion.jpg
https://ct-supplierimage.imgix.net/car/green_motion.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

134ms
58ms

Image
image/jpeg

2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/green_motion.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

6ba5080a3b54e269cb3c9b9b86f82de231306d7656b83acb09fdb11d5c439022

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

x-served-by: cache-chi-kigq8000141-CHI, cache-fra-eddf8230084-FRA, cache-mxp6981-MXP
cache-control: public, max-age=604800
timing-allow-origin: *
age: 541959
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT, HIT, HIT
content-length: 4098
date: Sat, 16 Nov 2024 20:43:13 GMT
last-modified: Sun, 10 Nov 2024 14:10:34 GMT
content-type: image/jpeg
server: imgix
x-imgix-id: ad3f321b142b97701a637f75ac6bfeb027bd171d

Redirect headers

location: https://ct-supplierimage.imgix.net/car/green_motion.pdf?fm=jpg&w=49&bg=fff
content-length: 290
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2 200 ident-hotels-com.png
www.norwegian.com/Content/Images/content/ 8 KB
8 KB 66ms
65ms Image
image/webp 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/Content/Images/content/ident-hotels-com.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf210245490588d723c5e9f32ef936eff332045d564dff94ef748aad3acbd459

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

cf-bgj: imgq:85,h2pri
etag: "1db351f23e4bd57"
age: 36677
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:31:55 GMT
cf-polished: origFmt=png, origSize=14167
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: image/webp
content-disposition: inline; filename="ident-hotels-com.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 12 Nov 2024 16:23:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 7972
x-xss-protection: 1; mode=block
cf-ray: 8e3a4fdddd30dcca-FRA
server: cloudflare

GET
H2 200 arrow-right.svg
www.norwegian.com/resourceipr/Content/img/icons/small/ 678 B
607 B 64ms
63ms Image
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/resourceipr/Content/img/icons/small/arrow-right.svg

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5896bf0015007a9a1b5129a335ad4874eb66f296ceff3c10648e3a08d2dd61c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "01927571f35db1:0-gzip"
age: 37474
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fdddd3ddcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 458
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 list--journey.svg
www.norwegian.com/resourceipr/Content/img/icons/ 11 KB
1 KB 65ms
64ms Image
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/resourceipr/Content/img/icons/list--journey.svg

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f67aaffa2693ba3bbfe4df1c79d4dfda08422193221d0890ab2e2d7020b58c7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "0ecf5551f35db1:0-gzip"
age: 37564
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:24:24 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fdded3edcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 953
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 favicon.svg
www.norwegian.com/ 1 KB
719 B 61ms
60ms Other
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/favicon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a58432fc7aeddda616167b3770a473c55a6a95853020ac1239d6483226d1a7d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1db351f23e48e43"
age: 37540
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:17:32 GMT
date: Sat, 16 Nov 2024 20:43:12 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:23:00 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
permissions-policy: camera=(), microphone=()
cf-ray: 8e3a4fdded63dcca-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 icon-marker.svg
www.norwegian.com/resourceipr/Content/img/icons/ 628 B
529 B 60ms
59ms Image
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/resourceipr/Content/img/icons/icon-marker.svg

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081d2a51d781c18dbc059b5d990733127b739e65ccbfeb999aed7945dd6eeddd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "0ecf5551f35db1:0-gzip"
age: 37273
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:24:24 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4fdecfc7dcca-FRA
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 432
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
388 B 276ms
145ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17202440929/s/amadeus.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.norwegian.com/

Response headers

x-request-id: 9fc8bd00-4b06-4be6-be19-3cbd241aaaaf
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://www.norwegian.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/e11233f1926a/ffd5fce92025469cbd4269ece4fc70a8/ 20 B
361 B 125ms
125ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/ffd5fce92025469cbd4269ece4fc70a8/prop.json?_=1731789793228
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Timing-Allow-Origin: *
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: -1
Access-Control-Allow-Origin: https://www.norwegian.com
Date: Sat, 16 Nov 2024 20:43:13 GMT
Content-Type: application/json
Vary: Origin

