www.norwegian.com Open in urlscan Pro
2606:4700::6811:b96a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11346953.151051694;dc_trk_aid=321626246;dc_trk_cid=736449...
Effective URL:
https://www.norwegian.com/en/ipr/mynorwegian
Submission: On April 02 via manual (April 2nd 2024, 2:01:02 pm UTC) from LV — Scanned from DE

Summary HTTP 74 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 74 HTTP transactions. The main IP is 2606:4700::6811:b96a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.norwegian.com. The Cisco Umbrella rank of the primary domain is 279148.
TLS certificate: Issued by E1 on March 12th 2024. Valid for: 3 months.

This is the only time www.norwegian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
4 47	2606:4700::68... 2606:4700::6811:b96a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:883::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:264... 2600:9000:2644:3800:f:1b37:e600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:20b... 2600:9000:20b4:3c00:e:d088:5c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2.17.191.240 2.17.191.240	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.234.25.89 3.234.25.89	14618 (AMAZON-AES) (AMAZON-AES)
8 8	54.216.55.50 54.216.55.50	16509 (AMAZON-02) (AMAZON-02)
8	2a04:4e42:200... 2a04:4e42:200::720	54113 (FASTLY) (FASTLY)
2	93.184.220.191 93.184.220.191	15133 (EDGECAST) (EDGECAST)
1	34.111.140.246 34.111.140.246	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	34.192.191.43 34.192.191.43	14618 (AMAZON-AES) (AMAZON-AES)
74	16

1 172.217.16.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2606:4700::6811:b96a (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

www.norwegian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:883::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:3800:f:1b37:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)

e11233f1926a.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20b4:3c00:e:d088:5c40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.191.240 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-191-240.deploy.static.akamaitechnologies.com

a17202440929.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.25.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-25-89.compute-1.amazonaws.com

8d4a6239da0448b3b5e6791c32e7b6f2-e11233f1926a.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.216.55.50 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-55-50.eu-west-1.compute.amazonaws.com

cdn.cartrawler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:200::720 (United States)

ASN54113 (FASTLY, US)

ct-supplierimage.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.191 (London, United Kingdom)

ASN15133 (EDGECAST, US)

product-router.cartrawler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.140.246 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.140.111.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.192.191.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-191-43.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	norwegian.com 4 redirects www.norwegian.com — Cisco Umbrella Rank: 279148	795 KB
10	cartrawler.com 8 redirects cdn.cartrawler.com — Cisco Umbrella Rank: 183553 product-router.cartrawler.com — Cisco Umbrella Rank: 57433	113 KB
9	forter.com 1 redirects e11233f1926a.cdn4.forter.com cdn9.forter.com — Cisco Umbrella Rank: 4806 8d4a6239da0448b3b5e6791c32e7b6f2-e11233f1926a.cdn.forter.com cdn0.forter.com — Cisco Umbrella Rank: 4739	143 KB
8	imgix.net ct-supplierimage.imgix.net — Cisco Umbrella Rank: 176809	35 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 2042	21 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 829 a17202440929.cdn.optimizely.com — Cisco Umbrella Rank: 726578 logx.optimizely.com — Cisco Umbrella Rank: 1493	172 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	234 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107	64 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 813	7 KB
1	doubleclick.net 1 redirects ad.doubleclick.net — Cisco Umbrella Rank: 146	25 B
0	hotels.com Failed widgets.hotels.com Failed
74	11

	Domain	Requested by
47	www.norwegian.com	4 redirects www.norwegian.com static.cloudflareinsights.com
8	ct-supplierimage.imgix.net
8	cdn.cartrawler.com	8 redirects
5	cdn0.forter.com	e11233f1926a.cdn4.forter.com
2	product-router.cartrawler.com	www.norwegian.com product-router.cartrawler.com
2	cdn9.forter.com	1 redirects www.norwegian.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.norwegian.com www.googletagmanager.com
1	logx.optimizely.com	cdn.optimizely.com
1	8d4a6239da0448b3b5e6791c32e7b6f2-e11233f1926a.cdn.forter.com	e11233f1926a.cdn4.forter.com
1	a17202440929.cdn.optimizely.com	cdn.optimizely.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	e11233f1926a.cdn4.forter.com	www.norwegian.com
1	static.cloudflareinsights.com	www.norwegian.com
1	cdn.optimizely.com	www.norwegian.com
1	ad.doubleclick.net	1 redirects
0	widgets.hotels.com Failed	www.norwegian.com
74	18

This site contains links to these domains. Also see Links.

Domain
cars.cartrawler.com

Subject Issuer	Validity	Valid
www.norwegian.com E1	`2024-03-12` - `2024-06-10`	3 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.cdn4.forter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-28` - `2024-12-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2024-01-25` - `2025-01-27`	a year	crt.sh
*.cdn.forter.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-11-23` - `2024-07-22`	8 months	crt.sh
*.cartrawler.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-15` - `2024-09-23`	7 months	crt.sh
logx.optimizely.com GTS CA 1D4	`2024-02-08` - `2024-05-09`	3 months	crt.sh
cdn0.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.norwegian.com/en/ipr/mynorwegian
Frame ID: 2DAB0E5F19BB0A2BA2AC07544436F443
Requests: 69 HTTP requests in this frame

Frame: https://www.norwegian.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: C73CF0540426010C092B7715DC1D28AA
Requests: 2 HTTP requests in this frame

Frame: https://a17202440929.cdn.optimizely.com/client_storage/a17202440929.html
Frame ID: DC3CC3FA8218BD9AF856F34FB12364C6
Requests: 1 HTTP requests in this frame

Frame: https://product-router.cartrawler.com/product/widget/norwegian/573004/EN?ng-if=vm.model.flightList.length%20%3E%200&currency=EUR&pax=1&pnr=SHRR5P&flight-0-arrival-date-time=2024-04-05T08:35:00&flight-0-arrival-iata=OSL&flight-0-departure-date-time=2024-04-05T08:00:00&flight-0-departure-iata=RIX&flight-0-number=D82002
Frame ID: 3519C061CEDE7CEDF886DC0FF4838344
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Booking reference | Norwegian

Page URL History Show full URLs

https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11346953.151051694;dc_trk_aid=3216262... HTTP 302
https://www.norwegian.com/en/start/flight/change?pnr=SHRR5P&pnrLocal=M46QJ&pnrname=ABELE&NAS_source=N3... HTTP 302
https://www.norwegian.com/en/ipc/reschange/start?pnr=SHRR5P&pnrLocal=M46QJ&pnrname=ABELE&NAS_source=N3... HTTP 302
https://www.norwegian.com/en/start/booking/details/?pnr=SHRR5P&pnrLocal=M46QJ&pnrName=ABELE&RedirectId=10 HTTP 302
https://www.norwegian.com/en/ipr/mynorwegian Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

74
Requests

82 %
HTTPS

59 %
IPv6

11
Domains

18
Subdomains

16
IPs

4
Countries

1515 kB
Transfer

5859 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cars.cartrawler.com/norwegian-new/en/gt/?clientID=578513
Title: Book your airport transfer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11346953.151051694;dc_trk_aid=321626246;dc_trk_cid=73644999;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?https://www.norwegian.com/en/start/flight/change?pnr=SHRR5P&pnrLocal=M46QJ&pnrname=ABELE HTTP 302
https://www.norwegian.com/en/start/flight/change?pnr=SHRR5P&pnrLocal=M46QJ&pnrname=ABELE&NAS_source=N388808.2679425NORWEGIAN&dclid=COCY4sfYo4UDFRDhuwgdVEkJEw HTTP 302
https://www.norwegian.com/en/ipc/reschange/start?pnr=SHRR5P&pnrLocal=M46QJ&pnrname=ABELE&NAS_source=N388808.2679425NORWEGIAN&dclid=COCY4sfYo4UDFRDhuwgdVEkJEw HTTP 302
https://www.norwegian.com/en/start/booking/details/?pnr=SHRR5P&pnrLocal=M46QJ&pnrName=ABELE&RedirectId=10 HTTP 302
https://www.norwegian.com/en/ipr/mynorwegian Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.norwegian.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.norwegian.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Request Chain 37

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/76eb5eca3a482f726975b21e18a654bca2b6cb0d29814736bbe43458edc29416ac7f4acf611751e1ddf54ed1a377

