urlscan.io logo urlscan.io
SecurityTrails logo

nclembark.com Open in urlscan Pro
18.66.112.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://l.email.ncl.com/rts/go2.aspx?h=1690388&tp=i-1NGB-ED-RNt-49sLj4-1x-2rHDNn-1c-49ob5Y-l7DOGQNBb0-66ng&x=%7c50001165...
Effective URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRL...
Submission: On March 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 17 domains to perform 40 HTTP transactions. The main IP is 18.66.112.115, located in United States and belongs to AMAZON-02, US. The main domain is nclembark.com.
TLS certificate: Issued by Amazon on September 26th 2021. Valid for: a year.
This is the only time nclembark.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 173.213.4.192 53316 (ASN-CHEET...)
1 18.66.112.115 16509 (AMAZON-02)
5 104.75.88.194 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.109 54113 (FASTLY)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 52.219.105.90 16509 (AMAZON-02)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 95.100.153.128 20940 (AKAMAI-ASN1)
5 2.16.186.211 20940 (AKAMAI-ASN1)
2 3.248.112.100 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 52.210.75.127 16509 (AMAZON-02)
2 15.236.176.210 16509 (AMAZON-02)
1 1 54.154.165.122 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
40 19
1    173.213.4.192 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
l.email.ncl.com
1    18.66.112.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-115.fra56.r.cloudfront.net
nclembark.com
5    104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
extend.vimeocdn.com
5    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
p.typekit.net
2    52.219.105.90 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
vapor-us-east-2-assets-1603416105.s3.us-east-2.amazonaws.com
embark-ncl-storage.s3.us-east-2.amazonaws.com
3    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    95.100.153.128 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-128.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
5    2.16.186.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-211.deploy.static.akamaitechnologies.com
api.livechatinc.com
secure.livechatinc.com
accounts.livechatinc.com
2    3.248.112.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-112-100.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.210.75.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-75-127.eu-west-1.compute.amazonaws.com
nclbahamasltd.demdex.net
2    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
norwegiancruiseline.112.2o7.net
1    54.154.165.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-165-122.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 6026
api.livechatinc.com — Cisco Umbrella Rank: 5201
secure.livechatinc.com — Cisco Umbrella Rank: 6267
accounts.livechatinc.com — Cisco Umbrella Rank: 7185
278 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 427
p.typekit.net — Cisco Umbrella Rank: 527
138 KB
5 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 918
62 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
134 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
nclbahamasltd.demdex.net
5 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 821
15 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 2o7.net
norwegiancruiseline.112.2o7.net — Cisco Umbrella Rank: 147601
534 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
501 B
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 251
fonts.googleapis.com — Cisco Umbrella Rank: 35
32 KB
2 amazonaws.com
vapor-us-east-2-assets-1603416105.s3.us-east-2.amazonaws.com
embark-ncl-storage.s3.us-east-2.amazonaws.com
508 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 878
517 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
345 B
1 vimeocdn.com
extend.vimeocdn.com — Cisco Umbrella Rank: 8647
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
65 KB
1 nclembark.com
nclembark.com
22 KB
1 ncl.com
l.email.ncl.com — Cisco Umbrella Rank: 336435
728 B
40 17
Domain Requested by
5 tags.tiqcdn.com nclembark.com
tags.tiqcdn.com
4 cdn.livechatinc.com nclembark.com
secure.livechatinc.com
4 use.typekit.net nclembark.com
use.typekit.net
3 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
3 api.livechatinc.com cdn.livechatinc.com
3 unpkg.com 2 redirects nclembark.com
2 fonts.gstatic.com fonts.googleapis.com
2 norwegiancruiseline.112.2o7.net tags.tiqcdn.com
nclembark.com
2 www.facebook.com nclembark.com
2 dpm.demdex.net tags.tiqcdn.com
nclembark.com
1 accounts.livechatinc.com cdn.livechatinc.com
1 fonts.googleapis.com secure.livechatinc.com
1 secure.livechatinc.com cdn.livechatinc.com
1 cm.everesttech.net 1 redirects
1 nclbahamasltd.demdex.net tags.tiqcdn.com
1 www.google-analytics.com www.googletagmanager.com
1 p.typekit.net use.typekit.net
1 ajax.googleapis.com tags.tiqcdn.com
1 embark-ncl-storage.s3.us-east-2.amazonaws.com nclembark.com
1 vapor-us-east-2-assets-1603416105.s3.us-east-2.amazonaws.com nclembark.com
1 extend.vimeocdn.com nclembark.com
1 www.googletagmanager.com nclembark.com
1 nclembark.com
1 l.email.ncl.com 1 redirects
40 24

This site contains no links.

