urlscan.io logo urlscan.io
SecurityTrails logo

view.e.ncl.com Open in urlscan Pro
128.245.163.106  Public Scan

Go To Rescan Add Verdict Report
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0...
Submission: On April 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 28 HTTP transactions. The main IP is 128.245.163.106, located in United States and belongs to SALESFORCE, US. The main domain is view.e.ncl.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 15th 2022. Valid for: a year.
This is the only time view.e.ncl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 128.245.163.106 14340 (SALESFORCE)
2 2a00:1450:400... 15169 (GOOGLE)
1 128.245.147.152 14340 (SALESFORCE)
17 2a02:26f0:340... 20940 (AKAMAI-ASN1)
1 1 18.118.70.133 16509 (AMAZON-02)
1 13.32.99.13 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 23.197.8.65 16625 (AKAMAI-AS)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 3.141.213.26 16509 (AMAZON-02)
28 9
1    128.245.163.106 (United States)

ASN14340 (SALESFORCE, US)
PTR: view.e.ncl.com
view.e.ncl.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    128.245.147.152 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.e.ncl.com
click.e.ncl.com
17    2a02:26f0:3400::1703:581b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
image.e.ncl.com
1    18.118.70.133 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-118-70-133.us-east-2.compute.amazonaws.com
em.realtime.email
1    13.32.99.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-13.fra60.r.cloudfront.net
d4imn2cnkiq08.cloudfront.net
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.197.8.65 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-8-65.deploy.static.akamaitechnologies.com
i.email.ncl.com
1    2a02:26f0:480:22::1726:62e2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
image.s12.sfmc-content.com
1    3.141.213.26 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-213-26.us-east-2.compute.amazonaws.com
pxl.mon-trk.com
Apex Domain
Subdomains		 Transfer
20 ncl.com
view.e.ncl.com
click.e.ncl.com — Cisco Umbrella Rank: 283305
image.e.ncl.com — Cisco Umbrella Rank: 279685
i.email.ncl.com — Cisco Umbrella Rank: 510344
2 MB
3 gstatic.com
fonts.gstatic.com
35 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
2 KB
1 mon-trk.com
pxl.mon-trk.com — Cisco Umbrella Rank: 37205
1 sfmc-content.com
image.s12.sfmc-content.com — Cisco Umbrella Rank: 79251
321 B
1 cloudfront.net
d4imn2cnkiq08.cloudfront.net
671 B
1 realtime.email
em.realtime.email — Cisco Umbrella Rank: 20177
322 B
28 7
Domain Requested by
17 image.e.ncl.com view.e.ncl.com
3 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com view.e.ncl.com
1 pxl.mon-trk.com view.e.ncl.com
1 image.s12.sfmc-content.com view.e.ncl.com
1 i.email.ncl.com view.e.ncl.com
1 d4imn2cnkiq08.cloudfront.net view.e.ncl.com
1 em.realtime.email 1 redirects
1 click.e.ncl.com view.e.ncl.com
1 view.e.ncl.com
28 10

This site contains links to these domains. Also see Links.

Domain
click.e.ncl.com
Subject Issuer Validity Valid
view.e.ncl.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
click.e.ncl.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
san-24-s12.tlsprovisioning.exacttarget.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-21 -
2023-08-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
wpm.ccmp.eu
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
image.s12.sfmc-content.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-12-12		 a year crt.sh
pxl.mon-trk.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Frame ID: 8CCB551052D525E54444D7DA471F7D76
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

28
Requests

96 %
HTTPS

40 %
IPv6

7
Domains

10
Subdomains

9
IPs

2
Countries

1849 kB
Transfer

1849 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://em.realtime.email/service/rte?kind=countdown&id=1338124482&esp_uid=793306825&dim5=533489 HTTP 302
  • https://d4imn2cnkiq08.cloudfront.net/21064/fd-basicresize-1x1-t5jk5u4rilsxjer7.png

