urlscan.io logo urlscan.io
SecurityTrails logo

www.norwegian.com Open in urlscan Pro
2606:4700::6811:b96a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.norwegian.com/uk/start/mt?p=LXCIBEDELGA
Effective URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Submission: On June 30 via manual from CO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 8 domains to perform 62 HTTP transactions. The main IP is 2606:4700::6811:b96a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.norwegian.com. The Cisco Umbrella rank of the primary domain is 625444.
TLS certificate: Issued by GTS CA 1P5 on June 5th 2024. Valid for: 3 months.
This is the only time www.norwegian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 36 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:235... 16509 (AMAZON-02)
1 23.197.128.15 16625 (AKAMAI-AS)
1 142.250.186.34 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 100.26.87.64 14618 (AMAZON-AES)
5 34.192.191.43 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 34.49.241.189 396982 (GOOGLE-CL...)
4 52.85.65.120 16509 (AMAZON-02)
3 2600:9000:266... 16509 (AMAZON-02)
62 15
36    2606:4700::6811:b96a (United States)

ASN13335 (CLOUDFLARENET, US)
www.norwegian.com
1    2a02:26f0:3500:883::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2359:9600:f:1b37:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)
e11233f1926a.cdn4.forter.com
1    23.197.128.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-128-15.deploy.static.akamaitechnologies.com
a17202440929.cdn.optimizely.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
pagead2.googlesyndication.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    100.26.87.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-87-64.compute-1.amazonaws.com
c90ce0bd3f49496387eba31f2c31c4f8-e11233f1926a.cdn.forter.com
5    34.192.191.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-191-43.compute-1.amazonaws.com
cdn0.forter.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com
logx.optimizely.com
4    52.85.65.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-120.muc50.r.cloudfront.net
cdn3.forter.com
3    2600:9000:266e:1e00:7:bffe:c3c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3nocrch4qti4v.cloudfront.net
Apex Domain
Subdomains		 Transfer
36 norwegian.com
www.norwegian.com — Cisco Umbrella Rank: 625444
774 KB
11 forter.com
e11233f1926a.cdn4.forter.com
c90ce0bd3f49496387eba31f2c31c4f8-e11233f1926a.cdn.forter.com
cdn0.forter.com — Cisco Umbrella Rank: 4656
cdn3.forter.com — Cisco Umbrella Rank: 4145
167 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
region1.google-analytics.com — Cisco Umbrella Rank: 2355
21 KB
3 cloudfront.net
d3nocrch4qti4v.cloudfront.net
841 B
3 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 805
a17202440929.cdn.optimizely.com — Cisco Umbrella Rank: 894460
logx.optimizely.com — Cisco Umbrella Rank: 1655
134 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
252 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
64 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1073
7 KB
62 8
Domain Requested by
36 www.norwegian.com 1 redirects www.norwegian.com
static.cloudflareinsights.com
5 cdn0.forter.com e11233f1926a.cdn4.forter.com
4 cdn3.forter.com e11233f1926a.cdn4.forter.com
3 d3nocrch4qti4v.cloudfront.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.norwegian.com
www.googletagmanager.com
1 logx.optimizely.com cdn.optimizely.com
1 c90ce0bd3f49496387eba31f2c31c4f8-e11233f1926a.cdn.forter.com e11233f1926a.cdn4.forter.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 a17202440929.cdn.optimizely.com cdn.optimizely.com
1 e11233f1926a.cdn4.forter.com www.norwegian.com
1 static.cloudflareinsights.com www.norwegian.com
1 cdn.optimizely.com www.norwegian.com
62 14

This site contains no links.

Subject Issuer Validity Valid
www.norwegian.com
GTS CA 1P5		 2024-06-05 -
2024-09-03		 3 months crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.cdn4.forter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-28 -
2024-12-15		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2024-01-25 -
2025-01-27		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.cdn.forter.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-11-23 -
2024-07-22		 8 months crt.sh
cdn0.forter.com
GeoTrust TLS RSA CA G1		 2023-06-22 -
2024-07-22		 a year crt.sh
logx.optimizely.com
WR3		 2024-05-23 -
2024-08-21		 3 months crt.sh
cdn3.forter.com
Amazon RSA 2048 M02		 2024-06-19 -
2025-07-18		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.norwegian.com/uk/ipr/MobileTicket/
Frame ID: F472D76F6F979AA9AD38C3C18315088F
Requests: 60 HTTP requests in this frame

Frame: https://a17202440929.cdn.optimizely.com/client_storage/a17202440929.html
Frame ID: 50E8958DDB4A1A5068F63562B5BF1E11
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.norwegian.com/uk/start/mt?p=LXCIBEDELGA HTTP 302
    https://www.norwegian.com/uk/ipr/MobileTicket/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • forter\.com
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

