www.norwegian.com Open in urlscan Pro
2606:4700::6812:c16a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11340299.151055224;dc_trk_aid=321626430;dc_trk_cid=736456...
Effective URL:
https://www.norwegian.com/dk/ipr/mynorwegian
Submission: On November 16 via api (November 16th 2024, 8:43:24 pm UTC) from US — Scanned from US

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 9 domains to perform 62 HTTP transactions. The main IP is 2606:4700::6812:c16a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.norwegian.com. The Cisco Umbrella rank of the primary domain is 502945.
TLS certificate: Issued by WE1 on October 1st 2024. Valid for: 3 months.

This is the only time www.norwegian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.251.40.166 142.251.40.166	15169 (GOOGLE) (GOOGLE)
2 38	2606:4700::68... 2606:4700::6812:c16a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:4239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80a::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:251... 2600:9000:2512:1000:f:1b37:e600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
2	34.230.131.189 34.230.131.189	14618 (AMAZON-AES) (AMAZON-AES)
1	3.234.25.89 3.234.25.89	14618 (AMAZON-AES) (AMAZON-AES)
5	54.243.108.33 54.243.108.33	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2600:9000:21d... 2600:9000:21da:4800:1d:9f28:ff00:21	16509 (AMAZON-02) (AMAZON-02)
2	18.164.124.61 18.164.124.61	16509 (AMAZON-02) (AMAZON-02)
62	14

1 142.251.40.166 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700::6812:c16a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.norwegian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:4239 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a17202440929.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80a::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2512:1000:f:1b37:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)

e11233f1926a.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.230.131.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-131-189.compute-1.amazonaws.com

rum.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.25.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-25-89.compute-1.amazonaws.com

7762c8b4b5cc419f8de9c0d7faa103a3-e11233f1926a.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.243.108.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-108-33.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21da:4800:1d:9f28:ff00:21 (United States)

ASN16509 (AMAZON-02, US)

duuytoqss3gu4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.124.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-61.jfk50.r.cloudfront.net

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	norwegian.com 2 redirects www.norwegian.com — Cisco Umbrella Rank: 502945	858 KB
9	forter.com e11233f1926a.cdn4.forter.com 7762c8b4b5cc419f8de9c0d7faa103a3-e11233f1926a.cdn.forter.com cdn0.forter.com — Cisco Umbrella Rank: 4475 cdn3.forter.com — Cisco Umbrella Rank: 3911	166 KB
5	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 1024 a17202440929.cdn.optimizely.com — Cisco Umbrella Rank: 959987 rum.optimizely.com — Cisco Umbrella Rank: 21887 logx.optimizely.com — Cisco Umbrella Rank: 1766	99 KB
3	cloudfront.net duuytoqss3gu4.cloudfront.net	843 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	271 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
1	doubleclick.net 1 redirects ad.doubleclick.net — Cisco Umbrella Rank: 145	25 B
62	9

	Domain	Requested by
38	www.norwegian.com	2 redirects www.norwegian.com static.cloudflareinsights.com
5	cdn0.forter.com	e11233f1926a.cdn4.forter.com
3	duuytoqss3gu4.cloudfront.net
3	www.googletagmanager.com	www.norwegian.com www.googletagmanager.com
2	cdn3.forter.com	e11233f1926a.cdn4.forter.com
2	www.google-analytics.com	www.googletagmanager.com
2	rum.optimizely.com	cdn.optimizely.com
1	logx.optimizely.com	cdn.optimizely.com
1	7762c8b4b5cc419f8de9c0d7faa103a3-e11233f1926a.cdn.forter.com	e11233f1926a.cdn4.forter.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	a17202440929.cdn.optimizely.com	cdn.optimizely.com
1	e11233f1926a.cdn4.forter.com	www.norwegian.com
1	static.cloudflareinsights.com	www.norwegian.com
1	cdn.optimizely.com	www.norwegian.com
1	ad.doubleclick.net	1 redirects
62	15

This site contains no links.

Subject Issuer	Validity	Valid
www.norwegian.com WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh
cdn.optimizely.com WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.cdn4.forter.com Amazon RSA 2048 M03	`2024-08-08` - `2025-09-06`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
rum.optimizely.com Amazon RSA 2048 M03	`2024-05-01` - `2025-05-30`	a year	crt.sh
*.cdn.forter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-10` - `2025-08-10`	a year	crt.sh
cdn0.forter.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-10` - `2025-07-08`	a year	crt.sh
logx.optimizely.com WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
cdn3.forter.com Amazon RSA 2048 M02	`2024-06-19` - `2025-07-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.norwegian.com/dk/ipr/mynorwegian
Frame ID: 1F7E8B5F680900172110CE837B243C8C
Requests: 55 HTTP requests in this frame

Frame: https://www.norwegian.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: CF1B8446E45E86DC42025DF8E2C282AC
Requests: 2 HTTP requests in this frame

Frame: https://a17202440929.cdn.optimizely.com/client_storage/a17202440929.html
Frame ID: FBCAECBEAF771499A2F1F2C8C97C79BA
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.norwegian.com
Frame ID: 028CD78B644ECD1AD71CF00CD046E15C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11340299.151055224;dc_trk_aid=3216264... HTTP 302
https://www.norwegian.com/dk/start/booking/details?pnr=SX9XEB&pnrname=BORK&utm_source=crm&utm_medium=e... HTTP 302
https://www.norwegian.com/dk/ipr/mynorwegian Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

62
Requests

95 %
HTTPS

50 %
IPv6

9
Domains

15
Subdomains

14
IPs

1
Countries

1401 kB
Transfer

5364 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11340299.151055224;dc_trk_aid=321626430;dc_trk_cid=73645678;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?https://www.norwegian.com/dk/start/booking/details?pnr=SX9XEB&pnrname=BORK&utm_source=crm&utm_medium=email&utm_campaign=DK-booking-confirmation&utm_content=view-add-products HTTP 302
https://www.norwegian.com/dk/start/booking/details?pnr=SX9XEB&pnrname=BORK&utm_source=crm&utm_medium=email&utm_campaign=DK-booking-confirmation&utm_content=view-add-products&NAS_source=N388808.2679425NORWEGIAN&dclid=CJnR1Nzb4YkDFYpDRwEdrkAaEQ HTTP 302
https://www.norwegian.com/dk/ipr/mynorwegian Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.norwegian.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.norwegian.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request mynorwegian Show response
www.norwegian.com/dk/ipr/
Redirect Chain

https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11340299.151055224;dc_trk_aid=321626430;dc_trk_cid=73645678;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?https://www.norwegia...
https://www.norwegian.com/dk/start/booking/details?pnr=SX9XEB&pnrname=BORK&utm_source=crm&utm_medium=email&utm_campaign=DK-booking-confirmation&utm_content=view-add-products&NAS_source=N388808.2679...
https://www.norwegian.com/dk/ipr/mynorwegian