Subject Issuer Validity Valid
nclembark.com
Amazon		 2021-09-26 -
2022-10-24		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-18 -
2022-06-19		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
*.s3.us-east-2.amazonaws.com
Amazon		 2021-12-17 -
2022-12-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
livechat.com
DigiCert ECC Secure Server CA		 2022-02-25 -
2023-03-01		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-10 -
2022-03-10		 3 months crt.sh
*.112.2o7.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-14 -
2022-04-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Frame ID: 3629AA8EB79F1D578FA4C5BB0BEBD3B2
Requests: 32 HTTP requests in this frame

Frame: https://nclbahamasltd.demdex.net/dest5.html?d_nsid=0
Frame ID: 64C7C26C0C9DF4EAA72B578F9139C8CE
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=11929941&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: B42670749A8CD50E168BC02C4A8D7ED9
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NCL Embark

Page URL History Show full URLs

  1. http://l.email.ncl.com/rts/go2.aspx?h=1690388&tp=i-1NGB-ED-RNt-49sLj4-1x-2rHDNn-1c-49ob5Y-l7DOGQNBb... HTTP 302
    https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im... Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+
Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

95 %
HTTPS

45 %
IPv6

17
Domains

24
Subdomains

19
IPs

4
Countries

1299 kB
Transfer

2623 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://l.email.ncl.com/rts/go2.aspx?h=1690388&tp=i-1NGB-ED-RNt-49sLj4-1x-2rHDNn-1c-49ob5Y-l7DOGQNBb0-66ng&x=%7c5000116591834%7c5000116591834 HTTP 302
    https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://unpkg.com/alpinejs HTTP 302
  • https://unpkg.com/alpinejs@3.9.1 HTTP 302
  • https://unpkg.com/alpinejs@3.9.1/dist/cdn.min.js
Request Chain 27
  • https://cm.everesttech.net/cm/dd?d_uuid=62780454056568587822957772755028800481 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiCodgAAAJ9IogQD

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request register
nclembark.com/
Redirect Chain
  • http://l.email.ncl.com/rts/go2.aspx?h=1690388&tp=i-1NGB-ED-RNt-49sLj4-1x-2rHDNn-1c-49ob5Y-l7DOGQNBb0-66ng&x=%7c5000116591834%7c5000116591834
  • https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
20 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-115.fra56.r.cloudfront.net
Software
/
Resource Hash
58b09a8df07bba8ddaff4f5587c222c2fdb720640edf16cd0103f49f87d0a3ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
content-length
20226
date
Thu, 03 Mar 2022 11:37:25 GMT
x-amzn-requestid
33e53d2d-a2cf-45cf-bab0-8d0b5b979e93
x-amz-apigw-id
OZ9CaGqICYcF3wg=
cache-control
no-cache, private
x-amzn-trace-id
Root=1-6220a875-661cb8ff3ab39df2084f6c0b;Sampled=0
x-amzn-remapped-date
Thu, 03 Mar 2022 11:37:25 GMT
x-cache
Miss from cloudfront
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
9Kaf8F6gn5rzMHPu2c9nBUiQA4E3okcatBItMuT3d_kYBFBUFmagPA==

Redirect headers

Cache-Control
private
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Location
https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Server
X-Powered-By
Date
Thu, 03 Mar 2022 11:37:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
utag.sync.js
tags.tiqcdn.com/utag/ncl/microsites/prod/ 		334 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.sync.js
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0106f72bdaf294a5415b9f1a910f4292f063db1076b10886f223f6d3dde8ac32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:25 GMT
last-modified
Thu, 15 Apr 2021 14:18:23 GMT
server
AkamaiNetStorage
etag
"9e83eeaf66508169b21b19143d342a84:1618496303.592666"
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
334
expires
Thu, 03 Mar 2022 11:42:25 GMT
js
www.googletagmanager.com/gtag/ 		175 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BBKFW2SBSP
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d91d85643c967309fcf3b3ef0dfa24ba48f3c1e86c7bcbbca4c068dc0d84b0d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:25 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65625
x-xss-protection
0
expires
Thu, 03 Mar 2022 11:37:25 GMT
23275940.js
extend.vimeocdn.com/ga/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extend.vimeocdn.com/ga/23275940.js
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:25 GMT
content-encoding
gzip
age
1339601
x-cache
HIT
x-cache-hits
3117
content-length
5692
x-served-by
cache-hhn4050-HHN
x-vimeo-dc
ge
last-modified
Tue, 15 Feb 2022 22:05:40 GMT
server
Apache
x-timer
S1646307446.951348,VS0,VE0
etag
"43e3-5d815bbc95500-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=86400
x-bapp-server
assets-v8131-xzpk7
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Feb 2032 23:30:44 GMT
amz2ava.css
use.typekit.net/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/amz2ava.css
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e567c23d77008a173c79c4c232885d9849c800718118e1011260024273f38e61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 03 Mar 2022 11:37:25 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1110
app.css
vapor-us-east-2-assets-1603416105.s3.us-east-2.amazonaws.com/504525b2-ac2f-438e-83fc-609a8a651764/css/ 		42 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vapor-us-east-2-assets-1603416105.s3.us-east-2.amazonaws.com/504525b2-ac2f-438e-83fc-609a8a651764/css/app.css
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.105.90 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
72f6a26b148fa4ae45233f3560c01c82f35756cd069fa8b2ea27ca8273d345c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:37:27 GMT
Last-Modified
Wed, 02 Mar 2022 21:46:54 GMT
Server
AmazonS3
x-amz-request-id
15S8W7SCHQWZ02D2
ETag
"f19f142f2ef965a9e4846aa5ea986f4e"
Content-Type
text/css
Cache-Control
public, max-age=2628000
Accept-Ranges
bytes
Content-Length
43244
x-amz-id-2
xVM7CbX8KApMC25NSXfx8N0JftiPOofg/VfzaL3mwVvkz3KTAMcFhj3FUariDQxwvEl8GP5yeG0=
Expires
Sat, 02 Apr 2022 21:46:51 GMT
cdn.min.js
unpkg.com/alpinejs@3.9.1/dist/
Redirect Chain
  • https://unpkg.com/alpinejs
  • https://unpkg.com/alpinejs@3.9.1
  • https://unpkg.com/alpinejs@3.9.1/dist/cdn.min.js
38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/alpinejs@3.9.1/dist/cdn.min.js
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d1cbc4be2dd471fadcbbf8a85b5ac5aefb8ff7119b4b86e72c64932c9e34681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:26 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
69318
fly-request-id
01FX5Q0P9BA48ACYH27EPH0G31-cdg
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"9659-XsLG1d1m82MiD7zigvdCLnfpolQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6e621481fdee83b4-MXP

