urlscan.io logo urlscan.io
SecurityTrails logo

nclembark.com Open in urlscan Pro
18.66.112.43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://l.email.ncl.com/rts/go2.aspx?h=1690387&tp=i-1NGB-ED-RNt-49sLj4-1x-2rHDNn-1c-49ob5Y-l7DOGQNBb0-66ng&x=%7c50001165...
Effective URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDR...
Submission: On March 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 40 HTTP transactions. The main IP is 18.66.112.43, located in United States and belongs to AMAZON-02, US. The main domain is nclembark.com.
TLS certificate: Issued by Amazon on September 26th 2021. Valid for: a year.
This is the only time nclembark.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 173.213.4.192 53316 (ASN-CHEET...)
1 18.66.112.43 16509 (AMAZON-02)
5 104.75.88.194 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.109 54113 (FASTLY)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 52.219.105.90 16509 (AMAZON-02)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.219.106.178 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
4 95.100.153.65 20940 (AKAMAI-ASN1)
5 2.16.186.163 20940 (AKAMAI-ASN1)
2 52.49.218.107 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 54.194.75.122 16509 (AMAZON-02)
2 13.36.218.177 16509 (AMAZON-02)
1 1 54.154.165.122 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
40 21
1    173.213.4.192 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
l.email.ncl.com
1    18.66.112.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-43.fra56.r.cloudfront.net
nclembark.com
5    104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
extend.vimeocdn.com
4    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    52.219.105.90 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
vapor-us-east-2-assets-1603416105.s3.us-east-2.amazonaws.com
3    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    52.219.106.178 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
embark-ncl-storage.s3.us-east-2.amazonaws.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a02:26f0:6c00::210:ba22 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    95.100.153.65 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-65.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
5    2.16.186.163 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-163.deploy.static.akamaitechnologies.com
api.livechatinc.com
secure.livechatinc.com
accounts.livechatinc.com
2    52.49.218.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-218-107.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    54.194.75.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-75-122.eu-west-1.compute.amazonaws.com
nclbahamasltd.demdex.net
2    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
norwegiancruiseline.112.2o7.net
1    54.154.165.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-165-122.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
9 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 6026
api.livechatinc.com — Cisco Umbrella Rank: 5201
secure.livechatinc.com — Cisco Umbrella Rank: 6267
accounts.livechatinc.com — Cisco Umbrella Rank: 7185
278 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 427
p.typekit.net — Cisco Umbrella Rank: 527
138 KB
5 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 918
62 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
134 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
nclbahamasltd.demdex.net
5 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 821
15 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
499 B
2 gstatic.com
fonts.gstatic.com
32 KB
2 2o7.net
norwegiancruiseline.112.2o7.net — Cisco Umbrella Rank: 147601
534 B
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 251
fonts.googleapis.com — Cisco Umbrella Rank: 35
32 KB
2 amazonaws.com
vapor-us-east-2-assets-1603416105.s3.us-east-2.amazonaws.com
embark-ncl-storage.s3.us-east-2.amazonaws.com
508 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 878
517 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
345 B
1 vimeocdn.com
extend.vimeocdn.com — Cisco Umbrella Rank: 8647
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
65 KB
1 nclembark.com
nclembark.com
22 KB
1 ncl.com
l.email.ncl.com — Cisco Umbrella Rank: 336435
729 B
40 17
Domain Requested by
5 tags.tiqcdn.com nclembark.com
tags.tiqcdn.com
4 cdn.livechatinc.com nclembark.com
secure.livechatinc.com
4 use.typekit.net nclembark.com
use.typekit.net
3 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
3 api.livechatinc.com cdn.livechatinc.com
3 unpkg.com 2 redirects nclembark.com
2 www.facebook.com nclembark.com
2 fonts.gstatic.com fonts.googleapis.com
2 norwegiancruiseline.112.2o7.net tags.tiqcdn.com
nclembark.com
2 dpm.demdex.net tags.tiqcdn.com
nclembark.com
1 accounts.livechatinc.com cdn.livechatinc.com
1 fonts.googleapis.com secure.livechatinc.com
1 secure.livechatinc.com cdn.livechatinc.com
1 cm.everesttech.net 1 redirects
1 nclbahamasltd.demdex.net tags.tiqcdn.com
1 www.google-analytics.com www.googletagmanager.com
1 p.typekit.net use.typekit.net
1 ajax.googleapis.com tags.tiqcdn.com
1 embark-ncl-storage.s3.us-east-2.amazonaws.com nclembark.com
1 vapor-us-east-2-assets-1603416105.s3.us-east-2.amazonaws.com nclembark.com
1 extend.vimeocdn.com nclembark.com
1 www.googletagmanager.com nclembark.com
1 nclembark.com
1 l.email.ncl.com 1 redirects
40 24

This site contains no links.