38 KB
12 KB

744ms
743ms

Document
text/html

2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

882fe7b93b61ac2fc86e7eeab72d9ec799f5e268a87ad6def3e00669b2a0b28f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8e3a4ff1faac7c5b-LAX
content-encoding: br
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
content-type: text/html; charset=utf-8
date: Sat, 16 Nov 2024 20:43:16 GMT
permissions-policy: camera=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8e3a4fef480a7c5b-LAX
content-length: 0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
date: Sat, 16 Nov 2024 20:43:16 GMT
location: /dk/ipr/mynorwegian#/my-reservation?pnr=SX9XEB&pnrname=BORK&utm_source=crm&utm_medium=email&utm_campaign=DK-booking-confirmation&utm_content=view-add-products&NAS_source=N388808.2679425NORWEGIAN&dclid=CJnR1Nzb4YkDFYpDRwEdrkAaEQ
permissions-policy: camera=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 NewNasStyles
www.norwegian.com/resourceipr/style-bundle/ 590 KB
79 KB 96ms
94ms Stylesheet
text/css 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

050e286217cafc4c190830be2943b80bb7d8c2347abfa6559509b53c2ae447f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 2
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 04:12:15 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:16 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 16 Nov 2024 04:12:15 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff6efa17c5b-LAX
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 lib.js Show response
www.norwegian.com/resourceipr/script-bundle/ 779 KB
235 KB 169ms
168ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bde7e72d2732047c21f850a38f799362b8e8e4af8a40db62f3189585ecd22deb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 3
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 18:57:47 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 18:57:47 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff6efa37c5b-LAX
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 instant.js Show response
www.norwegian.com/resourceipr/script-bundle/ 61 B
227 B 170ms
168ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/instant.js?v=NCFsRGnlyO1pPdusxPsLbzoaFIqQoddJ-vdO0GuOvLg1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7dbc05557a28e311b7b2ec5c9cb47c978bcf7adc3ebc81f794362f6d4e6e3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 2
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 19:29:01 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 19:29:01 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff6efa47c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 81
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sharedlang.da.js Show response
www.norwegian.com/resourceipr/script-bundle/ 26 KB
10 KB 97ms
97ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/sharedlang.da.js?v=wShdPJD0Uj3sVfP56qKEJXLLb3mrqDoOJhyAlfDspF81

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c727d646dddde66ff7110e82f22063628a2361da9ea385d512fc5945417764b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 3
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 18:01:57 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 18:01:57 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=0
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff99a547c5b-LAX
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 iprlang.da.js Show response
www.norwegian.com/resourceipr/script-bundle/ 72 KB
22 KB 108ms
100ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/iprlang.da.js?v=fPXAW4gtWvLzoj6tnuxH3QXhxrX5k7L9KnFKHAa1V5s1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdcdb1aeae432c9ce661373ef44025b766b010f5472ca6e87d0c35dd0e03a28b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 3
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 10:18:52 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 10:18:52 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff99a5c7c5b-LAX
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 siteMap Show response
www.norwegian.com/resourceipr/js/ 5 KB
2 KB 261ms
253ms Script
text/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/js/siteMap?culture=da-DK&marketCode=dk&v=4e0eca4d-78ca-48e6-a2ca-585266f35c93

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6faf8a0ec2fc7ba128654414cd78421f71fef831f276819d697d8a808d03ae1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
age: 487
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=3540
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff99a607c5b-LAX
permissions-policy: camera=(), microphone=()
content-length: 1503
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 angular-locale_da.js Show response
www.norwegian.com/resourceipr/script-bundle/ 1 KB
949 B 105ms
97ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/angular-locale_da.js?v=yWGEWD8iUCcZ82PPtWk0BzJ-z4wo1lxXl_cdh3z30ho1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e00a14ecb5bd07270eceadf55cbcebf879a04b4016a18e084e40ffd2767f400

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 3
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 19:22:58 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 19:22:58 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff9aa617c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 834
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sharedtemplates.js Show response
www.norwegian.com/resourceipr/script-bundle/ 290 KB
41 KB 115ms
108ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/sharedtemplates.js?v=aN6iFmpQhdMzqeHESAvQfLYL4ek-6XpdKVMGdcAfD8c1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6134671a28095404b6ba1e6a5e4fc100f4b0cdb7161de6335d688f2409c2b772

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 3
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 22:35:10 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 22:35:10 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=76673
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff9aa627c5b-LAX
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bootstraptemplates.js Show response
www.norwegian.com/resourceipr/script-bundle/ 6 KB
2 KB 99ms
92ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/bootstraptemplates.js?v=34gwjN6IWa4J4XvX8kgh7BbjBHF3fEunqz6hpkjIfw41

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7194ce485b0e241acb96ab8e1f6fa260065ce8b533080867d4b68f42d3cb7653

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 3
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 12:45:21 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 12:45:21 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=74174
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff9aa657c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 1328
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 templates.js Show response
www.norwegian.com/resourceipr/script-bundle/ 620 KB
79 KB 108ms
102ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/templates.js?v=QiLUQ4ojOyWOVZClHK2HoDVhYGCithlgvhiXFISgmM41

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4457c75812d482fa9fd327f1b6a68ba162961c48ee3b2a653f926b4abf48c10a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 522
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 13:55:52 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 13:55:52 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=30550
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff9aa677c5b-LAX
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 amadeus.js Show response
cdn.optimizely.com/public/17202440929/s/ 329 KB
98 KB 265ms
93ms Script
text/javascript 2606:4700::6812:4239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optimizely.com/public/17202440929/s/amadeus.js
Requested by: Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fcbb650f4416d5b030f447207f615e94862a52a7c55f1a03c9c60d34abe3550

