firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 19:43:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yeVYAdl16pd0hkbRX664UeCVcMcmVEw_fpvJBBjjkCICGu9kmX51EQ==
Age: 2281
www.ncl.com.mx/shorex/263143764/48876696/print-booked-items
104.110.2.164301 Moved Permanently 0 B URL HTTP/1.1 www.ncl.com.mx/shorex/263143764/48876696/print-booked-items
IP 104.110.2.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /shorex/263143764/48876696/print-booked-items HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.ncl.com.mx/shorex/263143764/48876696/print-booked-items
Date: Sat, 03 Sep 2022 20:21:12 GMT
Connection: keep-alive
Set-Cookie: optimizelyEndUserId=cc4d2417154f000038b71363aa02000017000000; expires=Thu, 02-Mar-2023 20:21:12 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:12 GMT; path=/; domain=.ncl.com.mx; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:12 GMT; path=/; domain=.ncl.com.mx; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:12 GMT; path=/; secure
AkaUTrackingID=91.90.42.154104.110.2.1641662236472Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/263143764/48876696/print-booked-itemsTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:12 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236472Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/263143764/48876696/print-booked-itemsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
_abck=B29F03CD046AFC3BEA07D9EC54F2D65E~-1~YAAQzE0kF9ioGO2CAQAAarUDBQjBHzEU0P8PcpDJpdd8LMVNQLxwt5fZJP7Tk5ChEM2/axJCPtUIrg2XHay+FBu01odYWWKtu5RzbtBLtY6V8fBIASFH/tJ9jLsleuP0IOKM2Cyj09sprdTYR1TJvSlKKAJmTnIv7SZy8xvlpWixV/rKm21Utc2TM9FbmPRbsWYmfkIGF/YGV7hmiGTq75XdPD0tuRXtGfgO6cK0HT3ZDX+NAo3YRAJ2sMxdldIWvLdPCMzFeWkatTeCZEql5linzpD1SgqZwUUNpkHgGQd+FcpC/7ilhmnsK8Q18LKspp8z8yA742lHehkWUIwz0c+Wb27c9LY=~-1~-1~-1; Domain=.ncl.com.mx; Path=/; Expires=Sun, 03 Sep 2023 20:21:12 GMT; Max-Age=31536000
bm_sz=ADF4BA95605F0BA083ABAD87D276279A~YAAQzE0kF9moGO2CAQAAarUDBRD0YWhXM9XVuOLfMTDuPzvlcKpTdNvUdXJ+YjEM61FKQUjtkCv0gsbobdhJaZ3baUKYdG5kge2pzeFnYUpb+swPH+Hjl2UFA9vSt/ReC3r5MCc2hf4VujTFX0sVoWFlfpcN+pVMevlxiX+AsZZs8QjOQap8QDoespIdMXPWJdw8qGxkbBHFXKtd7+WQiHHD6qW6WOoe+iC6ogqs2MAPLw8VKnJF7stcd7oOt4eQsYnWRex0XnLe/UjSwes3uqOGEN8oo4roIguLw88m1x+RNww=~3355971~3291186; Domain=.ncl.com.mx; Path=/; Expires=Sun, 04 Sep 2022 00:21:12 GMT; Max-Age=14400
Server-Timing: cdn-cache; desc=HIT, edge; dur=1
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4768
Expires: Sat, 03 Sep 2022 21:40:40 GMT
Date: Sat, 03 Sep 2022 20:21:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0gsSJP0jLPZNt4PtjNhV25JxZaR6Y4BNLneduwey3XcjIo0eUwUA_g==
age: 68755
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 20:21:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 03 Sep 2022 19:38:16 GMT
Cache-Control: max-age=3600
Expires: Sat, 03 Sep 2022 19:48:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZTmaUmAZPQE3G9ULwRwmo2FdExVgLBSfVwoaB5sLY2dqDF6vB4a3uQ==
Age: 2577
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fc12f0a98aa28ccb56e0b56d7e40ded
f7efcfb8b4f4aa40268bada3fec380820a70ee35
a34aa9b7db949a583c3f1b4d87fed415a11d119c9615b5e710c3125173f8a277
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1189
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:13 GMT