GET
H2 200 loader.js Show response
product-router.cartrawler.com/assets/ 340 KB
83 KB 161ms
48ms Script
application/javascript 18.244.18.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://product-router.cartrawler.com/assets/loader.js

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/shared.js?v=kg2lRVFaQCyrthErHPdCFh03XT3YOM7CTSoZVWklf_I1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-11.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

42ff65d2d488b7b843303767220439ecc4fbff38b2145beab03b5ed8f3efb183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: W/"54ef4-193200efed2"
age: 34268
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: E3MI-NYVhBHc1WvwzWctwiOmkACO1DoElonk2zqIrPbAp-pmnrb3_w==
date: Sat, 16 Nov 2024 11:12:05 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 12 Nov 2024 11:07:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
referrer-policy: same-origin
via: 1.1 39cfa117a3536e9c0afd90708900b558.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P11
x-powered-by: Express
server: nginx

GET
H/1.1 200
OK xsell.js Show response
widgets.hotels.com/ 2 KB
3 KB 578ms
440ms Script
text/plain 184.86.251.29
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.hotels.com/xsell.js
Requested by: Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/shared.js?v=kg2lRVFaQCyrthErHPdCFh03XT3YOM7CTSoZVWklf_I1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-86-251-29.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a5adaf5b5c9ff0e06fdc98d4b214b73e0313fb2a8c8cb0b965ff5e547f1b9e15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

X-CGP-Info: noJvmRouteSet;66554cb7-a45b-11ef-8483-02423ed07d93
Content-Encoding: gzip
X-Hcom-Origin-Id: xsws.xsws
X-Hcom-Styx-Info: prod-decaf.us-east-1.dmz;styxpres;styxapache-styx-pres-678b6c64b5-hw2nk
Expires: Sat, 16 Nov 2024 20:43:13 GMT
Date: Sat, 16 Nov 2024 20:43:13 GMT
Content-Type: text/plain;charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 0
Pragma: no-cache
Trace-ID: b9221815-29bc-45f7-aa66-03ff8f3be785
Connection: keep-alive
x-b3-traceId: b922181529bc45f7aa6603ff8f3be785
Content-Length: 937
Server: Apache

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/e11233f1926a/ffd5fce92025469cbd4269ece4fc70a8/ 20 B
361 B 120ms
120ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/ffd5fce92025469cbd4269ece4fc70a8/prop.json?_=1731789793519
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Timing-Allow-Origin: *
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: -1
Access-Control-Allow-Origin: https://www.norwegian.com
Date: Sat, 16 Nov 2024 20:43:13 GMT
Content-Type: application/json
Vary: Origin

POST
H2 200 events
cdn3.forter.com/ 0
371 B 242ms
136ms Ping
text/plain 3.161.82.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-48.fra56.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=gzip+enc
Referer: https://www.norwegian.com/

Response headers

strict-transport-security: max-age=86400; includeSubDomains
cache-control: private, no-cache, no-store
timing-allow-origin: *
pragma: no-cache
via: 1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
expires: -1
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: iZIaDn7nMc9beX6QbgPBQvKB0zJMNb6t44pYTMVrP3A3qHT2s0QE3g==
date: Sat, 16 Nov 2024 20:43:13 GMT
x-amz-cf-pop: FRA56-P10
vary: Origin
access-control-allow-origin: *

GET
H2 200 DA
product-router.cartrawler.com/product/widget/norwegian/573004/ Frame 0622 0
0 127ms
47ms Document
text/html 18.244.18.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://product-router.cartrawler.com/product/widget/norwegian/573004/DA?ng-if=vm.model.flightList.length%20%3E%200&currency=DKK&pax=1&pnr=SX9XEB&flight-0-arrival-date-time=2024-11-26T12:25:00&flight-0-arrival-iata=OSL&flight-0-departure-date-time=2024-11-26T11:15:00&flight-0-departure-iata=BLL&flight-0-number=DY999