62
Requests

97 %
HTTPS

57 %
IPv6

8
Domains

14
Subdomains

15
IPs

2
Countries

1355 kB
Transfer

5215 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.norwegian.com/uk/start/mt?p=LXCIBEDELGA HTTP 302
    https://www.norwegian.com/uk/ipr/MobileTicket/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.norwegian.com/uk/ipr/MobileTicket/
Redirect Chain
  • https://www.norwegian.com/uk/start/mt?p=LXCIBEDELGA
  • https://www.norwegian.com/uk/ipr/MobileTicket/
38 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe8c0c96a902a073826a458acefffeebda484097a7efda8d5dc6021b3585cad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
89c03b42bc022ba4-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 18:31:08 GMT
permissions-policy
camera=(), microphone=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
89c03b417a282ba4-FRA
content-length
0
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
date
Sun, 30 Jun 2024 18:31:07 GMT
location
/uk/ipr/MobileTicket/#/pax?p=LXCIBEDELGA
permissions-policy
camera=(), microphone=()
referrer-policy
strict-origin-when-cross-origin
request-context
appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
smartappbanner.css
www.norwegian.com/resourceipr/style-bundle/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/style-bundle/smartappbanner.css?v=b-3exx6J9BeaGDY8MLPk6Y2gX2QXAKKBRb5GrowUcwo1
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032770ddd8880ceaca5bdefbab94c9bd46eaae898b2d4fe46e18edf105d7771c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
194
cf-polished
origSize=3227
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Thu, 06 Jun 2024 17:57:19 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public
permissions-policy
camera=(), microphone=()
cf-ray
89c03b440ded2ba4-FRA
expires
Fri, 06 Jun 2025 17:57:19 GMT
smartappbanner.js
www.norwegian.com/resourceipr/script-bundle/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/smartappbanner.js?v=1EsoNuQmRRKpM5OBv8wp4ylXXQBht_5W64vTCzMWK001
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7335edaca5534c87369344167ef99b398afb2de4574bff9e54da90feb655b929
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1011
cf-polished
origSize=10643
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sun, 30 Jun 2024 16:11:24 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b440e0d2ba4-FRA
expires
Mon, 30 Jun 2025 16:11:24 GMT
NewNasStyles
www.norwegian.com/resourceipr/style-bundle/ 		490 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=YCuQx868aoZZbiaWO7Oe8wobwntd5yr54Zxt08WTAF81
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c75f68940778d2168d3a5a93a24444bb2b97cc20a45b7da54e2c222381a0a7c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1056
cf-polished
origSize=603006
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Thu, 20 Jun 2024 14:58:19 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public
permissions-policy
camera=(), microphone=()
cf-ray
89c03b440df92ba4-FRA
expires
Fri, 20 Jun 2025 14:58:19 GMT
lib.js
www.norwegian.com/resourceipr/script-bundle/ 		779 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bde7e72d2732047c21f850a38f799362b8e8e4af8a40db62f3189585ecd22deb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
129
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sun, 30 Jun 2024 16:49:03 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b440dfd2ba4-FRA
expires
Mon, 30 Jun 2025 16:49:03 GMT
instant.js
www.norwegian.com/resourceipr/script-bundle/ 		61 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/instant.js?v=NCFsRGnlyO1pPdusxPsLbzoaFIqQoddJ-vdO0GuOvLg1
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea7dbc05557a28e311b7b2ec5c9cb47c978bcf7adc3ebc81f794362f6d4e6e3a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1056
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sun, 30 Jun 2024 03:00:57 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=33463
permissions-policy
camera=(), microphone=()
cf-ray
89c03b440e072ba4-FRA
expires
Thu, 26 Jun 2025 18:07:49 GMT
sharedlang.en.js
www.norwegian.com/resourceipr/script-bundle/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/sharedlang.en.js?v=tuR5v4GyVzGnitpdSx7HKdmT73xC5fcbu_tN3sacc_c1
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eecb0e5ba7e4ab453998c03ec9a7258d23107d79d2f6c4dbf1ee7c21fb10397
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1410
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sun, 30 Jun 2024 10:01:01 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b44f8332ba4-FRA
expires
Mon, 30 Jun 2025 10:01:01 GMT
iprlang.en.js
www.norwegian.com/resourceipr/script-bundle/ 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/iprlang.en.js?v=qVbrXR1bk3RkWxuSmaTvbdmvJeP5ojkYVwz4oU9EI2U1
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bacc8b57e3a54bb34794eee02dd8ecd3d8ed9530e6f12f84005e504cc373944f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
169
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sun, 30 Jun 2024 12:24:41 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b45a9512ba4-FRA
expires
Sun, 29 Jun 2025 19:48:25 GMT
siteMap
www.norwegian.com/resourceipr/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/js/siteMap?culture=en-GB&marketCode=uk&v=2bfffefd-db4e-4d21-8ccb-96524c1b312d
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b80e8fc11cb8aced5ed833cd951275b07010df634cfec0a743a4fc9518cd50ec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
age
2431
content-length
1445
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=3540
permissions-policy
camera=(), microphone=()
cf-ray
89c03b45a9542ba4-FRA
angular-locale_en.js
www.norwegian.com/resourceipr/script-bundle/ 		1 KB
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/angular-locale_en.js?v=NgKtXLMCdv7fFa7y_t4EIllqSRVOo9tK7l5noeFmNtQ1
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81197304427823a1bf4e7bcebfceabae49623fe32f5a7004e1a4506d93656994
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
54
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sat, 29 Jun 2024 15:23:11 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b45a9592ba4-FRA
expires
Sun, 29 Jun 2025 15:23:11 GMT
sharedtemplates.js
www.norwegian.com/resourceipr/script-bundle/ 		290 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/sharedtemplates.js?v=kEzBVO9XraPVA6lG49jmKx-vLSOUUPRd3rDRuY0B2Y41
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52cee86381728f9ac5f6b697c27606824b2a7b36cf49876aea4b887ab43e566d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1053
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Thu, 27 Jun 2024 21:47:57 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=0
permissions-policy
camera=(), microphone=()
cf-ray
89c03b45a95a2ba4-FRA
expires
Fri, 27 Jun 2025 21:47:57 GMT
bootstraptemplates.js
www.norwegian.com/resourceipr/script-bundle/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/bootstraptemplates.js?v=34gwjN6IWa4J4XvX8kgh7BbjBHF3fEunqz6hpkjIfw41
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7194ce485b0e241acb96ab8e1f6fa260065ce8b533080867d4b68f42d3cb7653
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
377
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sun, 30 Jun 2024 12:37:40 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=73579
permissions-policy
camera=(), microphone=()
cf-ray
89c03b45a95f2ba4-FRA
expires
Thu, 26 Jun 2025 15:26:12 GMT
templates.js
www.norwegian.com/resourceipr/script-bundle/ 		620 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/templates.js?v=B6uQtGC6eTEu9RMLsh1UW6mssY79H47DcFp8IbfQeOw1
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab91640b8d77933904be88164306944a1da104c189ce39fc5401d4813f91235
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1346
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sun, 30 Jun 2024 07:18:10 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b45a9622ba4-FRA
expires
Mon, 30 Jun 2025 07:18:10 GMT
booking.js
cdn.optimizely.com/public/17202440929/s/ 		526 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/public/17202440929/s/booking.js
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:883::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6583bed4aa12f665f346b8bef1cb12100aeb2b993b28fc54575006a14ade2dce
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
I.6lEmmZJh9aMOwzpHY5L50D_gISRE0O
content-encoding
gzip
date
Sun, 30 Jun 2024 18:31:08 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
HMMBR3S6TERVMRRJ
x-amz-server-side-encryption
AES256
x-amz-meta-revision
9251
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="40";dur=0,cdnip;desc="2a02:26f0:3500:883::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1719772268484_388276621_1077992474_339_2143_40_46_146";dur=1
