www.norwegian.com
Open in
urlscan Pro
2606:4700::6811:b96a
Public Scan
Effective URL: https://www.norwegian.com/en/ipr/mynorwegian
Submission: On April 02 via manual from LV — Scanned from DE
Summary
TLS certificate: Issued by E1 on March 12th 2024. Valid for: 3 months.
This is the only time www.norwegian.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net
ad.doubleclick.net |
ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
e11233f1926a.cdn4.forter.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-17-191-240.deploy.static.akamaitechnologies.com
a17202440929.cdn.optimizely.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-25-89.compute-1.amazonaws.com
8d4a6239da0448b3b5e6791c32e7b6f2-e11233f1926a.cdn.forter.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-55-50.eu-west-1.compute.amazonaws.com
cdn.cartrawler.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.140.111.34.bc.googleusercontent.com
logx.optimizely.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-191-43.compute-1.amazonaws.com
cdn0.forter.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
47 |
norwegian.com
4 redirects
www.norwegian.com — Cisco Umbrella Rank: 279148 |
795 KB |
10 |
cartrawler.com
8 redirects
cdn.cartrawler.com — Cisco Umbrella Rank: 183553 product-router.cartrawler.com — Cisco Umbrella Rank: 57433 |
113 KB |
9 |
forter.com
1 redirects
e11233f1926a.cdn4.forter.com cdn9.forter.com — Cisco Umbrella Rank: 4806 8d4a6239da0448b3b5e6791c32e7b6f2-e11233f1926a.cdn.forter.com cdn0.forter.com — Cisco Umbrella Rank: 4739 |
143 KB |
8 |
imgix.net
ct-supplierimage.imgix.net — Cisco Umbrella Rank: 176809 |
35 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 2042 |
21 KB |
3 |
optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 829 a17202440929.cdn.optimizely.com — Cisco Umbrella Rank: 726578 logx.optimizely.com — Cisco Umbrella Rank: 1493 |
172 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42 |
234 KB |
1 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 |
64 B |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 813 |
7 KB |
1 |
doubleclick.net
1 redirects
ad.doubleclick.net — Cisco Umbrella Rank: 146 |
25 B |
0 |
hotels.com
Failed
widgets.hotels.com Failed |
|
74 | 11 |
Domain | Requested by | |
---|---|---|
47 | www.norwegian.com |
4 redirects
www.norwegian.com
static.cloudflareinsights.com |
8 | ct-supplierimage.imgix.net | |
8 | cdn.cartrawler.com | 8 redirects |
5 | cdn0.forter.com |
e11233f1926a.cdn4.forter.com
|
2 | product-router.cartrawler.com |
www.norwegian.com
product-router.cartrawler.com |
2 | cdn9.forter.com |
1 redirects
www.norwegian.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | www.googletagmanager.com |
www.norwegian.com
www.googletagmanager.com |
1 | logx.optimizely.com |
cdn.optimizely.com
|
1 | 8d4a6239da0448b3b5e6791c32e7b6f2-e11233f1926a.cdn.forter.com |
e11233f1926a.cdn4.forter.com
|
1 | a17202440929.cdn.optimizely.com |
cdn.optimizely.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | pagead2.googlesyndication.com |
www.googletagmanager.com
|
1 | e11233f1926a.cdn4.forter.com |
www.norwegian.com
|
1 | static.cloudflareinsights.com |
www.norwegian.com
|
1 | cdn.optimizely.com |
www.norwegian.com
|
1 | ad.doubleclick.net | 1 redirects |
0 | widgets.hotels.com Failed |
www.norwegian.com
|
74 | 18 |
This site contains links to these domains. Also see Links.