Requested by

Host: product-router.cartrawler.com
URL: https://product-router.cartrawler.com/assets/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-11.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norwegian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 7
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1800
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 16 Nov 2024 20:43:06 GMT
etag: W/"2cf9d-zia9PfMco37UY3cQw+127Snnp2Q"
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 111f802abddccd55d219ff1635e1aa4a.cloudfront.net (CloudFront)
x-amz-cf-id: SXdIi1iqol7L2ycWVigOq0QWsVobj3Ks4yVSmjuXly5wiXVS7esFvQ==
x-amz-cf-pop: FRA56-P11
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 logo_small.gif
df45ay5pw60dy.cloudfront.net/ 48 B
282 B 146ms
43ms Image
image/gif 2600:9000:2251:5e00:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_small.gif?dfpadname=&check=1731789793727
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:5e00:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 48
x-amz-cf-id: KjkZTKZHzJ1W4hdHORAhTXczWOk4UIKRepktnJ8N0qITxwLvMzfATQ==
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: image/gif
x-amz-cf-pop: FRA60-P3
server: CloudFront

GET
H2 200 logo_medium.gif
df45ay5pw60dy.cloudfront.net/ 48 B
280 B 145ms
42ms Image
image/gif 2600:9000:2251:5e00:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_medium.gif?check=1731789793727&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:5e00:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 48
x-amz-cf-id: 4d3am8T9-IcaRB_KM330pkFcrErM4vuzlMusAXm1NpPRFJrHAL9lAA==
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: image/gif
x-amz-cf-pop: FRA60-P3
server: CloudFront

GET
H2 200 logo_large.gif
df45ay5pw60dy.cloudfront.net/ 48 B
281 B 147ms
44ms Image
image/gif 2600:9000:2251:5e00:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_large.gif?1731789793727&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:5e00:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 48
x-amz-cf-id: y9pBjQd_qnMwV3J1vylrr13opQTbHxx5h4OjM7hWQ3MLXoECrFq7nA==
date: Sat, 16 Nov 2024 20:43:13 GMT
content-type: image/gif
x-amz-cf-pop: FRA60-P3
server: CloudFront

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/e11233f1926a/ffd5fce92025469cbd4269ece4fc70a8/ 20 B
442 B 120ms
119ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/ffd5fce92025469cbd4269ece4fc70a8/wpt.json
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.norwegian.com/

Response headers

Cache-Control: private, no-cache, no-store
Timing-Allow-Origin: *
Pragma: no-cache
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: -1
Access-Control-Allow-Origin: https://www.norwegian.com
Content-Length: 20
Keep-Alive: timeout=10
Date: Sat, 16 Nov 2024 20:43:13 GMT
Content-Type: application/json; charset=utf-8
Vary: Origin

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/e11233f1926a/ffd5fce92025469cbd4269ece4fc70a8/ Frame 0
0 120ms
119ms Preflight 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/ffd5fce92025469cbd4269ece4fc70a8/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.norwegian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Sat, 16 Nov 2024 20:43:13 GMT
Keep-Alive: timeout=10
Vary: Access-Control-Request-Headers