content-length
135426
x-amz-id-2
H0C/lr6/X2DcAD6x8yUtksqKOWtEgX4N2ulebkLevSVQXhMTe08J+EtOz3EsptDj52JPKCmPqIpHreRrVtmI2kJ7cdsRnHdHLiT5j3C/JPw=
last-modified
Fri, 28 Jun 2024 08:24:07 GMT
server
AmazonS3
etag
"804591b2d7e761e13b954c7901fdd3c5"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
sprite.css.svg
www.norwegian.com/resourceipr/Content/Styles/ 		281 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norwegian.com/resourceipr/Content/Styles/sprite.css.svg?v=90.16.1.3041
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2422be421e14e785b1be011c695e794c2a0c6c1adec2fd616809161b77ca850e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
age
12733
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 19:18:48 GMT
server
cloudflare
etag
"0dcbe566bc6da1:0-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b440e142ba4-FRA
ident.svg
www.norwegian.com/Content/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norwegian.com/Content/img/ident.svg
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67f12170cfd9e52545cb17e3051c4f218fbf5a1991922e754cdc2f702cd61449
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
age
34326
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 26 Jun 2024 14:51:40 GMT
server
cloudflare
etag
W/"1dac7d85a23b468"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b440e192ba4-FRA
expires
Mon, 01 Jul 2024 08:59:02 GMT
ident-mobile.svg
www.norwegian.com/Content/img/ 		1 KB
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norwegian.com/Content/img/ident-mobile.svg
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0996e1e27267e75e64247fd46b750a73181b917fc53ee492b7a73fd83ebd94f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
age
34168
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 26 Jun 2024 14:51:40 GMT
server
cloudflare
etag
W/"1dac7d85a23a34b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b449f4f2ba4-FRA
expires
Mon, 01 Jul 2024 09:01:40 GMT
plainPageController.js
www.norwegian.com/resourceipr/script-bundle/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/plainPageController.js?v=gepiPTpoDX4E9q8yQCPN3ZTJZKgiiZm8yQzFTB-DS3w1
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f869a0da4d69221cb18aae69551bc31585f1267b5ef419058735d23a25f4e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1130
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 28 Jun 2024 14:34:09 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=0
permissions-policy
camera=(), microphone=()
cf-ray
89c03b44af822ba4-FRA
expires
Sat, 28 Jun 2025 14:34:09 GMT
bootstrap.js
www.norwegian.com/resourceipr/script-bundle/ 		287 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/bootstrap.js?v=AKlRlTz6t-6zHLGKRC0THkPXCwFLEtG-mBEJBtqTA3I1
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14112a43ed9320e7297894829ec60e5f9820c4902cd16c923459aedbf009a071
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1096
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Wed, 19 Jun 2024 16:08:22 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public
permissions-policy
camera=(), microphone=()
cf-ray
89c03b45a9672ba4-FRA
expires
Thu, 19 Jun 2025 16:08:22 GMT
brand.js
www.norwegian.com/resourceipr/script-bundle/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/brand.js?v=9khjiw2C_Ipt9aE1WZdUn6BdecUMz7qo0M0Y64BGWIY1
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7daa29f966212081fe4dd6ea032d6e2718bb1d3d05bd96a0eb0cf13db56d99d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
377
cf-polished
origSize=71000
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Thu, 27 Jun 2024 16:20:09 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public
permissions-policy
camera=(), microphone=()
cf-ray
89c03b45a9692ba4-FRA
expires
Fri, 27 Jun 2025 16:20:09 GMT
shared.js
www.norwegian.com/resourceipr/script-bundle/ 		220 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/shared.js?v=8jb0hmakrhDod0jtYtMn9Nw62gA0rAovRXEEoMxnpXQ1
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6eb5e81fd77c1873751574a9b26e1b7045e2405a97bf8ca5361ee428e9745e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
124
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sun, 30 Jun 2024 16:52:17 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b45a96d2ba4-FRA
expires
Mon, 30 Jun 2025 16:52:17 GMT
mobileticket.js
www.norwegian.com/resourceipr/script-bundle/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/mobileticket.js?v=bG7WBZbVihKpxcDlokxj5nLzsSRBXNBbWCBejooT4j01
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f706f6f6fbbf94d86caa6a908b30ca72fd000be3d876db2fdde1ee46b29df52
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sun, 30 Jun 2024 17:41:42 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b45a9702ba4-FRA
expires
Sun, 29 Jun 2025 14:26:33 GMT
layoutConfig.js
www.norwegian.com/resourceipr/script-bundle/ 		506 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/layoutConfig.js?v=X7iiclmNyG5AmREmpWEfSQtG7Dxapkjzsqjjou33Qn41
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9d981c4434600f81280bb51381ff132b2b5b04b15f316ecafccb45a8d4f3c9d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1053
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sun, 30 Jun 2024 15:12:06 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b45a9732ba4-FRA
expires
Sun, 29 Jun 2025 15:09:49 GMT
cookie-consent
www.norwegian.com/resourceipr/script-bundle/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/script-bundle/cookie-consent?v=ld6M4LjH128YD3UaGlOnWvKlWLtjG3KghWn3vcuJXBM1
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6193e02d2c7aaf91fd5b7e23b4c9ec2ad42795d25b808aba51705068b51e3ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
592
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sun, 30 Jun 2024 08:35:01 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=54894
permissions-policy
camera=(), microphone=()
cf-ray
89c03b45a9782ba4-FRA
expires
Fri, 27 Jun 2025 16:17:21 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Origin
https://www.norwegian.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
89c03b45f9fe3a66-FRA
gtm.js
www.googletagmanager.com/ 		614 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86234fc86e8347b3a7f9001a52475d519568338920350cc4f0b6900cf34d7a9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163520
x-xss-protection
0
last-modified
Sun, 30 Jun 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Jun 2024 18:31:08 GMT
apercu_regular_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/Content/webfonts/apercu_regular_pro-web.woff2
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=YCuQx868aoZZbiaWO7Oe8wobwntd5yr54Zxt08WTAF81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af5a56f0a9eb13d4238b5780ddf731237e65492bba73a37f4896edcec9a46562
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=YCuQx868aoZZbiaWO7Oe8wobwntd5yr54Zxt08WTAF81
Origin
https://www.norwegian.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
age
32691
content-length
34728
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 19:18:48 GMT
server
cloudflare
etag
"0dcbe566bc6da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
accept-ranges
bytes
cf-ray
89c03b4579032ba4-FRA
expires
Mon, 01 Jul 2024 18:31:08 GMT
script.js
e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/ 		353 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:9600:f:1b37:e600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7d07c68b0bdf101c8c9fb455513f34b8f5b099a405dbc2ff5d7609a8c0974401
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Origin
https://www.norwegian.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
last-modified
Sun, 30 Jun 2024 17:32:55 GMT
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
etag
W/"e24cc4ed79ec0d74999e321c582ed235"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, immutable, max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
64t4crlqjipferYJHG9G_z9zkAKNfXdtWzMVEYsG82MvzizIX5jENg==
98f179ae-aa2f-4751-a246-b0a716472b22
https://www.norwegian.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.norwegian.com/98f179ae-aa2f-4751-a246-b0a716472b22
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b14a3ed4e0c1683e5d55965540912a0dda47a3a29dc66860b56d47e7e4c41c7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
5318
Content-Type
application/javascript
destinations
www.norwegian.com/resourceipr/api/ 		38 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/api/destinations?channelId=IP&culture=en-GB&destinationModel=AirportModel&includeRelations=false&marketCode=uk&sortByCountryAndName=false&v=2bfffefd-db4e-4d21-8ccb-96524c1b312d