Subject Issuer Validity Valid
nclembark.com
Amazon		 2021-09-26 -
2022-10-24		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-18 -
2022-06-19		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
*.s3.us-east-2.amazonaws.com
Amazon		 2021-12-17 -
2022-12-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
livechat.com
DigiCert ECC Secure Server CA		 2022-02-25 -
2023-03-01		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-10 -
2022-03-10		 3 months crt.sh
*.112.2o7.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-14 -
2022-04-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Frame ID: 900E473FED14E7FD7B559984F517072E
Requests: 32 HTTP requests in this frame

Frame: https://nclbahamasltd.demdex.net/dest5.html?d_nsid=0
Frame ID: D9182D3FEE8FBCCD4D87BCF9B78DCFD9
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=11929941&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 0A20AFB72AD5D514166E31F8C6490C35
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NCL Embark

Page URL History Show full URLs

  1. http://l.email.ncl.com/rts/go2.aspx?h=1690387&tp=i-1NGB-ED-RNt-49sLj4-1x-2rHDNn-1c-49ob5Y-l7DOGQNBb... HTTP 302
    https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_he... Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+
Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

95 %
HTTPS

45 %
IPv6

17
Domains

24
Subdomains

21
IPs

4
Countries

1299 kB
Transfer

2623 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://l.email.ncl.com/rts/go2.aspx?h=1690387&tp=i-1NGB-ED-RNt-49sLj4-1x-2rHDNn-1c-49ob5Y-l7DOGQNBb0-66ng&x=%7c5000116591834%7c5000116591834 HTTP 302
    https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://unpkg.com/alpinejs HTTP 302
  • https://unpkg.com/alpinejs@3.9.1 HTTP 302
  • https://unpkg.com/alpinejs@3.9.1/dist/cdn.min.js
Request Chain 26
  • https://cm.everesttech.net/cm/dd?d_uuid=25431692813151934341953464521241821751 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiCoogAAAGrcOwQp

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request register
nclembark.com/
Redirect Chain
  • http://l.email.ncl.com/rts/go2.aspx?h=1690387&tp=i-1NGB-ED-RNt-49sLj4-1x-2rHDNn-1c-49ob5Y-l7DOGQNBb0-66ng&x=%7c5000116591834%7c5000116591834
  • https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
20 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-43.fra56.r.cloudfront.net
Software
/
Resource Hash
f6e8b71301341b118f5bdfa3b19f8285655729d44d2f68bf092c370bd6b59f43

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
content-length
20226
date
Thu, 03 Mar 2022 11:38:09 GMT
x-amzn-requestid
f1cc17df-b0c7-47ae-8490-4d5e93d22441
x-amz-apigw-id
OZ9JMFH0iYcFuxA=
cache-control
no-cache, private
x-amzn-trace-id
Root=1-6220a8a1-2d7bc8861b67e28e1e429480;Sampled=0
x-amzn-remapped-date
Thu, 03 Mar 2022 11:38:09 GMT
x-cache
Miss from cloudfront
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
xjVuyqB_xnUarvzWBRHXX0NoH4dNa1sDQjUxKvNE4f2o_Awn9KnlVg==

Redirect headers

Cache-Control
private
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Location
https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Server
X-Powered-By
Date
Thu, 03 Mar 2022 11:38:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
utag.sync.js
tags.tiqcdn.com/utag/ncl/microsites/prod/ 		334 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.sync.js
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0106f72bdaf294a5415b9f1a910f4292f063db1076b10886f223f6d3dde8ac32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:09 GMT
last-modified
Thu, 15 Apr 2021 14:18:23 GMT
server
AkamaiNetStorage
etag
"9e83eeaf66508169b21b19143d342a84:1618496303.592666"
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
334
expires
Thu, 03 Mar 2022 11:43:09 GMT
js
www.googletagmanager.com/gtag/ 		175 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BBKFW2SBSP
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d191598214b5977b3775f3086af1536ed3840c12cc214d6662df515ebeb36fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:09 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65622
x-xss-protection
0
expires
Thu, 03 Mar 2022 11:38:09 GMT
23275940.js
extend.vimeocdn.com/ga/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extend.vimeocdn.com/ga/23275940.js
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:09 GMT
content-encoding
gzip
age
1339644
x-cache
HIT
x-cache-hits
8124
content-length
5692
x-served-by
cache-hhn4053-HHN
x-vimeo-dc
ge
last-modified
Tue, 15 Feb 2022 22:05:40 GMT
server
Apache
x-timer
S1646307489.313130,VS0,VE0
etag
"43e3-5d815bbc95500-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=86400
x-bapp-server
assets-v8131-xzpk7
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Feb 2032 23:30:44 GMT
amz2ava.css
use.typekit.net/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/amz2ava.css
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e567c23d77008a173c79c4c232885d9849c800718118e1011260024273f38e61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 03 Mar 2022 11:38:09 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1110
app.css
vapor-us-east-2-assets-1603416105.s3.us-east-2.amazonaws.com/504525b2-ac2f-438e-83fc-609a8a651764/css/ 		42 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vapor-us-east-2-assets-1603416105.s3.us-east-2.amazonaws.com/504525b2-ac2f-438e-83fc-609a8a651764/css/app.css
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.105.90 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
72f6a26b148fa4ae45233f3560c01c82f35756cd069fa8b2ea27ca8273d345c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:38:10 GMT
Last-Modified
Wed, 02 Mar 2022 21:46:54 GMT
Server
AmazonS3
x-amz-request-id
5Z5N6P3NQD4P182F
ETag
"f19f142f2ef965a9e4846aa5ea986f4e"
Content-Type
text/css
Cache-Control
public, max-age=2628000
Accept-Ranges
bytes
Content-Length
43244
x-amz-id-2
VCYUd45qs9+KTMcI5VAGiH9Kde+TfiQf8ApgQT2XfTmTvL6GkVS3eFjmayUNbbXmqJNDWNNSIA8=
Expires
Sat, 02 Apr 2022 21:46:51 GMT
cdn.min.js
unpkg.com/alpinejs@3.9.1/dist/
Redirect Chain
  • https://unpkg.com/alpinejs
  • https://unpkg.com/alpinejs@3.9.1
  • https://unpkg.com/alpinejs@3.9.1/dist/cdn.min.js
38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/alpinejs@3.9.1/dist/cdn.min.js
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d1cbc4be2dd471fadcbbf8a85b5ac5aefb8ff7119b4b86e72c64932c9e34681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
69404
fly-request-id
01FX5PZCBAKSW17ZBGH9ECCVRP-cdg
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"9659-XsLG1d1m82MiD7zigvdCLnfpolQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6e621590fd150f52-MXP