GET
H/1.1 200
OK getXsellWidget
widgets.hotels.com/ Frame BA38 0
0 361ms
276ms Document
text/html 184.86.251.30
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.hotels.com/getXsellWidget?widgetTarget=hotel-ean-container&outboundDate=2024-11-26&inboundDate=&airportDeparture=BLL&airportArrival=OSL&noOfAdults=1&noOfChildren=0&locale=da_DK&currency=DKK&pnr=SX9XEB&flightClass=Economy&purchaseDate=2024-11-16&widgetID=61&widgetType=MB&gaLinkerParameter=null&partnerLoyaltyNumber=null&showSearchBar=true&origin=https%3A%2F%2Fwww.norwegian.com
Requested by: Host: widgets.hotels.com
URL: https://widgets.hotels.com/xsell.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-86-251-30.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, no-cache, no-store
Charset: utf-8
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 9127
Content-Type: text/html; charset=UTF-8
Date: Sat, 16 Nov 2024 20:43:14 GMT
Expires: Sat, 16 Nov 2024 20:43:14 GMT
Pragma: no-cache
Server: Apache
Trace-ID: 3a090423-1776-436e-a500-707c155384aa
Vary: Accept-Encoding
X-Akamai-Transformed: 9 9058 0 pmb=mTOE,1
X-CGP-Info: noJvmRouteSet;668d4c3d-a45b-11ef-8fdb-024242ff70e2
X-Hcom-Origin-Id: xsws.xsws
X-Hcom-Rendered-With: release
X-Hcom-Styx-Info: prod-decaf.us-east-1.dmz;styxpres;styxapache-styx-pres-678b6c64b5-22qcp
x-b3-traceId: 3a0904231776436ea500707c155384aa
x-envoy-upstream-service-time: 9
x-hcom-dio-styx-provided: 1

POST
H2 200 events
cdn3.forter.com/ 0
370 B 136ms
134ms Ping
text/plain 3.161.82.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-48.fra56.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=gzip+enc
Referer: https://www.norwegian.com/

Response headers

strict-transport-security: max-age=86400; includeSubDomains
cache-control: private, no-cache, no-store
timing-allow-origin: *
pragma: no-cache
via: 1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
expires: -1
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 7WwxT1ZeynRswEtJ-9HhnPowE_W4HR3GARdghSCEeuMjJ4mqfQ1WZg==
date: Sat, 16 Nov 2024 20:43:14 GMT
x-amz-cf-pop: FRA56-P10
vary: Origin
access-control-allow-origin: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 57ms
57ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XMQZZ1BMXF&gtm=45je4bc0v9172276097z876365325za200zb76365325&_p=1731789791314&gcs=G100&gcd=13q3qPq2q5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067554~102067808~102077855&cid=1273180414.1731789793&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=2&cu=DKK&dl=https%3A%2F%2Fwww.norwegian.com%2Fdk%2Fipr%2Fmynorwegian%2Fmy-reservation&dr=&sid=1731789792&sct=1&seg=0&dt=&en=page_load_time&ep.content_group=DK&ep.content_type=ipr&ep.gtm_event_trigger=gtm.load&ep.country_code=DK&epn.loading_time_sec=2.3&ep.event_group=page-load-time&_et=93&tfd=7348
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XMQZZ1BMXF&l=dataLayer&cx=c&gtm=45He4bc0h1v76365325za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.norwegian.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.norwegian.com
URL: blob:https://www.norwegian.com/3e050b52-bc0c-4946-918a-d1cfc338e4c3

Domain: www.norwegian.com
URL: blob:https://www.norwegian.com/fd8d7476-c630-481c-9bc5-166c6076626b

