urlscan.io logo urlscan.io
SecurityTrails logo

www.norsemanhotelwick.co.uk Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://norsemanhotelwick.co.uk/
Effective URL: https://www.norsemanhotelwick.co.uk/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On September 09 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 46 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.norsemanhotelwick.co.uk.
TLS certificate: Issued by E1 on September 9th 2023. Valid for: 3 months.
This is the only time www.norsemanhotelwick.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
norsemanhotelwick.co.uk
21    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.norsemanhotelwick.co.uk
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
1    23.45.238.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-238-53.deploy.static.akamaitechnologies.com
s7.addthis.com
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.17.214.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-214-138.eu-west-1.compute.amazonaws.com
js.bookassist.com
1    108.138.7.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-11.fra56.r.cloudfront.net
dwxf316kii2pu.cloudfront.net
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    13.224.189.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-59.fra2.r.cloudfront.net
yofu4i8sfe.execute-api.eu-west-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
22 norsemanhotelwick.co.uk
norsemanhotelwick.co.uk
www.norsemanhotelwick.co.uk
1 MB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
97 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
21 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
translate.googleapis.com — Cisco Umbrella Rank: 1124
78 KB
2 amazonaws.com
yofu4i8sfe.execute-api.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 568986
740 B
2 google.com
translate.google.com — Cisco Umbrella Rank: 1318
www.google.com — Cisco Umbrella Rank: 2
31 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
149 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1134
70 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1055
23 KB
1 cloudfront.net
dwxf316kii2pu.cloudfront.net
6 KB
1 bookassist.com
js.bookassist.com
2 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 3267
361 B
46 12
Domain Requested by
21 www.norsemanhotelwick.co.uk www.norsemanhotelwick.co.uk
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
unpkg.com
3 www.gstatic.com www.gstatic.com
translate.googleapis.com
3 fonts.gstatic.com fonts.googleapis.com
www.norsemanhotelwick.co.uk
2 yofu4i8sfe.execute-api.eu-west-1.amazonaws.com unpkg.com
2 www.googletagmanager.com www.norsemanhotelwick.co.uk
www.googletagmanager.com
2 maxcdn.bootstrapcdn.com www.norsemanhotelwick.co.uk
maxcdn.bootstrapcdn.com
2 fonts.googleapis.com www.norsemanhotelwick.co.uk
1 www.google.com www.norsemanhotelwick.co.uk
1 unpkg.com dwxf316kii2pu.cloudfront.net
1 translate.googleapis.com
1 dwxf316kii2pu.cloudfront.net www.norsemanhotelwick.co.uk
1 js.bookassist.com www.norsemanhotelwick.co.uk
1 s7.addthis.com www.norsemanhotelwick.co.uk
1 translate.google.com www.norsemanhotelwick.co.uk
1 norsemanhotelwick.co.uk 1 redirects
46 16
Subject Issuer Validity Valid
norsemanhotelwick.co.uk
E1		 2023-09-09 -
2023-12-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.bookassist.com
Amazon RSA 2048 M01		 2023-07-03 -
2024-08-01		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.execute-api.eu-west-1.amazonaws.com
Amazon RSA 2048 M02		 2023-06-17 -
2024-07-15		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.norsemanhotelwick.co.uk/
Frame ID: 72FBF78B01A055EE47517C1CBE275269
Requests: 44 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2BBE04F071243179464877E9C9689048
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
Frame ID: D80763DFCD2FA797BDA1B41DC9FC77B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Norseman Hotel, Wick | Official Website | Hotel Wick

Page URL History Show full URLs

  1. http://norsemanhotelwick.co.uk/ HTTP 301
    https://www.norsemanhotelwick.co.uk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

46
Requests

100 %
HTTPS

75 %
IPv6

12
Domains

16
Subdomains

16
IPs

3
Countries

1710 kB
Transfer

2684 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://norsemanhotelwick.co.uk/ HTTP 301
    https://www.norsemanhotelwick.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.norsemanhotelwick.co.uk/
Redirect Chain
  • http://norsemanhotelwick.co.uk/
  • https://www.norsemanhotelwick.co.uk/
20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.norsemanhotelwick.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3524c398af22c81bed397166f10da5874e889a5115359adc9ff9b8c93a645e04