Domain |
---|
cars.cartrawler.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.norwegian.com E1 |
2024-03-12 - 2024-06-10 |
3 months | crt.sh |
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-09-01 - 2024-09-04 |
a year | crt.sh |
cloudflareinsights.com GTS CA 1P5 |
2024-03-10 - 2024-06-08 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.cdn4.forter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-28 - 2024-12-15 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.cdn.optimizely.com GeoTrust RSA CA 2018 |
2024-01-25 - 2025-01-27 |
a year | crt.sh |
*.cdn.forter.com DigiCert Global G3 TLS ECC SHA384 2020 CA1 |
2023-11-23 - 2024-07-22 |
8 months | crt.sh |
*.cartrawler.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-15 - 2024-09-23 |
7 months | crt.sh |
logx.optimizely.com GTS CA 1D4 |
2024-02-08 - 2024-05-09 |
3 months | crt.sh |
cdn0.forter.com GeoTrust TLS RSA CA G1 |
2023-06-22 - 2024-07-22 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.norwegian.com/en/ipr/mynorwegian
Frame ID: 2DAB0E5F19BB0A2BA2AC07544436F443
Requests: 69 HTTP requests in this frame
Frame:
https://www.norwegian.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: C73CF0540426010C092B7715DC1D28AA
Requests: 2 HTTP requests in this frame
Frame:
https://a17202440929.cdn.optimizely.com/client_storage/a17202440929.html
Frame ID: DC3CC3FA8218BD9AF856F34FB12364C6
Requests: 1 HTTP requests in this frame
Frame:
https://product-router.cartrawler.com/product/widget/norwegian/573004/EN?ng-if=vm.model.flightList.length%20%3E%200¤cy=EUR&pax=1&pnr=SHRR5P&flight-0-arrival-date-time=2024-04-05T08:35:00&flight-0-arrival-iata=OSL&flight-0-departure-date-time=2024-04-05T08:00:00&flight-0-departure-iata=RIX&flight-0-number=D82002
Frame ID: 3519C061CEDE7CEDF886DC0FF4838344
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Booking reference | NorwegianPage URL History Show full URLs
-
https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11346953.151051694;dc_trk_aid=3216262...
HTTP 302
https://www.norwegian.com/en/start/flight/change?pnr=SHRR5P&pnrLocal=M46QJ&pnrname=ABELE&NAS_source=N3... HTTP 302
https://www.norwegian.com/en/ipc/reschange/start?pnr=SHRR5P&pnrLocal=M46QJ&pnrname=ABELE&NAS_source=N3... HTTP 302
https://www.norwegian.com/en/start/booking/details/?pnr=SHRR5P&pnrLocal=M46QJ&pnrName=ABELE&RedirectId=10 HTTP 302
https://www.norwegian.com/en/ipr/mynorwegian Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- \bangular.{0,32}\.js
Cloudflare Browser Insights (Analytics) Expand
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Forter (Analytics) Expand
Detected patterns
- forter\.com
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Optimizely (Analytics) Expand
Detected patterns
- optimizely\.com.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Book your airport transfer
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11346953.151051694;dc_trk_aid=321626246;dc_trk_cid=73644999;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?https://www.norwegian.com/en/start/flight/change?pnr=SHRR5P&pnrLocal=M46QJ&pnrname=ABELE
HTTP 302
https://www.norwegian.com/en/start/flight/change?pnr=SHRR5P&pnrLocal=M46QJ&pnrname=ABELE&NAS_source=N388808.2679425NORWEGIAN&dclid=COCY4sfYo4UDFRDhuwgdVEkJEw HTTP 302
https://www.norwegian.com/en/ipc/reschange/start?pnr=SHRR5P&pnrLocal=M46QJ&pnrname=ABELE&NAS_source=N388808.2679425NORWEGIAN&dclid=COCY4sfYo4UDFRDhuwgdVEkJEw HTTP 302
https://www.norwegian.com/en/start/booking/details/?pnr=SHRR5P&pnrLocal=M46QJ&pnrName=ABELE&RedirectId=10 HTTP 302
https://www.norwegian.com/en/ipr/mynorwegian Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- https://www.norwegian.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://www.norwegian.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
- https://cdn9.forter.com/vchk2 HTTP 301
- https://cdn9.forter.com/vchk2/v1/76eb5eca3a482f726975b21e18a654bca2b6cb0d29814736bbe43458edc29416ac7f4acf611751e1ddf54ed1a377
- https://cdn.cartrawler.com/otaimages/vendor/chrome/Budget.jpg HTTP 301
- https://ct-supplierimage.imgix.net/car/budget.pdf?fm=jpg&w=49&bg=fff
- https://cdn.cartrawler.com/otaimages/vendor/chrome/Hertz.jpg HTTP 301
- https://ct-supplierimage.imgix.net/car/hertz.pdf?fm=jpg&w=49&bg=fff