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c768fb606e9744933a5a0294f79a87c90a99b04ec9e0e07a33b48393c3e1555
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
content-length
5108
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private
permissions-policy
camera=(), microphone=()
cf-ray
89c03b470b422ba4-FRA
config
www.norwegian.com/resourceipr/api/busy/ 		43 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/api/busy/config?channelId=IP&culture=en-GB&marketCode=uk
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
390369c902eda88f878841b48184c2ae13d723ac7611500b3ad3517ed005a8f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-length
43
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache
permissions-policy
camera=(), microphone=()
cf-ray
89c03b470b462ba4-FRA
expires
-1
getPaxSelect
www.norwegian.com/resourceipr/api/mobileTicket/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/api/mobileTicket/getPaxSelect?channelId=IP&culture=en-GB&marketCode=uk&p=LXCIBEDELGA
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8865623cdd7585c22c73c5af8f5af57d7de00781de279864be5d8cf4bf14deac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
ApiRequestVerificationToken
2crKZXj6YlGrv_loDQas563Z6D34-eIPostW2GaMyKOsnTx-YNzjzXuZCDr4Jq4-gQmDENLNHdS19UY9vopu09PzAHg1:4YJExavwOvF3n_rca7rxJW-8kzhSNNyZGRxJq4-EL22AJiSneBgVkTapkEsH-BtsHc3Z3UlEHW9tJtoUjtsXkBdMqHE1
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=4TS1DCiXxObvpmDRYMTTr6M5VnYrzYUa7Nr9ithGB4Y-1719772269-1.0.1.1-zexj0r584ZhHWHsbTJPhF6JktXVGuV9j6pYmrzDj7FXsalpjRIuUzwPVrbBmA6yOAJSFaUT_KHUTy.WVHGj3OcC5eJYdwc4v3HStIw3iYT6jpw7Pz.eXcrN7i8a4eDNXbRVBQsRUfbqTk3SND5u9Zrn5yuZAWV9n2z381WowUhQ; report-to cf-csp-endpoint
content-length
969
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=4TS1DCiXxObvpmDRYMTTr6M5VnYrzYUa7Nr9ithGB4Y-1719772269-1.0.1.1-zexj0r584ZhHWHsbTJPhF6JktXVGuV9j6pYmrzDj7FXsalpjRIuUzwPVrbBmA6yOAJSFaUT_KHUTy.WVHGj3OcC5eJYdwc4v3HStIw3iYT6jpw7Pz.eXcrN7i8a4eDNXbRVBQsRUfbqTk3SND5u9Zrn5yuZAWV9n2z381WowUhQ"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache
permissions-policy
camera=(), microphone=()
cf-ray
89c03b471b642ba4-FRA
expires
-1
mobileTicket.tpl.html
www.norwegian.com/resourceipr/Scripts/app/mobileticket/ 		41 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/Scripts/app/mobileticket/mobileTicket.tpl.html
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13614f3b772f5bd53cd6b8fa2af42b87e223457b20405305f50c254c10f4ab50
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
text/html
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
ApiRequestVerificationToken
2crKZXj6YlGrv_loDQas563Z6D34-eIPostW2GaMyKOsnTx-YNzjzXuZCDr4Jq4-gQmDENLNHdS19UY9vopu09PzAHg1:4YJExavwOvF3n_rca7rxJW-8kzhSNNyZGRxJq4-EL22AJiSneBgVkTapkEsH-BtsHc3Z3UlEHW9tJtoUjtsXkBdMqHE1
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 24 Jun 2024 19:18:30 GMT
x-content-type-options
nosniff
server
cloudflare
age
412
x-frame-options
SAMEORIGIN
content-type
text/html
content-encoding
br
permissions-policy
camera=(), microphone=()
cf-ray
89c03b471b692ba4-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
sprite.css.svg
www.norwegian.com/resourceipr/Content/Styles/ 		281 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norwegian.com/resourceipr/Content/Styles/sprite.css.svg?v=4a2e9a53
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=YCuQx868aoZZbiaWO7Oe8wobwntd5yr54Zxt08WTAF81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2422be421e14e785b1be011c695e794c2a0c6c1adec2fd616809161b77ca850e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=YCuQx868aoZZbiaWO7Oe8wobwntd5yr54Zxt08WTAF81
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
age
31421
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 19:18:48 GMT
server
cloudflare
etag
"0dcbe566bc6da1:0-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b472b6e2ba4-FRA
apercu_bold_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/Content/webfonts/apercu_bold_pro-web.woff2
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=YCuQx868aoZZbiaWO7Oe8wobwntd5yr54Zxt08WTAF81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc3c23b01386976cefe20780dc329a13910f736baec0af707bcdce7824f41fb2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=YCuQx868aoZZbiaWO7Oe8wobwntd5yr54Zxt08WTAF81
Origin
https://www.norwegian.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
age
34300
content-length
34092
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 19:18:48 GMT
server
cloudflare
etag
"0dcbe566bc6da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
accept-ranges
bytes
cf-ray
89c03b472b702ba4-FRA
expires
Mon, 01 Jul 2024 18:31:08 GMT
apercu_medium_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/Content/webfonts/apercu_medium_pro-web.woff2
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=YCuQx868aoZZbiaWO7Oe8wobwntd5yr54Zxt08WTAF81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e8b79d8908650efc29905f2915687e05d152b6c5f6f542f9987cc7656c2e49
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=YCuQx868aoZZbiaWO7Oe8wobwntd5yr54Zxt08WTAF81
Origin
https://www.norwegian.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
HIT
age
23531
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=L0Nh7GOK5v9p9cMLaWkC6i6TdbtIuKDWI93EZkkFd.4-1719772268-1.0.1.1-NiStUbXFXM9dTrWGNk1mt6RBamjuGEZ8FVrPbcdPf4xvuhdfI6sVnZPBXz_.XmbPp0lWx1eopXVDiw7Xb0UDw0mjckrIjLjfAXt1sv3qxRXFQwSM1O97dhPrE8mm9QY5q.f4lId2IonZkLFC7RtJKpEJCHBJF190Vq1xP96JWAM; report-to cf-csp-endpoint
content-length
35344
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 19:18:48 GMT
server
cloudflare
etag
"0dcbe566bc6da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=L0Nh7GOK5v9p9cMLaWkC6i6TdbtIuKDWI93EZkkFd.4-1719772268-1.0.1.1-NiStUbXFXM9dTrWGNk1mt6RBamjuGEZ8FVrPbcdPf4xvuhdfI6sVnZPBXz_.XmbPp0lWx1eopXVDiw7Xb0UDw0mjckrIjLjfAXt1sv3qxRXFQwSM1O97dhPrE8mm9QY5q.f4lId2IonZkLFC7RtJKpEJCHBJF190Vq1xP96JWAM"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
application/font-woff2
x-frame-options
SAMEORIGIN
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
accept-ranges
bytes
cf-ray
89c03b472b7a2ba4-FRA
expires
Mon, 01 Jul 2024 18:31:08 GMT
a17202440929.html
a17202440929.cdn.optimizely.com/client_storage/ Frame 50E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a17202440929.cdn.optimizely.com/client_storage/a17202440929.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17202440929/s/booking.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.128.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-128-15.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.norwegian.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
835
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 18:31:08 GMT
etag
"7652cc606eefb00017f2aa97a0ab3859"
last-modified
Fri, 28 Jun 2024 08:24:12 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="25";dur=0,cdnip;desc="23.197.128.15";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1719772268805_390277162_306589377_38_1386_25_29_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
0jpdTs0HzcXxnlGuSlAyD3+SJIViYEBxqcyKLTahRkGodPzto392jEXqExOEtk2ZcHkrk3MyZTk=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
300Y3E92WRMSH289
x-amz-server-side-encryption
AES256
x-amz-version-id
mI28J7MBDI_wcyiyE46tVvZ9axJm0SiB
js
www.googletagmanager.com/gtag/ 		263 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XMQZZ1BMXF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
20e439ffad5012cb512cc450ae2fb8270061cc6e13f3fe00610eb500aaa8e446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94121
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Jun 2024 18:31:08 GMT
landing
pagead2.googlesyndication.com/pagead/ 		42 B
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&tag_exp=0&rnd=1855882468.1719772269&url=https%3A%2F%2Fwww.norwegian.com%2Fuk%2Fipr%2FMobileTicket%2F&dma_cps=-&dma=1&npa=1&gtm=45He46q0n81NVL4JDRv76365325za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 18:31:08 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Jun 2024 17:41:01 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3007
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 30 Jun 2024 19:41:01 GMT
6584d7bc-6d26-46de-9d61-c6c715148dfa
https://www.norwegian.com/ 		17 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.norwegian.com/6584d7bc-6d26-46de-9d61-c6c715148dfa
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/uk/ipr/MobileTicket/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edc71544a9388cc3235269c10389adc248ed4f32622cefa9117395ac84f43c22