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
803ec5fe8976049b-FRA
content-encoding
br
content-type
text/html
date
Sat, 09 Sep 2023 10:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74CcTZqXaWl7Ps9DmToEPBhdV0p1XE7F8nKbbQt%2FRJksWVcuPtU9%2FexhxqGeXyDQpH04IzNGwkHbS6BqmsWm6yscUZnqalx5f8IObIwlAxGj6PeGXEn2AtlzlO4lhTeV7%2B7ZEElDn2HTiSnJSg21CZeNwSdQ%2Bj0laGc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
803ec5fd99a9927a-FRA
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Sep 2023 10:33:30 GMT
Location
https://www.norsemanhotelwick.co.uk/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FM%2FXa91Dtz6dBMrxw90M7tHmTO9fBIICzXDoJO3sK9qYKUqpZY7aOjS00ECqY9lTiYTAJrOuOa92lV0eGCHIFQOXhQqhCsTRWihPIMQph2PLy3SyyiNaxKYs%2FpuYyT8xleNcxUwk%2F5aA87kvqFSh%2BdozhzO1zg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
alt-svc
h3=":443"; ma=86400
/
www.norsemanhotelwick.co.uk/min/ 		192 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.norsemanhotelwick.co.uk/min/?&g=arr_css_head
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fc229b34e6e3b1e94812dc8350b07184636bed96e33dc030237f0b6bbe6edc2d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 01 Dec 2017 08:56:26 GMT
server
cloudflare
etag
W/"pub1512118586;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVl2zO9twOTRC%2F2T4S37hV%2Bo6Sqa4XsJAAS2kQbiynNu%2FkN6R8x%2FxEnNglPUhd0vMXTYWwl2e3KYH7gn%2BjtwtpM7SQqbLtyVakZ0Itg2ujAQ4I489GgH6UfSd6lbq0ZJm7K2FOS4Vknv%2F5vQIoUO9iqbk4V0DGetmMI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=604800
cf-ray
803ec6006bba049b-FRA
expires
Sat, 16 Sep 2023 10:33:48 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,300,500,700
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63c6c1a7480e9c0c5b9afa760e1ce62036d385fce11b662f47a175e61d7bd7d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 10:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 10:33:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Sep 2023 10:33:31 GMT
css
fonts.googleapis.com/ 		3 KB
588 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:400,700
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c485d0a15af6264c129baf951dff3beb78d75d810ce771029566efcf5d484a91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 10:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 10:33:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Sep 2023 10:33:31 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601, 617, 617
age
19034569
cdn-cachedat
2021-08-02 19:09:15
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a20f8f9fd039c143ec88748f1e9f7c9f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
803ec600dada39df-FRA
cdn-requestpullsuccess
True
/
www.norsemanhotelwick.co.uk/min/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norsemanhotelwick.co.uk/min/?&g=arr_js_head
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
77ad73cb9d22d24b74358d2c1791988a3b98141292422c29721981339323cbcb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:34:41 GMT
server
cloudflare
etag
W/"pub1512063281;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OzO58du%2B6MvgXKmf2NPumOwjG%2B2u32z5RlOmo4K2w6Xh44PTmjCdHJ3Lflspmy6UNRX07PNou38PKGTaOXf9kP93rajzUVPJ8XMqUO7ZXK7rQrPciJwgL6lP%2FPaF6RTSiP6qlWo%2BOKuTXyk3V5MLwpyBQA3jvP%2Bo9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=604800
cf-ray
803ec6007bbc049b-FRA
expires
Sat, 16 Sep 2023 10:33:48 GMT
logo.png
www.norsemanhotelwick.co.uk/assets/img/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/assets/img/logo.png
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
83c82398cce18a02774692ee4e81a23126189f195444efa712537aa566c95e92

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
23022
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:34:38 GMT
server
cloudflare
etag
"bb77147f16ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlDwKOLtylhGBcgM%2Bu9MlrQesaFw6U7yeYayemXcNxIsla3Ow3aBkFPotdNYcX1BJfomQXRmkzMeV3nQpQLipSq5j7kK9IvhiY3j2yxRy9TWtISKeDRdb%2FotjuHbOSmqJOIBG97qHOjGTHo%2BqP6KboGlD1pn9flKBY8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
803ec60179289016-FRA
trans_bg_70.png
www.norsemanhotelwick.co.uk/assets/img/ 		389 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/assets/img/trans_bg_70.png
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b98191e5c986101279c5a9ec8fc62647ab4f27b9457ea8fcc36c25ef815fb838