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
view.e.ncl.com/ 		28 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.245.163.106 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
view.e.ncl.com
Software
/
Resource Hash
5762352fb8a1317059f9b8935d11d1032a82f82ea2493f69e6106cc2d4d16e0b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Connection
close
Content-Length
28404
Content-Type
text/html; charset=utf-8
Date
Sun, 16 Apr 2023 16:41:58 GMT
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400&display=swap
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e1cca08bf0cdde4ffcf6f82fd4e6669394d1ae4ee663343d173a75fc373d39c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Apr 2023 16:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Apr 2023 16:17:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Apr 2023 16:41:59 GMT
css2
fonts.googleapis.com/ 		1 KB
490 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Jost&display=swap
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cbe823aa3d6e87d4e484c9769e675d4df92c6dd464345e53649b22a7bc268d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Apr 2023 16:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Apr 2023 15:29:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Apr 2023 16:41:59 GMT
open.aspx
click.e.ncl.com/ 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://click.e.ncl.com/open.aspx?ffcb10-febf117376600c74-fe1f117770630079741c77-fe3811737164047c731070-ff581d7873-fe2413797667047b7d1675-fefe1574766702&d=120012&bmt=0
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.245.147.152 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
click.e.ncl.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:41:59 GMT
Cache-Control
no-cache; max-age=0
Connection
close
Content-Length
43
Content-Type
image/gif
b5f29aa8-54c3-448e-87b9-af57a3a3a602.gif
image.e.ncl.com/lib/fe3811737164047c731070/m/1/ 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/1/b5f29aa8-54c3-448e-87b9-af57a3a3a602.gif
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:41:59 GMT
Last-Modified
Mon, 19 Sep 2022 14:23:40 GMT
Server
AkamaiNetStorage
ETag
"325472601571f31e1bf00674c368d335:1663597420.495777"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
fbb4ba31-69a4-49ad-8de7-a68560889349.gif
image.e.ncl.com/lib/fe3811737164047c731070/m/6/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/6/fbb4ba31-69a4-49ad-8de7-a68560889349.gif
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7e2569d8ae76cb319a84dc825dc2619f146671300fdbbe818ced658c53251ab3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:41:59 GMT
Last-Modified
Mon, 05 Dec 2022 06:52:11 GMT
Server
AkamaiNetStorage
ETag
"809ebf60d38bfa5fb4caa193fafe70ed:1670223131.022671"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24630
1046646a-3523-4087-abb8-c24f41f128bb.gif
image.e.ncl.com/lib/fe3811737164047c731070/m/1/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/1/1046646a-3523-4087-abb8-c24f41f128bb.gif
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b60d161762aaa381a024845cf801a1d73a6aa1b717fc6da70ba2d446ff8bc56c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:41:59 GMT
Last-Modified
Fri, 30 Sep 2022 08:27:23 GMT
Server
AkamaiNetStorage
ETag
"f925169793e5fe965073393fd06c75dc:1664526443.385206"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1293
fd-basicresize-1x1-t5jk5u4rilsxjer7.png
d4imn2cnkiq08.cloudfront.net/21064/
Redirect Chain
  • https://em.realtime.email/service/rte?kind=countdown&id=1338124482&esp_uid=793306825&dim5=533489
  • https://d4imn2cnkiq08.cloudfront.net/21064/fd-basicresize-1x1-t5jk5u4rilsxjer7.png
259 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d4imn2cnkiq08.cloudfront.net/21064/fd-basicresize-1x1-t5jk5u4rilsxjer7.png
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
H2
Server
13.32.99.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-13.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ec26246416f15395c896556fdcc8a83d2b704f53be344e9e72f90fcd03e3f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 21:17:41 GMT
x-amz-version-id
kPF3JmzHve0gDMJhV8xIckytqkSzXsyP
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Apr 2023 01:21:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
69859
etag
"612cfdd1e8c775a94c335d5318c1967c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
259
x-amz-cf-id
I1ouX4X8EFQQEG0CrxOgzfgFfTsaYJsZV8vZIpLayL5Am8YrlC3Bqw==

Redirect headers

location
https://d4imn2cnkiq08.cloudfront.net/21064/fd-basicresize-1x1-t5jk5u4rilsxjer7.png
pragma
no-cache
date
Sun, 16 Apr 2023 16:41:59 GMT
cache-control
no-cache
x-content-type-options
nosniff
marigold-trace-id
Root=1-643c2557-1f021869663c6fad3438ed4e
marigold-span-id
348b0dc2aae440f08ea5
f8709332-e2cc-4028-8137-5d99697130fd.jpg
image.e.ncl.com/lib/fe3811737164047c731070/m/15/ 		539 KB
539 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/15/f8709332-e2cc-4028-8137-5d99697130fd.jpg
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
743310caa007b472a2c6a58fd433df438601f13d623dd0e2d71c00b9e7f7a3c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:41:59 GMT
Last-Modified
Tue, 04 Apr 2023 21:07:04 GMT
Server
AkamaiNetStorage
ETag
"1cbfca1abb1a04d8e0fd6d86b270690e:1680642424.276074"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
552073
049a9902-5aca-4349-b864-328826f58bd9.jpg
image.e.ncl.com/lib/fe3811737164047c731070/m/15/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/15/049a9902-5aca-4349-b864-328826f58bd9.jpg
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
cbb84f27ee6f797ace200b39f8cb00f830d82728e53ad0e3200d342e141fd030