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 05:22:21	Name: APC Value: AfxxVi46MPYuvLah7ZwmUlJc_QlEZn-ttP9oagyNuKu3AqoMrHIutQ
.doubleclick.net/	1970-01-21 01:03:09	Name: FLC Value: CN-fzgEQ-NaDSBi-wq6ZASDu_I4jKK7g5gIw3ofkuQZwANq4BA4yDDoKCggoMJgXvf3BOg
.doubleclick.net/	1970-01-21 05:22:21	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 10:24:45	Name: IDE Value: AHWqTUm2DRMk1wj7-fiwMefHrE-zadlSd4_h6Jd8g6cVeVnshMd7F63DPUC-BBQtwew
www.norwegian.com/	1969-12-31 23:59:59	Name: EPiStateMarker Value: true
.www.norwegian.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 53a5a89db7164726416e0c54ed8ab5afd2455fdfc5bd4f18b8c73e4bc327dbcf
.www.norwegian.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 53a5a89db7164726416e0c54ed8ab5afd2455fdfc5bd4f18b8c73e4bc327dbcf
.norwegian.com/	1970-01-21 01:03:11	Name: __cf_bm Value: _Ss7G.gASX70u3gPEExUsofv6.fyAs30IOjFoxs4Ag8-1731789790-1.0.1.1-DVhuLuCFlypQle00CtYfz4VUG1zArvKqQ8KvK0AxCbd7__DyjE13QonWc3FSzzUtW.35Toju4BliTKTI9H2u7g
www.norwegian.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 5fzx10yqlsv03buvytxiz1l1
.norwegian.com/	1970-01-21 05:22:21	Name: optimizelyEndUserId Value: oeu1731789792128r0.5532074135270919
.norwegian.com/	1970-01-21 09:48:45	Name: cf_clearance Value: HTD98fHFY7T_MxQ4Tpw2C8FeuCCAHxwrUV0imKfDoEM-1731789792-1.2.1.1-.BFiGvfkkwB93zG686nPQiYPQRc0P7D820fYUgd5VVVR7Ao0gozT13DHg2koR52Kx.2ists9ICLHHDhCoA.2wQnGDL7GTZ0Zq.xPEtv0BnRIQQpKaT3j9Gcv5evdlvW5X5o3d2rXsCK8lf7_Xr4165k7LPoXUoioQG0Bc443StfDnWmxAWjAH9eL7oWoa1.Ra0J1jGaDtapGygcjYsmALXbWue6.ixlv8_DwsZtE.06YVfpbrgcDCLHn1cTHEdRczbVIGxHxYKcdeOSds3UOMRWkGaFWtiVdpjki56b6ZXZNpQhGLFwh8FcOgt3KcocFFeUUfRWJcvCorA_ewc.zHKich3HyqPxPdpPaEIZOIuOQrSg9ENSkOuIJysn79u8L
.www.norwegian.com/	1969-12-31 23:59:59	Name: TS01e9bd6b Value: 01ccc25f523a06dabfded0be12b55527eb09b544c3cc419a3dbfa26e315a9cc4d3c350f9906e94422046d80714987428e8535cd1ca
.norwegian.com/	1970-01-21 10:39:09	Name: forterToken Value: ffd5fce92025469cbd4269ece4fc70a8_1731789791740__UDF43-m4_21ck_
.hotels.com/	1970-01-21 01:03:11	Name: HMS Value: 6fc934aa-4fc8-368d-b1a3-0831134b4c14
.hotels.com/	1970-01-21 10:39:09	Name: MC1 Value: GUID=3d5bea7d1f0d47c39311e2e731c19517
.hotels.com/	1970-01-21 10:39:09	Name: DUAID Value: 3d5bea7d-1f0d-47c3-9311-e2e731c19517
widgets.hotels.com/	1970-01-21 01:43:28	Name: akacd_pr_5 Value: 1734208993~rv=36~id=80950a451e42e441a14c9a58d67b8f22
.hotels.com/	1970-01-21 10:39:09	Name: cesc Value: %7B%22lpe%22%3A%5B%223a090423-1776-436e-a500-707c155384aa%22%2C1731789794235%5D%2C%22marketingClick%22%3A%5B%22false%22%2C1731789794235%5D%2C%22lmc%22%3A%5B%22DIRECT.REFERRAL%22%2C1731789794235%5D%2C%22hitNumber%22%3A%5B%221%22%2C1731789794235%5D%2C%22amc%22%3A%5B%22DIRECT.REFERRAL%22%2C1731789794235%5D%2C%22visitNumber%22%3A%5B%221%22%2C1731789794235%5D%2C%22ape%22%3A%5B%223a090423-1776-436e-a500-707c155384aa%22%2C1731789794235%5D%2C%22entryPage%22%3A%5B%22xsws%22%2C1731789794235%5D%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a17202440929.cdn.optimizely.com