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 09 Sep 2023 10:33:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmANDgXyD0APrQja6DYNSGXRsfdh%2BGJtwKBhwXa6klSoWhXZob5VpXtvX6IeK%2F5Fy9LNW%2BhwYfG%2Bi3%2FFMZ%2FKrdK4V58D56XN6SrtB8bdxlUk2wl2RxoZfzFhxltuS5Ra9WTFrv9kJngBwZdYdeglzPipzmAk%2FsoS%2FMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
803ec601792c9016-FRA
alt-svc
h3=":443"; ma=86400
email-decode.min.js
www.norsemanhotelwick.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norsemanhotelwick.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 14:34:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64f73c7d-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSJRvWUZK6w7aS07u4kfIycBu599I6CuhHbn7o8tbHqAG1vD9QkPcVCQWWpAQIsAlU786TLogkEhXR4dKeLFHisvXeU4yaO9S%2BAWEL02dKRydV%2FoUlyl%2F2bmJCaup3i1fbOti0XT8jWwJ%2FU985SegSO88V5xN%2FBFrds%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
803ec60108c39016-FRA
expires
Mon, 11 Sep 2023 10:33:31 GMT
date-util.min.js
www.norsemanhotelwick.co.uk/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norsemanhotelwick.co.uk/assets/js/date-util.min.js
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c3b37c3ab183098e6420d6541505e44ef98403dfdf8c8fa35b036e4e1c5e5efa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86551
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:34:40 GMT
server
cloudflare
etag
W/"d891328016ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJJuKBtKAbFizGwtIyzNq0eDmVTKUn5aYnEwqCa9xeNEdFob%2BctumTr7BMhYf69QqnB188lFXIZn8KMH0OEA63HI5gi0o3gztLsFEuayhKQb7iy4EuFmK5oEVzOsCmeAlMpKuuFurSFS5ZSAcmN2c29cH01ZCuj2mZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
803ec60138ea9016-FRA
2015%2001%2011_5D_Norseman_Hotel_3245_dinner_table_1.jpg
www.norsemanhotelwick.co.uk/uploads/46786/images/Gallery/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/uploads/46786/images/Gallery/2015%2001%2011_5D_Norseman_Hotel_3245_dinner_table_1.jpg
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1320d247ea8dfadabc1e781215e9ba9f7b22345b95ab07fdc90dc0cb4fa70d5a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
473070
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
85996
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:31:43 GMT
server
cloudflare
etag
"5bcfc71616ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmgXHB2QACYqRaAvrE9Vjth14mydvvp0CxRREUZRPac2jOUPZ5NKTd2E3V0TQp5lM8ZCHbha%2F2PKehZpUxXwgoMQD90r9YdrMCNtZkj5BXDp73qCCUCBzkLBVcTPFLOmuNfrC1V1kXiOZTH7UFKX6W3y%2FduavLkgePs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
803ec601792d9016-FRA
2015%2001%2011_5D_Norseman_Hotel_3340_dining_room_edited-1.jpg
www.norsemanhotelwick.co.uk/uploads/46786/images/Gallery/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/uploads/46786/images/Gallery/2015%2001%2011_5D_Norseman_Hotel_3340_dining_room_edited-1.jpg
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d404e6c7544a6ee097ef9de179ddc6b4326d73ea35d2944d8a61cc3cae7473bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
102034
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:31:43 GMT
server
cloudflare
etag
"e8bad31616ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0i1s5NmPae5zrhNlxpuB7oubXOWF%2BUcBtpj2QE%2FRYmhcaIYX2EU6IVQoP2RQ%2FpC8BkgDQWLaPW4WiNRGTzxYzJyxRa%2B1Vmq4CaoOoZs2alMPLP%2F8lBKHZJigK3EHce5Rmc80Kdtsx6goHqcBkpb8e7ePi3JCYT3CApM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
803ec601792e9016-FRA
2015%2001%2011_5D_Norseman_Hotel_3471_fireplace_edited-1.jpg
www.norsemanhotelwick.co.uk/uploads/46786/images/Gallery/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/uploads/46786/images/Gallery/2015%2001%2011_5D_Norseman_Hotel_3471_fireplace_edited-1.jpg
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7f534a8cb76ac94e05e30d82b3809a07813524509e66fb6afae0b57d7ccdcfa9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
91796
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:31:43 GMT
server
cloudflare
etag
"d96be41616ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqvsabYQmRqoagkvW3BHPGJ4T97IvS0AF7VhSNOqgz70BpfM1umdcAnvT2ZGFt4DOYZHpjV0tl2mjwImSRnhXAT37qJwRsyjaVP%2BxXoHUq%2FX08%2F2PMDdjEYyGLGBN6rVfcSzKogM6N0hgIUezvsoMdvru77DNf4r%2Ff8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
803ec601792f9016-FRA
2015%2001%2011_5D_Norseman_Hotel_3485_champagne_and_flowers_edited-1.jpg
www.norsemanhotelwick.co.uk/uploads/46786/images/Gallery/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/uploads/46786/images/Gallery/2015%2001%2011_5D_Norseman_Hotel_3485_champagne_and_flowers_edited-1.jpg
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d20252e460c31488847eacb519f167af387902703a1aeecf6627a6242d42b312

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
75208
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:31:43 GMT
server
cloudflare
etag
"d7cde61616ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zB7F%2Fu115L2re4FZky003lSS%2FZQv0Q4Qw7uQ6f8EDlk6MfGVZ0hZQ3gkCQs%2FJP8e6zjrDwENWxnIrTghBXBt2GzlXD6DjkXCjq4OFGrT1x7oB7u5sW5l272WTp2AECjKd8rxAeWHM7sdb2MNMbhlwHYBv4y580I0vgc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
803ec60179309016-FRA
2015%2001%2011_5D_Norseman_Hotel_3501_poultry_main_meal_edited-1.jpg
www.norsemanhotelwick.co.uk/uploads/46786/images/Gallery/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/uploads/46786/images/Gallery/2015%2001%2011_5D_Norseman_Hotel_3501_poultry_main_meal_edited-1.jpg
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e283ca75009e8cf8a24e7db1a031df23b1fda8966025ec8886bc7bb0b176f718