Redirect headers

date
Thu, 03 Mar 2022 11:37:26 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FX5QC54BDFQZ543N4FC1AMZW-cdg
server
cloudflare
age
68999
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/alpinejs@3.9.1/dist/cdn.min.js
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e621481acf783b4-MXP
access-control-allow-origin
*
9b6674bf-4204-4f9e-8548-8d52048ba2b4
embark-ncl-storage.s3.us-east-2.amazonaws.com/ 		465 KB
465 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embark-ncl-storage.s3.us-east-2.amazonaws.com/9b6674bf-4204-4f9e-8548-8d52048ba2b4?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENv%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMiJHMEUCIQCL4Vm9OwjBrjILQIBj8l9rSMlRKEjtjcJSXJxXnT0PjAIgfcoc87voiu%2Bq%2BA2idIW98%2FOFE3c9T3l43faXIM7XMRwqoAIIRBAAGgwxNzMxODQ3Mzc3MzYiDOYSjFQAb56rqacO8Sr9AYh%2B8UtgpjvJ7Q3DB9%2F8KlxpwkeysqOJaBB3fm%2FtCQApoA801KQ0qMtEQOJsxb7nQN46DjFc9Uj5t65mw%2B64OaSh5fy6iAOrdn%2BVyOzBs1GMJj7sw3PGoeGecEqzZO3EEEzeQvbVVyozga1%2FtRn0I%2BHuo%2BFICZEyyFRO3fISqW0ZkLSacw76sM3cQ2T1ydSasT6VzFmHJVoc4yt6Jo4d82sKfwAURWAnitoWVvrIJn75%2FjHNdB68FrS01cAaaN7QnT25KNsCmL9Wj5PZghdHazLpA7zZYZiKYi9Z5idzceU51lqHYfeWlylReBpCjDAFSC38cdVdaRnZO25JZQgwibiCkQY6mgG9iCUjvm87TMqB8IDFj42agyMROdvRBpB2a8AKvETD5narlsLazL8Ne7nM94M4LcZi%2B9hXeV7dA8Y%2BfgB7x1eMfN91xEr%2FXwVwLITjuDa3sDKXOkO43FVvtUs5aUpPedT3fZlMHc0poqe32sdun3zTAuphj25Fj9mlcD0vKmQUhdehPlo%2BnhJEVwrwJl5uwDEHSxHXMNeJNbLr&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIASQUU5MHEANQWY7BI%2F20220303%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20220303T113725Z&X-Amz-SignedHeaders=host&X-Amz-Expires=10800&X-Amz-Signature=19e101e29c610e7acf2e3a6f68680af656bf282cf4a8990cd05f9a8f69b988c3
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.105.90 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5cb4dfd57ec46a769e1f4d87b838dbe2212d8bc8db800db1bf32488c3a65903c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:37:27 GMT
Last-Modified
Mon, 21 Feb 2022 20:54:58 GMT
Server
AmazonS3
x-amz-request-id
15S322QY5FNMXBHD
ETag
"f24d0dc2bb0a9c35fdb5ed67b40fef87"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
476017
x-amz-id-2
afDqT9HbWKnghCPONvesRoUNolEIEHYrlCVb1SkMUBoA1dD4cSrnu1+E2K3kD6w01uLvvP3I7ug=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 07:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Feb 2023 07:41:57 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=amz2ava&ht=tk&f=10879.10881.10882.10884.10885.10886.15357.15358.15361.15362.32874.32875&a=87371341&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/amz2ava.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:25 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
collect
www.google-analytics.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BBKFW2SBSP&gtm=2oe2s0&_p=209568081&_z=ccd.B&cid=1409412940.1646307446&ul=en-us&sr=1600x1200&_s=1&sid=1646307445&sct=1&seg=0&dl=https%3A%2F%2Fnclembark.com%2Fregister%3Fcheetahid%3D5000116591834%26mi_u%3D5000116591834%26cid%3DEM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222&dt=NCL%20Embark&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BBKFW2SBSP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:37:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nclembark.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utag.js
tags.tiqcdn.com/utag/ncl/microsites/prod/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
190a74d18f06b7091354d8ce9cf972ea32152df760c97dc05bc7f79efb7356e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:26 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 14:18:23 GMT
server
AkamaiNetStorage
etag
"d88ca6360fb9bfbc217020a32d8499f0:1618496302.838173"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
31310
expires
Thu, 03 Mar 2022 11:42:26 GMT
tracking.js
cdn.livechatinc.com/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-128.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7534ed949b5928687e292242c7603cfff009f7f5179b684e25a5571f5616f38f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
ELx5oSu9CWH.CN_2s5WUcqlBhncrb3XU
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:33:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"18b289baccb8ab97994aeb2fb8f3a5fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
date
Thu, 03 Mar 2022 11:37:26 GMT
content-length
24110
x-amz-cf-id
4LBLsJlCMi1xWPkP8wEr2Td7cGcCCQRcfbUZ8FrcVgnDZkBZ_R_liQ==
expires
Thu, 03 Mar 2022 19:37:26 GMT
truncated
/ 		185 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92c2683be6b442107242edb6de07ac4c349abdbee834ef7c46af6ec7d46c2eb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9b05f3/000000000000000000013365/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/amz2ava.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
96b67419d2538b42413797739000601d5884a81872b8346559c04770100a29fb