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
content-encoding: gzip
cf-cache-status: HIT
etag: "142d222ad89de90caaa45fb454eabffb"
x-amz-version-id: I4yhL74BKSs3sjPJ62foUjyXU8Op9fEN
age: 289
access-control-allow-methods: GET, HEAD
date: Sat, 16 Nov 2024 20:43:17 GMT
x-amz-meta-revision: 197
content-type: text/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 17:32:05 GMT
vary: Accept-Encoding
x-amz-id-2: UpD+WNzVG5nVoowJubVTlZJjG61w9f6MlNFps7TJboeSOG+cqtu0hxbgTbeGZc1a8PHetxSZKCE=
access-control-allow-headers: *
x-amz-replication-status: PENDING
cache-control: max-age=120
timing-allow-origin: *
x-amz-meta-pci_enabled: False
access-control-allow-credentials: false
x-amz-request-id: K8WMNJJPSV2P00MT
cf-ray: 8e3a4ffaa8db7ea7-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 99167
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 sprite.css.svg
www.norwegian.com/resourceipr/Content/Styles/ 287 KB
60 KB 170ms
169ms Image
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/resourceipr/Content/Styles/sprite.css.svg?v=90.20.2.3321

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1727abba112c6f1b37d7dcad93d6660f6912d893ea32af79870b9e1686f6c85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "01927571f35db1:0-gzip"
age: 37447
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:16 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff6efa57c5b-LAX
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ident.svg
www.norwegian.com/Content/img/ 5 KB
2 KB 167ms
167ms Image
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/Content/img/ident.svg

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67f12170cfd9e52545cb17e3051c4f218fbf5a1991922e754cdc2f702cd61449

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1db352072defd68"
age: 36224
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:39:32 GMT
date: Sat, 16 Nov 2024 20:43:16 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:32:22 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
permissions-policy: camera=(), microphone=()
cf-ray: 8e3a4ff6efa67c5b-LAX
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ident-mobile.svg
www.norwegian.com/Content/img/ 1 KB
814 B 88ms
87ms Image
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/Content/img/ident-mobile.svg

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0996e1e27267e75e64247fd46b750a73181b917fc53ee492b7a73fd83ebd94f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1db352072deea4b"
age: 36225
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:39:32 GMT
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:32:22 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
permissions-policy: camera=(), microphone=()
cf-ray: 8e3a4ff8693f7c5b-LAX
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 plainPageController.js Show response
www.norwegian.com/resourceipr/script-bundle/ 3 KB
1 KB 98ms
98ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/plainPageController.js?v=gepiPTpoDX4E9q8yQCPN3ZTJZKgiiZm8yQzFTB-DS3w1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3f869a0da4d69221cb18aae69551bc31585f1267b5ef419058735d23a25f4e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 524
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 06:47:32 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 06:47:32 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff8794c7c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 1343
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bootstrap.js Show response
www.norwegian.com/resourceipr/script-bundle/ 287 B
380 B 104ms
99ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/bootstrap.js?v=AKlRlTz6t-6zHLGKRC0THkPXCwFLEtG-mBEJBtqTA3I1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14112a43ed9320e7297894829ec60e5f9820c4902cd16c923459aedbf009a071

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 522
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 23:07:23 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 23:07:23 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=63641
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff9aa687c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 207
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 brand.js Show response
www.norwegian.com/resourceipr/script-bundle/ 69 KB
18 KB 100ms
95ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/brand.js?v=9khjiw2C_Ipt9aE1WZdUn6BdecUMz7qo0M0Y64BGWIY1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7260c15d4a38a5e62c528695ecc3b5ca53f5874c20f2e185ea4cca29b051ec55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 3
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 18:33:14 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 18:33:14 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=84737
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff9aa6a7c5b-LAX
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 shared.js Show response
www.norwegian.com/resourceipr/script-bundle/ 221 KB
52 KB 167ms
162ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/shared.js?v=kg2lRVFaQCyrthErHPdCFh03XT3YOM7CTSoZVWklf_I1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebaf8e7a486e9f36de2c23ddcc76826d071660091466928637c17083ede99b12

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 521
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 13:44:00 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 13:44:00 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=67383
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffa0ac67c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 53331
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 mynorwegian.js Show response
www.norwegian.com/resourceipr/script-bundle/ 202 KB
26 KB 208ms
204ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/mynorwegian.js?v=Ik4E8-oExpwWLGOsjSh-K5FGcq8RUviscIhcJ57oQ241

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37d0e0ee296c203daf1e885a7498008cc6a3f1fe41619385cf8ddb7ce47fe19f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 20:27:45 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 20:27:45 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffa0ac77c5b-LAX
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 layoutConfig.js Show response
www.norwegian.com/resourceipr/script-bundle/ 506 B
362 B 163ms
159ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/layoutConfig.js?v=X7iiclmNyG5AmREmpWEfSQtG7Dxapkjzsqjjou33Qn41

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d981c4434600f81280bb51381ff132b2b5b04b15f316ecafccb45a8d4f3c9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 3
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 03:07:15 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 03:07:15 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffa0ac87c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 241
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bootstrappedData.js Show response
www.norwegian.com/resourceipr/script-bundle/ 201 B
288 B 171ms
168ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/bootstrappedData.js?v=Zb3iJl42GARYPhC9wqr3gDV_zZGIG64oA5-xQzguemM1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16465bbb64011d29c4c045b009fc75cf5738e5fded0c2486f1644875d8f93960

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 932
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 20:27:45 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 20:27:45 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffa0ac97c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 170
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 cookie-consent Show response
www.norwegian.com/resourceipr/script-bundle/ 3 KB
1 KB 165ms
162ms Script
application/javascript 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/cookie-consent?v=ld6M4LjH128YD3UaGlOnWvKlWLtjG3KghWn3vcuJXBM1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6193e02d2c7aaf91fd5b7e23b4c9ec2ad42795d25b808aba51705068b51e3ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 3
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 06:16:52 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 06:16:52 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffa0aca7c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 1233
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 238ms
84ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norwegian.com
Referer: https://www.norwegian.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e3a4ffa8ecc7cb5-LAX
access-control-allow-origin: *
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 577 KB
153 KB 490ms
203ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4baa750c87b3c13754c0d9e0c985afa1b7632dc61726342bb7b4eb0aa82d4340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 16 Nov 2024 20:43:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 16 Nov 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 155574
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 apercu_regular_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ 34 KB
34 KB 106ms
106ms Font
application/font-woff2 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Content/webfonts/apercu_regular_pro-web.woff2

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af5a56f0a9eb13d4238b5780ddf731237e65492bba73a37f4896edcec9a46562