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
76639
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:31:43 GMT
server
cloudflare
etag
"d7cde61616ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0pg0OyQ5PHGKy4YuA19%2BZ1Wf48IEyYwD3vzLfmQg7aT9XxmygR9dVZZU8ebP0c7tNTEztZe%2BmBhXeg1dyl%2BSc0mOq0SzWKlSmwBkfPZJDj3apf6EZyUGKpheiurAgWsO3Zss%2Fi1tf16BhSABFV2iemavjd2cvm4guI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
803ec60179319016-FRA
2015%2001%2011_5D_Norseman_Hotel_3536_bar_taps_edited-1.jpg
www.norsemanhotelwick.co.uk/uploads/46786/images/Gallery/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/uploads/46786/images/Gallery/2015%2001%2011_5D_Norseman_Hotel_3536_bar_taps_edited-1.jpg
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
69231decb640080cc27cfef7c84b4a9456ac4094676f74a7a37de075e7e17a9f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
80813
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:31:43 GMT
server
cloudflare
etag
"2630e91616ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRKDrmZKp%2BXoCS2nijw56AEfj5Q%2FRbpjAPI1SSkcThrbv2nr2hdBJ1ZqPgy3NfI3hwfUJtI8OvckwqxOcVTrOXfm9dX7N%2F88tEfx3nQvGL0sd1KHfh31nGk7RBH3%2Fe4SFHbGGHr5n560wjuRENJRhPHQtPSvpdRHMiM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
803ec60179329016-FRA
feature_norseman.png
www.norsemanhotelwick.co.uk/assets/img/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/assets/img/feature_norseman.png
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
245d6566c6de5b3d41bdc763c34be8874556018a7c2222eff10247628d6e6d91

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
48429
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:34:37 GMT
server
cloudflare
etag
"2c69a47e16ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbMEUdH3b913yBgRjNME7xYuWxPhIcE%2FNrm1De2IFC6E5%2BppEPG9YqSkweKnw5LOt%2FBffHl7NmdUejwJKi2S0qxmycpSrmqXzVFRKUwqjhSONzRi7i9MB5cVbnB4il2m%2B%2B%2FwbBCXOMRAs3MR9WdYvk%2FLBlFALKrEtnE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
803ec60179349016-FRA
feature_castletown.png
www.norsemanhotelwick.co.uk/assets/img/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/assets/img/feature_castletown.png
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c2ad21b5844cf09ffa69bfa64b261dac92b04ceb222b414110c9b6ffde1f855f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
45983
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:34:37 GMT
server
cloudflare
etag
"e429d7e16ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Y3jpxRVNBNGvHFGeDQmDWKkwwpLJD6R6NCfVDn5JtfVRMz2MOiEEOuyuipc8UcJb8kPoz4%2Fr%2B0dBeCYFsktjXXzNY%2BCWtyrm3SF7EbhMs2isgvLtu4nUfbTFKg7dQ8DIUaXSYEpqgnOVUCesu77ksJky4MCuqjGCww%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
803ec60179359016-FRA
feature_pentland.png
www.norsemanhotelwick.co.uk/assets/img/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/assets/img/feature_pentland.png
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b02f26cc436deedd6cb5ccd8b55a506a5f0f55b9da84414f125f2496b551d2b3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
46498
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:34:37 GMT
server
cloudflare
etag
"51deb97e16ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKTf8OjXnF1GSIcWLI68bKx62Nua8ZL%2BE2Rj3KfXth8UmDydroyOyoHmM11uXyDrMLEkKAeRnsQiSbRpwUaPmN5g0qohRHurU1gKybjXcev%2BLgCtsrOWx2Jok2nK4bvfANrWjUQnQDDa6UMvhORpeH%2B2%2B4I3satykKk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
803ec60179369016-FRA
/
www.norsemanhotelwick.co.uk/min/ 		205 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norsemanhotelwick.co.uk/min/?&g=arr_js_foot
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2522523f34e8fc2ba417ffbfda149925d87aa5a2f1a7497381f854ec882faa03