- https://cdn.cartrawler.com/otaimages/vendor/chrome/Europcar.jpg HTTP 301
- https://ct-supplierimage.imgix.net/car/europcar.pdf?fm=jpg&w=49&bg=fff
- https://cdn.cartrawler.com/otaimages/vendor/chrome/Firefly.jpg HTTP 301
- https://ct-supplierimage.imgix.net/car/firefly.pdf?fm=jpg&w=49&bg=fff
- https://cdn.cartrawler.com/otaimages/vendor/chrome/Sixt.jpg HTTP 301
- https://ct-supplierimage.imgix.net/car/sixt.pdf?fm=jpg&w=49&bg=fff
- https://cdn.cartrawler.com/otaimages/vendor/chrome/Avis.jpg HTTP 301
- https://ct-supplierimage.imgix.net/car/avis.pdf?fm=jpg&w=49&bg=fff
- https://cdn.cartrawler.com/otaimages/vendor/chrome/Alamo.jpg HTTP 301
- https://ct-supplierimage.imgix.net/car/alamo.pdf?fm=jpg&w=49&bg=fff
- https://cdn.cartrawler.com/otaimages/vendor/chrome/Green_Motion.jpg HTTP 301
- https://ct-supplierimage.imgix.net/car/green_motion.pdf?fm=jpg&w=49&bg=fff
74 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
mynorwegian
www.norwegian.com/en/ipr/ Redirect Chain
|
36 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NewNasStyles
www.norwegian.com/resourceipr/style-bundle/ |
507 KB 72 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lib.js
www.norwegian.com/resourceipr/script-bundle/ |
779 KB 224 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instant.js
www.norwegian.com/resourceipr/script-bundle/ |
61 B 197 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sharedlang.en.js
www.norwegian.com/resourceipr/script-bundle/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iprlang.en.js
www.norwegian.com/resourceipr/script-bundle/ |
70 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteMap
www.norwegian.com/resourceipr/js/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-locale_en.js
www.norwegian.com/resourceipr/script-bundle/ |
1 KB 890 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sharedtemplates.js
www.norwegian.com/resourceipr/script-bundle/ |
289 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstraptemplates.js
www.norwegian.com/resourceipr/script-bundle/ |
6 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
templates.js
www.norwegian.com/resourceipr/script-bundle/ |
620 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
booking.js
cdn.optimizely.com/public/17202440929/s/ |
788 KB 171 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.css.svg
www.norwegian.com/resourceipr/Content/Styles/ |
281 KB 52 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ident.svg
www.norwegian.com/Content/img/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ident-mobile.svg
www.norwegian.com/Content/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plainPageController.js
www.norwegian.com/resourceipr/script-bundle/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
www.norwegian.com/resourceipr/script-bundle/ |
287 B 276 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brand.js
www.norwegian.com/resourceipr/script-bundle/ |
69 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.js
www.norwegian.com/resourceipr/script-bundle/ |
219 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mynorwegian.js
www.norwegian.com/resourceipr/script-bundle/ |
86 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layoutConfig.js
www.norwegian.com/resourceipr/script-bundle/ |
506 B 332 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrappedData.js
www.norwegian.com/resourceipr/script-bundle/ |
201 B 296 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie-consent
www.norwegian.com/resourceipr/script-bundle/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
559 KB 148 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apercu_regular_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ |
34 KB 34 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-ElClHfq20amJ4CIwcyE9dMY%2FXtk54R8D4smJ0LJnM48%3D/ |
288 KB 140 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
8daa1aa6-c946-4134-b0d3-cfc13467d8d4
https://www.norwegian.com/ |
5 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
242 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
landing
pagead2.googlesyndication.com/pagead/ |
42 B 64 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destinations
www.norwegian.com/resourceipr/api/ |