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:41:59 GMT
Last-Modified
Tue, 04 Apr 2023 21:07:02 GMT
Server
AkamaiNetStorage
ETag
"151410b0fd5d91708f337fc4159a172f:1680642422.173916"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28174
76fbec42-55ab-4ab0-ac07-8855875b2c32.jpg
image.e.ncl.com/lib/fe3811737164047c731070/m/15/ 		268 KB
269 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/15/76fbec42-55ab-4ab0-ac07-8855875b2c32.jpg
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
09d185e9cd85c8369766cf569c79617069efa9501c3e90e948fc936305ac4c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:41:59 GMT
Last-Modified
Tue, 04 Apr 2023 21:07:03 GMT
Server
AkamaiNetStorage
ETag
"7af961fad7f7a811b56636227ab73dd2:1680642423.111147"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
274780
b3051567-7aed-4865-b3a0-30342c5b7bb8.jpg
image.e.ncl.com/lib/fe3811737164047c731070/m/15/ 		557 KB
557 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/15/b3051567-7aed-4865-b3a0-30342c5b7bb8.jpg
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f8866951fbc11bc7e5403eb3d7101c77fa21cb2ec96aca110ff4b64775fe0106

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:42:00 GMT
Last-Modified
Tue, 04 Apr 2023 21:07:03 GMT
Server
AkamaiNetStorage
ETag
"cc5f1b35cd43848ada5239f6c8e12532:1680642423.805247"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
569932
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://view.e.ncl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:39:22 GMT
x-content-type-options
nosniff
age
453757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12684
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:28:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:39:22 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://view.e.ncl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 17:21:02 GMT
x-content-type-options
nosniff
age
170457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12860
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:27:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Apr 2024 17:21:02 GMT
538c5001-76fa-486f-bb50-3a68519fe627.jpg
image.e.ncl.com/lib/fe3811737164047c731070/m/15/ 		200 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/15/538c5001-76fa-486f-bb50-3a68519fe627.jpg
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4207c4374d934b07df63fe043e779144dda575971a80921dae1588276ca217a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:42:00 GMT
Last-Modified
Tue, 04 Apr 2023 21:07:02 GMT
Server
AkamaiNetStorage
ETag
"33c5c646af96329368f7a1cb3f4a9563:1680642422.677289"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
204580
spacer.gif
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/spacer.gif
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.8.65 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-8-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:41:59 GMT
Last-Modified
Tue, 14 Jul 2020 14:38:53 GMT
Server
ETag
"477c587fec59d61:0"
X-Powered-By
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
f8e7f1fe-b059-4fdf-a45b-b59b7c8ec0b2.gif
image.e.ncl.com/lib/fe3811737164047c731070/m/1/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/1/f8e7f1fe-b059-4fdf-a45b-b59b7c8ec0b2.gif
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ed43eca271722be4d3093309b04d7327f1ab2094f91d227a4ebae38e53060de2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:42:00 GMT
Last-Modified
Wed, 13 Jul 2022 08:28:59 GMT
Server
AkamaiNetStorage
ETag
"2225bdc250f07231a7f368904bb94f21:1657700939.92064"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4565
c329aa82-48c4-456f-9173-baeb5ae6f809.gif
image.s12.sfmc-content.com/lib/fe3811737164047c731070/m/1/ 		43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.s12.sfmc-content.com/lib/fe3811737164047c731070/m/1/c329aa82-48c4-456f-9173-baeb5ae6f809.gif
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62e2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:41:59 GMT
Last-Modified
Wed, 18 May 2022 12:51:08 GMT
Server
AkamaiNetStorage
ETag
"325472601571f31e1bf00674c368d335:1652878268.58426"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
71c7fa0a-00f0-4cf0-872a-c2b952a7658e.jpg
image.e.ncl.com/lib/fe3811737164047c731070/m/6/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/6/71c7fa0a-00f0-4cf0-872a-c2b952a7658e.jpg
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c35a452e4f8cee5485e4669d71e204a6effdb3cc029e8cc6873257cd0aa16ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:42:00 GMT
Last-Modified
Mon, 05 Dec 2022 06:54:42 GMT
Server
AkamaiNetStorage
ETag
"578b4d21324ec8fc103250889190191d:1670223282.579367"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1723
5b50dfbd-1f68-4857-8a11-c6f2b433dd4c.jpg
image.e.ncl.com/lib/fe3811737164047c731070/m/6/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/6/5b50dfbd-1f68-4857-8a11-c6f2b433dd4c.jpg
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6854c392ca9dfe32fca7cc3adf0f9ef3ab860a258bc3165f3924495c01fdcbad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:42:00 GMT
Last-Modified
Mon, 05 Dec 2022 06:54:43 GMT
Server
AkamaiNetStorage
ETag
"8f3e1c5d56873531eb48e0014eb0f192:1670223283.334924"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2129
777535ff-121c-4a12-be53-d2be760c262b.jpg
image.e.ncl.com/lib/fe3811737164047c731070/m/6/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/6/777535ff-121c-4a12-be53-d2be760c262b.jpg
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
32f1194136e26401341a8b9f1a71920ece892e95b95a47f8f273efdbe303f263