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Thu, 30 Nov 2017 17:34:50 GMT
server
cloudflare
etag
W/"pub1512063290;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ifwhS%2FO%2FrN9xMlzANL5MlLDQFI8vMVMTZkHj81Sd5aBvXhKRjXMJVTEnVqjD%2F5XyYYqLX0PT8g5tvzD0XP3bx7yD6I67aTOXx0kb9f0CEP05H4Mg5aA%2FkojM5yJvXj%2B%2FmBMw510OfHUXShTRyze3fPBl19h40mCnGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=604800
cf-ray
803ec60169239016-FRA
expires
Sat, 16 Sep 2023 10:33:48 GMT
js
www.googletagmanager.com/gtag/ 		183 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-8601618-26
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e8c673bcddaf0e5c174cdf0c0fc0e45493707ca250a89925aec6a0b1b529630
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68220
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Sep 2023 10:33:31 GMT
element.js
translate.google.com/translate_a/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5999870774cf6f3a773481967e0eef3527410bb41e48c42531f67ab69cec4d70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 10:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		56 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.238.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-238-53.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 10:33:31 GMT
server
Oracle API Gateway
opc-request-id
/4B801E82EBA38C4261030C669965940F/D0EE22ECFF5F09A142BB350E689FE41C
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
HomeReception.jpg
www.norsemanhotelwick.co.uk/cm-content/images/edited/ 		202 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/cm-content/images/edited/HomeReception.jpg
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fd94ca6ef80399b632b470a7173c1076e9f06586eb20e2078b2b285a6fbb82d8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
207213
x-powered-by-plesk
PleskWin
last-modified
Mon, 04 May 2020 15:59:15 GMT
server
cloudflare
etag
"8595d3f52c22d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RY7YOIWijWXB%2FY%2Fdf3f0AqxUd62plD6QZLpKPGjr5zNkOaz1xbRCOX3xZYgjVFrN7Pgut420UCBJFQr%2BgvVvF5E1qGOWqf1CPzTyIS54EUngmvCIb2vH9iSA3s3tp9UXt3AbLdXG4z9hRETVvaXRsusLYvkuONa2lyc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
803ec60179379016-FRA
fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Origin
https://www.norsemanhotelwick.co.uk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1055
cdn-cachedat
07/07/2023 01:21:58
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
65452
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"d95d6f5d5ab7cfefd09651800b69bd54"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
279e09f52cc0f542018872c462f0e2af
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
803ec601a99d380d-FRA
cdn-requestpullsuccess
True
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.norsemanhotelwick.co.uk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 09:56:32 GMT
x-content-type-options
nosniff
age
347819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:56:32 GMT
datesmultiyearUTF.js
www.norsemanhotelwick.co.uk/assets/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norsemanhotelwick.co.uk/assets/js/datesmultiyearUTF.js?hotel_id=2248&guide_id=401&months_ahead=24&
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0a94aa1a216ca6054124547c083ed47cb4f6926eca3998069ef9dfb75e10326c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86550
cf-polished
origSize=21853
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-powered-by-plesk
PleskWin
cf-bgj
minify
last-modified
Thu, 30 Nov 2017 17:34:40 GMT
server
cloudflare
etag
W/"f254568016ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAN02m8PYYOYl1FqQaJuuYqQY9wtaDgE3b2UyjQEkAMy9OIYK7fXksidTv%2BNYTsZCnFYRFPr7NP2y9L2piydZeAJPZ4wqkSkuvYRgKfeEQn0RjoL%2BmViSOPOArVdPfcZ4BzVacy4pjC%2FzrDoYdogvrV8aXaT30JTszo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
803ec60189459016-FRA
cal.js
www.norsemanhotelwick.co.uk/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norsemanhotelwick.co.uk/assets/js/cal.js
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/assets/js/datesmultiyearUTF.js?hotel_id=2248&guide_id=401&months_ahead=24&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bfbf58715a6f5e3ec27f011518bf956091898d03f44636c775b104bde4074486

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86550
cf-polished
origSize=11744
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-powered-by-plesk
PleskWin
cf-bgj
minify
last-modified
Thu, 30 Nov 2017 17:34:40 GMT
server
cloudflare
etag
W/"f857188016ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIYjOkakYfWltTxqUDv3dCYGuF%2BdxQph%2BEwF7UEEIffCwJmS%2F%2B5mhDiRf9suwOQpa%2FGyV42sCufXzpVIQDFf7bksP9dOlHoFSx%2BpICmxgyKrwnXgQ1k4fgzS5f3tyo0V7cI3OVDQ0x6PQEje3%2FL%2FkVCdlqnOz%2FhZXzY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
803ec60209c39016-FRA
minical2.gif
js.bookassist.com/scripts/calendar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.bookassist.com/scripts/calendar/minical2.gif
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/assets/js/datesmultiyearUTF.js?hotel_id=2248&guide_id=401&months_ahead=24&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.17.214.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-214-138.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.57 () OpenSSL/1.0.2k-fips Resin/3.1.9 mod_jk/1.2.46 /
Resource Hash
b98c55335b4da9d19cd48ddbfd63a4b785245d93417900e309c7d0ad15c8b333

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 10:33:31 GMT
Server
Apache/2.4.57 () OpenSSL/1.0.2k-fips Resin/3.1.9 mod_jk/1.2.46
Vary
Origin
Upgrade
h2,h2c
Content-Type
image/gif
P3P
CP="ALL DSP COR CUR OTP OUR DEL OTR UNR LEG PRE"
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1189
Expires
Mon, 09 Oct 2023 10:33:31 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.norsemanhotelwick.co.uk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:36:01 GMT
x-content-type-options
nosniff
age
68250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37964
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:43:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 15:36:01 GMT
rt-min.jsp
dwxf316kii2pu.cloudfront.net/scripts/BA/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dwxf316kii2pu.cloudfront.net/scripts/BA/rt-min.jsp
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-11.fra56.r.cloudfront.net
Software
Apache/2.4.57 () OpenSSL/1.0.2k-fips Resin/3.1.9 mod_jk/1.2.46 /
Resource Hash
3aaef30f3352e1a281383b256b50d461820191e1d06fb9eb90633338afcbd9ba