Redirect headers

date
Thu, 03 Mar 2022 11:38:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FX5PZ936MDH4Q3FHBBV4PKZE-cdg
server
cloudflare
age
69405
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/alpinejs@3.9.1/dist/cdn.min.js
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e621590bca50f52-MXP
access-control-allow-origin
*
9b6674bf-4204-4f9e-8548-8d52048ba2b4
embark-ncl-storage.s3.us-east-2.amazonaws.com/ 		465 KB
465 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embark-ncl-storage.s3.us-east-2.amazonaws.com/9b6674bf-4204-4f9e-8548-8d52048ba2b4?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENv%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMiJHMEUCIQCL4Vm9OwjBrjILQIBj8l9rSMlRKEjtjcJSXJxXnT0PjAIgfcoc87voiu%2Bq%2BA2idIW98%2FOFE3c9T3l43faXIM7XMRwqoAIIRBAAGgwxNzMxODQ3Mzc3MzYiDOYSjFQAb56rqacO8Sr9AYh%2B8UtgpjvJ7Q3DB9%2F8KlxpwkeysqOJaBB3fm%2FtCQApoA801KQ0qMtEQOJsxb7nQN46DjFc9Uj5t65mw%2B64OaSh5fy6iAOrdn%2BVyOzBs1GMJj7sw3PGoeGecEqzZO3EEEzeQvbVVyozga1%2FtRn0I%2BHuo%2BFICZEyyFRO3fISqW0ZkLSacw76sM3cQ2T1ydSasT6VzFmHJVoc4yt6Jo4d82sKfwAURWAnitoWVvrIJn75%2FjHNdB68FrS01cAaaN7QnT25KNsCmL9Wj5PZghdHazLpA7zZYZiKYi9Z5idzceU51lqHYfeWlylReBpCjDAFSC38cdVdaRnZO25JZQgwibiCkQY6mgG9iCUjvm87TMqB8IDFj42agyMROdvRBpB2a8AKvETD5narlsLazL8Ne7nM94M4LcZi%2B9hXeV7dA8Y%2BfgB7x1eMfN91xEr%2FXwVwLITjuDa3sDKXOkO43FVvtUs5aUpPedT3fZlMHc0poqe32sdun3zTAuphj25Fj9mlcD0vKmQUhdehPlo%2BnhJEVwrwJl5uwDEHSxHXMNeJNbLr&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIASQUU5MHEANQWY7BI%2F20220303%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20220303T113809Z&X-Amz-SignedHeaders=host&X-Amz-Expires=10800&X-Amz-Signature=8208d9a4717a7dc439b685a95ef6c0db6a77f3cf51f1e7d7fa533f06bd9e4a71
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.106.178 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5cb4dfd57ec46a769e1f4d87b838dbe2212d8bc8db800db1bf32488c3a65903c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:38:10 GMT
Last-Modified
Mon, 21 Feb 2022 20:54:58 GMT
Server
AmazonS3
x-amz-request-id
5Z5MBQZ3FG0MXZVY
ETag
"f24d0dc2bb0a9c35fdb5ed67b40fef87"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
476017
x-amz-id-2
aqqWwhS+PdBMbGovDfHFDfEFrNdW8T4lBvV1AhlK5x2kiQT5A6x00GslYDVKA19rRIhsA6Sb7JY=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 07:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Feb 2023 07:41:57 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=amz2ava&ht=tk&f=10879.10881.10882.10884.10885.10886.15357.15358.15361.15362.32874.32875&a=87371341&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/amz2ava.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:09 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
collect
www.google-analytics.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BBKFW2SBSP&gtm=2oe2s0&_p=1107575121&_z=ccd.B&cid=2032873963.1646307489&ul=en-us&sr=1600x1200&_s=1&sid=1646307489&sct=1&seg=0&dl=https%3A%2F%2Fnclembark.com%2Fregister%3Fcheetahid%3D5000116591834%26mi_u%3D5000116591834%26cid%3DEM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222&dt=NCL%20Embark&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BBKFW2SBSP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:38:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nclembark.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utag.js
tags.tiqcdn.com/utag/ncl/microsites/prod/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
190a74d18f06b7091354d8ce9cf972ea32152df760c97dc05bc7f79efb7356e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:09 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 14:18:23 GMT
server
AkamaiNetStorage
etag
"d88ca6360fb9bfbc217020a32d8499f0:1618496302.838173"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
31310
expires
Thu, 03 Mar 2022 11:43:09 GMT
tracking.js
cdn.livechatinc.com/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-65.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7534ed949b5928687e292242c7603cfff009f7f5179b684e25a5571f5616f38f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
ELx5oSu9CWH.CN_2s5WUcqlBhncrb3XU
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:33:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"18b289baccb8ab97994aeb2fb8f3a5fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
date
Thu, 03 Mar 2022 11:38:09 GMT
content-length
24110
x-amz-cf-id
4LBLsJlCMi1xWPkP8wEr2Td7cGcCCQRcfbUZ8FrcVgnDZkBZ_R_liQ==
expires
Thu, 03 Mar 2022 19:38:09 GMT
truncated
/ 		185 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92c2683be6b442107242edb6de07ac4c349abdbee834ef7c46af6ec7d46c2eb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9b05f3/000000000000000000013365/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/amz2ava.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
96b67419d2538b42413797739000601d5884a81872b8346559c04770100a29fb