ad.doubleclick.net
cdn.cartrawler.com
cdn.optimizely.com
cdn0.forter.com
cdn3.forter.com
ct-supplierimage.imgix.net
df45ay5pw60dy.cloudfront.net
e11233f1926a.cdn4.forter.com
ffd5fce92025469cbd4269ece4fc70a8-e11233f1926a.cdn.forter.com
logx.optimizely.com
pagead2.googlesyndication.com
product-router.cartrawler.com
region1.google-analytics.com
static.cloudflareinsights.com
widgets.hotels.com
www.googletagmanager.com
www.norwegian.com
www.norwegian.com
100.26.87.64
142.250.185.130
142.250.186.134
18.244.18.11
184.86.251.29
184.86.251.30
2001:4860:4802:32::36
2600:9000:2251:5e00:10:f40e:dd80:21
2600:9000:2359:5600:f:1b37:e600:93a1
2606:4700::6810:4f49
2606:4700::6812:4139
2606:4700::6812:4239
2606:4700::6812:c16a
2a00:1450:4001:813::2008
2a04:4e42::720
3.161.82.48
34.49.241.189
52.51.21.241
54.243.108.33
050e286217cafc4c190830be2943b80bb7d8c2347abfa6559509b53c2ae447f9
081d2a51d781c18dbc059b5d990733127b739e65ccbfeb999aed7945dd6eeddd
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
14112a43ed9320e7297894829ec60e5f9820c4902cd16c923459aedbf009a071
16465bbb64011d29c4c045b009fc75cf5738e5fded0c2486f1644875d8f93960
2e00a14ecb5bd07270eceadf55cbcebf879a04b4016a18e084e40ffd2767f400
3096717f928323a1bdc8e8438b18786a467f8f14ff1574970d34995374c66b78
31a1ec1d6a3c1495f8c39efa0500ac7c66bbd516b6f5860e6896cb7ca0e81361
37d0e0ee296c203daf1e885a7498008cc6a3f1fe41619385cf8ddb7ce47fe19f
3800731f5a412c6a76700f8c1e620ef71f7f0554db8cc873e2679890d2633247
390369c902eda88f878841b48184c2ae13d723ac7611500b3ad3517ed005a8f0
42ff65d2d488b7b843303767220439ecc4fbff38b2145beab03b5ed8f3efb183
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4457c75812d482fa9fd327f1b6a68ba162961c48ee3b2a653f926b4abf48c10a
507ce0fc9b536c628808a0668b78b0800a9f02daf2d8847bd9fe0649cc16e395
5896bf0015007a9a1b5129a335ad4874eb66f296ceff3c10648e3a08d2dd61c9
594a5726b3ac7b42db17e67363d62eee9e5c1aaf0c5ee29fd1c199eb5f23ca01
6134671a28095404b6ba1e6a5e4fc100f4b0cdb7161de6335d688f2409c2b772
67f12170cfd9e52545cb17e3051c4f218fbf5a1991922e754cdc2f702cd61449
6ba5080a3b54e269cb3c9b9b86f82de231306d7656b83acb09fdb11d5c439022
6faf8a0ec2fc7ba128654414cd78421f71fef831f276819d697d8a808d03ae1e
7194ce485b0e241acb96ab8e1f6fa260065ce8b533080867d4b68f42d3cb7653
7260c15d4a38a5e62c528695ecc3b5ca53f5874c20f2e185ea4cca29b051ec55
7d07c68b0bdf101c8c9fb455513f34b8f5b099a405dbc2ff5d7609a8c0974401
84e8b79d8908650efc29905f2915687e05d152b6c5f6f542f9987cc7656c2e49