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 17:58:28 GMT
Via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
Server
Apache/2.4.57 () OpenSSL/1.0.2k-fips Resin/3.1.9 mod_jk/1.2.46
X-Amz-Cf-Pop
FRA56-P6
Age
232503
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
P3P
CP="ALL DSP COR CUR OTP OUR DEL OTR UNR LEG PRE"
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
7lhjMSwrCHX_1Q025VgMiufgLXJ2YexwKI5hS8UhODKHDg0X8_d3Hg==
Expires
Wed, 06 Sep 2023 17:58:29 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.nl.sGew4mxkeSs.O/d=1/rs=AN8SPfrjXjBj-0OLXRbn4KNuGEM5BLTZwQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 04:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 01:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 04:17:41 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.nl.sGew4mxkeSs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrjXjBj-0OLXRbn4KNuGEM5BLTZwQ/ 		216 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.nl.sGew4mxkeSs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrjXjBj-0OLXRbn4KNuGEM5BLTZwQ/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.nl.sGew4mxkeSs.O/d=1/rs=AN8SPfrjXjBj-0OLXRbn4KNuGEM5BLTZwQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f057f2ea50996360cb788c5fc87da25674f5a3b48dc1d549440ae68817597415
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77700
x-xss-protection
0
last-modified
Wed, 06 Sep 2023 15:12:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 17:51:53 GMT
js
www.googletagmanager.com/gtag/ 		233 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M4LZ5E4QG3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8601618-26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61148d69f428f20b6f8df012c73e6ccc4080bfbdd2e61ec97a7ce264341ef869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83416
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Sep 2023 10:33:31 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8601618-26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 09:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2628
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Sep 2023 11:49:43 GMT
ba-js-tracker.umd.js
unpkg.com/ba-js-tracker@4.0.5/dist/ 		58 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ba-js-tracker@4.0.5/dist/ba-js-tracker.umd.js
Requested by
Host: dwxf316kii2pu.cloudfront.net
URL: https://dwxf316kii2pu.cloudfront.net/scripts/BA/rt-min.jsp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1bee9544b6e9d4c4d124e713d891be3062bf614ce966ceb8a9574cb9891232
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
6484035
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H3VGCWS01WX5QEMEH0PR3NMB-fra
server
cloudflare
etag
W/"e9c6-+ltDBYM982R6bMyDF/3JGGcUgv8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
803ec6036d062d04-FRA
collect
www.google-analytics.com/g/ 		0
180 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-M4LZ5E4QG3&gtm=45je3960&_p=662820475&cid=446768788.1694255611&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1694255611&sct=1&seg=0&dl=https%3A%2F%2Fwww.norsemanhotelwick.co.uk%2F&dt=The%20Norseman%20Hotel%2C%20Wick%20%7C%20Official%20Website%20%7C%20Hotel%20Wick&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4LZ5E4QG3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 10:33:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.norsemanhotelwick.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=662820475&t=pageview&_s=1&dl=https%3A%2F%2Fwww.norsemanhotelwick.co.uk%2F&ul=en-us&de=UTF-8&dt=The%20Norseman%20Hotel%2C%20Wick%20%7C%20Official%20Website%20%7C%20Hotel%20Wick&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1082578578&gjid=553333916&cid=446768788.1694255611&tid=UA-8601618-26&_gid=613910845.1694255611&_r=1&gtm=457e3960&jsscut=1&z=198764263
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norsemanhotelwick.co.uk/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 10:33:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.norsemanhotelwick.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2BBE 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 16:59:11 GMT
x-content-type-options
nosniff
age
63260
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 07 Sep 2024 16:59:11 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/ Frame D807 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.nl.sGew4mxkeSs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrjXjBj-0OLXRbn4KNuGEM5BLTZwQ/m=el_main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 04:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 01:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 04:17:41 GMT
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 05:49:06 GMT
cleardot.gif
www.google.com/images/ 		43 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/cleardot.gif
Requested by
Host: www.norsemanhotelwick.co.uk
URL: https://www.norsemanhotelwick.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 10:33:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: unpkg.com
URL: https://unpkg.com/ba-js-tracker@4.0.5/dist/ba-js-tracker.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 09:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2628
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Sep 2023 11:49:43 GMT
prod
yofu4i8sfe.execute-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yofu4i8sfe.execute-api.eu-west-1.amazonaws.com/prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-59.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.norsemanhotelwick.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Sat, 09 Sep 2023 10:33:31 GMT
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-apigw-id
K_B_XHfajoEF9Hw=
x-amz-cf-id
FJIfkUH1W_0ETH4O9uYtBg845JVDAq8j3_ikTrOWzPwMJQ1T11nyIQ==
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
b673d4fa-dfab-4073-824b-c8ce8d9fa9f1
x-cache
Miss from cloudfront
prod
yofu4i8sfe.execute-api.eu-west-1.amazonaws.com/ 		257 B
740 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yofu4i8sfe.execute-api.eu-west-1.amazonaws.com/prod
Requested by
Host: unpkg.com
URL: https://unpkg.com/ba-js-tracker@4.0.5/dist/ba-js-tracker.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-59.fra2.r.cloudfront.net
Software
/
Resource Hash
01116fc6a24266bd60956357f8486022f26ccf0be84d2eb0877e52f22d6710f8