Request Chain 52

https://cdn.cartrawler.com/otaimages/vendor/chrome/Budget.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/budget.pdf?fm=jpg&w=49&bg=fff

Request Chain 53

https://cdn.cartrawler.com/otaimages/vendor/chrome/Hertz.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/hertz.pdf?fm=jpg&w=49&bg=fff

Request Chain 54

https://cdn.cartrawler.com/otaimages/vendor/chrome/Europcar.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/europcar.pdf?fm=jpg&w=49&bg=fff

Request Chain 55

https://cdn.cartrawler.com/otaimages/vendor/chrome/Firefly.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/firefly.pdf?fm=jpg&w=49&bg=fff

Request Chain 56

https://cdn.cartrawler.com/otaimages/vendor/chrome/Sixt.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/sixt.pdf?fm=jpg&w=49&bg=fff

Request Chain 57

https://cdn.cartrawler.com/otaimages/vendor/chrome/Avis.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/avis.pdf?fm=jpg&w=49&bg=fff

Request Chain 58

https://cdn.cartrawler.com/otaimages/vendor/chrome/Alamo.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/alamo.pdf?fm=jpg&w=49&bg=fff

Request Chain 59

https://cdn.cartrawler.com/otaimages/vendor/chrome/Green_Motion.jpg HTTP 301
https://ct-supplierimage.imgix.net/car/green_motion.pdf?fm=jpg&w=49&bg=fff

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request mynorwegian Show response
www.norwegian.com/en/ipr/
Redirect Chain

https://ad.doubleclick.net/ddm/trackclk/N388808.2679425NORWEGIAN/B11346953.151051694;dc_trk_aid=321626246;dc_trk_cid=73644999;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?https://www.norwegia...
https://www.norwegian.com/en/start/flight/change?pnr=SHRR5P&pnrLocal=M46QJ&pnrname=ABELE&NAS_source=N388808.2679425NORWEGIAN&dclid=COCY4sfYo4UDFRDhuwgdVEkJEw
https://www.norwegian.com/en/ipc/reschange/start?pnr=SHRR5P&pnrLocal=M46QJ&pnrname=ABELE&NAS_source=N388808.2679425NORWEGIAN&dclid=COCY4sfYo4UDFRDhuwgdVEkJEw
https://www.norwegian.com/en/start/booking/details/?pnr=SHRR5P&pnrLocal=M46QJ&pnrName=ABELE&RedirectId=10
https://www.norwegian.com/en/ipr/mynorwegian

36 KB
11 KB

77ms
77ms

Document
text/html

2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e58cda5b35d0e7e05b39639edf5649bf18cf6e07442bb7ad91eafb30befc87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 86e1591b5a4b972a-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
content-type: text/html; charset=utf-8
date: Tue, 02 Apr 2024 14:00:56 GMT
permissions-policy: camera=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
cache-control: public, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 86e1591ae9d4972a-FRA
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
content-type: text/html; charset=utf-8
date: Tue, 02 Apr 2024 14:00:56 GMT
expires: Tue, 02 Apr 2024 14:10:56 GMT
last-modified: Tue, 02 Apr 2024 14:00:56 GMT
location: /en/ipr/mynorwegian#/my-reservation?pnr=SHRR5P&pnrLocal=M46QJ&pnrName=ABELE&RedirectId=10
permissions-policy: camera=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 NewNasStyles
www.norwegian.com/resourceipr/style-bundle/ 507 KB
72 KB 42ms
41ms Stylesheet
text/css 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d13baaba24c23f8a092a83798f33f6a198531c7849c6d8cf0ea2c001d11ac478

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:56 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 974
cf-polished: origSize=622002
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 28 Mar 2024 09:24:00 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591bdae8972a-FRA
expires: Tue, 25 Mar 2025 12:24:13 GMT

GET
H2 200 lib.js Show response
www.norwegian.com/resourceipr/script-bundle/ 779 KB
224 KB 45ms
45ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bde7e72d2732047c21f850a38f799362b8e8e4af8a40db62f3189585ecd22deb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:56 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1068
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Sun, 31 Mar 2024 09:58:17 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591beaea972a-FRA
expires: Tue, 18 Mar 2025 14:33:38 GMT

GET
H2 200 instant.js Show response
www.norwegian.com/resourceipr/script-bundle/ 61 B
197 B 145ms
145ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/instant.js?v=NCFsRGnlyO1pPdusxPsLbzoaFIqQoddJ-vdO0GuOvLg1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7dbc05557a28e311b7b2ec5c9cb47c978bcf7adc3ebc81f794362f6d4e6e3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Sun, 31 Mar 2024 14:31:36 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591beaeb972a-FRA
expires: Sat, 22 Mar 2025 02:15:41 GMT

GET
H2 200 sharedlang.en.js Show response
www.norwegian.com/resourceipr/script-bundle/ 25 KB
9 KB 32ms
32ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/sharedlang.en.js?v=QQsHBrjUod_4Q9-Va3UCQKr3vaR9Jkz5cOSftp4cfc41

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d362a5b66bbc802534cb99f34a7513aa6e8c83794298bedd8353193a9d3d6bae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 239
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Sun, 24 Mar 2024 10:17:00 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591c5b54972a-FRA
expires: Thu, 20 Mar 2025 03:43:41 GMT

GET
H2 200 iprlang.en.js Show response
www.norwegian.com/resourceipr/script-bundle/ 70 KB
21 KB 49ms
49ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/iprlang.en.js?v=6MDVbvFd1fWYh2My8YpbkmGXodnGdA38rbAAo-NwaEQ1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bed21018499d8d81d6c55f9dfdd1eb5d3b8c45f6bc183fb3e5e14b4c66bf3e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1736
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 28 Mar 2024 03:41:15 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591ccbbf972a-FRA
expires: Fri, 28 Mar 2025 03:41:15 GMT

GET
H2 200 siteMap Show response
www.norwegian.com/resourceipr/js/ 5 KB
2 KB 74ms
74ms Script
text/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/js/siteMap?culture=en-BZ&marketCode=en&v=f10235a5-d771-4cdb-92b0-1ecdbad29c58

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f80cbb0c722ca7c3cd18f3485e1cc1729dc367f67931ff1ce13ac2e04b0d24e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=3540
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591ccbc7972a-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 angular-locale_en.js Show response
www.norwegian.com/resourceipr/script-bundle/ 1 KB
890 B 40ms
38ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/angular-locale_en.js?v=NgKtXLMCdv7fFa7y_t4EIllqSRVOo9tK7l5noeFmNtQ1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81197304427823a1bf4e7bcebfceabae49623fe32f5a7004e1a4506d93656994

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1736
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Wed, 20 Mar 2024 06:37:22 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591ccbcf972a-FRA
expires: Thu, 20 Mar 2025 06:37:22 GMT

GET
H2 200 sharedtemplates.js Show response
www.norwegian.com/resourceipr/script-bundle/ 289 KB
41 KB 43ms
41ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/sharedtemplates.js?v=rEhuT-RNxFe2Hajpy5c2xHQeOSY_BYLusRyskTNWRdw1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

065341d310415902ed6765d10cfad08ee201ca88a2c499884e9495720a09ddcd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1067
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Sat, 30 Mar 2024 14:10:07 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591ccbd0972a-FRA
expires: Sun, 30 Mar 2025 13:10:07 GMT

GET
H2 200 bootstraptemplates.js Show response
www.norwegian.com/resourceipr/script-bundle/ 6 KB
1 KB 31ms
29ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/bootstraptemplates.js?v=8q0nQuZ534pj0eiZbFgFX5EMSb7QphYUdQ5hWOcMZzI1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5df42d5722657fbeca739105c124271ccd618d57201a82f2c65fe53a767cffa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 975
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 26 Mar 2024 04:33:01 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591ccbd2972a-FRA
expires: Wed, 26 Mar 2025 04:33:01 GMT

GET
H2 200 templates.js Show response
www.norwegian.com/resourceipr/script-bundle/ 620 KB
78 KB 37ms
35ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/templates.js?v=O33aBUxnzAxi5AGk3zfY_JM-NpLRU3ROhGKjq8Xh-UI1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f69d27a7be4086e8b312d15235dc93ec16a2c6b0cb6bd4338e992d98cf258465