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
17598
Content-Type
application/javascript
prop.json
c90ce0bd3f49496387eba31f2c31c4f8-e11233f1926a.cdn.forter.com/ 		2 B
625 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c90ce0bd3f49496387eba31f2c31c4f8-e11233f1926a.cdn.forter.com/prop.json
Requested by
Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
100.26.87.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-87-64.compute-1.amazonaws.com
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 30 Jun 2024 18:31:09 GMT
Connection
close
Content-Length
2
Pragma
no-cache
Last-Modified
Sun, 30 Jun 2024 12:06:38 GMT
Server
Apache
ETag
"2-61c1a50118158"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.norwegian.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type, x-csrf-token
Expires
Wed, 11 Jan 1984 05:00:00 GMT
prop.json
cdn0.forter.com/e11233f1926a/c90ce0bd3f49496387eba31f2c31c4f8/ 		20 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/e11233f1926a/c90ce0bd3f49496387eba31f2c31c4f8/prop.json?_=1719772268926
Requested by
Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-191-43.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 30 Jun 2024 18:31:09 GMT
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://www.norwegian.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
-1
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XMQZZ1BMXF&gtm=45je46q0v9172276097z876365325za200zb76365325&_p=1719772268164&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1337117199.1719772269&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&cu=GBP&dl=https%3A%2F%2Fwww.norwegian.com%2Fuk%2Fipr%2Fmobileticket%2Fpax&dr=&sid=1719772268&sct=1&seg=0&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=GB&ep.content_type=ipr&ep.gtm_event_trigger=gtm.js&epn.event_timestamp=1719772268903&ep.country_code=GB&ep.event_group=content&tfd=1313&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XMQZZ1BMXF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 18:31:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.norwegian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 18:31:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.norwegian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
www.norwegian.com/cdn-cgi/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 30 Jun 2024 18:31:09 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.norwegian.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
89c03b497f4a2ba4-FRA
favicon.svg
www.norwegian.com/Content/img/ 		1 KB
829 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/Content/img/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a58432fc7aeddda616167b3770a473c55a6a95853020ac1239d6483226d1a7d1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
age
33753
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f9c0272f-00f9-4be3-8878-ba2b73f741d8
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 26 Jun 2024 14:51:40 GMT
server
cloudflare
etag
W/"1dac7d85a23a243"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
cf-ray
89c03b499f5c2ba4-FRA
expires
Mon, 01 Jul 2024 09:08:36 GMT
prop.json
cdn0.forter.com/e11233f1926a/c90ce0bd3f49496387eba31f2c31c4f8/ 		20 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/e11233f1926a/c90ce0bd3f49496387eba31f2c31c4f8/prop.json?_=1719772269396
Requested by
Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-191-43.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 30 Jun 2024 18:31:09 GMT
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://www.norwegian.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
-1
prop.json
cdn0.forter.com/e11233f1926a/c90ce0bd3f49496387eba31f2c31c4f8/ 		20 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/e11233f1926a/c90ce0bd3f49496387eba31f2c31c4f8/prop.json?_=1719772269637
Requested by
Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-191-43.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 30 Jun 2024 18:31:09 GMT
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://www.norwegian.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
-1
events
logx.optimizely.com/v1/ 		0
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17202440929/s/booking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.241.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 30 Jun 2024 18:31:09 GMT
via
1.1 google
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.norwegian.com
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
afd140b7-7591-4cc1-b45a-2900358b395a
mobileTicketPaxSelect.tpl.html
www.norwegian.com/resourceipr/Scripts/app/mobileticket/ 		3 KB
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.norwegian.com/resourceipr/Scripts/app/mobileticket/mobileTicketPaxSelect.tpl.html
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15cc28b3b221a9a358f209565432f80d0fd6c027b64c9d949559918fa4887755
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
text/html
Referer
https://www.norwegian.com/uk/ipr/MobileTicket/
ApiRequestVerificationToken
2crKZXj6YlGrv_loDQas563Z6D34-eIPostW2GaMyKOsnTx-YNzjzXuZCDr4Jq4-gQmDENLNHdS19UY9vopu09PzAHg1:4YJExavwOvF3n_rca7rxJW-8kzhSNNyZGRxJq4-EL22AJiSneBgVkTapkEsH-BtsHc3Z3UlEHW9tJtoUjtsXkBdMqHE1
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:09 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
age
745
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 19:18:30 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
permissions-policy
camera=(), microphone=()
cf-ray
89c03b4eefc12ba4-FRA
events
cdn3.forter.com/ 		0
416 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-120.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=gzip+enc