Request headers

Referer
https://www.norsemanhotelwick.co.uk/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Sep 2023 10:33:31 GMT
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
eddefeb5-899f-40fd-941a-39c4772b5d63
x-amzn-trace-id
Root=1-64fc49fb-193114102896c6232f2d396a
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-apigw-id
K_B_YFObDoEFQsQ=
content-length
257
x-amz-cf-id
lIoIGNlmLLfTlFeoRwaxAKp5kpLdRZ3XeGwKr_m9FTB8iRHTqqb5dw==
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
HomeLounge.jpg
www.norsemanhotelwick.co.uk/cm-content/images/edited/ 		221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norsemanhotelwick.co.uk/cm-content/images/edited/HomeLounge.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
336968dcbe323d5e9f31ab252c9963c397f71ce7bad7994a6a3bf240110223a4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.norsemanhotelwick.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:33:36 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
225943
x-powered-by-plesk
PleskWin
last-modified
Mon, 04 May 2020 15:59:09 GMT
server
cloudflare
etag
"aaaa5cf22c22d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74NMmCL%2B4xjKAxstvagn2pOfwV%2FtOOYU7lHs3%2FSzz2ODVCfPAOhYqYRW57Heehl3ar6%2Bq1zXInxtzh2TfF3L8Q5MxoGSkCdyeLgthIL3NZ2cQANrnwOfkGdz0AJlvK8L8ybuab%2BCNSUB0y4hgfMxrNCAGt6LtSop6hs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
803ec621efc69016-FRA

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| $ function| jQuery number| hotel_id boolean| showCal number| guide_id string| form_action string| user_language string| title string| months_ahead string| button_text boolean| showPromoCode boolean| nn boolean| showGuests object| urlPars string| pStr string| service_model string| country_id string| showCountries string| showCounties string| showAccoTypes string| hotel_group string| county string| cg_group_id string| countiesAndHotels string| countiesForGroup string| show_stars string| tabs string| tabd string| tabm string| tabr string| tabv string| tpSiteId string| tpId string| group_guide_id string| extraHotelGroup object| today object| tomorrow object| months object| days object| days_long object| paremetersToPickUp string| locationTitle string| hotelOrLocationTitle string| mag boolean| showmag string| form_method boolean| horizontal string| promoCodeValue string| action boolean| use_cross_site_tracking boolean| showAllHotelsOptions string| promoCodeText boolean| showHotelsInGroup undefined| hotelSelectAndGuideIds object| accoTypes object| accoTypesForValue object| counties_by_country object| county_names_by_id object| country_names_by_id object| countries_by_county object| countries undefined| accoTypesLEngth string| iPut string| r string| ch string| user_currency string| ca string| bb string| cb string| dw string| adults string| children string| infants undefined| paramsArray undefined| param object| extraParams function| setDayMonth function| setOutDayMonth function| setMonth function| setDay function| getMonthSelect function| getDaySelect function| getAdultSelect function| getChildSelect function| getCountrySelect function| getCountySelect function| pop_county_select function| set_country_county function| setGuideIdForHotel function| promoKeyPress object| calendar object| cv function| getDim function| addListener object| DOM boolean| gClientIsGecko boolean| gClientIsOpera boolean| gClientIsIE boolean| gClientIsIE5 boolean| gClientIsIE55 boolean| gClientIsIE6 boolean| gClientIsIE7 boolean| gClientIsMac function| _init function| popCal function| killCal function| createCal function| monthBack function| monthForward function| goYearMonth function| chooseDate function| xchooseDate function| initDaySelect function| updateDaySelect function| getDaysForMonth function| checkDateOrder function| getChildImage object| jQuery110203274266332923703 function| WOW function| gtag object| dataLayer object| BA object| wow function| googleTranslateElementInit function| matchCarouselHeight object| google_tag_manager object| google_tag_data function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google string| GoogleAnalyticsObject function| ga function| getRFromRequest function| setCookie function| getCookie function| registerRForSite function| getPDomain function| getR function| getRA function| loadBaJsTracker function| cleanse function| getGoogleAnalyticsConfig object| found object| gaGlobal object| gaplugins object| gaData object| closure_lm_967860 object| baJsTracker