Request headers

Referer
https://use.typekit.net/amz2ava.css
Origin
https://nclembark.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:09 GMT
server
nginx
etag
"22520917f01d8d34c0dcc1417c749962b8a47011"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
51524
l
use.typekit.net/af/2cd6bf/00000000000000000001008f/27/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2cd6bf/00000000000000000001008f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/amz2ava.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bd59eac0ddf71e5dd30101747cea1d55544339bd310c68a86aa133877f385213

Request headers

Referer
https://use.typekit.net/amz2ava.css
Origin
https://nclembark.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:09 GMT
server
nginx
etag
"dd5b169fb4bedb60e8626027fdc93f0b1be2f4fb"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47184
l
use.typekit.net/af/309dfe/000000000000000000010091/27/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/309dfe/000000000000000000010091/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/amz2ava.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d76f8e42213513ab33c721c98a652b012ee11ff86efc7661ca19a344c4c117a8

Request headers

Referer
https://use.typekit.net/amz2ava.css
Origin
https://nclembark.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:09 GMT
server
nginx
etag
"78f589bb61056c7dc2c42601e2fd59aa96941141"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
40404
get_dynamic_configuration
api.livechatinc.com/v3.3/customer/action/ 		250 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=11929941&url=https%3A%2F%2Fnclembark.com%2Fregister%3Fcheetahid%3D5000116591834%26mi_u%3D5000116591834%26cid%3DEM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222&channel_type=code&jsonp=__86zdfza7vno
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34d994408f5e9df1b907993b42adf714429eb506dd5018127b4066e9a8d87776
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://nclembark.com/;
X-Frame-Options allow-from https://nclembark.com/