36 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
www.norwegian.com/resourceipr/api/busy/ |
43 B 264 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mynorwegian.tpl.html
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/ |
80 B 275 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.norwegian.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame C73C Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.css.svg
www.norwegian.com/resourceipr/Content/Styles/ |
281 KB 52 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apercu_bold_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ |
33 KB 33 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apercu_medium_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ |
35 KB 35 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
76eb5eca3a482f726975b21e18a654bca2b6cb0d29814736bbe43458edc29416ac7f4acf611751e1ddf54ed1a377
cdn9.forter.com/vchk2/v1/ Redirect Chain
|
0 322 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
99fac0b3-47e9-4924-bd30-005ec32d39fd
https://www.norwegian.com/ |
17 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 256 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/ |
35 B 243 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
86e1591b5a4b972a
www.norwegian.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C73C |
0 305 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reservationDetails
www.norwegian.com/resourceipr/api/mynorwegian/ |
15 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reservation.tpl.html
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ |
42 KB 7 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a17202440929.html
a17202440929.cdn.optimizely.com/client_storage/ Frame DC3C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
www.norwegian.com/cdn-cgi/ |
0 150 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
prop.json
8d4a6239da0448b3b5e6791c32e7b6f2-e11233f1926a.cdn.forter.com/ |
2 B 625 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.png
www.norwegian.com/Content/img/ |
144 B 1 KB |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citypairWithdrawnAcceptBox.tpl.html
www.norwegian.com/resourceipr/Scripts/sharedComponents/app/shared/components/cancellation/ |
863 B 577 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
canceledFlightBox.tpl.html
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ |
430 B 406 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
upgradesAndChanges.tpl.html
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ |
2 KB 836 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reservationContent.tpl.html
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ |
60 B 236 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
budget.pdf
ct-supplierimage.imgix.net/car/ Redirect Chain
|
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hertz.pdf
ct-supplierimage.imgix.net/car/ Redirect Chain
|
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
europcar.pdf
ct-supplierimage.imgix.net/car/ Redirect Chain
|
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firefly.pdf
ct-supplierimage.imgix.net/car/ Redirect Chain
|
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sixt.pdf
ct-supplierimage.imgix.net/car/ Redirect Chain
|
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avis.pdf
ct-supplierimage.imgix.net/car/ Redirect Chain
|
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alamo.pdf
ct-supplierimage.imgix.net/car/ Redirect Chain
|
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
green_motion.pdf
ct-supplierimage.imgix.net/car/ Redirect Chain
|
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ident-hotels-com.png
www.norwegian.com/Content/Images/content/ |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-right.svg
www.norwegian.com/resourceipr/Content/img/icons/small/ |
678 B 490 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
list--journey.svg
www.norwegian.com/resourceipr/Content/img/icons/ |
11 KB 779 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-marker.svg
www.norwegian.com/resourceipr/Content/img/icons/ |
628 B 487 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
product-router.cartrawler.com/assets/ |