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 18:31:10 GMT
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 ed63aee7a232dfd166d737f0f937fa32.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P6
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.norwegian.com
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
Ou0SHHOrO9a9EhCOuB6TeBkrBCLTbWj120PfxCQej1QmoyQh1efa5w==
expires
-1
wpt.json
cdn0.forter.com/e11233f1926a/c90ce0bd3f49496387eba31f2c31c4f8/ 		20 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/e11233f1926a/c90ce0bd3f49496387eba31f2c31c4f8/wpt.json
Requested by
Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-191-43.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 30 Jun 2024 18:31:10 GMT
ETag
W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.norwegian.com
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=10
Content-Length
20
Expires
-1
wpt.json
cdn0.forter.com/e11233f1926a/c90ce0bd3f49496387eba31f2c31c4f8/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/e11233f1926a/c90ce0bd3f49496387eba31f2c31c4f8/wpt.json
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-191-43.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.norwegian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Sun, 30 Jun 2024 18:31:09 GMT
Keep-Alive
timeout=10
Vary
Access-Control-Request-Headers
list--journey.svg
www.norwegian.com/resourceipr/Content/img/icons/ 		11 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norwegian.com/resourceipr/Content/img/icons/list--journey.svg
Requested by
Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=YCuQx868aoZZbiaWO7Oe8wobwntd5yr54Zxt08WTAF81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f67aaffa2693ba3bbfe4df1c79d4dfda08422193221d0890ab2e2d7020b58c7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=YCuQx868aoZZbiaWO7Oe8wobwntd5yr54Zxt08WTAF81
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
age
34276
content-length
953
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 19:18:46 GMT
server
cloudflare
etag
"0af8d556bc6da1:0-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=86400
permissions-policy
camera=(), microphone=()
accept-ranges
bytes
cf-ray
89c03b4fc9522ba4-FRA
logo_small.gif
d3nocrch4qti4v.cloudfront.net/ 		48 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3nocrch4qti4v.cloudfront.net/logo_small.gif?dfpadname=&check=1719772270041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1e00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:10 GMT
via
1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
48
x-amz-cf-id
bk3HiBFB_8YWn9vHTeLxcTbfv7cYnq-Z1VfYHAIahJiwllCLqVI6Kg==
logo_medium.gif
d3nocrch4qti4v.cloudfront.net/ 		48 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3nocrch4qti4v.cloudfront.net/logo_medium.gif?check=1719772270041&refererPageDetail=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1e00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:10 GMT
via
1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
48
x-amz-cf-id
F1OT-6i9-dq8RSbgC479w7fJ2qteNEhV-ByRr8jvuTUmLVqVwmrV0g==
logo_large.gif
d3nocrch4qti4v.cloudfront.net/ 		48 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3nocrch4qti4v.cloudfront.net/logo_large.gif?1719772270041&-linkd-32.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1e00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 18:31:10 GMT
via
1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
48
x-amz-cf-id
dobOyXTui_Hm7mzYQUu3ceaL1yl--RKY8UGDnkor8YaFlNOJwcX_Nw==
events
cdn3.forter.com/ 		0
415 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-120.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=gzip+enc