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://nclembark.com/;
vary
Accept-Encoding
x-frame-options
allow-from https://nclembark.com/
date
Thu, 03 Mar 2022 11:38:10 GMT
content-length
250
legacy
2023-06-30
content-type
application/javascript; charset=UTF-8
id
dpm.demdex.net/ 		372 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8DD367C25245AFCC0A490D4C%40AdobeOrg&d_nsid=0&ts=1646307489857
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.218.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-218-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fc01ca0e036032264ad59c3edcf5942559cad4e24261300c8526cc31de2073bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nclembark.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v028-020c7aa3d.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
pdj1vguwQXU=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://nclembark.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
313
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.1.js
tags.tiqcdn.com/utag/ncl/microsites/prod/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.1.js?utv=ut4.46.202012112021
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1b44e747fb5f85c798e798d063cb575a58cc0e27cdd45c2e836fd0cc4f3ff9a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:09 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 20:22:01 GMT
server
AkamaiNetStorage
etag
"c2cacdb23002a94b78791ccbfaa8161d:1607718121.558707"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
24034
expires
Fri, 18 Mar 2022 11:38:09 GMT
utag.4.js
tags.tiqcdn.com/utag/ncl/microsites/prod/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.4.js?utv=ut4.46.202104151418
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9a47f5484e2124b3d05fd27480465367c4a44b9e00e4929392350e97eb948c93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:09 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 14:18:24 GMT
server
AkamaiNetStorage
etag
"50009363aaf68f8932d6d79658c74968:1618496304.103305"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
6978
expires
Fri, 18 Mar 2022 11:38:09 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26291
x-xss-protection
0
pragma
public
x-fb-debug
KjScsVyNjcqJZWudWt1+hRw6NJMk6dsAmLEYH1doyqTsljDKBEuLEv1AYz/VpaOP8P5yzw/dpYCRDf5My/VYow==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 03 Mar 2022 11:38:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ncl/microsites/202104151418&cb=1646307489897
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:09 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 03 Mar 2022 11:48:09 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.55
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
sL68V6IyXnd0YLQyNN7QmVX+CTm0QtEqv27w/Jk6SZRUEr+XsI+fRP9w0bY3B5qqrUsyl+RHA6In0zG02kL+mA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 03 Mar 2022 11:38:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
798296406850522
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/798296406850522?v=2.9.55&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e6ab03b7a44d6576343155dde4b662a342f15d94863262101ee3bb232c097eb9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
0MWHkzQJZN002viwd86qMDM+7m1aFLbCOgQ7GHoLFlRJdSs4Enp4YW0BA54CZ7Ybl8Gd9zf5Hg2Sg4MG0qFqnw==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 03 Mar 2022 11:38:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
dest5.html
nclbahamasltd.demdex.net/ Frame D918 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nclbahamasltd.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.75.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-75-122.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Thu, 3 Mar 2022 11:38:10 GMT
DCS
dcs-prod-irl1-1-v028-04e5f36c3.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 14 Feb 2022 15:44:39 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
8MRal/9nSOA=
Content-Length
2791
Connection
keep-alive
id
norwegiancruiseline.112.2o7.net/ 		2 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://norwegiancruiseline.112.2o7.net/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=8DD367C25245AFCC0A490D4C%40AdobeOrg&mid=30074298610004276931291326770462456000&ts=1646307489995
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nclembark.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 03 Mar 2022 11:38:10 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-cdfbd77b-w5kpc
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://nclembark.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YiCoogAAAGrcOwQp
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=25431692813151934341953464521241821751
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiCoogAAAGrcOwQp
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiCoogAAAGrcOwQp
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
HTTP/1.1
Server
52.49.218.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-218-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v028-0f4e69597.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/GPRshUVQ0s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiCoogAAAGrcOwQp
Date
Thu, 03 Mar 2022 11:38:10 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
get_configuration
api.livechatinc.com/v3.3/customer/action/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=11929941&version=988.10.10.13986.718.711.354.14.4.112.3.21&group_id=0&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60e53507dc1abbca1fea04a766bb1ccd3ea486b79bf93412160c7ba58e5fdf69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:10 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2023-06-30
cache-control
public, max-age=499
content-length
2414
expires
Thu, 03 Mar 2022 11:46:29 GMT
open_chat
secure.livechatinc.com/customer/action/ Frame 0A20 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=11929941&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f293794d52ad1a479950bfdc1ec13660f2fbaee148f4c2ba36f733c67a54a373

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-length
1988
date
Thu, 03 Mar 2022 11:38:10 GMT
get_localization
api.livechatinc.com/v3.3/customer/action/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=11929941&version=ff93808ef52c6dd040640c4853b854bd_111e8cbbb714e057fb1c212a12e78ac8&language=en&group_id=0&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
818b022908dc6ed13289b40677f557cdbd52357b0c0f02fb0cd6d2a3ec2475b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:10 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2023-06-30
cache-control
public, max-age=557
content-length
3778
expires
Thu, 03 Mar 2022 11:47:27 GMT
s58665384518936
norwegiancruiseline.112.2o7.net/b/ss/nclmicrosites/1/JS-2.22.0/ 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://norwegiancruiseline.112.2o7.net/b/ss/nclmicrosites/1/JS-2.22.0/s58665384518936?AQB=1&ndh=1&pf=1&t=3%2F2%2F2022%2011%3A38%3A10%204%200&sdid=73A81485F72C87F5-7A96D680A249D42F&mid=30074298610004276931291326770462456000&aamlh=6&ce=UTF-8&ns=norwegiancruiseline&pageName=nclembark.com%3Aregister&g=https%3A%2F%2Fnclembark.com%2Fregister%3Fcheetahid%3D5000116591834%26mi_u%3D5000116591834%26cid%3DEM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222&cc=USD&v0=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c5=nclembark.com%3Aregister&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8DD367C25245AFCC0A490D4C%40AdobeOrg&AQE=1
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:10 GMT
x-content-type-options
nosniff
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 04 Mar 2022 11:38:10 GMT
server
jag
xserver
anedge-cdfbd77b-gxjt9
etag
3535418416232038400-4619390106499117715
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 02 Mar 2022 11:38:10 GMT
css
fonts.googleapis.com/ Frame 0A20 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11929941&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c1be81fbe2afbd7df1a0df3c9c998a4e845d1b3f07629e857cf169681ad0319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 10:06:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 03 Mar 2022 11:38:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Mar 2022 11:38:10 GMT
0.36c42c4b.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 0A20 		208 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/0.36c42c4b.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11929941&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-65.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6c08dc28c655949f816441b465ecb156fac93a543042415f3b6a487c021c1ffc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Nf2fV66IGfHFxld4hzxiEWQVzxaZ9Uu4
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 12:17:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"712a17271977e14144e02b4e84b9ece7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Thu, 03 Mar 2022 11:38:10 GMT
content-length
69047
x-amz-cf-id
5Qm6kC6Oztk9MIzGxCPK1RO0S4l4YwLSmF4bZfLKTERPb31adVD3LA==
expires
Fri, 03 Mar 2023 11:38:10 GMT
2.3480718e.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 0A20 		218 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/2.3480718e.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11929941&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-65.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b85d9aa8aad0cbdcf184642b60c3f84a52d51643b5b1ae68529c9be18b8f5323