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8dcdf9181002c1df45c10a17fd4ba37e161b5b29b7ef591848ca656d40336660
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
98385d30754ca6bcac12ece467ac9778a757ea5b835cb11896a79884cfe51fe4
98f0dbed328529f99f8c1e03c9eb08272dfae185759c46c230a3750a30a16b1c
9fcbb650f4416d5b030f447207f615e94862a52a7c55f1a03c9c60d34abe3550
a48d4d205f988b921f7afe244dfd8a995c6f4bbaa1794bf720abe929283dd1b2
a58432fc7aeddda616167b3770a473c55a6a95853020ac1239d6483226d1a7d1
a5adaf5b5c9ff0e06fdc98d4b214b73e0313fb2a8c8cb0b965ff5e547f1b9e15
a6193e02d2c7aaf91fd5b7e23b4c9ec2ad42795d25b808aba51705068b51e3ff
a6783991150cb346ec0615a4316e866ea8fe8bd422e34f5a9133b04c15b26c21
af5a56f0a9eb13d4238b5780ddf731237e65492bba73a37f4896edcec9a46562
b1727abba112c6f1b37d7dcad93d6660f6912d893ea32af79870b9e1686f6c85
b3f869a0da4d69221cb18aae69551bc31585f1267b5ef419058735d23a25f4e5
bd278b86cceac75fbfa08b15e84ad0c1039c59dbbb06f6f56cce8ad03e6e1f73
bdcdb1aeae432c9ce661373ef44025b766b010f5472ca6e87d0c35dd0e03a28b
bde7e72d2732047c21f850a38f799362b8e8e4af8a40db62f3189585ecd22deb
bf210245490588d723c5e9f32ef936eff332045d564dff94ef748aad3acbd459
c727d646dddde66ff7110e82f22063628a2361da9ea385d512fc5945417764b4
cdcc7d6a1815225d69b4ff42c6e86b266579e2aa44af5a7bdedac353f3e78633
d3ae5bc4de176e8d520bc8b992c75216a96ad9ab6ccef75ea9635f1fcec0647f
dc3c23b01386976cefe20780dc329a13910f736baec0af707bcdce7824f41fb2
e0996e1e27267e75e64247fd46b750a73181b917fc53ee492b7a73fd83ebd94f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a65d4e2f9cb7b7c68127e9ad4ebe86d4f1ad84e10f715f5cc2a94af762abae
e9239a632efcaa8c3862c968424f78742c19f586d7c9dcbc600031ad5bedfe3b
e9d981c4434600f81280bb51381ff132b2b5b04b15f316ecafccb45a8d4f3c9d
ea7dbc05557a28e311b7b2ec5c9cb47c978bcf7adc3ebc81f794362f6d4e6e3a
ebaf8e7a486e9f36de2c23ddcc76826d071660091466928637c17083ede99b12
ed260017952fc82901c4be66bfba579e3643a5bef723c6a58d19e8af5484bbe8
f67aaffa2693ba3bbfe4df1c79d4dfda08422193221d0890ab2e2d7020b58c7b
faf9ca9aea0994e36d0e85672a62e6f1844de86cefda1dbeab6aa4690f08f2fc
fc9405646369703b5fb08e33654fd8308546d959c7cf778e3d794443b08fb89c
feba6c303dd08052f3495a22c91593095ddc29cdbce78c6cbfd5cedb6cede493

www.norwegian.com Open in urlscan Pro 2606:4700::6812:c16a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

86 %HTTPS

47 %IPv6

12 Domains

18 Subdomains

18 IPs

3 Countries

1507 kBTransfer

5745 kBSize

18 Cookies

1 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.norwegian.com Open in urlscan Pro
2606:4700::6812:c16a Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

86 %
HTTPS

47 %
IPv6

12
Domains

18
Subdomains

18
IPs

3
Countries

1507 kB
Transfer

5745 kB
Size

18
Cookies

79 HTTP transactions
0 data transactions