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1752
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Fri, 29 Mar 2024 21:22:47 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591ccbd3972a-FRA
expires: Sat, 29 Mar 2025 21:22:47 GMT

GET
H2 200 booking.js Show response
cdn.optimizely.com/public/17202440929/s/ 788 KB
171 KB 330ms
109ms Script
text/javascript 2a02:26f0:3500:883::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/17202440929/s/booking.js

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

70d46c9cf870fccf7a5f8270e2bfac68f770c13dd57b25e919bfa630245fc5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: BOg6Xilh.8TzO4hyApzOrSSsEBSWJEFU
content-encoding: gzip
date: Tue, 02 Apr 2024 14:00:57 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: AFCWXJ4MFF9S0Z7E
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 8225
x-amz-replication-status: PENDING
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="100";dur=0,cdnip;desc="2a02:26f0:3500:883::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1712066457207_388276621_438768425_539_2032_100_103_146";dur=1
content-length: 174306
x-amz-id-2: R4akEcKWDBwbymy1KpW1nB878e2A4HkC6ecZFsXiZO4eeu9AlODbNZwJO8gSNPcPWqZhsvC/NDs=
last-modified: Tue, 02 Apr 2024 07:42:11 GMT
server: AmazonS3
etag: "aa8dbac956af8fc4e685b118205f5885"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 sprite.css.svg
www.norwegian.com/resourceipr/Content/Styles/ 281 KB
52 KB 36ms
35ms Image
image/svg+xml 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/resourceipr/Content/Styles/sprite.css.svg?v=90.13.6.2815

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2422be421e14e785b1be011c695e794c2a0c6c1adec2fd616809161b77ca850e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:56 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 20545
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:19:54 GMT
server: cloudflare
etag: W/"01947c6f075da1:0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=86400
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591beaec972a-FRA

GET
H2 200 ident.svg
www.norwegian.com/Content/img/ 5 KB
2 KB 31ms
31ms Image
image/svg+xml 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/Content/img/ident.svg

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67f12170cfd9e52545cb17e3051c4f218fbf5a1991922e754cdc2f702cd61449

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:56 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67013
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Mar 2024 09:00:20 GMT
server: cloudflare
etag: W/"02a1be02475da1:0-gzip"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: public, max-age=86400
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591beaed972a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 ident-mobile.svg
www.norwegian.com/Content/img/ 1 KB
1 KB 28ms
28ms Image
image/svg+xml 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/Content/img/ident-mobile.svg

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0996e1e27267e75e64247fd46b750a73181b917fc53ee492b7a73fd83ebd94f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:56 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 71975
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Mar 2024 09:00:18 GMT
server: cloudflare
etag: W/"0fde9de2475da1:0-gzip"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: public, max-age=86400
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591c1b1a972a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 plainPageController.js Show response
www.norwegian.com/resourceipr/script-bundle/ 4 KB
1 KB 21ms
21ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/plainPageController.js?v=LoHVxvz-5mP8DNMqBoxRdzHjIr-ZTT7o921KXjOkKaU1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbb206bacc8d6d53f2245481f255b34843287fea21af5288dd8250cbf8675c3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:56 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1691
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Sun, 24 Mar 2024 00:54:43 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591c1b21972a-FRA
expires: Mon, 24 Mar 2025 00:54:43 GMT

GET
H2 200 bootstrap.js Show response
www.norwegian.com/resourceipr/script-bundle/ 287 B
276 B 165ms
163ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/bootstrap.js?v=AKlRlTz6t-6zHLGKRC0THkPXCwFLEtG-mBEJBtqTA3I1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14112a43ed9320e7297894829ec60e5f9820c4902cd16c923459aedbf009a071

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Mon, 01 Apr 2024 11:58:21 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591ccbd4972a-FRA
expires: Sat, 22 Mar 2025 18:09:25 GMT

GET
H2 200 brand.js Show response
www.norwegian.com/resourceipr/script-bundle/ 69 KB
18 KB 80ms
79ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/brand.js?v=9khjiw2C_Ipt9aE1WZdUn6BdecUMz7qo0M0Y64BGWIY1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7daa29f966212081fe4dd6ea032d6e2718bb1d3d05bd96a0eb0cf13db56d99d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
cf-polished: origSize=71000
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 02 Apr 2024 04:53:14 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=57178
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591ccbd5972a-FRA
expires: Sat, 22 Mar 2025 18:09:25 GMT

GET
H2 200 shared.js Show response
www.norwegian.com/resourceipr/script-bundle/ 219 KB
52 KB 79ms
78ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/shared.js?v=i4h8Qb5AuGU1bWsv-TlmYbJ6oJrye2YmWVqE7XMggjE1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7966afa4112bc623568c2ecc466eed655cbf9de5ce7fef1f40ea0fa347bedae0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 28 Mar 2024 23:34:00 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591ccbd6972a-FRA
expires: Sun, 23 Mar 2025 01:51:22 GMT

GET
H2 200 mynorwegian.js Show response
www.norwegian.com/resourceipr/script-bundle/ 86 KB
17 KB 45ms
44ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/mynorwegian.js?v=t0JE8yhwpmKyseOtK0VaM_uVeQuGpG2WvePSXwf1ZNM1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efdbe3b6e8abfa6d941153c24b2745e6dec9b96eb7e461539f85ee5f71d206e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 151
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Fri, 29 Mar 2024 12:20:59 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591ccbd9972a-FRA
expires: Tue, 18 Mar 2025 14:28:47 GMT

GET
H2 200 layoutConfig.js Show response
www.norwegian.com/resourceipr/script-bundle/ 506 B
332 B 33ms
32ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/layoutConfig.js?v=X7iiclmNyG5AmREmpWEfSQtG7Dxapkjzsqjjou33Qn41

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d981c4434600f81280bb51381ff132b2b5b04b15f316ecafccb45a8d4f3c9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1066
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Mon, 01 Apr 2024 06:59:19 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591cdbde972a-FRA
expires: Tue, 01 Apr 2025 06:59:19 GMT

GET
H2 200 bootstrappedData.js Show response
www.norwegian.com/resourceipr/script-bundle/ 201 B
296 B 38ms
37ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/bootstrappedData.js?v=Zb3iJl42GARYPhC9wqr3gDV_zZGIG64oA5-xQzguemM1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16465bbb64011d29c4c045b009fc75cf5738e5fded0c2486f1644875d8f93960

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 150
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Mon, 25 Mar 2024 12:31:50 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591cdbdf972a-FRA
expires: Thu, 20 Mar 2025 14:07:54 GMT

GET
H2 200 cookie-consent Show response
www.norwegian.com/resourceipr/script-bundle/ 3 KB
1 KB 33ms
33ms Script
application/javascript 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/script-bundle/cookie-consent?v=ld6M4LjH128YD3UaGlOnWvKlWLtjG3KghWn3vcuJXBM1

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6193e02d2c7aaf91fd5b7e23b4c9ec2ad42795d25b808aba51705068b51e3ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 720
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Sat, 30 Mar 2024 16:32:23 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=0
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591cdbe0972a-FRA
expires: Tue, 25 Mar 2025 05:41:41 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 72ms
48ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/
Origin: https://www.norwegian.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 86e1591cfb5018e7-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 559 KB
148 KB 80ms
60ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

290643782704fea6eb49a558b6344c9f4bf6d97eafdaf4d2e687406ce31aa676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151261
x-xss-protection: 0
last-modified: Tue, 02 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Apr 2024 14:00:57 GMT

GET
H2 200 apercu_regular_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ 34 KB
34 KB 36ms
36ms Font
application/font-woff2 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Content/webfonts/apercu_regular_pro-web.woff2

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af5a56f0a9eb13d4238b5780ddf731237e65492bba73a37f4896edcec9a46562

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1
Origin: https://www.norwegian.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
age: 79305
content-length: 34728
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:19:56 GMT
server: cloudflare
etag: "04678c7f075da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: public, max-age=86400
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
cf-ray: 86e1591c5b5f972a-FRA
expires: Wed, 03 Apr 2024 14:00:57 GMT

GET
H2 200 script.js Show response
e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-ElClHfq20amJ4CIwcyE9dMY%2FXtk54R8D4smJ0LJnM48%3D/ 288 KB
140 KB 33ms
8ms Script
application/javascript 2600:9000:2644:3800:f:1b37:e600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-ElClHfq20amJ4CIwcyE9dMY%2FXtk54R8D4smJ0LJnM48%3D/script.js