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norwegian.com
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Response headers

cf-cache-status: HIT
etag: "01927571f35db1:0"
age: 26244
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 20:43:17 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/font-woff2
last-modified: Tue, 12 Nov 2024 16:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ff95a197c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 34728
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 script.js Show response
e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/ 353 KB
163 KB 452ms
155ms Script
application/javascript 2600:9000:2512:1000:f:1b37:e600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:1000:f:1b37:e600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7d07c68b0bdf101c8c9fb455513f34b8f5b099a405dbc2ff5d7609a8c0974401

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norwegian.com
Referer: https://www.norwegian.com/

Response headers

strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-id: IssOwgy3yzFeC0-J76k0g_mCF8IsjuJTR7Bhw2EodzO01v2iVaBgIQ==
cache-control: private, immutable, max-age=31536000
timing-allow-origin: *
content-encoding: br
etag: W/"e24cc4ed79ec0d74999e321c582ed235"
via: 1.1 eb7da8ca0dd07aa429ce47312003e292.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 15:33:20 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK50-P7

GET
H2 403 destinations Show response
www.norwegian.com/resourceipr/api/ 24 KB
12 KB 90ms
89ms XHR
text/html 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/api/destinations?channelId=IP&culture=da-DK&destinationModel=AirportModel&includeRelations=false&marketCode=dk&sortByCountryAndName=false&v=4e0eca4d-78ca-48e6-a2ca-585266f35c93

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

712d67c23dd63dbafaa75e0bd1e2fb9d49191824afab672ea834ff940773b4e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-content-options: nosniff
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: tdDIRFo67Rp823ImPngUfOneCc/rkcclQ6k7tSlfTgSgAZ+ZsU1OWYrMXqbhyh92h39BGpF57cjI7F30R7YKMITNoMjp0Q+XxfKb4P+NSoSx2UNosDjPOJ1NB5REjHWJLLbWA5zAp4RdZJz1pDbFdA==$h7va7xxTctgGV+MNpxgKjg==
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffb9cb77c5b-LAX
cross-origin-embedder-policy: require-corp
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
origin-agent-cluster: ?1
server: cloudflare

GET
H2 403 config Show response
www.norwegian.com/resourceipr/api/busy/ 23 KB
11 KB 93ms
93ms XHR
text/html 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/api/busy/config?channelId=IP&culture=da-DK&marketCode=dk

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab67bc127387a8e2dfd5259d9f627538f721196c06714da42435538e13dc2805

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-content-options: nosniff
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 5iQWOicUP0sxfheFg2eNdJTtLxrSN7cKARZLODhkLfzQbQIpalvo1jubXzz/RwNtrp2Y5E/gciMRuutn/CuhnSGAFbEKFYls07oENDJJrvhqrpSErhwRgAxYovT1x13ZDgDG6kE91BZDdNPo+nGNJg==$pa279szGWTdnUwjWHJCdcw==
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffbacb97c5b-LAX
cross-origin-embedder-policy: require-corp
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
origin-agent-cluster: ?1
server: cloudflare

GET
H2 200 mynorwegian.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/ 80 B
546 B 252ms
251ms XHR
text/html 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/app/mynorwegian/mynorwegian.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48d4d205f988b921f7afe244dfd8a995c6f4bbaa1794bf720abe929283dd1b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

ApiRequestVerificationToken: aZwrf6gFfzZWt08w5Awy9fMXsAiHCwMKKAWhISrAHO1Wxu4w1l7MmrFhS8VYWHZB6Y4hQe1IaDKgkjcNKgXGNMpztKs1:aLipLRHpZLTZRMoQH4vksk28O5_EXHZ0jqX1AOTMLKHGojeXuWqZc1iiN44uraqhkkYcRFqgwknUBaH_f2RCtmrTw101
Referer: https://www.norwegian.com/dk/ipr/mynorwegian
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: text/html

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
age: 93
x-content-type-options: nosniff
server-timing: cfCacheStatus;desc="DYNAMIC"
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: text/html
last-modified: Tue, 12 Nov 2024 16:24:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffbbce47c5b-LAX
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2

200

main.js Show response
www.norwegian.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame CF1B
Redirect Chain

https://www.norwegian.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.norwegian.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

89ms
89ms

Script
application/javascript

2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/dk/ipr/mynorwegian

Protocol

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb8217d96df9dde4daf4db7cdbf4895f66adf6b79cebafc3ce3c602ba86bcfac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffcfe327c5b-LAX
permissions-policy: camera=(), microphone=()
date: Sat, 16 Nov 2024 20:43:17 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

Redirect headers

content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-ray: 8e3a4ffbcced7c5b-LAX
permissions-policy: camera=(), microphone=()
access-control-allow-origin: *
content-length: 0
date: Sat, 16 Nov 2024 20:43:17 GMT
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 sprite.css.svg
www.norwegian.com/resourceipr/Content/Styles/ 287 KB
60 KB 97ms
97ms Image
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/resourceipr/Content/Styles/sprite.css.svg?v=d425d607

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1727abba112c6f1b37d7dcad93d6660f6912d893ea32af79870b9e1686f6c85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "01927571f35db1:0-gzip"
age: 36122
x-content-type-options: nosniff
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffbccf37c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 61076
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 apercu_bold_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ 33 KB
33 KB 102ms
102ms Font
application/font-woff2 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Content/webfonts/apercu_bold_pro-web.woff2

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc3c23b01386976cefe20780dc329a13910f736baec0af707bcdce7824f41fb2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norwegian.com
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Response headers

cf-cache-status: HIT
etag: "01927571f35db1:0"
age: 37033
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 20:43:17 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/font-woff2
last-modified: Tue, 12 Nov 2024 16:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffbccfd7c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 34092
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 apercu_medium_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ 35 KB
35 KB 102ms
101ms Font
application/font-woff2 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Content/webfonts/apercu_medium_pro-web.woff2

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e8b79d8908650efc29905f2915687e05d152b6c5f6f542f9987cc7656c2e49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norwegian.com
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=CAm2qMwsMvjaMOZ2pEpagUWzdQvN_iXrj_9WwQ9-0hM1