339 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
xsell.js
widgets.hotels.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EN
product-router.cartrawler.com/product/widget/norwegian/573004/ Frame 3519 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
logx.optimizely.com/v1/ |
0 482 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prop.json
cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/ |
20 B 361 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prop.json
cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/ |
20 B 361 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prop.json
cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/ |
20 B 361 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
wpt.json
cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/ |
20 B 442 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
wpt.json
cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- widgets.hotels.com
- URL
- https://widgets.hotels.com/xsell.js
Verdicts & Comments Add Verdict or Comment
59 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| onpagereveal object| dataLayer object| html5 object| Modernizr function| yepnope function| moment function| inherits object| Rx object| angular number| ng339 function| _ object| React object| ReactDOM object| ngReact function| setProfileAvatarVisible function| rememberPrevisitedPage object| NasPlainMenuController object| NasPlainScrollToController object| NasPlainSwitchLanguageController object| ftr__config number| ftr__startScriptLoad function| ftr__fdad function| d2ii function| o9ff function| N4kk function| p2ll object| ftr__ext function| ftr__ object| ftr__scriptLoadOptions object| ftr__bufferW object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ftr__JSON3 function| openWindow function| openCookieConsentWindow function| onCookieConsentAcceptAllClick function| onCookieConsentAcceptNecessaryClick object| cookieConsentWindow object| __cfBeacon object| gaGlobal object| gaplugins object| gaData function| _ga_originalSendHitTask object| optimizely function| optiReadyVARNORCTRAvaday boolean| norT148Global function| optiReadyT148Global number| startTime number| duration object| xSell function| setImmediate function| clearImmediate function| iFrameResize object| cartrawler11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: APC Value: AfxxVi4gIpCNWFl0npsGsNf-iAB1FLHlNOqrZ1lytrrmYX2c7dEARw |
|
.doubleclick.net/ | Name: FLC Value: CN-fzgEQrruDSBiGwa6ZASDH944jKK7g5gIwmJ-wsAZwANq4BA4yDDoKCggoMJgXvf3BOg |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnGRZKg9v_x4Vi0IyWP1TsDtpnAi27FOmUrHE_cEEAqkevWOMCPHQIploT4CcA |
|
www.norwegian.com/ | Name: ASP.NET_SessionId Value: enbtvrawydjkdhtbojyftllc |
|
www.norwegian.com/ | Name: BIGipServeriBx8wVGpqnM5WiYIXO2HVQ Value: !9sc4boXsazo0REOLfBtW9rLlS/SFmVgBmgbbIDhgTKhD8JhbLNUL2oVq+0XHBykxCtm5zuiHvV0loyNF60mBJo6aIA0ZSaZFnCbQcyc= |
|
.norwegian.com/ | Name: __cf_bm Value: 0O5pasG7l5in2DFb29SxRd.9n3.AdhZFgVFdPuva8U0-1712066456-1.0.1.1-TSckoqBamJJ6H1WZIYoLsa2TiZJKLLsI6wCPiHOWuGLjwfIJPZU2IrLu88g9aedWef0473Xzdhfx72aMAsaJ6A |
|
.norwegian.com/ | Name: forterToken Value: 8d4a6239da0448b3b5e6791c32e7b6f2_1712066457085__UDF43_15ck |
|
.norwegian.com/ | Name: cf_clearance Value: eKB3uA1BAsnGKR8QYOpMN1.4ajjVJleiI6.omwGBhiI-1712066457-1.0.1.1-DGDZl4g3rObUQT747Js3WY99RIT4YMqtJZxO7v.ZSafAAQpmCUoYXBogKYxCvlygS9rhzCpjerZAVCDs47gHTQ |
|
.norwegian.com/ | Name: optimizelyEndUserId Value: oeu1712066457801r0.9377716583988585 |
|
.www.norwegian.com/ | Name: TS01e9bd6b Value: 01ccc25f524fbd8e77f28b2c2f0d641ec4d20ba4dccff2217409a94c128d5c9d9dea68bdf360fb6cc210a80985ad37eb4e597eba30 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
8d4a6239da0448b3b5e6791c32e7b6f2-e11233f1926a.cdn.forter.com
a17202440929.cdn.optimizely.com
ad.doubleclick.net
cdn.cartrawler.com
cdn.optimizely.com
cdn0.forter.com
cdn9.forter.com
ct-supplierimage.imgix.net
e11233f1926a.cdn4.forter.com
logx.optimizely.com
pagead2.googlesyndication.com
product-router.cartrawler.com
region1.google-analytics.com
static.cloudflareinsights.com
widgets.hotels.com
www.google-analytics.com
www.googletagmanager.com
www.norwegian.com
widgets.hotels.com
172.217.16.198
2.17.191.240
2001:4860:4802:34::36