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:42:00 GMT
Last-Modified
Mon, 05 Dec 2022 06:54:45 GMT
Server
AkamaiNetStorage
ETag
"86427eb3d58635ec412c31cf8cbfca34:1670223285.261474"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2058
639de195-d314-45c6-957f-3689594827a1.jpg
image.e.ncl.com/lib/fe3811737164047c731070/m/6/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/6/639de195-d314-45c6-957f-3689594827a1.jpg
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a5552c234b97f142ef9c015988a2dc86a13070eb8179fb212d57b9a13daa39c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:42:00 GMT
Last-Modified
Mon, 05 Dec 2022 06:54:46 GMT
Server
AkamaiNetStorage
ETag
"e5553c49f20031af0ed57eefeee6192b:1670223286.124103"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1973
766fcf44-8386-4d7f-a3ef-40dd081ea9b6.jpg
image.e.ncl.com/lib/fe3811737164047c731070/m/6/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/6/766fcf44-8386-4d7f-a3ef-40dd081ea9b6.jpg
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
27286beb3419fc5cd7d4f148301573f036f1b9cb9ec61530d38e2a5acdcd2984

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:42:00 GMT
Last-Modified
Mon, 05 Dec 2022 06:54:44 GMT
Server
AkamaiNetStorage
ETag
"d37c4085e1b53ac1900b50ed61753b03:1670223284.105015"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2060
200e1e3d-bb96-4230-a0e0-f9a789d89991.jpg
image.e.ncl.com/lib/fe3811737164047c731070/m/6/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/6/200e1e3d-bb96-4230-a0e0-f9a789d89991.jpg
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9bba27ec5a97c0e3b5b0f280bf095486972949c901d8365f26f6425b862f5c3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:42:00 GMT
Last-Modified
Mon, 05 Dec 2022 06:54:47 GMT
Server
AkamaiNetStorage
ETag
"4f05f11258d0919ec46c5f24b8978acf:1670223287.314036"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9631
7d098a00-7c5a-4a81-96ff-7bd7b1890867.jpg
image.e.ncl.com/lib/fe3811737164047c731070/m/6/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/6/7d098a00-7c5a-4a81-96ff-7bd7b1890867.jpg
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d8455b72a273146790adb052482f2aae273cbe1db1f88e49dff5ebbe47caebaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:42:00 GMT
Last-Modified
Mon, 05 Dec 2022 06:57:06 GMT
Server
AkamaiNetStorage
ETag
"fe7d2aee3860bb49f5eea198f3d754e6:1670223426.76721"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
141731
870ae630-b02b-4749-8d96-6718b5c82a46.gif
image.e.ncl.com/lib/fe3811737164047c731070/m/1/ 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.e.ncl.com/lib/fe3811737164047c731070/m/1/870ae630-b02b-4749-8d96-6718b5c82a46.gif
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1703:581b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 16:42:00 GMT
Last-Modified
Fri, 30 Sep 2022 08:27:20 GMT
Server
AkamaiNetStorage
ETag
"325472601571f31e1bf00674c368d335:1664526440.152183"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
April162023
pxl.mon-trk.com/977a641f-680a-46b1-b4d9-878e2a973d24/NCL_EM_US_MUL_230413_FAS50OFF041323_ENG/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.mon-trk.com/977a641f-680a-46b1-b4d9-878e2a973d24/NCL_EM_US_MUL_230413_FAS50OFF041323_ENG/April162023
Requested by
Host: view.e.ncl.com
URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.213.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-213-26.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
92zPtBhPNqw79Ij1E865zBUv7myjJTVBNIg.woff2
fonts.gstatic.com/s/jost/v14/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jost/v14/92zPtBhPNqw79Ij1E865zBUv7myjJTVBNIg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jost&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a25da21fa46f9ef2ca9d169f57fbf9f605c976f9dfe924a27706900dc3228a8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://view.e.ncl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 12:11:01 GMT
x-content-type-options
nosniff
age
448258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9028
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:29:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 12:11:01 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Domain/Path Name / Value
em.realtime.email/ Name: LCVI
Value: ikALVEGpeeKOkYBJ46oJWfbu