Last-Modified: Sat, 03 Sep 2022 20:01:24 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.154.169101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.154.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FlOwiQ/82Vd4zx9iblMiMQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: s8PHzGXaXXEoGyjBXrb+NO84/+Y=
www.ncl.com.mx/shorex/263143764/48876696/print-booked-items
104.110.2.164307 Temporary Redirect 0 B URL HTTP/2 www.ncl.com.mx/shorex/263143764/48876696/print-booked-items
IP 104.110.2.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /shorex/263143764/48876696/print-booked-items HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
location: https://www.ncl.com.mx/shorex/login
request-time: 1
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' *.motionpoint.com
content-length: 0
date: Sat, 03 Sep 2022 20:21:14 GMT
set-cookie: NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; expires=Sun, 04 Sep 2022 00:21:14 GMT; max-age=14400; path=/; secure; httponly
NCLUserData=; expires=Fri, 02 Sep 2022 20:21:14 GMT; max-age=-86400; path=/; httponly
NCLUserDataSignature=; expires=Fri, 02 Sep 2022 20:21:14 GMT; max-age=-86400; path=/; httponly
NCLUser=; expires=Fri, 02 Sep 2022 20:21:14 GMT; max-age=-86400; path=/; httponly
BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; path=/; secure; httponly
optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com.mx; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com.mx; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; secure
AkaUTrackingID=91.90.42.154104.110.2.1641662236473Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/263143764/48876696/print-booked-itemsTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236473Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/263143764/48876696/print-booked-itemsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
_abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kFzHnx/WCAQAA9roDBQhRdq2SpzciHvCukHesOss98VerI1+PilOGCHBY+9uI1EuMWUfkVo5kEgKUXfvzAkjeKi+3SJVSds1k7FPGtCGXhmD1W7IQdGkcgIJJdE5ISQUXgiXqKmt32qdFsnrD/uyA+4xycu2dLFnLBw0y7sjmurq2Di/KlDta+dZK4AxLiIxtRc1z+LmvU6T/WC0MpOI9EscqYy/2iqhER/haQtRy5YXP+y1HYFj7gY2ZCWgOTg5h3IDyPMjVs8RaD3g38eXZ/SC+LSdgLDy31JZfkNiDIWXNSUBMMK7kIjMilJn+h/OFzfcS+GVfC0VcZeQiHInClW3Zv2I6VmB+GpVHpFRU2W8KcVq/eIU=~-1~-1~-1; Domain=.ncl.com.mx; Path=/; Expires=Sun, 03 Sep 2023 20:21:14 GMT; Max-Age=31536000; Secure
bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; Domain=.ncl.com.mx; Path=/; Expires=Sun, 04 Sep 2022 00:21:13 GMT; Max-Age=14399
server-timing: cdn-cache; desc=MISS, edge; dur=590, origin; dur=49
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com.mx/shorex/login
104.110.2.164200 OK 5.7 kB URL HTTP/2 www.ncl.com.mx/shorex/login
IP 104.110.2.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4410)
Hash c370503f97ddd385ce2a20fee80ab4ad
2bd9d913564b66d579dcf9ebe23c708a8fd4d94a
d24947a3686770bbd90aad41cd2da6aeab490a9bd3a62a0f390db417af3032aa
GET /shorex/login HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kFzHnx/WCAQAA9roDBQhRdq2SpzciHvCukHesOss98VerI1+PilOGCHBY+9uI1EuMWUfkVo5kEgKUXfvzAkjeKi+3SJVSds1k7FPGtCGXhmD1W7IQdGkcgIJJdE5ISQUXgiXqKmt32qdFsnrD/uyA+4xycu2dLFnLBw0y7sjmurq2Di/KlDta+dZK4AxLiIxtRc1z+LmvU6T/WC0MpOI9EscqYy/2iqhER/haQtRy5YXP+y1HYFj7gY2ZCWgOTg5h3IDyPMjVs8RaD3g38eXZ/SC+LSdgLDy31JZfkNiDIWXNSUBMMK7kIjMilJn+h/OFzfcS+GVfC0VcZeQiHInClW3Zv2I6VmB+GpVHpFRU2W8KcVq/eIU=~-1~-1~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-security-policy: frame-ancestors 'self' *.motionpoint.com