Response headers

cf-cache-status: HIT
etag: "01927571f35db1:0"
age: 26242
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 20:43:17 GMT
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: application/font-woff2
last-modified: Tue, 12 Nov 2024 16:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffbdd187c5b-LAX
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
content-length: 35344
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 a17202440929.html
a17202440929.cdn.optimizely.com/client_storage/ Frame FBCA 0
0 254ms
92ms Document
text/html 2606:4700::6812:4239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a17202440929.cdn.optimizely.com/client_storage/a17202440929.html
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17202440929/s/amadeus.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.norwegian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 274
cache-control: max-age=120
cf-cache-status: HIT
cf-ray: 8e3a4ffda9817bcd-LAX
content-encoding: gzip
content-length: 835
content-type: text/html; charset=utf-8
date: Sat, 16 Nov 2024 20:43:18 GMT
etag: "94e2a6c9447a588c913ad81f36202d66"
last-modified: Fri, 15 Nov 2024 17:32:04 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT"
vary: Accept-Encoding
x-amz-id-2: LCn/7LozNMH6Zt0A7bYs+kcH1grK927N58mrfrow3wQ7ybI28qmONynOqg7zhLA/Gc5MV74NXq4=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: KG3QFR4RM23M4H7H
x-amz-server-side-encryption: AES256
x-amz-version-id: klvQHu0cWpK4TfLCd.dfuQrRPsg8sLgf

GET
H2 403 reservationDetails Show response
www.norwegian.com/resourceipr/api/mynorwegian/ 24 KB
12 KB 83ms
82ms XHR
text/html 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/api/mynorwegian/reservationDetails?channelId=IP&culture=da-DK&marketCode=dk&pnr=SX9XEB&pnrName=BORK

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c296032aad3d5955accb81200a799d4a6e7b73116ab83d02768d7157592def4a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

ApiRequestVerificationToken: aZwrf6gFfzZWt08w5Awy9fMXsAiHCwMKKAWhISrAHO1Wxu4w1l7MmrFhS8VYWHZB6Y4hQe1IaDKgkjcNKgXGNMpztKs1:aLipLRHpZLTZRMoQH4vksk28O5_EXHZ0jqX1AOTMLKHGojeXuWqZc1iiN44uraqhkkYcRFqgwknUBaH_f2RCtmrTw101
Referer: https://www.norwegian.com/dk/ipr/mynorwegian
CheckUserAgent: true
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-content-options: nosniff
date: Sat, 16 Nov 2024 20:43:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: LZiJ2Qc6b9b9ib9UeU/8M8LmR/Qhs3q61mbk+2LXpE1X7b8gTjBJH1xjSZ5cmciadbVHya1swhDdu4MfME00/q78RtG6tuhfN3TAyt7DCwpleRmTliCcaw6/ubTkdVMcJ7O1jAywgC2aeUy5rXoIRA==$BnjDdqi2qXUNxQcvWpdFUA==
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffd5ec37c5b-LAX
cross-origin-embedder-policy: require-corp
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
origin-agent-cluster: ?1
server: cloudflare

GET
H2 200 reservation.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ 42 KB
7 KB 266ms
266ms XHR
text/html 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/reservation.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdc177a9d159187c020336b7a6db5a82cca6cc44195227f4af3a09a1363832d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

ApiRequestVerificationToken: aZwrf6gFfzZWt08w5Awy9fMXsAiHCwMKKAWhISrAHO1Wxu4w1l7MmrFhS8VYWHZB6Y4hQe1IaDKgkjcNKgXGNMpztKs1:aLipLRHpZLTZRMoQH4vksk28O5_EXHZ0jqX1AOTMLKHGojeXuWqZc1iiN44uraqhkkYcRFqgwknUBaH_f2RCtmrTw101
Referer: https://www.norwegian.com/dk/ipr/mynorwegian
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: text/html

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
age: 114
x-content-type-options: nosniff
server-timing: cfCacheStatus;desc="DYNAMIC"
x-ua-compatible: IE=edge
date: Sat, 16 Nov 2024 20:43:18 GMT
content-type: text/html
last-modified: Tue, 12 Nov 2024 16:24:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffd5ec77c5b-LAX
permissions-policy: camera=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 8e3a4ff1faac7c5b Show response
www.norwegian.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CF1B 0
622 B 111ms
100ms XHR
text/plain 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e3a4ff1faac7c5b

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3a4ffe6fbc7c5b-LAX
permissions-policy: camera=(), microphone=()
content-length: 0
date: Sat, 16 Nov 2024 20:43:18 GMT
x-xss-protection: 1; mode=block
content-type: text/plain; charset=UTF-8
server: cloudflare
x-frame-options: SAMEORIGIN

POST
H2 204 rum Show response
www.norwegian.com/cdn-cgi/ 0
150 B 82ms
79ms XHR
text/plain 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e3a4ffed82d7c5b-LAX
access-control-allow-origin: https://www.norwegian.com
date: Sat, 16 Nov 2024 20:43:18 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET c1e0ca83-6415-42c7-a518-e8f0e228e4be
https://www.norwegian.com/ Frame 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 354 KB
119 KB 167ms
165ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XMQZZ1BMXF&l=dataLayer&cx=c&gtm=45He4bc0v76365325za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f15580bb298f5df9d74e352fbaee2d8394d5c693fc3b97d269237f6ed444174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 16 Nov 2024 20:43:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 20:43:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 120984
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
pagead2.googlesyndication.com/ccm/ 0
0 435ms
157ms Ping
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.norwegian.com%2Fdk%2Fipr%2Fmynorwegian&scrsrc=www.googletagmanager.com&frm=0&rnd=439694665.1731789798&npa=1&gtm=45He4bc0v76365325za200&gcs=G100&gcd=13q3q3q3q5l1&dma_cps=-&dma=0&tag_exp=101925629~102067554~102067808~102077855&tft=1731789798353&tfd=3154&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s73-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

POST
H2 204 rum Show response
www.norwegian.com/cdn-cgi/ 0
60 B 89ms
85ms XHR
text/plain 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e3a500029897c5b-LAX
access-control-allow-origin: https://www.norwegian.com
date: Sat, 16 Nov 2024 20:43:18 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET 0ce2cdf5-2834-438a-b897-365088ae4c76
https://www.norwegian.com/ Frame 0
0

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 028C 0
0 416ms
137ms Document
text/html 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.norwegian.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 172893
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 20:41:45 GMT
expires: Fri, 14 Nov 2025 20:41:45 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK rum Show response
rum.optimizely.com/ 2 B
787 B 563ms
144ms XHR
application/json 34.230.131.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.optimizely.com/rum
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17202440929/s/amadeus.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.131.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-131-189.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.norwegian.com/

Response headers

Cache-control: no-cache="set-cookie"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.norwegian.com
Content-Length: 2
Date: Sat, 16 Nov 2024 20:43:19 GMT
Content-Type: application/json; charset=utf-8
X-Powered-By: Express
Server: nginx
Access-Control-Allow-Headers: X-Requested-With