2600:9000:20b4:3c00:e:d088:5c40:93a1
2600:9000:2644:3800:f:1b37:e600:93a1
2606:4700::6810:5049
2606:4700::6811:b96a
2a00:1450:4001:813::2002
2a00:1450:4001:81d::200e
2a00:1450:4001:82f::2008
2a02:26f0:3500:883::13b8
2a04:4e42:200::720
3.234.25.89
34.111.140.246
34.192.191.43
54.216.55.50
93.184.220.191
065341d310415902ed6765d10cfad08ee201ca88a2c499884e9495720a09ddcd
081d2a51d781c18dbc059b5d990733127b739e65ccbfeb999aed7945dd6eeddd
1250a51dfab6d1a989e0223073213d74c63f5ed939e11f03e2c989d0b267338f
14112a43ed9320e7297894829ec60e5f9820c4902cd16c923459aedbf009a071
16465bbb64011d29c4c045b009fc75cf5738e5fded0c2486f1644875d8f93960
1b113f0892dd2f86de171cf0c56c8eaa263172ff100a58a968d9a5e5a7b6069e
2422be421e14e785b1be011c695e794c2a0c6c1adec2fd616809161b77ca850e
261be954ac4b90e3a03b3796b9332cb16228c40713457b5a892bf8d642dd2183
2812fa576d8e150afd90676c063dd9f8bd9c8b0db2b5e24d4a6f3ddec4a7803a
290643782704fea6eb49a558b6344c9f4bf6d97eafdaf4d2e687406ce31aa676
3096717f928323a1bdc8e8438b18786a467f8f14ff1574970d34995374c66b78
3800731f5a412c6a76700f8c1e620ef71f7f0554db8cc873e2679890d2633247
390369c902eda88f878841b48184c2ae13d723ac7611500b3ad3517ed005a8f0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4bed21018499d8d81d6c55f9dfdd1eb5d3b8c45f6bc183fb3e5e14b4c66bf3e4
507ce0fc9b536c628808a0668b78b0800a9f02daf2d8847bd9fe0649cc16e395
5896bf0015007a9a1b5129a335ad4874eb66f296ceff3c10648e3a08d2dd61c9
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62d98e8d4a1347c5b86a582c3248c2cbcd36e89162d4ef2a201fe35ff82b5ec1
63bb2fc329a5df93e799e86697b51cd6a946c7014a485a7398416129463df53d
67f12170cfd9e52545cb17e3051c4f218fbf5a1991922e754cdc2f702cd61449
6ba5080a3b54e269cb3c9b9b86f82de231306d7656b83acb09fdb11d5c439022
70d46c9cf870fccf7a5f8270e2bfac68f770c13dd57b25e919bfa630245fc5da
7966afa4112bc623568c2ecc466eed655cbf9de5ce7fef1f40ea0fa347bedae0
81197304427823a1bf4e7bcebfceabae49623fe32f5a7004e1a4506d93656994
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e8b79d8908650efc29905f2915687e05d152b6c5f6f542f9987cc7656c2e49
8f80cbb0c722ca7c3cd18f3485e1cc1729dc367f67931ff1ce13ac2e04b0d24e
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
98385d30754ca6bcac12ece467ac9778a757ea5b835cb11896a79884cfe51fe4
a48d4d205f988b921f7afe244dfd8a995c6f4bbaa1794bf720abe929283dd1b2
a5df42d5722657fbeca739105c124271ccd618d57201a82f2c65fe53a767cffa
a60cd75b231caac6a9c9ed005405fda438c4e3cbb5b5530bfd97f16ab5bafe4c
a6193e02d2c7aaf91fd5b7e23b4c9ec2ad42795d25b808aba51705068b51e3ff
af5a56f0a9eb13d4238b5780ddf731237e65492bba73a37f4896edcec9a46562
bd278b86cceac75fbfa08b15e84ad0c1039c59dbbb06f6f56cce8ad03e6e1f73
bde7e72d2732047c21f850a38f799362b8e8e4af8a40db62f3189585ecd22deb
bf210245490588d723c5e9f32ef936eff332045d564dff94ef748aad3acbd459
c4e58cda5b35d0e7e05b39639edf5649bf18cf6e07442bb7ad91eafb30befc87
c87d13a9bc9378f95cc996dcc6dc4254a5a13f5ff36c5236808e0ab60bd72b9b
cbb206bacc8d6d53f2245481f255b34843287fea21af5288dd8250cbf8675c3b
cdcc7d6a1815225d69b4ff42c6e86b266579e2aa44af5a7bdedac353f3e78633
cddd9835fc75b2c3509dde2f6f893141383504988220830bf98e6c0c88c34466
d13baaba24c23f8a092a83798f33f6a198531c7849c6d8cf0ea2c001d11ac478
d362a5b66bbc802534cb99f34a7513aa6e8c83794298bedd8353193a9d3d6bae
d7daa29f966212081fe4dd6ea032d6e2718bb1d3d05bd96a0eb0cf13db56d99d
dc3c23b01386976cefe20780dc329a13910f736baec0af707bcdce7824f41fb2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e00d35bc92b7dcf41799411eafeaa03c0682c977bb15446f88c497b5cd1be4a5
e0996e1e27267e75e64247fd46b750a73181b917fc53ee492b7a73fd83ebd94f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a65d4e2f9cb7b7c68127e9ad4ebe86d4f1ad84e10f715f5cc2a94af762abae
e9239a632efcaa8c3862c968424f78742c19f586d7c9dcbc600031ad5bedfe3b
e9d981c4434600f81280bb51381ff132b2b5b04b15f316ecafccb45a8d4f3c9d
ea7dbc05557a28e311b7b2ec5c9cb47c978bcf7adc3ebc81f794362f6d4e6e3a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdbe3b6e8abfa6d941153c24b2745e6dec9b96eb7e461539f85ee5f71d206e8
f67aaffa2693ba3bbfe4df1c79d4dfda08422193221d0890ab2e2d7020b58c7b
f69d27a7be4086e8b312d15235dc93ec16a2c6b0cb6bd4338e992d98cf258465
faf9ca9aea0994e36d0e85672a62e6f1844de86cefda1dbeab6aa4690f08f2fc
fc9405646369703b5fb08e33654fd8308546d959c7cf778e3d794443b08fb89c
feba6c303dd08052f3495a22c91593095ddc29cdbce78c6cbfd5cedb6cede493