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2644:3800:f:1b37:e600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1250a51dfab6d1a989e0223073213d74c63f5ed939e11f03e2c989d0b267338f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/
Origin: https://www.norwegian.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
last-modified: Tue, 02 Apr 2024 13:58:25 GMT
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
etag: W/"8c0a393567218b5c555293d9a288ac1c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, immutable, max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nSZdhY5zBJlH5sL47ZoMuobzIyL1HKU8h-BesPEpYSfv59kxDYBLpQ==

GET
BLOB 200
OK 8daa1aa6-c946-4134-b0d3-cfc13467d8d4
https://www.norwegian.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.norwegian.com/8daa1aa6-c946-4134-b0d3-cfc13467d8d4
Requested by: Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2812fa576d8e150afd90676c063dd9f8bd9c8b0db2b5e24d4a6f3ddec4a7803a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 5305
Content-Type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
85 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XMQZZ1BMXF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62d98e8d4a1347c5b86a582c3248c2cbcd36e89162d4ef2a201fe35ff82b5ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Apr 2024 14:00:57 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 59ms
43ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=723523247.1712066457&url=https%3A%2F%2Fwww.norwegian.com%2Fen%2Fipr%2Fmynorwegian&dma_cps=-&dma=1&npa=1&gtm=45He4410n81NVL4JDRv76365325za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVL4JDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 Apr 2024 13:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 769
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 02 Apr 2024 15:48:08 GMT

GET
H2 200 destinations Show response
www.norwegian.com/resourceipr/api/ 36 KB
5 KB 148ms
148ms XHR
application/json 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/api/destinations?channelId=IP&culture=en-BZ&destinationModel=AirportModel&includeRelations=false&marketCode=en&sortByCountryAndName=false&v=f10235a5-d771-4cdb-92b0-1ecdbad29c58

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e00d35bc92b7dcf41799411eafeaa03c0682c977bb15446f88c497b5cd1be4a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591e1d45972a-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 config Show response
www.norwegian.com/resourceipr/api/busy/ 43 B
264 B 64ms
64ms XHR
application/json 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/api/busy/config?channelId=IP&culture=en-BZ&marketCode=en

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

390369c902eda88f878841b48184c2ae13d723ac7611500b3ad3517ed005a8f0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 43
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591e1d46972a-FRA
expires: -1

GET
H2 200 mynorwegian.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/ 80 B
275 B 136ms
136ms XHR
text/html 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/app/mynorwegian/mynorwegian.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48d4d205f988b921f7afe244dfd8a995c6f4bbaa1794bf720abe929283dd1b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: text/html
Referer: https://www.norwegian.com/en/ipr/mynorwegian
ApiRequestVerificationToken: iZ3yMgYlalW3Lj9Pq2jx81qB1CMFmEuHeNpkscTSnr707vfw12Yw2uSNs18C47XbqURMk_iQ3pKF3a2pJb-ud1hAlc01:YTyhtXJ1rp8wI7A4VWyU_HvAMZiIZXBYJj9_H0yGmMTDi3DiIH2h7BWU3WtgAI1WinTdN_Hk2fArRaqixSnQ5X1SIAY1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
last-modified: Thu, 14 Mar 2024 09:19:50 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591e2d4d972a-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2

200

main.js Show response
www.norwegian.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame C73C
Redirect Chain

https://www.norwegian.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.norwegian.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

8 KB
4 KB

21ms
20ms

Script
application/javascript

2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a60cd75b231caac6a9c9ed005405fda438c4e3cbb5b5530bfd97f16ab5bafe4c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591e8da8972a-FRA
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
cache-control: max-age=300, public
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591e2d4f972a-FRA
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 sprite.css.svg
www.norwegian.com/resourceipr/Content/Styles/ 281 KB
52 KB 39ms
39ms Image
image/svg+xml 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/resourceipr/Content/Styles/sprite.css.svg?v=4a2e9a53

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2422be421e14e785b1be011c695e794c2a0c6c1adec2fd616809161b77ca850e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 71490
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:19:54 GMT
server: cloudflare
etag: W/"01947c6f075da1:0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=86400
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591e2d51972a-FRA

GET
H2 200 apercu_bold_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ 33 KB
33 KB 33ms
33ms Font
application/font-woff2 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Content/webfonts/apercu_bold_pro-web.woff2

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc3c23b01386976cefe20780dc329a13910f736baec0af707bcdce7824f41fb2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1
Origin: https://www.norwegian.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
age: 70906
content-length: 34092
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:19:56 GMT
server: cloudflare
etag: "04678c7f075da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: public, max-age=86400
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
cf-ray: 86e1591e2d53972a-FRA
expires: Wed, 03 Apr 2024 14:00:57 GMT

GET
H2 200 apercu_medium_pro-web.woff2
www.norwegian.com/resourceipr/Content/webfonts/ 35 KB
35 KB 32ms
32ms Font
application/font-woff2 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Content/webfonts/apercu_medium_pro-web.woff2

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e8b79d8908650efc29905f2915687e05d152b6c5f6f542f9987cc7656c2e49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1
Origin: https://www.norwegian.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68480
content-length: 35344
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:19:56 GMT
server: cloudflare
etag: "04678c7f075da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: public, max-age=86400
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
cf-ray: 86e1591e2d54972a-FRA
expires: Wed, 03 Apr 2024 14:00:57 GMT

GET
H2

200

76eb5eca3a482f726975b21e18a654bca2b6cb0d29814736bbe43458edc29416ac7f4acf611751e1ddf54ed1a377 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/76eb5eca3a482f726975b21e18a654bca2b6cb0d29814736bbe43458edc29416ac7f4acf611751e1ddf54ed1a377

0
322 B

124ms
124ms

XHR
text/plain

2600:9000:20b4:3c00:e:d088:5c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/76eb5eca3a482f726975b21e18a654bca2b6cb0d29814736bbe43458edc29416ac7f4acf611751e1ddf54ed1a377

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian

Protocol

Server

2600:9000:20b4:3c00:e:d088:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norwegian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
via: 1.1 391671221007e4a70643cc0de549779c.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: n8Qe3n-smPBRDHqgdlSgB7Ssap9ARaNOGBR2ozI6Xw-AkzeKjk0l3A==

Redirect headers

date: Tue, 02 Apr 2024 14:00:57 GMT
via: 1.1 391671221007e4a70643cc0de549779c.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/76eb5eca3a482f726975b21e18a654bca2b6cb0d29814736bbe43458edc29416ac7f4acf611751e1ddf54ed1a377
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: JLvxsaI1si1IbzLRMsrDffN7JdpZQfAR0gQFsx3CgbDsrTY1VAA2Qg==

GET
BLOB 200
OK 99fac0b3-47e9-4924-bd30-005ec32d39fd
https://www.norwegian.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.norwegian.com/99fac0b3-47e9-4924-bd30-005ec32d39fd
Requested by: Host: www.norwegian.com
URL: https://www.norwegian.com/en/ipr/mynorwegian
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 261be954ac4b90e3a03b3796b9332cb16228c40713457b5a892bf8d642dd2183

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 17246
Content-Type: application/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 34ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XMQZZ1BMXF&gtm=45je4410v9172276097z876365325za200&_p=1712066456949&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&cid=713912057.1712066457&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&_s=1&dl=https%3A%2F%2Fwww.norwegian.com%2Fen%2Fipr%2Fmynorwegian%2Fmy-reservation&dr=&cu=EUR&sid=1712066457&sct=1&seg=0&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=EN&ep.content_type=ipr&ep.gtm_event_trigger=gtm.js&epn.event_timestamp=1712066457251&ep.country_code=EN&ep.event_group=content&tfd=899
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XMQZZ1BMXF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 14:00:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.norwegian.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
243 B 15ms
14ms Ping
image/gif 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 14:00:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.norwegian.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 86e1591b5a4b972a Show response
www.norwegian.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C73C 0
305 B 44ms
43ms XHR
text/plain 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/cdn-cgi/challenge-platform/h/g/jsd/r/86e1591b5a4b972a

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591efe1f972a-FRA
x-xss-protection: 1; mode=block