Request headers

Referer
https://use.typekit.net/amz2ava.css
Origin
https://nclembark.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:26 GMT
server
nginx
etag
"22520917f01d8d34c0dcc1417c749962b8a47011"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
51524
l
use.typekit.net/af/2cd6bf/00000000000000000001008f/27/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2cd6bf/00000000000000000001008f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/amz2ava.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bd59eac0ddf71e5dd30101747cea1d55544339bd310c68a86aa133877f385213

Request headers

Referer
https://use.typekit.net/amz2ava.css
Origin
https://nclembark.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:26 GMT
server
nginx
etag
"dd5b169fb4bedb60e8626027fdc93f0b1be2f4fb"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47184
l
use.typekit.net/af/309dfe/000000000000000000010091/27/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/309dfe/000000000000000000010091/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/amz2ava.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d76f8e42213513ab33c721c98a652b012ee11ff86efc7661ca19a344c4c117a8

Request headers

Referer
https://use.typekit.net/amz2ava.css
Origin
https://nclembark.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:26 GMT
server
nginx
etag
"78f589bb61056c7dc2c42601e2fd59aa96941141"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
40404
get_dynamic_configuration
api.livechatinc.com/v3.3/customer/action/ 		250 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=11929941&url=https%3A%2F%2Fnclembark.com%2Fregister%3Fcheetahid%3D5000116591834%26mi_u%3D5000116591834%26cid%3DEM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222&channel_type=code&jsonp=__eb5mzheisj4
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
13bfa8d52c9a33725e17a6f06a2d8c24966219452063c03a1953a1647a5324aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://nclembark.com/;
X-Frame-Options allow-from https://nclembark.com/