8 Cookies

Domain/Path Name / Value
js.bookassist.com/ Name: AWSALBTGCORS
Value: UnTgXGviNeBWIRvjv0pAyRGGHDgMI0B9a1zyD2ykbhRfHB7bVj5Te1Cx9BwtsgyF6BXo4BFsh00WfhLx/QuHd8CGjjWdvzZl0hjA6e9IPc3f8hzzxUVC5YKKIUFUMOUsYd67GuhdZ6U297CCq6hMW9J+6t7SwNUX3gW6VKGEUGtlNMRr+Tw=
js.bookassist.com/ Name: AWSALBCORS
Value: Jth/D2GpQMHwgfCy1BDds9kf1+JQUZ/9302vyZRRMugZOO0B2DnDHdo8dYmGD4DbS+GjEwPEepx+WsfvkPc+Mrh7vQs8H9Kk1VfZEvGbEB3N8gOfDpGQ9kNsfzJH
.norsemanhotelwick.co.uk/ Name: _ga_M4LZ5E4QG3
Value: GS1.1.1694255611.1.0.1694255611.0.0.0
.norsemanhotelwick.co.uk/ Name: _ga
Value: GA1.3.446768788.1694255611
.norsemanhotelwick.co.uk/ Name: _gid
Value: GA1.3.613910845.1694255611
.norsemanhotelwick.co.uk/ Name: _gat_gtag_UA_8601618_26
Value: 1
.norsemanhotelwick.co.uk/ Name: bassist-session-uuid
Value: d3c5e9ed-ecb3-48b3-8b5f-3375640ab64e
.norsemanhotelwick.co.uk/ Name: bassist-user-uuid
Value: d3c5e9ed-ecb3-48b3-8b5f-3375640ab64e

1 Console Messages

Source Level URL
Text
network error URL: https://www.norsemanhotelwick.co.uk/assets/img/trans_bg_70.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dwxf316kii2pu.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.bookassist.com
maxcdn.bootstrapcdn.com
norsemanhotelwick.co.uk
s7.addthis.com
translate.google.com
translate.googleapis.com
unpkg.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.norsemanhotelwick.co.uk
yofu4i8sfe.execute-api.eu-west-1.amazonaws.com
108.138.7.11
13.224.189.59
23.45.238.53
2606:4700::6810:7aaf
2606:4700::6812:bcf
2a00:1450:4001:80b::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2004
2a06:98c1:3120::3
2a06:98c1:3121::3
52.17.214.138
01116fc6a24266bd60956357f8486022f26ccf0be84d2eb0877e52f22d6710f8
0a94aa1a216ca6054124547c083ed47cb4f6926eca3998069ef9dfb75e10326c
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
1320d247ea8dfadabc1e781215e9ba9f7b22345b95ab07fdc90dc0cb4fa70d5a
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
245d6566c6de5b3d41bdc763c34be8874556018a7c2222eff10247628d6e6d91
2522523f34e8fc2ba417ffbfda149925d87aa5a2f1a7497381f854ec882faa03
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
336968dcbe323d5e9f31ab252c9963c397f71ce7bad7994a6a3bf240110223a4
3524c398af22c81bed397166f10da5874e889a5115359adc9ff9b8c93a645e04
3aaef30f3352e1a281383b256b50d461820191e1d06fb9eb90633338afcbd9ba
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e8c673bcddaf0e5c174cdf0c0fc0e45493707ca250a89925aec6a0b1b529630
5999870774cf6f3a773481967e0eef3527410bb41e48c42531f67ab69cec4d70
61148d69f428f20b6f8df012c73e6ccc4080bfbdd2e61ec97a7ce264341ef869
63c6c1a7480e9c0c5b9afa760e1ce62036d385fce11b662f47a175e61d7bd7d5
69231decb640080cc27cfef7c84b4a9456ac4094676f74a7a37de075e7e17a9f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
77ad73cb9d22d24b74358d2c1791988a3b98141292422c29721981339323cbcb
7f534a8cb76ac94e05e30d82b3809a07813524509e66fb6afae0b57d7ccdcfa9
83c82398cce18a02774692ee4e81a23126189f195444efa712537aa566c95e92
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
b02f26cc436deedd6cb5ccd8b55a506a5f0f55b9da84414f125f2496b551d2b3
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
b98191e5c986101279c5a9ec8fc62647ab4f27b9457ea8fcc36c25ef815fb838
b98c55335b4da9d19cd48ddbfd63a4b785245d93417900e309c7d0ad15c8b333
bfbf58715a6f5e3ec27f011518bf956091898d03f44636c775b104bde4074486
c2ad21b5844cf09ffa69bfa64b261dac92b04ceb222b414110c9b6ffde1f855f
c3b37c3ab183098e6420d6541505e44ef98403dfdf8c8fa35b036e4e1c5e5efa
c485d0a15af6264c129baf951dff3beb78d75d810ce771029566efcf5d484a91
d20252e460c31488847eacb519f167af387902703a1aeecf6627a6242d42b312
d404e6c7544a6ee097ef9de179ddc6b4326d73ea35d2944d8a61cc3cae7473bf
dc1bee9544b6e9d4c4d124e713d891be3062bf614ce966ceb8a9574cb9891232
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e283ca75009e8cf8a24e7db1a031df23b1fda8966025ec8886bc7bb0b176f718
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f057f2ea50996360cb788c5fc87da25674f5a3b48dc1d549440ae68817597415
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
fc229b34e6e3b1e94812dc8350b07184636bed96e33dc030237f0b6bbe6edc2d
fd94ca6ef80399b632b470a7173c1076e9f06586eb20e2078b2b285a6fbb82d8