GET
H2 200 reservationDetails Show response
www.norwegian.com/resourceipr/api/mynorwegian/ 15 KB
4 KB 532ms
532ms XHR
application/json 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/api/mynorwegian/reservationDetails?channelId=IP&culture=en-BZ&marketCode=en&pnr=SHRR5P&pnrLocal=M46QJ&pnrName=ABELE

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63bb2fc329a5df93e799e86697b51cd6a946c7014a485a7398416129463df53d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
CheckUserAgent: true
Accept: application/json, text/plain, */*
Referer: https://www.norwegian.com/en/ipr/mynorwegian
ApiRequestVerificationToken: iZ3yMgYlalW3Lj9Pq2jx81qB1CMFmEuHeNpkscTSnr707vfw12Yw2uSNs18C47XbqURMk_iQ3pKF3a2pJb-ud1hAlc01:YTyhtXJ1rp8wI7A4VWyU_HvAMZiIZXBYJj9_H0yGmMTDi3DiIH2h7BWU3WtgAI1WinTdN_Hk2fArRaqixSnQ5X1SIAY1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591f0e28972a-FRA
expires: -1

GET
H2 200 reservation.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ 42 KB
7 KB 93ms
93ms XHR
text/html 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/reservation.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cddd9835fc75b2c3509dde2f6f893141383504988220830bf98e6c0c88c34466

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: text/html
Referer: https://www.norwegian.com/en/ipr/mynorwegian
ApiRequestVerificationToken: iZ3yMgYlalW3Lj9Pq2jx81qB1CMFmEuHeNpkscTSnr707vfw12Yw2uSNs18C47XbqURMk_iQ3pKF3a2pJb-ud1hAlc01:YTyhtXJ1rp8wI7A4VWyU_HvAMZiIZXBYJj9_H0yGmMTDi3DiIH2h7BWU3WtgAI1WinTdN_Hk2fArRaqixSnQ5X1SIAY1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
last-modified: Thu, 14 Mar 2024 09:19:50 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
permissions-policy: camera=(), microphone=()
cf-ray: 86e1591f0e2c972a-FRA
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 a17202440929.html
a17202440929.cdn.optimizely.com/client_storage/ Frame DC3C 0
0 52ms
11ms Document
text/html 2.17.191.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a17202440929.cdn.optimizely.com/client_storage/a17202440929.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17202440929/s/booking.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.17.191.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-191-240.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.norwegian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 835
content-type: text/html; charset=utf-8
date: Tue, 02 Apr 2024 14:00:57 GMT
etag: "b93bf14adb3d024f5be751dcc53daa9c"
last-modified: Tue, 02 Apr 2024 07:42:05 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2.17.191.240";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1712066457847_34901878_150537605_51_2156_6_11_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: PlihjpO9Aogma94L8Q4wuPN+eK/ufZF5X1kGfZx2IrrnIrxR4lbCUv4Lt5eWgdVtE0VHQ/QUI70=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: BS4DECRBA6WFZC6P
x-amz-server-side-encryption: AES256
x-amz-version-id: Wq_cdA8iykZxC.dqN16yQ_alfSfQNfpu

POST
H2 204 rum Show response
www.norwegian.com/cdn-cgi/ 0
150 B 16ms
16ms XHR
text/plain 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.norwegian.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 86e15921c8d2972a-FRA

POST
H/1.1 200
OK prop.json
8d4a6239da0448b3b5e6791c32e7b6f2-e11233f1926a.cdn.forter.com/ 2 B
625 B 312ms
99ms Ping
application/json 3.234.25.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://8d4a6239da0448b3b5e6791c32e7b6f2-e11233f1926a.cdn.forter.com/prop.json
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-ElClHfq20amJ4CIwcyE9dMY%2FXtk54R8D4smJ0LJnM48%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.25.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-25-89.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Apr 2024 14:00:58 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Tue, 02 Apr 2024 12:05:36 GMT
Server: Apache
ETag: "2-6151bec8322b2"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.norwegian.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 favicon.png
www.norwegian.com/Content/img/ 144 B
1 KB 20ms
20ms Other
image/webp 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/Content/img/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c87d13a9bc9378f95cc996dcc6dc4254a5a13f5ff36c5236808e0ab60bd72b9b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:57 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49161
cf-polished: origFmt=png, origSize=406
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=0CzerF8AJqeWmVCBs6j.eoXpLrUKDaRuxgXXgfzLZY4-1712066457-1.0.1.1-akpOTx.4UP2NV1qZraT4gMtyvbLG0G2RWHqQ4phZJHtNAud8qKe_wE7vUfODn.l5gcx7qV0_fSjZEXZzRu8Zvnxszze.lgrTOi44ZFHNzh5xIN8PJxYJ_XMrQcQ0jHIr.SvDHNTarmFLFsihXiFkEiNDfrK3JOu8RZJBnDiNYAg; report-to cf-csp-endpoint
content-disposition: inline; filename="favicon.webp"
content-length: 144
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Mar 2024 08:58:52 GMT
server: cloudflare
etag: "06ea7ab2475da1:0"
vary: Accept
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-type: image/webp
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=0CzerF8AJqeWmVCBs6j.eoXpLrUKDaRuxgXXgfzLZY4-1712066457-1.0.1.1-akpOTx.4UP2NV1qZraT4gMtyvbLG0G2RWHqQ4phZJHtNAud8qKe_wE7vUfODn.l5gcx7qV0_fSjZEXZzRu8Zvnxszze.lgrTOi44ZFHNzh5xIN8PJxYJ_XMrQcQ0jHIr.SvDHNTarmFLFsihXiFkEiNDfrK3JOu8RZJBnDiNYAg"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control: public, max-age=86400
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
cf-ray: 86e15921d8e5972a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 citypairWithdrawnAcceptBox.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/sharedComponents/app/shared/components/cancellation/ 863 B
577 B 74ms
74ms XHR
text/html 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/sharedComponents/app/shared/components/cancellation/citypairWithdrawnAcceptBox.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3096717f928323a1bdc8e8438b18786a467f8f14ff1574970d34995374c66b78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.norwegian.com/en/ipr/mynorwegian
ApiRequestVerificationToken: iZ3yMgYlalW3Lj9Pq2jx81qB1CMFmEuHeNpkscTSnr707vfw12Yw2uSNs18C47XbqURMk_iQ3pKF3a2pJb-ud1hAlc01:YTyhtXJ1rp8wI7A4VWyU_HvAMZiIZXBYJj9_H0yGmMTDi3DiIH2h7BWU3WtgAI1WinTdN_Hk2fArRaqixSnQ5X1SIAY1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:19:50 GMT
server: cloudflare
etag: W/"0bfe4c3f075da1:0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
permissions-policy: camera=(), microphone=()
cf-ray: 86e1592279b8972a-FRA

GET
H2 200 canceledFlightBox.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ 430 B
406 B 152ms
152ms XHR
text/html 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/canceledFlightBox.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9239a632efcaa8c3862c968424f78742c19f586d7c9dcbc600031ad5bedfe3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.norwegian.com/en/ipr/mynorwegian
ApiRequestVerificationToken: iZ3yMgYlalW3Lj9Pq2jx81qB1CMFmEuHeNpkscTSnr707vfw12Yw2uSNs18C47XbqURMk_iQ3pKF3a2pJb-ud1hAlc01:YTyhtXJ1rp8wI7A4VWyU_HvAMZiIZXBYJj9_H0yGmMTDi3DiIH2h7BWU3WtgAI1WinTdN_Hk2fArRaqixSnQ5X1SIAY1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:19:50 GMT
server: cloudflare
etag: W/"0bfe4c3f075da1:0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
permissions-policy: camera=(), microphone=()
cf-ray: 86e1592279be972a-FRA

GET
H2 200 upgradesAndChanges.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ 2 KB
836 B 75ms
75ms XHR
text/html 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/upgradesAndChanges.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd278b86cceac75fbfa08b15e84ad0c1039c59dbbb06f6f56cce8ad03e6e1f73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.norwegian.com/en/ipr/mynorwegian
ApiRequestVerificationToken: iZ3yMgYlalW3Lj9Pq2jx81qB1CMFmEuHeNpkscTSnr707vfw12Yw2uSNs18C47XbqURMk_iQ3pKF3a2pJb-ud1hAlc01:YTyhtXJ1rp8wI7A4VWyU_HvAMZiIZXBYJj9_H0yGmMTDi3DiIH2h7BWU3WtgAI1WinTdN_Hk2fArRaqixSnQ5X1SIAY1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:19:50 GMT
server: cloudflare
etag: W/"0bfe4c3f075da1:0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
permissions-policy: camera=(), microphone=()
cf-ray: 86e1592279bf972a-FRA