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
diOv77Ym.MrPn1tqdLQsOGcwVt6jq1mD
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 12:18:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"3dae6a43c979fd2000fbd3ae8a2981b7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Thu, 03 Mar 2022 11:38:10 GMT
content-length
67970
x-amz-cf-id
94xAQDTroW3rKB6XM32o4SGy-ITqej5D-yRsN728KSR2GZDXE5tPjg==
expires
Fri, 03 Mar 2023 11:38:10 GMT
iframe.49a6d146.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 0A20 		406 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/iframe.49a6d146.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11929941&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-65.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5845dbda3f279180c0467c877f292caf9e8b247261e981a0fabd0cb23c3113dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
9VynjZ.ZXYN50zAqGxaqX1INMm.xBSNH
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:33:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"08f7e7954f00f7bf0cbd1760ad1fb7d9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Thu, 03 Mar 2022 11:38:10 GMT
content-length
111477
x-amz-cf-id
FBG6RacsNTYwd6wDHjhjZfBjLShwWoZqnt5DovTY4kVgppFmP-gdGA==
expires
Fri, 03 Mar 2023 11:38:10 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v25/ Frame 0A20 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v25/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.livechatinc.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 19:31:29 GMT
x-content-type-options
nosniff
age
58001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16088
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Mar 2023 19:31:29 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v25/ Frame 0A20 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v25/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.livechatinc.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 19:31:29 GMT
x-content-type-options
nosniff
age
58001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16168
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Mar 2023 19:31:29 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=798296406850522&ev=PageView&dl=https%3A%2F%2Fnclembark.com%2Fregister%3Fcheetahid%3D5000116591834%26mi_u%3D5000116591834%26cid%3DEM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222&rl=&if=false&ts=1646307490279&sw=1600&sh=1200&v=2.9.55&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1646307490277.1494939929&it=1646307489927&coo=false&eid=be9907ef08b3f5ab6c0ac283f4b7db4a&tm=1&exp=p1&rqm=GET
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 03 Mar 2022 11:38:10 GMT
token
accounts.livechatinc.com/customer/ Frame 0A20 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.livechatinc.com/customer/token
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.36c42c4b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
48ef366c07cb2486f5308011328729922327a1e7ace3e842e14c39e0821795ad

Request headers

Referer
https://secure.livechatinc.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:38:10 GMT
content-type
application/json
access-control-allow-origin
https://secure.livechatinc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
138
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=798296406850522&ev=Microdata&dl=https%3A%2F%2Fnclembark.com%2Fregister%3Fcheetahid%3D5000116591834%26mi_u%3D5000116591834%26cid%3DEM_MKD_NA_PRO_EML_hero_EML_FDRLIVE22_FDRLIVE030222&rl=&if=false&ts=1646307491782&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NCL%20Embark%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.55&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1646307490277.1494939929&it=1646307489927&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:38:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Thu, 03 Mar 2022 11:38:11 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored object| jquery function| gtag object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data object| gaGlobal object| utag_data object| __lc object| LiveChatWidget object| Vimeo function| __vimeoRefresh object| Alpine function| onYouTubeIframeAPIReady boolean| __lc_inited object| LC_API boolean| utag_condload object| utag function| e boolean| __tealium_twc_switch object| adobe function| Visitor object| s_c_il number| s_c_in function| fbq function| _fbq object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap number| s_objectID number| s_giq object| s_i_nclmicrosites