POST
H/1.1 200
OK prop.json
7762c8b4b5cc419f8de9c0d7faa103a3-e11233f1926a.cdn.forter.com/ 2 B
625 B 405ms
130ms Ping
application/json 3.234.25.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://7762c8b4b5cc419f8de9c0d7faa103a3-e11233f1926a.cdn.forter.com/prop.json
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.25.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-25-89.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.norwegian.com/

Response headers

ETag: "2-627067de90d49"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Date: Sat, 16 Nov 2024 20:43:18 GMT
Last-Modified: Sat, 16 Nov 2024 12:04:55 GMT
Content-Type: application/json
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Timing-Allow-Origin: *
Pragma: no-cache
Connection: close
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://www.norwegian.com
Content-Length: 2
Server: Apache

GET
H2 200 favicon.svg
www.norwegian.com/ 1 KB
1 KB 94ms
90ms Other
image/svg+xml 2606:4700::6812:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/favicon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a58432fc7aeddda616167b3770a473c55a6a95853020ac1239d6483226d1a7d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/dk/ipr/mynorwegian

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1db351f23e48e43"
age: 34198
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 11:13:20 GMT
date: Sat, 16 Nov 2024 20:43:18 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 16:23:00 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
permissions-policy: camera=(), microphone=()
cf-ray: 8e3a50010a847c5b-LAX
x-xss-protection: 1; mode=block
server: cloudflare

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/e11233f1926a/7762c8b4b5cc419f8de9c0d7faa103a3/ 20 B
361 B 547ms
270ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/7762c8b4b5cc419f8de9c0d7faa103a3/prop.json?_=1731789798530
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Timing-Allow-Origin: *
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: -1
Access-Control-Allow-Origin: https://www.norwegian.com
Date: Sat, 16 Nov 2024 20:43:18 GMT
Content-Type: application/json
Vary: Origin

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 450ms
158ms Fetch
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XMQZZ1BMXF&gtm=45je4bc0v9172276097z876365325za200zb76365325&_p=1731789796941&gcs=G100&gcd=13q3q3q3q5l1&npa=1&dma_cps=-&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=523618413.1731789799&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&cu=DKK&dl=https%3A%2F%2Fwww.norwegian.com%2Fdk%2Fipr%2Fmynorwegian%2Fauth%2Flookup&dr=&sid=1731789798&sct=1&seg=0&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=DK&ep.content_type=ipr&ep.gtm_event_trigger=gtm.js&ep.country_code=DK&ep.event_group=content&tfd=3453
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XMQZZ1BMXF&l=dataLayer&cx=c&gtm=45He4bc0v76365325za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.norwegian.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 20:43:19 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
388 B 259ms
99ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17202440929/s/amadeus.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.norwegian.com/

Response headers

x-request-id: f1b6ce2c-2154-48c7-8f41-2c3bda69d50e
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://www.norwegian.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 20:43:19 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/e11233f1926a/7762c8b4b5cc419f8de9c0d7faa103a3/ 20 B
361 B 130ms
129ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/7762c8b4b5cc419f8de9c0d7faa103a3/prop.json?_=1731789799085
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Timing-Allow-Origin: *
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: -1
Access-Control-Allow-Origin: https://www.norwegian.com
Date: Sat, 16 Nov 2024 20:43:19 GMT
Content-Type: application/json
Vary: Origin

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/e11233f1926a/7762c8b4b5cc419f8de9c0d7faa103a3/ 20 B
361 B 131ms
131ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/7762c8b4b5cc419f8de9c0d7faa103a3/prop.json?_=1731789799348
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Timing-Allow-Origin: *
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: -1
Access-Control-Allow-Origin: https://www.norwegian.com
Date: Sat, 16 Nov 2024 20:43:19 GMT
Content-Type: application/json
Vary: Origin

GET
H2 200 logo_small.gif
duuytoqss3gu4.cloudfront.net/ 48 B
280 B 555ms
138ms Image
image/gif 2600:9000:21da:4800:1d:9f28:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duuytoqss3gu4.cloudfront.net/logo_small.gif?dfpadname=&check=1731789799459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:4800:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

via: 1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 48
x-amz-cf-id: Vrf7WCzNyg0Ls8KAHJlfPOMtt45EV-kxT2Gi5Z4mAbzUAeC_XirkHA==
date: Sat, 16 Nov 2024 20:43:19 GMT
content-type: image/gif
x-amz-cf-pop: EWR53-C1
server: CloudFront

GET
H2 200 logo_medium.gif
duuytoqss3gu4.cloudfront.net/ 48 B
281 B 555ms
138ms Image
image/gif 2600:9000:21da:4800:1d:9f28:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duuytoqss3gu4.cloudfront.net/logo_medium.gif?check=1731789799459&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:4800:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

via: 1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 48
x-amz-cf-id: 0gVHsiO0jTnncfSypNknOVPQ1jl7GntpDNtCSKiIOIzXqgZ3mJqPIQ==
date: Sat, 16 Nov 2024 20:43:19 GMT
content-type: image/gif
x-amz-cf-pop: EWR53-C1
server: CloudFront

GET
H2 200 logo_large.gif
duuytoqss3gu4.cloudfront.net/ 48 B
282 B 553ms
136ms Image
image/gif 2600:9000:21da:4800:1d:9f28:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duuytoqss3gu4.cloudfront.net/logo_large.gif?1731789799459&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:4800:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

via: 1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 48
x-amz-cf-id: BSgjLqS0vKLI6cG-c0L1urmZmD6WEFV6Vn4383bFqjjKBn2QW_zCkw==
date: Sat, 16 Nov 2024 20:43:19 GMT
content-type: image/gif
x-amz-cf-pop: EWR53-C1
server: CloudFront

POST
H2 200 events
cdn3.forter.com/ 0
370 B 481ms
148ms Ping
text/plain 18.164.124.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-61.jfk50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=gzip+enc
Referer: https://www.norwegian.com/

Response headers

strict-transport-security: max-age=86400; includeSubDomains
cache-control: private, no-cache, no-store
timing-allow-origin: *
pragma: no-cache
via: 1.1 16af463a01c5a83f3019835cbbb82152.cloudfront.net (CloudFront)
expires: -1
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: C6dG9U4QdHil_f3otsG76lI4v45SrCMr81PlpmIsjWF2Ys_wBTuVqA==
date: Sat, 16 Nov 2024 20:43:19 GMT
x-amz-cf-pop: JFK50-P7
vary: Origin
access-control-allow-origin: *