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 18:31:10 GMT
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 ed63aee7a232dfd166d737f0f937fa32.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P6
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.norwegian.com
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
h67s-2fUrl9d6mm3haHKO5sChSdrIocyOknt8ExFO1P5ZxDG9EvQrw==
expires
-1
events
cdn3.forter.com/ 		0
311 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.85.65.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-120.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=gzip+enc

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 18:31:11 GMT
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 2f720540a1a9a4394a2f93dffd5c0e5c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P6
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.norwegian.com
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
EqUTwFuhUV1EYej8fjXeyhU0USaFgVZPXR7KziB9j6rjaQuFvciNew==
expires
-1
events
cdn3.forter.com/ 		0
310 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-fQfGiwvfEByMn7RVUT80uPWwmaQF28L%2FXXYJqMCXRAE%3D/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.85.65.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-120.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=gzip+enc

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 18:31:12 GMT
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 2f720540a1a9a4394a2f93dffd5c0e5c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P6
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.norwegian.com
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
0vfLUT56cvXUSH0yIur7Gvc9RHfrnytlx4tP459GwBLfGYOVkfhLaA==
expires
-1
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XMQZZ1BMXF&gtm=45je46q0v9172276097z876365325za200zb76365325&_p=1719772268164&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1337117199.1719772269&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=2&cu=GBP&dl=https%3A%2F%2Fwww.norwegian.com%2Fuk%2Fipr%2Fmobileticket%2Fpax&dr=&sid=1719772268&sct=1&seg=0&dt=&en=page_load_time&ep.content_group=GB&ep.content_type=ipr&ep.gtm_event_trigger=gtm.load&epn.event_timestamp=1719772269027&ep.country_code=GB&epn.loading_time_sec=1.34&ep.event_group=page-load-time&_et=34&tfd=6351&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XMQZZ1BMXF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norwegian.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 18:31:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.norwegian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| dataLayer object| html5 object| Modernizr function| yepnope function| moment function| inherits object| Rx object| angular number| ng339 function| _ object| React object| ReactDOM object| ngReact function| setProfileAvatarVisible function| rememberPrevisitedPage function| navigate object| NasPlainMenuController object| NasPlainScrollToController object| NasPlainSwitchLanguageController object| ftr__config number| ftr__startScriptLoad function| ftr__fdad function| P1gg function| r2bb function| t4hh function| R5VV object| ftr__ext object| ftr__bufferW function| ftr__ object| ftr__scriptLoadOptions function| openWindow function| openCookieConsentWindow function| onCookieConsentAcceptAllClick function| onCookieConsentAcceptNecessaryClick object| cookieConsentWindow object| __cfBeacon object| optimizely function| optiReadyVARNORCTRAvaday boolean| norT148Global function| optiReadyT148Global object| ftr__JSON3 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData function| _ga_originalSendHitTask