20 Cookies

Domain/Path Name / Value
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: 8ad55652-ba22-4300-504e-9739bb955da3
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: f99e5d8b65d19110d191ae16edefd384370b2abe6904d289573af6b180e9975051243251e870cd85d7e92ba295d6e3726f33f6b34b073b24f530897ddba2
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: 8ad55652-ba22-4300-504e-9739bb955da3
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: f99e5d8b65d19110d191ae16edefd384370b2abe6904d289573af6b180e9975051243251e870cd85d7e92ba295d6e3726f33f6b34b073b24f530897ddba2
l.email.ncl.com/ Name: ASP.NET_SessionId
Value: fgjv2hmgd51ivuxhfyg1vy5j
l.email.ncl.com/ Name: BIGipServercnv_ats_pool
Value: !FIswxM6Uxjd9eJaoFVQbWBKi/4Lz4t1I+wk2gFAJYphGyDyusmwmIu4VESjV+Q6BnLGOBBeqoTuBh7M=
nclembark.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlJ6bEVaalY0UVBtNHlQMWx2RFoxQ0E9PSIsInZhbHVlIjoicGFoUWs1bnZRNk5rNjArdUR2RlIvREtKTSttV1RnSncwN1c2NzhlaDlLeUtGREtaVDk2UTVGVEQ5MTZIWmY2ZGdIVi80TlI1ZVRHRVhBUnV1bGtSODlHTnhWRGRWdzg5MHA3M1k4bzVPdi95UCt6R1B3bWd6M3FOVzEvUk8wVGkiLCJtYWMiOiI3ZTIwMDBkZGU3ZWNkZTU5M2Q2MzQ1ZDgxZGViZTE5YzAxZjBkNjZlZmY3M2I1NjVkYzk2ZTZjNWNjNGVmMGQ5IiwidGFnIjoiIn0%3D
nclembark.com/ Name: ncl_embark_session
Value: eyJpdiI6IjcrOHVNM3RraUhVTW5JVC94Tk1hcnc9PSIsInZhbHVlIjoianRCakl2UmVGSUFGNERFUDR2QVJKT3daRG5rSXJCTUhqSmtwRkxQUGNMWjNnRkR3RlhkT1VkRDRJMHdIQTFnWjNTaUVrU0hZcC9zdzYxNWRweVBieGJSOXlmd0FIcEFWZzBWMjBDRk9CN0Y5dnYyM1Rnci9xRzd3dHVUc2ZDQWsiLCJtYWMiOiJmNzRlMmNjMzU0MDA5OGNlOWQ0MjkwNjcwOTdkYzdhMDRhOTIwYzM5ZTMxYjYwODk4OWEwYzRiNDFiMjZmOGNkIiwidGFnIjoiIn0%3D
nclembark.com/ Name: N2D7BFWdnjZJNZAQBac3cvnv8IQFEolJ4Ttvak64
Value: eyJpdiI6IlI1SVNWaDk3SHVmZnlQSXJmc3hia3c9PSIsInZhbHVlIjoicDZBY3B0Y3QrY1ZtNzliaURNOEVJNlUrMXJ0MjdCM3luZGZHU3FlbWxiM1FYTlZuQ3pGL3NGYUFmN3ZYQkkybTdZNXFBUTF3N3hUUzdQNU14bng4UzE4RFBCbUxnaEY3bnI2cFlwWi9mbG9PbDUzWTBLTFpHdzRXSDVDbWFRMWJIS2NtaTErUXZicm9IWHZCOFVKN1dQNFlpNkI3VUdoOVNCK0d4N1FXNlFhSlJnRHJjNjUxQWUxditZcEpEeUIrMDhDNG9XSFpjTjIwVjk3U2NNRzlSelJJaWNNVFplVFlpTUpyaGtTZHYzbTZtdnI1UE8rV1JEUFMzVzBJZ04vM2V4UVZBNkg1VU1SVGxGSWlwNjh6b0dPU1ZPQko4YkluVEtQTkVLME9neEJXUDBQaGI5RVN3azErcFJ4eUdhSWQ0UHJ3cm5tRzhNQU5pT1VuUmV5RTdMRkhFVEZJbHFiOGt4ZHdNV2hqTXJHTG9IRFBPWFlINmRVU2VudUZ4Skw1Y0ZXVmhBSkgyRzdpbXNPcm9iOWk2NDV1eFRieU8zelY2WWtXZWhCVTRzLzZKcUs3Y3BWaUNubUJnNXlHTzFxc3lweERYKzR6MVhJTmNseDZQUUFJNi9SS3dLcmpSNnRySWZlUzNnbmhwMUFpMWF2c3hKZTFqMllvd0tlSW9UbnIiLCJtYWMiOiJmNjA0YTVlM2YwOWMyNTNlMWZmMzYxMGVmZjRkYzVjZjExM2RjY2YxZWEwNmFhZjgwYTI5ODhjMDBjNjdiZjZiIiwidGFnIjoiIn0%3D
.nclembark.com/ Name: _ga
Value: GA1.1.2032873963.1646307489
.nclembark.com/ Name: utag_main
Value: v_id:017f4f92b8370093bfa344a0322003072008006a00b08$_sn:1$_se:1$_ss:1$_st:1646309289847$ses_id:1646307489847%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:nclembark.com
.demdex.net/ Name: demdex
Value: 25431692813151934341953464521241821751
.nclembark.com/ Name: AMCVS_8DD367C25245AFCC0A490D4C%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YiCoogAAAGrcOwQp
.nclembark.com/ Name: s_cc
Value: true
.dpm.demdex.net/ Name: dpm
Value: 25431692813151934341953464521241821751
.nclembark.com/ Name: AMCV_8DD367C25245AFCC0A490D4C%40AdobeOrg
Value: 359503849%7CMCIDTS%7C19055%7CMCMID%7C30074298610004276931291326770462456000%7CMCAAMLH-1646912289%7C6%7CMCAAMB-1646912289%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1646314690s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19062%7CvVersion%7C5.0.1