GET
H2 200 reservationContent.tpl.html Show response
www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/ 60 B
236 B 86ms
86ms XHR
text/html 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norwegian.com/resourceipr/Scripts/app/mynorwegian/reservationDetails/reservationContent.tpl.html

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/lib.js?v=BgjYs0SKjyllAv4R1GKoc8F-5y5hYnOrxmSYO_aOP1M1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3800731f5a412c6a76700f8c1e620ef71f7f0554db8cc873e2679890d2633247

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.norwegian.com/en/ipr/mynorwegian
ApiRequestVerificationToken: iZ3yMgYlalW3Lj9Pq2jx81qB1CMFmEuHeNpkscTSnr707vfw12Yw2uSNs18C47XbqURMk_iQ3pKF3a2pJb-ud1hAlc01:YTyhtXJ1rp8wI7A4VWyU_HvAMZiIZXBYJj9_H0yGmMTDi3DiIH2h7BWU3WtgAI1WinTdN_Hk2fArRaqixSnQ5X1SIAY1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:19:50 GMT
server: cloudflare
etag: W/"0bfe4c3f075da1:0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
permissions-policy: camera=(), microphone=()
cf-ray: 86e1592279c1972a-FRA

GET
H2

200

budget.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Budget.jpg
https://ct-supplierimage.imgix.net/car/budget.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

32ms
9ms

Image
image/jpeg

2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/budget.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

98385d30754ca6bcac12ece467ac9778a757ea5b835cb11896a79884cfe51fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norwegian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Mar 2024 16:55:57 GMT
server: Google Frontend
age: 162301
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 25cfb425a6503b0ac6cd6f8567787ce65d9ed8fa
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 4246
x-served-by: cache-sjc1000144-SJC, cache-fra-eddf8230097-FRA

Redirect headers

location: https://ct-supplierimage.imgix.net/car/budget.pdf?fm=jpg&w=49&bg=fff
date: Tue, 02 Apr 2024 14:00:58 GMT
server: Apache
content-length: 284
content-type: text/html; charset=iso-8859-1

GET
H2

200

hertz.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Hertz.jpg
https://ct-supplierimage.imgix.net/car/hertz.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

36ms
14ms

Image
image/jpeg

2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/hertz.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

fc9405646369703b5fb08e33654fd8308546d959c7cf778e3d794443b08fb89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norwegian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Mar 2024 15:19:24 GMT
server: Google Frontend
age: 600093
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: a2b337abae3fe106510a6ba120202797e61fe4d4
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 4371
x-served-by: cache-sjc1000120-SJC, cache-fra-eddf8230097-FRA

Redirect headers

location: https://ct-supplierimage.imgix.net/car/hertz.pdf?fm=jpg&w=49&bg=fff
date: Tue, 02 Apr 2024 14:00:58 GMT
server: Apache
content-length: 283
content-type: text/html; charset=iso-8859-1

GET
H2

200

europcar.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Europcar.jpg
https://ct-supplierimage.imgix.net/car/europcar.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

32ms
10ms

Image
image/jpeg

2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/europcar.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

faf9ca9aea0994e36d0e85672a62e6f1844de86cefda1dbeab6aa4690f08f2fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norwegian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Apr 2024 14:27:17 GMT
server: Google Frontend
age: 84821
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 24930df06e13beeda2d40637e5638ca5fcf634e2
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 4311
x-served-by: cache-sjc1000091-SJC, cache-fra-eddf8230097-FRA

Redirect headers

location: https://ct-supplierimage.imgix.net/car/europcar.pdf?fm=jpg&w=49&bg=fff
date: Tue, 02 Apr 2024 14:00:58 GMT
server: Apache
content-length: 286
content-type: text/html; charset=iso-8859-1

GET
H2

200

firefly.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Firefly.jpg
https://ct-supplierimage.imgix.net/car/firefly.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

13ms
13ms

Image
image/jpeg

2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/firefly.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

cdcc7d6a1815225d69b4ff42c6e86b266579e2aa44af5a7bdedac353f3e78633

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norwegian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Mar 2024 13:47:03 GMT
server: Google Frontend
age: 519234
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 3219b41261d20b6f682a302d94236f0a17d63c6d
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 4159
x-served-by: cache-sjc10073-SJC, cache-fra-eddf8230097-FRA

Redirect headers

location: https://ct-supplierimage.imgix.net/car/firefly.pdf?fm=jpg&w=49&bg=fff
date: Tue, 02 Apr 2024 14:00:58 GMT
server: Apache
content-length: 285
content-type: text/html; charset=iso-8859-1

GET
H2

200

sixt.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Sixt.jpg
https://ct-supplierimage.imgix.net/car/sixt.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

30ms
9ms

Image
image/jpeg

2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/sixt.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

feba6c303dd08052f3495a22c91593095ddc29cdbce78c6cbfd5cedb6cede493

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norwegian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Mar 2024 12:41:19 GMT
server: Google Frontend
age: 436779
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 1199b89a18b6b7576b7a1a47bb1449db30e547b3
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 4239
x-served-by: cache-sjc1000123-SJC, cache-fra-eddf8230097-FRA

Redirect headers

location: https://ct-supplierimage.imgix.net/car/sixt.pdf?fm=jpg&w=49&bg=fff
date: Tue, 02 Apr 2024 14:00:58 GMT
server: Apache
content-length: 282
content-type: text/html; charset=iso-8859-1

GET
H2

200

avis.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Avis.jpg
https://ct-supplierimage.imgix.net/car/avis.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

13ms
13ms

Image
image/jpeg

2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/avis.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

507ce0fc9b536c628808a0668b78b0800a9f02daf2d8847bd9fe0649cc16e395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norwegian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Apr 2024 09:07:43 GMT
server: Google Frontend
age: 103994
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 62864cb795d3e056c320bb2de2db1f84a4e55e46
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 4258
x-served-by: cache-sjc10033-SJC, cache-fra-eddf8230097-FRA

Redirect headers

location: https://ct-supplierimage.imgix.net/car/avis.pdf?fm=jpg&w=49&bg=fff
date: Tue, 02 Apr 2024 14:00:58 GMT
server: Apache
content-length: 282
content-type: text/html; charset=iso-8859-1

GET
H2

200

alamo.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Alamo.jpg
https://ct-supplierimage.imgix.net/car/alamo.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

12ms
12ms

Image
image/jpeg

2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/alamo.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e8a65d4e2f9cb7b7c68127e9ad4ebe86d4f1ad84e10f715f5cc2a94af762abae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norwegian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Mar 2024 16:31:36 GMT
server: Google Frontend
age: 509361
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 1357935c1c935a2aae9726e9a7a81bf9dbdd501b
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 4321
x-served-by: cache-sjc1000105-SJC, cache-fra-eddf8230097-FRA

Redirect headers

location: https://ct-supplierimage.imgix.net/car/alamo.pdf?fm=jpg&w=49&bg=fff
date: Tue, 02 Apr 2024 14:00:58 GMT
server: Apache
content-length: 283
content-type: text/html; charset=iso-8859-1

GET
H2

200

green_motion.pdf
ct-supplierimage.imgix.net/car/
Redirect Chain

https://cdn.cartrawler.com/otaimages/vendor/chrome/Green_Motion.jpg
https://ct-supplierimage.imgix.net/car/green_motion.pdf?fm=jpg&w=49&bg=fff

4 KB
4 KB

11ms
11ms

Image
image/jpeg

2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/car/green_motion.pdf?fm=jpg&w=49&bg=fff

Protocol

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

6ba5080a3b54e269cb3c9b9b86f82de231306d7656b83acb09fdb11d5c439022

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norwegian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Apr 2024 09:57:32 GMT
server: Google Frontend
age: 14606
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 30b59bdbe22b0cc13c158647cfefd0a8c24e5a5e
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 4098
x-served-by: cache-sjc1000139-SJC, cache-fra-eddf8230097-FRA