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/e11233f1926a/7762c8b4b5cc419f8de9c0d7faa103a3/ 20 B
442 B 132ms
131ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/7762c8b4b5cc419f8de9c0d7faa103a3/wpt.json
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.norwegian.com/

Response headers

Cache-Control: private, no-cache, no-store
Timing-Allow-Origin: *
Pragma: no-cache
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: -1
Access-Control-Allow-Origin: https://www.norwegian.com
Content-Length: 20
Keep-Alive: timeout=10
Date: Sat, 16 Nov 2024 20:43:19 GMT
Content-Type: application/json; charset=utf-8
Vary: Origin

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/e11233f1926a/7762c8b4b5cc419f8de9c0d7faa103a3/ Frame 0
0 131ms
130ms Preflight 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/7762c8b4b5cc419f8de9c0d7faa103a3/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.norwegian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Sat, 16 Nov 2024 20:43:19 GMT
Keep-Alive: timeout=10
Vary: Access-Control-Request-Headers

POST
H2 200 events
cdn3.forter.com/ 0
370 B 149ms
146ms Ping
text/plain 18.164.124.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-61.jfk50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=gzip+enc
Referer: https://www.norwegian.com/

Response headers

strict-transport-security: max-age=86400; includeSubDomains
cache-control: private, no-cache, no-store
timing-allow-origin: *
pragma: no-cache
via: 1.1 16af463a01c5a83f3019835cbbb82152.cloudfront.net (CloudFront)
expires: -1
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: elIj-RXfegqGEsQgIWTC_ytetJoB6IlImw9H0z0BFV2W1zC8kLG1Ew==
date: Sat, 16 Nov 2024 20:43:20 GMT
x-amz-cf-pop: JFK50-P7
vary: Origin
access-control-allow-origin: *

POST
H/1.1 200
OK rum Show response
rum.optimizely.com/ 2 B
392 B 162ms
160ms XHR
application/json 34.230.131.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.optimizely.com/rum
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17202440929/s/amadeus.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.131.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-131-189.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.norwegian.com/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.norwegian.com
Content-Length: 2
Date: Sat, 16 Nov 2024 20:43:20 GMT
Content-Type: application/json; charset=utf-8
X-Powered-By: Express
Server: nginx
Access-Control-Allow-Headers: X-Requested-With

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 151ms
150ms Fetch
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XMQZZ1BMXF&gtm=45je4bc0v9172276097z876365325za200zb76365325&_p=1731789796941&gcs=G100&gcd=13q3q3q3q5l1&npa=1&dma_cps=-&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=523618413.1731789799&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=2&cu=DKK&dl=https%3A%2F%2Fwww.norwegian.com%2Fdk%2Fipr%2Fmynorwegian%2Fauth%2Flookup&dr=&sid=1731789798&sct=1&seg=0&dt=&en=page_load_time&ep.content_group=DK&ep.content_type=ipr&ep.gtm_event_trigger=gtm.load&ep.country_code=DK&epn.loading_time_sec=3.08&ep.event_group=page-load-time&_et=4&tfd=8463
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XMQZZ1BMXF&l=dataLayer&cx=c&gtm=45He4bc0v76365325za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norwegian.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.norwegian.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 20:43:23 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.norwegian.com
URL: blob:https://www.norwegian.com/c1e0ca83-6415-42c7-a518-e8f0e228e4be

Domain: www.norwegian.com
URL: blob:https://www.norwegian.com/0ce2cdf5-2834-438a-b897-365088ae4c76

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 05:22:21	Name: APC Value: AfxxVi4lfW1ezeg8h8oIKrLnEvXU5BlXxahr58T9XUXGiil_1YZOkw
.doubleclick.net/	1970-01-21 01:03:09	Name: FLC Value: CN-fzgEQ-NaDSBi-wq6ZASDu_I4jKK7g5gIw44fkuQZwANq4BBoyGDoWChQoMJgXvf3BOpobBgjjh-S5BqAbAQ
.doubleclick.net/	1970-01-21 05:22:21	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 10:39:09	Name: IDE Value: AHWqTUnsnz-RJuVBNqWPmY552C8VhU-6dxmUlmVBmXrZB3xZQdPZ0cFep1rrtSmlC8o
www.norwegian.com/	1969-12-31 23:59:59	Name: EPiStateMarker Value: true
.www.norwegian.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 4918ce12697d563429e9a8fa569f93d60282c0546949764027b7b20f28437854
.www.norwegian.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 4918ce12697d563429e9a8fa569f93d60282c0546949764027b7b20f28437854
.norwegian.com/	1970-01-21 01:03:11	Name: __cf_bm Value: ezEsaWCp0Xm3nHiF8YbbfOxf7Aa24YvB.nOZX28P_cs-1731789796-1.0.1.1-DnHv.wgn.8Av6r__zamMDzq9O.ptOlEAnyPtbeU8w7INAPQYEyNskh7C3w_f0nfJuqKkaxq83OgSbpzs_1cD3A
.norwegian.com/	1970-01-21 05:22:21	Name: optimizelyEndUserId Value: oeu1731789797775r0.8938183050209225
.www.norwegian.com/	1969-12-31 23:59:59	Name: TS01e9bd6b Value: 01ccc25f5245d43d206473a81e4efa0fdc0079765b2c01672179adf7dbdd025219dfc4bb6b517f040be2b518dd1cd1208f3243a464
.norwegian.com/	1970-01-21 09:48:45	Name: cf_clearance Value: BlbZPg1kwLAtZO37mO3ZB9j4JL1_8hdNZYToC1bmH_I-1731789798-1.2.1.1-p1ubM5QDlCLx4fjmMPIBMoSgAOeRfwat5t9cS0WNfxtpngX2e1PQN7YB4XhjbYeEddnFsc8xXbX3KIq6ItBBHdmXj32pWByCm8GJGNYr2O2lrLViljg_tb5u4bJB3qyNeQR_VEPZOlPgk1kI0aPRC8wGr6MQpG4xeEQhY9Zu4Ppc3Ji1ktXh795hUAOzpwNH5nWw1ocdpxxAP7MySBgfMDxx2Vu5mb7LPbAbvvOsMKJYioAOqhpHbAC2Mppc8vplI4lycl_nJhgBTXi3Oy0yK3fUJbV3DcG9jvsiLm8yR2.wWYOnQL2zKERBcTSQOXYjn5PA6heH_9NjtsmO3qHrwfLJH6ez_Bz2Hr0iwv2GF8of.ldBfaj6PfazKYQq6lep
rum.optimizely.com/	1969-12-31 23:59:59	Name: optimizelyRumLB Value: 1
rum.optimizely.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 0975E78916B05F8E3BD983BAE952A49A2A54E670F196AD44A54875FB75FD08FE809B14074210E175848723254A3A6060DB766F2A436878B6D46BF7DE2EA5468B95FC1A3A31
.norwegian.com/	1970-01-21 10:39:09	Name: forterToken Value: 7762c8b4b5cc419f8de9c0d7faa103a3_1731789797340__UDF43-m4_21ck_