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://nclembark.com/;
vary
Accept-Encoding
x-frame-options
allow-from https://nclembark.com/
date
Thu, 03 Mar 2022 11:37:26 GMT
content-length
250
legacy
2023-06-30
content-type
application/javascript; charset=UTF-8
id
dpm.demdex.net/ 		372 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8DD367C25245AFCC0A490D4C%40AdobeOrg&d_nsid=0&ts=1646307446556
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.112.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-112-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f58d5ae4d6c1b43a91393fd57b24fe08e70459fd280331c222eb676e8a6b26e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nclembark.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v028-05ccb54ed.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
IlBdF1mCStA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://nclembark.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
315
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.1.js
tags.tiqcdn.com/utag/ncl/microsites/prod/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.1.js?utv=ut4.46.202012112021
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1b44e747fb5f85c798e798d063cb575a58cc0e27cdd45c2e836fd0cc4f3ff9a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:26 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 20:22:01 GMT
server
AkamaiNetStorage
etag
"c2cacdb23002a94b78791ccbfaa8161d:1607718121.558707"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
24034
expires
Fri, 18 Mar 2022 11:37:26 GMT
utag.4.js
tags.tiqcdn.com/utag/ncl/microsites/prod/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.4.js?utv=ut4.46.202104151418
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9a47f5484e2124b3d05fd27480465367c4a44b9e00e4929392350e97eb948c93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:26 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 14:18:24 GMT
server
AkamaiNetStorage
etag
"50009363aaf68f8932d6d79658c74968:1618496304.103305"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
6978
expires
Fri, 18 Mar 2022 11:37:26 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26291
x-xss-protection
0
pragma
public
x-fb-debug
I/op4YO7iUQ2JeW25nPQyNWh9As0y1INZdRm7rLjDKubXOJ6EFiCwtjZkseAFRm61v7RCo6OiNjMYDbfWF/54w==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 03 Mar 2022 11:37:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ncl/microsites/202104151418&cb=1646307446595
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:26 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 03 Mar 2022 11:47:26 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.55
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
fPYnoly636yPfVbHl8lLHT4XyVL6ZeqwgdnC/8HRtebVnFkBjT4kQOOWW2jntbaaJDDjdweXoYSlg86iqRbBpA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Thu, 03 Mar 2022 11:37:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
798296406850522
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/798296406850522?v=2.9.55&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e6ab03b7a44d6576343155dde4b662a342f15d94863262101ee3bb232c097eb9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89122
x-xss-protection
0
pragma
public
x-fb-debug
qvjjDlWAfmWGohTDhGiJUEN892T4QopvzsnIBBFw3a8kkmrwAyvesyb1uwjWgvkW0c8acBPUT7tTz0CBbK8dTA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 03 Mar 2022 11:37:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=798296406850522&ev=PageView&dl=https%3A%2F%2Fnclembark.com%2Fregister%3Fcheetahid%3D5000116591834%26mi_u%3D5000116591834%26cid%3DEM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222&rl=&if=false&ts=1646307446678&sw=1600&sh=1200&v=2.9.55&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1646307446677.186259012&it=1646307446643&coo=false&eid=fc4fe665ef866a2577aaf6ced781cd0d&tm=1&exp=p1&rqm=GET
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 03 Mar 2022 11:37:26 GMT
dest5.html
nclbahamasltd.demdex.net/ Frame 64C7 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nclbahamasltd.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.75.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-75-127.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Thu, 3 Mar 2022 11:37:26 GMT
DCS
dcs-prod-irl1-1-v028-0fab1bb0b.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 14 Feb 2022 15:44:39 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
h4g9FkqlRWI=
Content-Length
2791
Connection
keep-alive
id
norwegiancruiseline.112.2o7.net/ 		2 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://norwegiancruiseline.112.2o7.net/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=8DD367C25245AFCC0A490D4C%40AdobeOrg&mid=67620739677450553372592861571658975510&ts=1646307446699
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ncl/microsites/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nclembark.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 03 Mar 2022 11:37:26 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-cdfbd77b-kfcxt
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://nclembark.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YiCodgAAAJ9IogQD
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=62780454056568587822957772755028800481
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiCodgAAAJ9IogQD
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiCodgAAAJ9IogQD
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
HTTP/1.1
Server
3.248.112.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-112-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v028-086712121.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
had2o1o7Sww=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiCodgAAAJ9IogQD
Date
Thu, 03 Mar 2022 11:37:26 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s52839720445594
norwegiancruiseline.112.2o7.net/b/ss/nclmicrosites/1/JS-2.22.0/ 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://norwegiancruiseline.112.2o7.net/b/ss/nclmicrosites/1/JS-2.22.0/s52839720445594?AQB=1&ndh=1&pf=1&t=3%2F2%2F2022%2011%3A37%3A26%204%200&sdid=7B18194BFDB36804-0244CE8399037B0B&mid=67620739677450553372592861571658975510&aamlh=6&ce=UTF-8&ns=norwegiancruiseline&pageName=nclembark.com%3Aregister&g=https%3A%2F%2Fnclembark.com%2Fregister%3Fcheetahid%3D5000116591834%26mi_u%3D5000116591834%26cid%3DEM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222&cc=USD&v0=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c5=nclembark.com%3Aregister&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8DD367C25245AFCC0A490D4C%40AdobeOrg&AQE=1
Requested by
Host: nclembark.com
URL: https://nclembark.com/register?cheetahid=5000116591834&mi_u=5000116591834&cid=EM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:26 GMT
x-content-type-options
nosniff
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 04 Mar 2022 11:37:26 GMT
server
jag
xserver
anedge-cdfbd77b-nvch6
etag
3535418320215998464-4619703503164218910
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 02 Mar 2022 11:37:26 GMT
get_configuration
api.livechatinc.com/v3.3/customer/action/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=11929941&version=988.10.10.13986.718.711.354.14.4.112.3.21&group_id=0&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60e53507dc1abbca1fea04a766bb1ccd3ea486b79bf93412160c7ba58e5fdf69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2023-06-30
cache-control
public, max-age=600
content-length
2414
expires
Thu, 03 Mar 2022 11:47:27 GMT
open_chat
secure.livechatinc.com/customer/action/ Frame B426 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=11929941&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f293794d52ad1a479950bfdc1ec13660f2fbaee148f4c2ba36f733c67a54a373