Redirect headers

location: https://ct-supplierimage.imgix.net/car/green_motion.pdf?fm=jpg&w=49&bg=fff
date: Tue, 02 Apr 2024 14:00:58 GMT
server: Apache
content-length: 290
content-type: text/html; charset=iso-8859-1

GET
H2 200 ident-hotels-com.png
www.norwegian.com/Content/Images/content/ 8 KB
8 KB 34ms
34ms Image
image/webp 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/Content/Images/content/ident-hotels-com.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf210245490588d723c5e9f32ef936eff332045d564dff94ef748aad3acbd459

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/en/ipr/mynorwegian
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27127
cf-polished: origFmt=png, origSize=14167
content-disposition: inline; filename="ident-hotels-com.webp"
content-length: 7972
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Mar 2024 08:58:52 GMT
server: cloudflare
etag: "06ea7ab2475da1:0"
vary: Accept
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: public, max-age=86400
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
cf-ray: 86e15922ca1e972a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 arrow-right.svg
www.norwegian.com/resourceipr/Content/img/icons/small/ 678 B
490 B 34ms
33ms Image
image/svg+xml 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/resourceipr/Content/img/icons/small/arrow-right.svg

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5896bf0015007a9a1b5129a335ad4874eb66f296ceff3c10648e3a08d2dd61c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 61064
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:19:54 GMT
server: cloudflare
etag: W/"01947c6f075da1:0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=86400
permissions-policy: camera=(), microphone=()
cf-ray: 86e15922ca20972a-FRA

GET
H2 200 list--journey.svg
www.norwegian.com/resourceipr/Content/img/icons/ 11 KB
779 B 32ms
32ms Image
image/svg+xml 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/resourceipr/Content/img/icons/list--journey.svg

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f67aaffa2693ba3bbfe4df1c79d4dfda08422193221d0890ab2e2d7020b58c7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 75320
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:19:54 GMT
server: cloudflare
etag: W/"01947c6f075da1:0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=86400
permissions-policy: camera=(), microphone=()
cf-ray: 86e15922ca21972a-FRA

GET
H2 200 icon-marker.svg
www.norwegian.com/resourceipr/Content/img/icons/ 628 B
487 B 30ms
29ms Image
image/svg+xml 2606:4700::6811:b96a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.norwegian.com/resourceipr/Content/img/icons/icon-marker.svg

Requested by

Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b96a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081d2a51d781c18dbc059b5d990733127b739e65ccbfeb999aed7945dd6eeddd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/resourceipr/style-bundle/NewNasStyles?v=mq1nTErohcT2nffPNQRNAHPBHfWzuweO0nHpWjqclQk1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 78310
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:19:54 GMT
server: cloudflare
etag: W/"01947c6f075da1:0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=86400
permissions-policy: camera=(), microphone=()
cf-ray: 86e159247bfb972a-FRA

GET
H2 200 loader.js Show response
product-router.cartrawler.com/assets/ 339 KB
112 KB 115ms
37ms Script
application/javascript 93.184.220.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://product-router.cartrawler.com/assets/loader.js
Requested by: Host: www.norwegian.com
URL: https://www.norwegian.com/resourceipr/script-bundle/shared.js?v=i4h8Qb5AuGU1bWsv-TlmYbJ6oJrye2YmWVqE7XMggjE1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.191 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx / Express
Resource Hash: 1b113f0892dd2f86de171cf0c56c8eaa263172ff100a58a968d9a5e5a7b6069e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2024 10:31:52 GMT
server: nginx
etag: W/"54caa-18e9e5d8369"
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0

GET xsell.js
widgets.hotels.com/ 0
0

GET
H2 200 EN
product-router.cartrawler.com/product/widget/norwegian/573004/ Frame 3519 0
0 211ms
173ms Document
text/html 93.184.220.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://product-router.cartrawler.com/product/widget/norwegian/573004/EN?ng-if=vm.model.flightList.length%20%3E%200&currency=EUR&pax=1&pnr=SHRR5P&flight-0-arrival-date-time=2024-04-05T08:35:00&flight-0-arrival-iata=OSL&flight-0-departure-date-time=2024-04-05T08:00:00&flight-0-departure-iata=RIX&flight-0-number=D82002
Requested by: Host: product-router.cartrawler.com
URL: https://product-router.cartrawler.com/assets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.191 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx / Express
Resource Hash

Request headers

Referer: https://www.norwegian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
cache-control: max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 02 Apr 2024 14:00:58 GMT
etag: W/"2c166-RNAR+iIdgcYDb9LUMJCxVU9DYPA"
server: nginx
x-powered-by: Express

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
482 B 136ms
112ms XHR
text/plain 34.111.140.246
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17202440929/s/booking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 246.140.111.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 02 Apr 2024 14:00:58 GMT
x-envoy-decorator-operation: events-smart-router.edp-prod.svc.cluster.local:8080/*
via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.norwegian.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 3acc730e-a663-4ab0-a1c3-2e211e5a5ad2

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/ 20 B
361 B 452ms
242ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/prop.json?_=1712066458873
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-ElClHfq20amJ4CIwcyE9dMY%2FXtk54R8D4smJ0LJnM48%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 02 Apr 2024 14:00:59 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.norwegian.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/ 20 B
361 B 100ms
99ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/prop.json?_=1712066459330
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-ElClHfq20amJ4CIwcyE9dMY%2FXtk54R8D4smJ0LJnM48%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 02 Apr 2024 14:00:59 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.norwegian.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/ 20 B
361 B 100ms
99ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/prop.json?_=1712066459575
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-ElClHfq20amJ4CIwcyE9dMY%2FXtk54R8D4smJ0LJnM48%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 02 Apr 2024 14:00:59 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.norwegian.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/ 20 B
442 B 100ms
100ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/wpt.json
Requested by: Host: e11233f1926a.cdn4.forter.com
URL: https://e11233f1926a.cdn4.forter.com/sn/e11233f1926a/sha256-ElClHfq20amJ4CIwcyE9dMY%2FXtk54R8D4smJ0LJnM48%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.norwegian.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 02 Apr 2024 14:00:59 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.norwegian.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=10
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/ Frame 0
0 100ms
99ms Preflight 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/e11233f1926a/8d4a6239da0448b3b5e6791c32e7b6f2/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.norwegian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Tue, 02 Apr 2024 14:00:59 GMT
Keep-Alive: timeout=10
Vary: Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: widgets.hotels.com
URL: https://widgets.hotels.com/xsell.js

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 23:53:38	Name: APC Value: AfxxVi4gIpCNWFl0npsGsNf-iAB1FLHlNOqrZ1lytrrmYX2c7dEARw
.doubleclick.net/	1970-01-20 19:34:26	Name: FLC Value: CN-fzgEQrruDSBiGwa6ZASDH944jKK7g5gIwmJ-wsAZwANq4BA4yDDoKCggoMJgXvf3BOg
.doubleclick.net/	1970-01-20 23:53:38	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 04:56:02	Name: IDE Value: AHWqTUnGRZKg9v_x4Vi0IyWP1TsDtpnAi27FOmUrHE_cEEAqkevWOMCPHQIploT4CcA
www.norwegian.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: enbtvrawydjkdhtbojyftllc
www.norwegian.com/	1969-12-31 23:59:59	Name: BIGipServeriBx8wVGpqnM5WiYIXO2HVQ Value: !9sc4boXsazo0REOLfBtW9rLlS/SFmVgBmgbbIDhgTKhD8JhbLNUL2oVq+0XHBykxCtm5zuiHvV0loyNF60mBJo6aIA0ZSaZFnCbQcyc=
.norwegian.com/	1970-01-20 19:34:28	Name: __cf_bm Value: 0O5pasG7l5in2DFb29SxRd.9n3.AdhZFgVFdPuva8U0-1712066456-1.0.1.1-TSckoqBamJJ6H1WZIYoLsa2TiZJKLLsI6wCPiHOWuGLjwfIJPZU2IrLu88g9aedWef0473Xzdhfx72aMAsaJ6A
.norwegian.com/	1970-01-21 05:10:26	Name: forterToken Value: 8d4a6239da0448b3b5e6791c32e7b6f2_1712066457085__UDF43_15ck
.norwegian.com/	1970-01-21 04:20:02	Name: cf_clearance Value: eKB3uA1BAsnGKR8QYOpMN1.4ajjVJleiI6.omwGBhiI-1712066457-1.0.1.1-DGDZl4g3rObUQT747Js3WY99RIT4YMqtJZxO7v.ZSafAAQpmCUoYXBogKYxCvlygS9rhzCpjerZAVCDs47gHTQ
.norwegian.com/	1970-01-20 23:53:38	Name: optimizelyEndUserId Value: oeu1712066457801r0.9377716583988585
.www.norwegian.com/	1969-12-31 23:59:59	Name: TS01e9bd6b Value: 01ccc25f524fbd8e77f28b2c2f0d641ec4d20ba4dccff2217409a94c128d5c9d9dea68bdf360fb6cc210a80985ad37eb4e597eba30