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.norwegian.com/resourceipr/api/destinations?channelId=IP&culture=da-DK&destinationModel=AirportModel&includeRelations=false&marketCode=dk&sortByCountryAndName=false&v=4e0eca4d-78ca-48e6-a2ca-585266f35c93 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.norwegian.com/resourceipr/api/busy/config?channelId=IP&culture=da-DK&marketCode=dk Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.norwegian.com/resourceipr/api/mynorwegian/reservationDetails?channelId=IP&culture=da-DK&marketCode=dk&pnr=SX9XEB&pnrName=BORK Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7762c8b4b5cc419f8de9c0d7faa103a3-e11233f1926a.cdn.forter.com
a17202440929.cdn.optimizely.com
ad.doubleclick.net
cdn.optimizely.com
cdn0.forter.com
cdn3.forter.com
duuytoqss3gu4.cloudfront.net
e11233f1926a.cdn4.forter.com
logx.optimizely.com
pagead2.googlesyndication.com
rum.optimizely.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
www.norwegian.com
www.norwegian.com
142.250.65.226
142.251.40.166
18.164.124.61
2600:9000:21da:4800:1d:9f28:ff00:21
2600:9000:2512:1000:f:1b37:e600:93a1
2606:4700::6810:5049
2606:4700::6812:4239
2606:4700::6812:c16a
2607:f8b0:4006:80a::2008
2607:f8b0:4006:81f::200e
3.234.25.89
34.230.131.189
34.49.241.189
54.243.108.33
050e286217cafc4c190830be2943b80bb7d8c2347abfa6559509b53c2ae447f9
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
14112a43ed9320e7297894829ec60e5f9820c4902cd16c923459aedbf009a071
16465bbb64011d29c4c045b009fc75cf5738e5fded0c2486f1644875d8f93960
2e00a14ecb5bd07270eceadf55cbcebf879a04b4016a18e084e40ffd2767f400
37d0e0ee296c203daf1e885a7498008cc6a3f1fe41619385cf8ddb7ce47fe19f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4457c75812d482fa9fd327f1b6a68ba162961c48ee3b2a653f926b4abf48c10a
4baa750c87b3c13754c0d9e0c985afa1b7632dc61726342bb7b4eb0aa82d4340
6134671a28095404b6ba1e6a5e4fc100f4b0cdb7161de6335d688f2409c2b772
67f12170cfd9e52545cb17e3051c4f218fbf5a1991922e754cdc2f702cd61449
6faf8a0ec2fc7ba128654414cd78421f71fef831f276819d697d8a808d03ae1e
712d67c23dd63dbafaa75e0bd1e2fb9d49191824afab672ea834ff940773b4e7
7194ce485b0e241acb96ab8e1f6fa260065ce8b533080867d4b68f42d3cb7653
7260c15d4a38a5e62c528695ecc3b5ca53f5874c20f2e185ea4cca29b051ec55
7d07c68b0bdf101c8c9fb455513f34b8f5b099a405dbc2ff5d7609a8c0974401
84e8b79d8908650efc29905f2915687e05d152b6c5f6f542f9987cc7656c2e49
882fe7b93b61ac2fc86e7eeab72d9ec799f5e268a87ad6def3e00669b2a0b28f
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
9f15580bb298f5df9d74e352fbaee2d8394d5c693fc3b97d269237f6ed444174
9fcbb650f4416d5b030f447207f615e94862a52a7c55f1a03c9c60d34abe3550
a48d4d205f988b921f7afe244dfd8a995c6f4bbaa1794bf720abe929283dd1b2
a58432fc7aeddda616167b3770a473c55a6a95853020ac1239d6483226d1a7d1
a6193e02d2c7aaf91fd5b7e23b4c9ec2ad42795d25b808aba51705068b51e3ff
ab67bc127387a8e2dfd5259d9f627538f721196c06714da42435538e13dc2805
af5a56f0a9eb13d4238b5780ddf731237e65492bba73a37f4896edcec9a46562
b1727abba112c6f1b37d7dcad93d6660f6912d893ea32af79870b9e1686f6c85
b3f869a0da4d69221cb18aae69551bc31585f1267b5ef419058735d23a25f4e5
bb8217d96df9dde4daf4db7cdbf4895f66adf6b79cebafc3ce3c602ba86bcfac
bdc177a9d159187c020336b7a6db5a82cca6cc44195227f4af3a09a1363832d2
bdcdb1aeae432c9ce661373ef44025b766b010f5472ca6e87d0c35dd0e03a28b
bde7e72d2732047c21f850a38f799362b8e8e4af8a40db62f3189585ecd22deb
c296032aad3d5955accb81200a799d4a6e7b73116ab83d02768d7157592def4a
c727d646dddde66ff7110e82f22063628a2361da9ea385d512fc5945417764b4
dc3c23b01386976cefe20780dc329a13910f736baec0af707bcdce7824f41fb2
e0996e1e27267e75e64247fd46b750a73181b917fc53ee492b7a73fd83ebd94f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d981c4434600f81280bb51381ff132b2b5b04b15f316ecafccb45a8d4f3c9d
ea7dbc05557a28e311b7b2ec5c9cb47c978bcf7adc3ebc81f794362f6d4e6e3a
ebaf8e7a486e9f36de2c23ddcc76826d071660091466928637c17083ede99b12

www.norwegian.com Open in urlscan Pro 2606:4700::6812:c16a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

95 %HTTPS

50 %IPv6

9 Domains

15 Subdomains

14 IPs

1 Countries

1401 kBTransfer

5364 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.norwegian.com Open in urlscan Pro
2606:4700::6812:c16a Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

95 %
HTTPS

50 %
IPv6

9
Domains

15
Subdomains

14
IPs

1
Countries

1401 kB
Transfer

5364 kB
Size

14
Cookies

62 HTTP transactions
0 data transactions