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-length
1988
date
Thu, 03 Mar 2022 11:37:27 GMT
get_localization
api.livechatinc.com/v3.3/customer/action/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=11929941&version=ff93808ef52c6dd040640c4853b854bd_111e8cbbb714e057fb1c212a12e78ac8&language=en&group_id=0&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
818b022908dc6ed13289b40677f557cdbd52357b0c0f02fb0cd6d2a3ec2475b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2023-06-30
cache-control
public, max-age=600
content-length
3778
expires
Thu, 03 Mar 2022 11:47:27 GMT
css
fonts.googleapis.com/ Frame B426 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11929941&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c1be81fbe2afbd7df1a0df3c9c998a4e845d1b3f07629e857cf169681ad0319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 10:08:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 03 Mar 2022 11:37:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Mar 2022 11:37:27 GMT
0.36c42c4b.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame B426 		208 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/0.36c42c4b.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11929941&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-128.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6c08dc28c655949f816441b465ecb156fac93a543042415f3b6a487c021c1ffc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Nf2fV66IGfHFxld4hzxiEWQVzxaZ9Uu4
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 12:17:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"712a17271977e14144e02b4e84b9ece7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Thu, 03 Mar 2022 11:37:27 GMT
content-length
69047
x-amz-cf-id
5Qm6kC6Oztk9MIzGxCPK1RO0S4l4YwLSmF4bZfLKTERPb31adVD3LA==
expires
Fri, 03 Mar 2023 11:37:27 GMT
2.3480718e.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame B426 		218 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/2.3480718e.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11929941&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-128.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b85d9aa8aad0cbdcf184642b60c3f84a52d51643b5b1ae68529c9be18b8f5323

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
diOv77Ym.MrPn1tqdLQsOGcwVt6jq1mD
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 12:18:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"3dae6a43c979fd2000fbd3ae8a2981b7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Thu, 03 Mar 2022 11:37:27 GMT
content-length
67970
x-amz-cf-id
94xAQDTroW3rKB6XM32o4SGy-ITqej5D-yRsN728KSR2GZDXE5tPjg==
expires
Fri, 03 Mar 2023 11:37:27 GMT
iframe.49a6d146.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame B426 		406 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/iframe.49a6d146.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11929941&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-128.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5845dbda3f279180c0467c877f292caf9e8b247261e981a0fabd0cb23c3113dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
9VynjZ.ZXYN50zAqGxaqX1INMm.xBSNH
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:33:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"08f7e7954f00f7bf0cbd1760ad1fb7d9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Thu, 03 Mar 2022 11:37:27 GMT
content-length
111477
x-amz-cf-id
h51iivINJn8XiphYxJ7Pg6pPCnAmqZVyEABiZTWfbn6y9ccKjl1-KQ==
expires
Fri, 03 Mar 2023 11:37:27 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v25/ Frame B426 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v25/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.livechatinc.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 19:31:29 GMT
x-content-type-options
nosniff
age
57958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16088
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Mar 2023 19:31:29 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v25/ Frame B426 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v25/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.livechatinc.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 19:31:29 GMT
x-content-type-options
nosniff
age
57958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16168
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Mar 2023 19:31:29 GMT
token
accounts.livechatinc.com/customer/ Frame B426 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.livechatinc.com/customer/token
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.36c42c4b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
754babd93547889befcdada43cb45f9658c93fbbc8b44f2a288650a63290b7e9

Request headers

Referer
https://secure.livechatinc.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:37:27 GMT
content-type
application/json
access-control-allow-origin
https://secure.livechatinc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
138
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=798296406850522&ev=Microdata&dl=https%3A%2F%2Fnclembark.com%2Fregister%3Fcheetahid%3D5000116591834%26mi_u%3D5000116591834%26cid%3DEM_MKD_NA_PRO_EML_im1_EML_FDRLIVE22_FDRLIVE030222&rl=&if=false&ts=1646307448182&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NCL%20Embark%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.55&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1646307446677.186259012&it=1646307446643&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nclembark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:37:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Thu, 03 Mar 2022 11:37:28 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored object| jquery function| gtag object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data object| gaGlobal object| utag_data object| __lc object| LiveChatWidget object| Vimeo function| __vimeoRefresh object| Alpine function| onYouTubeIframeAPIReady boolean| __lc_inited object| LC_API boolean| utag_condload object| utag function| e boolean| __tealium_twc_switch object| adobe function| Visitor object| s_c_il number| s_c_in function| fbq function| _fbq object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap number| s_objectID number| s_giq object| s_i_nclmicrosites