8 Cookies

Domain/Path Name / Value
www.norwegian.com/ Name: EPiStateMarker
Value: true
.www.norwegian.com/ Name: ARRAffinity
Value: 187c39888e58310c97254fdec6f9dedbf6a2a1ce59124592bb303bc7f3fe2446
.www.norwegian.com/ Name: ARRAffinitySameSite
Value: 187c39888e58310c97254fdec6f9dedbf6a2a1ce59124592bb303bc7f3fe2446
.norwegian.com/ Name: __cf_bm
Value: WK3K4vA2_kmuKIEE6aSu2Pz3zT2HG8UMGUH3Mtuet28-1719772267-1.0.1.1-tpVqK12JFROeU7arXn3oa50UDlFqRWjd1vbta4TwkDdrKPjINU_ZRHuFcCXOANWX8N0m_o0xuUBcxaga9Bv4dQ
.norwegian.com/ Name: optimizelyEndUserId
Value: oeu1719772268711r0.134476174330316
www.norwegian.com/ Name: ASP.NET_SessionId
Value: 5nn3bbioc4fhfy22hqqihe3r
.www.norwegian.com/ Name: TS01e9bd6b
Value: 01ccc25f52287d6b030da6e56efae13cc4ed47d3f1727a4ea86872ac68e7b6df78e0a0215a04cba320c3d9619afd9c689b8a2621a8
.norwegian.com/ Name: forterToken
Value: c90ce0bd3f49496387eba31f2c31c4f8_1719772268407__UDF43-m4_21ck_

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a17202440929.cdn.optimizely.com
c90ce0bd3f49496387eba31f2c31c4f8-e11233f1926a.cdn.forter.com
cdn.optimizely.com
cdn0.forter.com
cdn3.forter.com
d3nocrch4qti4v.cloudfront.net
e11233f1926a.cdn4.forter.com
logx.optimizely.com
pagead2.googlesyndication.com
region1.google-analytics.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
www.norwegian.com
100.26.87.64
142.250.186.34
2001:4860:4802:32::178
2001:4860:4802:34::36
23.197.128.15
2600:9000:2359:9600:f:1b37:e600:93a1
2600:9000:266e:1e00:7:bffe:c3c0:21
2606:4700::6810:5049
2606:4700::6811:b96a
2a00:1450:4001:82a::2008
2a02:26f0:3500:883::13b8
34.192.191.43
34.49.241.189
52.85.65.120
032770ddd8880ceaca5bdefbab94c9bd46eaae898b2d4fe46e18edf105d7771c
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
0c768fb606e9744933a5a0294f79a87c90a99b04ec9e0e07a33b48393c3e1555
0eecb0e5ba7e4ab453998c03ec9a7258d23107d79d2f6c4dbf1ee7c21fb10397
0f706f6f6fbbf94d86caa6a908b30ca72fd000be3d876db2fdde1ee46b29df52
13614f3b772f5bd53cd6b8fa2af42b87e223457b20405305f50c254c10f4ab50
14112a43ed9320e7297894829ec60e5f9820c4902cd16c923459aedbf009a071
15cc28b3b221a9a358f209565432f80d0fd6c027b64c9d949559918fa4887755
20e439ffad5012cb512cc450ae2fb8270061cc6e13f3fe00610eb500aaa8e446
2422be421e14e785b1be011c695e794c2a0c6c1adec2fd616809161b77ca850e
2c75f68940778d2168d3a5a93a24444bb2b97cc20a45b7da54e2c222381a0a7c
390369c902eda88f878841b48184c2ae13d723ac7611500b3ad3517ed005a8f0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ab91640b8d77933904be88164306944a1da104c189ce39fc5401d4813f91235
52cee86381728f9ac5f6b697c27606824b2a7b36cf49876aea4b887ab43e566d
5b14a3ed4e0c1683e5d55965540912a0dda47a3a29dc66860b56d47e7e4c41c7
6583bed4aa12f665f346b8bef1cb12100aeb2b993b28fc54575006a14ade2dce
67f12170cfd9e52545cb17e3051c4f218fbf5a1991922e754cdc2f702cd61449
7194ce485b0e241acb96ab8e1f6fa260065ce8b533080867d4b68f42d3cb7653
7335edaca5534c87369344167ef99b398afb2de4574bff9e54da90feb655b929
7d07c68b0bdf101c8c9fb455513f34b8f5b099a405dbc2ff5d7609a8c0974401
81197304427823a1bf4e7bcebfceabae49623fe32f5a7004e1a4506d93656994
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e8b79d8908650efc29905f2915687e05d152b6c5f6f542f9987cc7656c2e49
86234fc86e8347b3a7f9001a52475d519568338920350cc4f0b6900cf34d7a9f
8865623cdd7585c22c73c5af8f5af57d7de00781de279864be5d8cf4bf14deac
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
a58432fc7aeddda616167b3770a473c55a6a95853020ac1239d6483226d1a7d1
a6193e02d2c7aaf91fd5b7e23b4c9ec2ad42795d25b808aba51705068b51e3ff
af5a56f0a9eb13d4238b5780ddf731237e65492bba73a37f4896edcec9a46562
b3f869a0da4d69221cb18aae69551bc31585f1267b5ef419058735d23a25f4e5
b80e8fc11cb8aced5ed833cd951275b07010df634cfec0a743a4fc9518cd50ec
bacc8b57e3a54bb34794eee02dd8ecd3d8ed9530e6f12f84005e504cc373944f
bde7e72d2732047c21f850a38f799362b8e8e4af8a40db62f3189585ecd22deb
d6eb5e81fd77c1873751574a9b26e1b7045e2405a97bf8ca5361ee428e9745e2
d7daa29f966212081fe4dd6ea032d6e2718bb1d3d05bd96a0eb0cf13db56d99d
dbe8c0c96a902a073826a458acefffeebda484097a7efda8d5dc6021b3585cad
dc3c23b01386976cefe20780dc329a13910f736baec0af707bcdce7824f41fb2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0996e1e27267e75e64247fd46b750a73181b917fc53ee492b7a73fd83ebd94f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d981c4434600f81280bb51381ff132b2b5b04b15f316ecafccb45a8d4f3c9d
ea7dbc05557a28e311b7b2ec5c9cb47c978bcf7adc3ebc81f794362f6d4e6e3a
edc71544a9388cc3235269c10389adc248ed4f32622cefa9117395ac84f43c22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67aaffa2693ba3bbfe4df1c79d4dfda08422193221d0890ab2e2d7020b58c7b