3 Console Messages

Source Level URL
Text
security warning URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Message:
Mixed Content: The page at 'https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640' was loaded over HTTPS, but requested an insecure element 'http://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/spacer.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640
Message:
Mixed Content: The page at 'https://view.e.ncl.com/?qs=4d4cb943485b87ecc285de256067a1ee5bfdb497fcf8483fd272fd6011b03cd6cdfea4363076fc5a7494da0ef3b0204af8a04fd6422bc87dda1906efe4a2b1556b75e1f71cb92c74ab6ea9a373278640' was loaded over HTTPS, but requested an insecure element 'http://image.e.ncl.com/lib/fe3811737164047c731070/m/1/f8e7f1fe-b059-4fdf-a45b-b59b7c8ec0b2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://pxl.mon-trk.com/977a641f-680a-46b1-b4d9-878e2a973d24/NCL_EM_US_MUL_230413_FAS50OFF041323_ENG/April162023
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.e.ncl.com
d4imn2cnkiq08.cloudfront.net
em.realtime.email
fonts.googleapis.com
fonts.gstatic.com
i.email.ncl.com
image.e.ncl.com
image.s12.sfmc-content.com
pxl.mon-trk.com
view.e.ncl.com
128.245.147.152
128.245.163.106
13.32.99.13
18.118.70.133
23.197.8.65
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200a
2a02:26f0:3400::1703:581b
2a02:26f0:480:22::1726:62e2
3.141.213.26
09d185e9cd85c8369766cf569c79617069efa9501c3e90e948fc936305ac4c18
0e1cca08bf0cdde4ffcf6f82fd4e6669394d1ae4ee663343d173a75fc373d39c
27286beb3419fc5cd7d4f148301573f036f1b9cb9ec61530d38e2a5acdcd2984
32f1194136e26401341a8b9f1a71920ece892e95b95a47f8f273efdbe303f263
4207c4374d934b07df63fe043e779144dda575971a80921dae1588276ca217a1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5762352fb8a1317059f9b8935d11d1032a82f82ea2493f69e6106cc2d4d16e0b
6854c392ca9dfe32fca7cc3adf0f9ef3ab860a258bc3165f3924495c01fdcbad
743310caa007b472a2c6a58fd433df438601f13d623dd0e2d71c00b9e7f7a3c0
7e2569d8ae76cb319a84dc825dc2619f146671300fdbbe818ced658c53251ab3
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
9bba27ec5a97c0e3b5b0f280bf095486972949c901d8365f26f6425b862f5c3a
9ec26246416f15395c896556fdcc8a83d2b704f53be344e9e72f90fcd03e3f52
a25da21fa46f9ef2ca9d169f57fbf9f605c976f9dfe924a27706900dc3228a8b
a5552c234b97f142ef9c015988a2dc86a13070eb8179fb212d57b9a13daa39c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b60d161762aaa381a024845cf801a1d73a6aa1b717fc6da70ba2d446ff8bc56c
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c35a452e4f8cee5485e4669d71e204a6effdb3cc029e8cc6873257cd0aa16ad9
cbb84f27ee6f797ace200b39f8cb00f830d82728e53ad0e3200d342e141fd030
cbe823aa3d6e87d4e484c9769e675d4df92c6dd464345e53649b22a7bc268d11
d8455b72a273146790adb052482f2aae273cbe1db1f88e49dff5ebbe47caebaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed43eca271722be4d3093309b04d7327f1ab2094f91d227a4ebae38e53060de2
f8866951fbc11bc7e5403eb3d7101c77fa21cb2ec96aca110ff4b64775fe0106