20 Cookies

Domain/Path Name / Value
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: 2d44c471-0824-4911-674d-04c1f4c165a5
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: 0b94410cf79f9b50b8c1b7eb56b34ae4c9b5daed9f74188663a7613a22f7f79fae57dcdffc4b30ef91d9a0622213e9fe0d26fa6ebacd00ac99c0e8bb9bdd
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: 2d44c471-0824-4911-674d-04c1f4c165a5
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: 0b94410cf79f9b50b8c1b7eb56b34ae4c9b5daed9f74188663a7613a22f7f79fae57dcdffc4b30ef91d9a0622213e9fe0d26fa6ebacd00ac99c0e8bb9bdd
l.email.ncl.com/ Name: ASP.NET_SessionId
Value: htvrbfpgqkc53ixb1rmtljrx
l.email.ncl.com/ Name: BIGipServercnv_ats_pool
Value: !PejVuOSE4bH4mbyoFVQbWBKi/4Lz4qtA5OtyqQv6miggR7cGoDFOd1kRZ0l/CXSOpyc0Rm4UVIqUeiQ=
nclembark.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlVlbzdVZWpQSm8wS1VLR0dzWGduaVE9PSIsInZhbHVlIjoiSzMwR3F6YzdoVUhDTTYwUU10SFZ4dEVwT3drSHNzTENRd0F5alh2cHdhUmZHRmxFaFhIVU1kZ09jdXdHd2hmYjNlTGFrWGV0cVBkN1lDNSs1bjB1ckhYcjJ3R1Y1ZVc1Rksrd1FhaEpwV1hodTV6QlFjMU8vT3NCS2pDeGp5UkwiLCJtYWMiOiIyNDNmMzdkZDEzNjQ2MGIyODczZTQ0NThmYjZlZTk3OWI5MDQ3ZDhlZjE3ZmY1ODA1MjUxZmQxN2JkNDRiNjM1IiwidGFnIjoiIn0%3D
nclembark.com/ Name: ncl_embark_session
Value: eyJpdiI6InZPOGVEd0syalZNbEt5MENNK2RjS2c9PSIsInZhbHVlIjoiVCt3clM0YmNoQWNEY0tCT1dkSWZVc0tGMUlXcHlDeTV4bUNXZ1NpYU9KZDVMMzlrY29kaVZmZFplSUM4eS9PemlXV2ZsVnBqamEvVEkrYTU2bkhhMHhrY2owcFVYTHRSdlZkanFJdWZlZ0pqWHhCempvNzExOWljQVBEa3lKNWEiLCJtYWMiOiI2NTdmYzQ5YTBkMTBiZDAwYWU4MjliNjdlZGQzMTgyNjBhZWZjY2RkMWJlMDYzZWU4NDliNGYwNjdlZGE4YzQzIiwidGFnIjoiIn0%3D
nclembark.com/ Name: veuGmzv8HWozlCIhCUpprs81Z6vBMqdIE8CBGhBw
Value: eyJpdiI6InpkcmtnU0pYYjNLRVFmZC9NSjhyMVE9PSIsInZhbHVlIjoiVGRLcXZUQWFhSGhRczZhZmd3VnYxaUUxMDgyLzVtaDdPSkNrWUFLekQ5c2RoSE9IeHJOdVBrcjNJWHpFRCt2NzlmM0JUdU1xdWVxVU8vOUhURWdUazk0eWJDUFBoc3EwS2FOQkVEaDBUalo0VHV6ZXVGTjFOekozRmd6Rnc2Yitlc1pKQkh4RHRPelpvKzZ1Wmh3Zmo3SndTSkZVUkt1aTBHa0NteGtwbVJaV0kvcTlwMWtobzRIZG00eGFDYmhNc0JlbTl1ZytRZGlEOTA3UnlGQ2huaVFJODRDRkZCLzRsMjB3RHlOQ2NIcWhXK2RyWHJUZWZIMGZxYUJMVHFmcm8xTHlpVFowUEg2M3EzNW5Kc3ZnZkxGRHV0WWo3OGFJTU1YYi83VnlTNzZ3YlNoTGkwdmdjYTR6YU5yZEJnbXh2Z3hhakoyczZKVXlQcGxYdDdTYlBaTTBBNHE0dDdlMVFJSVZtKzhxQ004eWtIb1JNdGZPczJZVzJQbWs1SEJMSmFWL2lNSW4yRGtZRnRDaDJkeXcxaVErWDlUTG8yamVjeGFzZ3RqS3JqUGphTDU1by9mNkducmRhSytWVktxQWVSMVZGaUFxVjZTaXJ4bnZkbERkUzBRbkNjYTBFdUJXdjdEK3J1K2tMZHB4blhWbkRGbW16TmxYY0NsY2VLS3EiLCJtYWMiOiI3ZTVmNDhmNjEwZjEwNTNiZmU1ZTY1YTliZTA3MTU4MmQzYjA1OTgwMGU0ZDc4YmI0NjY2MmE2YjA4NmEzYjM1IiwidGFnIjoiIn0%3D
.nclembark.com/ Name: _ga
Value: GA1.1.1409412940.1646307446
.nclembark.com/ Name: utag_main
Value: v_id:017f4f920f14001ad4d6c74cd33b03072007f06a00b08$_sn:1$_se:1$_ss:1$_st:1646309246549$ses_id:1646307446549%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:nclembark.com
.nclembark.com/ Name: _fbp
Value: fb.1.1646307446677.186259012
.demdex.net/ Name: demdex
Value: 62780454056568587822957772755028800481
.nclembark.com/ Name: AMCVS_8DD367C25245AFCC0A490D4C%40AdobeOrg
Value: 1
.facebook.com/ Name: fr
Value: 0JR3okWmDOwLrCo48..BiIKh2...1.0.BiIKh2.
.nclembark.com/ Name: s_cc
Value: true
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YiCodgAAAJ9IogQD
.dpm.demdex.net/ Name: dpm
Value: 62780454056568587822957772755028800481
.nclembark.com/ Name: AMCV_8DD367C25245AFCC0A490D4C%40AdobeOrg