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https://customer.norwegian.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8d4a6239da0448b3b5e6791c32e7b6f2-e11233f1926a.cdn.forter.com
a17202440929.cdn.optimizely.com
ad.doubleclick.net
cdn.cartrawler.com
cdn.optimizely.com
cdn0.forter.com
cdn9.forter.com
ct-supplierimage.imgix.net
e11233f1926a.cdn4.forter.com
logx.optimizely.com
pagead2.googlesyndication.com
product-router.cartrawler.com
region1.google-analytics.com
static.cloudflareinsights.com
widgets.hotels.com
www.google-analytics.com
www.googletagmanager.com
www.norwegian.com
widgets.hotels.com
172.217.16.198
2.17.191.240
2001:4860:4802:34::36
2600:9000:20b4:3c00:e:d088:5c40:93a1
2600:9000:2644:3800:f:1b37:e600:93a1
2606:4700::6810:5049
2606:4700::6811:b96a
2a00:1450:4001:813::2002
2a00:1450:4001:81d::200e
2a00:1450:4001:82f::2008
2a02:26f0:3500:883::13b8
2a04:4e42:200::720
3.234.25.89
34.111.140.246
34.192.191.43
54.216.55.50
93.184.220.191
065341d310415902ed6765d10cfad08ee201ca88a2c499884e9495720a09ddcd
081d2a51d781c18dbc059b5d990733127b739e65ccbfeb999aed7945dd6eeddd
1250a51dfab6d1a989e0223073213d74c63f5ed939e11f03e2c989d0b267338f
14112a43ed9320e7297894829ec60e5f9820c4902cd16c923459aedbf009a071
16465bbb64011d29c4c045b009fc75cf5738e5fded0c2486f1644875d8f93960
1b113f0892dd2f86de171cf0c56c8eaa263172ff100a58a968d9a5e5a7b6069e
2422be421e14e785b1be011c695e794c2a0c6c1adec2fd616809161b77ca850e
261be954ac4b90e3a03b3796b9332cb16228c40713457b5a892bf8d642dd2183
2812fa576d8e150afd90676c063dd9f8bd9c8b0db2b5e24d4a6f3ddec4a7803a
290643782704fea6eb49a558b6344c9f4bf6d97eafdaf4d2e687406ce31aa676
3096717f928323a1bdc8e8438b18786a467f8f14ff1574970d34995374c66b78
3800731f5a412c6a76700f8c1e620ef71f7f0554db8cc873e2679890d2633247
390369c902eda88f878841b48184c2ae13d723ac7611500b3ad3517ed005a8f0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4bed21018499d8d81d6c55f9dfdd1eb5d3b8c45f6bc183fb3e5e14b4c66bf3e4
507ce0fc9b536c628808a0668b78b0800a9f02daf2d8847bd9fe0649cc16e395
5896bf0015007a9a1b5129a335ad4874eb66f296ceff3c10648e3a08d2dd61c9
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62d98e8d4a1347c5b86a582c3248c2cbcd36e89162d4ef2a201fe35ff82b5ec1
63bb2fc329a5df93e799e86697b51cd6a946c7014a485a7398416129463df53d
67f12170cfd9e52545cb17e3051c4f218fbf5a1991922e754cdc2f702cd61449
6ba5080a3b54e269cb3c9b9b86f82de231306d7656b83acb09fdb11d5c439022
70d46c9cf870fccf7a5f8270e2bfac68f770c13dd57b25e919bfa630245fc5da
7966afa4112bc623568c2ecc466eed655cbf9de5ce7fef1f40ea0fa347bedae0
81197304427823a1bf4e7bcebfceabae49623fe32f5a7004e1a4506d93656994
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e8b79d8908650efc29905f2915687e05d152b6c5f6f542f9987cc7656c2e49
8f80cbb0c722ca7c3cd18f3485e1cc1729dc367f67931ff1ce13ac2e04b0d24e
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
98385d30754ca6bcac12ece467ac9778a757ea5b835cb11896a79884cfe51fe4
a48d4d205f988b921f7afe244dfd8a995c6f4bbaa1794bf720abe929283dd1b2
a5df42d5722657fbeca739105c124271ccd618d57201a82f2c65fe53a767cffa
a60cd75b231caac6a9c9ed005405fda438c4e3cbb5b5530bfd97f16ab5bafe4c
a6193e02d2c7aaf91fd5b7e23b4c9ec2ad42795d25b808aba51705068b51e3ff
af5a56f0a9eb13d4238b5780ddf731237e65492bba73a37f4896edcec9a46562
bd278b86cceac75fbfa08b15e84ad0c1039c59dbbb06f6f56cce8ad03e6e1f73
bde7e72d2732047c21f850a38f799362b8e8e4af8a40db62f3189585ecd22deb
bf210245490588d723c5e9f32ef936eff332045d564dff94ef748aad3acbd459
c4e58cda5b35d0e7e05b39639edf5649bf18cf6e07442bb7ad91eafb30befc87
c87d13a9bc9378f95cc996dcc6dc4254a5a13f5ff36c5236808e0ab60bd72b9b
cbb206bacc8d6d53f2245481f255b34843287fea21af5288dd8250cbf8675c3b
cdcc7d6a1815225d69b4ff42c6e86b266579e2aa44af5a7bdedac353f3e78633
cddd9835fc75b2c3509dde2f6f893141383504988220830bf98e6c0c88c34466
d13baaba24c23f8a092a83798f33f6a198531c7849c6d8cf0ea2c001d11ac478
d362a5b66bbc802534cb99f34a7513aa6e8c83794298bedd8353193a9d3d6bae
d7daa29f966212081fe4dd6ea032d6e2718bb1d3d05bd96a0eb0cf13db56d99d
dc3c23b01386976cefe20780dc329a13910f736baec0af707bcdce7824f41fb2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e00d35bc92b7dcf41799411eafeaa03c0682c977bb15446f88c497b5cd1be4a5
e0996e1e27267e75e64247fd46b750a73181b917fc53ee492b7a73fd83ebd94f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a65d4e2f9cb7b7c68127e9ad4ebe86d4f1ad84e10f715f5cc2a94af762abae
e9239a632efcaa8c3862c968424f78742c19f586d7c9dcbc600031ad5bedfe3b
e9d981c4434600f81280bb51381ff132b2b5b04b15f316ecafccb45a8d4f3c9d
ea7dbc05557a28e311b7b2ec5c9cb47c978bcf7adc3ebc81f794362f6d4e6e3a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdbe3b6e8abfa6d941153c24b2745e6dec9b96eb7e461539f85ee5f71d206e8
f67aaffa2693ba3bbfe4df1c79d4dfda08422193221d0890ab2e2d7020b58c7b
f69d27a7be4086e8b312d15235dc93ec16a2c6b0cb6bd4338e992d98cf258465
faf9ca9aea0994e36d0e85672a62e6f1844de86cefda1dbeab6aa4690f08f2fc
fc9405646369703b5fb08e33654fd8308546d959c7cf778e3d794443b08fb89c
feba6c303dd08052f3495a22c91593095ddc29cdbce78c6cbfd5cedb6cede493

www.norwegian.com Open in urlscan Pro 2606:4700::6811:b96a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

82 %HTTPS

59 %IPv6

11 Domains

18 Subdomains

16 IPs

4 Countries

1515 kBTransfer

5859 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.norwegian.com Open in urlscan Pro
2606:4700::6811:b96a Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

82 %
HTTPS

59 %
IPv6

11
Domains

18
Subdomains

16
IPs

4
Countries

1515 kB
Transfer

5859 kB
Size

11
Cookies

74 HTTP transactions
0 data transactions