.nclembark.com/ Name: _fbp
Value: fb.1.1646307490277.1494939929
.facebook.com/ Name: fr
Value: 0WPEvMpGWFgRIbP2C..BiIKii...1.0.BiIKii.
.nclembark.com/ Name: _ga_BBKFW2SBSP
Value: GS1.1.1646307489.1.0.1646307490.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
ajax.googleapis.com
api.livechatinc.com
cdn.livechatinc.com
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
embark-ncl-storage.s3.us-east-2.amazonaws.com
extend.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
l.email.ncl.com
nclbahamasltd.demdex.net
nclembark.com
norwegiancruiseline.112.2o7.net
p.typekit.net
secure.livechatinc.com
tags.tiqcdn.com
unpkg.com
use.typekit.net
vapor-us-east-2-assets-1603416105.s3.us-east-2.amazonaws.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.75.88.194
13.36.218.177
151.101.114.109
173.213.4.192
18.66.112.43
2.16.186.163
2606:4700::6810:7aaf
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:828::200a
2a02:26f0:6c00::210:ba22
2a02:26f0:6c00::210:ba2a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.219.105.90
52.219.106.178
52.49.218.107
54.154.165.122
54.194.75.122
95.100.153.65
0106f72bdaf294a5415b9f1a910f4292f063db1076b10886f223f6d3dde8ac32
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
190a74d18f06b7091354d8ce9cf972ea32152df760c97dc05bc7f79efb7356e8
1b44e747fb5f85c798e798d063cb575a58cc0e27cdd45c2e836fd0cc4f3ff9a4
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385
34d994408f5e9df1b907993b42adf714429eb506dd5018127b4066e9a8d87776
3d1cbc4be2dd471fadcbbf8a85b5ac5aefb8ff7119b4b86e72c64932c9e34681
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48ef366c07cb2486f5308011328729922327a1e7ace3e842e14c39e0821795ad
5845dbda3f279180c0467c877f292caf9e8b247261e981a0fabd0cb23c3113dd
5cb4dfd57ec46a769e1f4d87b838dbe2212d8bc8db800db1bf32488c3a65903c
60e53507dc1abbca1fea04a766bb1ccd3ea486b79bf93412160c7ba58e5fdf69
6c08dc28c655949f816441b465ecb156fac93a543042415f3b6a487c021c1ffc
71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce
72f6a26b148fa4ae45233f3560c01c82f35756cd069fa8b2ea27ca8273d345c9
7534ed949b5928687e292242c7603cfff009f7f5179b684e25a5571f5616f38f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
818b022908dc6ed13289b40677f557cdbd52357b0c0f02fb0cd6d2a3ec2475b7
8c1be81fbe2afbd7df1a0df3c9c998a4e845d1b3f07629e857cf169681ad0319
92c2683be6b442107242edb6de07ac4c349abdbee834ef7c46af6ec7d46c2eb8
96b67419d2538b42413797739000601d5884a81872b8346559c04770100a29fb
9a47f5484e2124b3d05fd27480465367c4a44b9e00e4929392350e97eb948c93
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
b85d9aa8aad0cbdcf184642b60c3f84a52d51643b5b1ae68529c9be18b8f5323
bd59eac0ddf71e5dd30101747cea1d55544339bd310c68a86aa133877f385213
d191598214b5977b3775f3086af1536ed3840c12cc214d6662df515ebeb36fc3
d76f8e42213513ab33c721c98a652b012ee11ff86efc7661ca19a344c4c117a8
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e567c23d77008a173c79c4c232885d9849c800718118e1011260024273f38e61
e6ab03b7a44d6576343155dde4b662a342f15d94863262101ee3bb232c097eb9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
f293794d52ad1a479950bfdc1ec13660f2fbaee148f4c2ba36f733c67a54a373
f6e8b71301341b118f5bdfa3b19f8285655729d44d2f68bf092c370bd6b59f43
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
fc01ca0e036032264ad59c3edcf5942559cad4e24261300c8526cc31de2073bb