Value: 359503849%7CMCIDTS%7C19055%7CMCMID%7C67620739677450553372592861571658975510%7CMCAAMLH-1646912246%7C6%7CMCAAMB-1646912246%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1646314646s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19062%7CvVersion%7C5.0.1
.nclembark.com/ Name: _ga_BBKFW2SBSP
Value: GS1.1.1646307445.1.0.1646307447.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
ajax.googleapis.com
api.livechatinc.com
cdn.livechatinc.com
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
embark-ncl-storage.s3.us-east-2.amazonaws.com
extend.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
l.email.ncl.com
nclbahamasltd.demdex.net
nclembark.com
norwegiancruiseline.112.2o7.net
p.typekit.net
secure.livechatinc.com
tags.tiqcdn.com
unpkg.com
use.typekit.net
vapor-us-east-2-assets-1603416105.s3.us-east-2.amazonaws.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.75.88.194
15.236.176.210
151.101.114.109
173.213.4.192
18.66.112.115
2.16.186.211
2606:4700::6810:7baf
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:828::200a
2a02:26f0:6c00::210:ba0a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.248.112.100
52.210.75.127
52.219.105.90
54.154.165.122
95.100.153.128
0106f72bdaf294a5415b9f1a910f4292f063db1076b10886f223f6d3dde8ac32
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13bfa8d52c9a33725e17a6f06a2d8c24966219452063c03a1953a1647a5324aa
190a74d18f06b7091354d8ce9cf972ea32152df760c97dc05bc7f79efb7356e8
1b44e747fb5f85c798e798d063cb575a58cc0e27cdd45c2e836fd0cc4f3ff9a4
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385
3d1cbc4be2dd471fadcbbf8a85b5ac5aefb8ff7119b4b86e72c64932c9e34681
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5845dbda3f279180c0467c877f292caf9e8b247261e981a0fabd0cb23c3113dd
58b09a8df07bba8ddaff4f5587c222c2fdb720640edf16cd0103f49f87d0a3ab
5cb4dfd57ec46a769e1f4d87b838dbe2212d8bc8db800db1bf32488c3a65903c
60e53507dc1abbca1fea04a766bb1ccd3ea486b79bf93412160c7ba58e5fdf69
6c08dc28c655949f816441b465ecb156fac93a543042415f3b6a487c021c1ffc
71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce
72f6a26b148fa4ae45233f3560c01c82f35756cd069fa8b2ea27ca8273d345c9
7534ed949b5928687e292242c7603cfff009f7f5179b684e25a5571f5616f38f
754babd93547889befcdada43cb45f9658c93fbbc8b44f2a288650a63290b7e9
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
818b022908dc6ed13289b40677f557cdbd52357b0c0f02fb0cd6d2a3ec2475b7
8c1be81fbe2afbd7df1a0df3c9c998a4e845d1b3f07629e857cf169681ad0319
92c2683be6b442107242edb6de07ac4c349abdbee834ef7c46af6ec7d46c2eb8
96b67419d2538b42413797739000601d5884a81872b8346559c04770100a29fb
9a47f5484e2124b3d05fd27480465367c4a44b9e00e4929392350e97eb948c93
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
b85d9aa8aad0cbdcf184642b60c3f84a52d51643b5b1ae68529c9be18b8f5323
bd59eac0ddf71e5dd30101747cea1d55544339bd310c68a86aa133877f385213
d76f8e42213513ab33c721c98a652b012ee11ff86efc7661ca19a344c4c117a8
d91d85643c967309fcf3b3ef0dfa24ba48f3c1e86c7bcbbca4c068dc0d84b0d8
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e567c23d77008a173c79c4c232885d9849c800718118e1011260024273f38e61
e6ab03b7a44d6576343155dde4b662a342f15d94863262101ee3bb232c097eb9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
f293794d52ad1a479950bfdc1ec13660f2fbaee148f4c2ba36f733c67a54a373
f58d5ae4d6c1b43a91393fd57b24fe08e70459fd280331c222eb676e8a6b26e9
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b