x-akamai-transformed: 9 3340 0 pmb=mTOE,3mRUM,2
date: Sat, 03 Sep 2022 20:21:14 GMT
content-length: 5665
vary: Accept-Encoding
set-cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; SameSite=Lax; path=/; secure; httponly
optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/loginTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/loginTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kFz/nx/WCAQAAZ70DBRCdVOrnBBG0zO3WF5Mb1Z+6W0voAuHkH9EmKOmJ2Ji5VK2/0cje70XZfxaoUOL6bdLDce13LMNxDdSp2g42m9KgUMdr5ihG28rsLp2JyySiJ0gibpeMALIrEmA3xcWqahd1zEdi3GV1ZdvOKxB7RXj71dXega+KvuxVqVB07SLGjlcCTCn7fn1SbaZHBwGEBIR0m2RVl9KoD3Nk3snd9T8kfjxrTP6ZooDqu3L1aLphg4JnwiMgsgj6xwTPx2hHfz8sB65jdF35aqKjx3mVmVByrj1Sza4AUWqGCXa7ve0//+/UtDRsWBog9HG+7hCpXyHFc9VqXKvj+oKkflSawNo5+bIaQ+ypQ2hMGCWlkmUrKxv1ZsvR; Domain=.ncl.com.mx; Path=/; Expires=Sat, 03 Sep 2022 22:21:14 GMT; Max-Age=7200; HttpOnly
bm_mi=BBC8A71BDE848FD9D287DDF563528F8E~YAAQhU8kF0Dnx/WCAQAAZ70DBRC2d5Kd0qmyLcL24eMsYp4cerrUA2c6ZZmaWv96rrrW9jiNqPFHyGv9D1T8pAYRrRObsEOj3sxeP2NnI953TOZOUK9Fg+f1rYIY0NGc9fsFqVTc4q6trig8uObzWiqCBJooKWWBc4LPMKNrvWh+86V+8OA0r/+Ncbf4DrXC8IOMkUUu6qmwvHrSu9tv92QzdvLIrm8Dq1v3/2iudkaM4SqfVFR3qn5J8/N0pupR3yycXm0hmNMCOlzYMX60gI8JfK7XJiYOwOIUs8LtdrYi9OQ6YNAKuzPnq5Py4H5jDbqsE80sSavoQA==~1; Domain=.ncl.com.mx; Path=/; Expires=Sat, 03 Sep 2022 20:21:14 GMT; Max-Age=0; Secure
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=486
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com.mx/shorex/login/assets/javascript/ncl.login.resources.js?v=1661983172893
104.110.2.164200 OK 555 B URL HTTP/2 www.ncl.com.mx/shorex/login/assets/javascript/ncl.login.resources.js?v=1661983172893
IP 104.110.2.164:0
File type ASCII text, with very long lines (1125), with no line terminators
Hash f556ba5c7566d6b6348899820ed0e51a
eff43bdd1a9a88ffcb7e059d6e3f4a17bb9e8fb6
8cd88fc6f565d6346e169507a0bacf52323fd361b4bf990af4fbe9d22001635d
GET /shorex/login/assets/javascript/ncl.login.resources.js?v=1661983172893 HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kFzHnx/WCAQAA9roDBQhRdq2SpzciHvCukHesOss98VerI1+PilOGCHBY+9uI1EuMWUfkVo5kEgKUXfvzAkjeKi+3SJVSds1k7FPGtCGXhmD1W7IQdGkcgIJJdE5ISQUXgiXqKmt32qdFsnrD/uyA+4xycu2dLFnLBw0y7sjmurq2Di/KlDta+dZK4AxLiIxtRc1z+LmvU6T/WC0MpOI9EscqYy/2iqhER/haQtRy5YXP+y1HYFj7gY2ZCWgOTg5h3IDyPMjVs8RaD3g38eXZ/SC+LSdgLDy31JZfkNiDIWXNSUBMMK7kIjMilJn+h/OFzfcS+GVfC0VcZeQiHInClW3Zv2I6VmB+GpVHpFRU2W8KcVq/eIU=~-1~-1~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kFz/nx/WCAQAAZ70DBRCdVOrnBBG0zO3WF5Mb1Z+6W0voAuHkH9EmKOmJ2Ji5VK2/0cje70XZfxaoUOL6bdLDce13LMNxDdSp2g42m9KgUMdr5ihG28rsLp2JyySiJ0gibpeMALIrEmA3xcWqahd1zEdi3GV1ZdvOKxB7RXj71dXega+KvuxVqVB07SLGjlcCTCn7fn1SbaZHBwGEBIR0m2RVl9KoD3Nk3snd9T8kfjxrTP6ZooDqu3L1aLphg4JnwiMgsgj6xwTPx2hHfz8sB65jdF35aqKjx3mVmVByrj1Sza4AUWqGCXa7ve0//+/UtDRsWBog9HG+7hCpXyHFc9VqXKvj+oKkflSawNo5+bIaQ+ypQ2hMGCWlkmUrKxv1ZsvR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
last-modified: Fri, 01 Jan 2010 05:00:00 GMT
etag: "49b68be48ffd2c22c209cada7ab45f9a12ae0d54"
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-security-policy: frame-ancestors 'self' *.motionpoint.com
content-encoding: gzip
content-length: 555
cache-control: public, max-age=2592000
expires: Mon, 03 Oct 2022 20:21:14 GMT
date: Sat, 03 Sep 2022 20:21:14 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/login/assets/javascript/ncl.login.resources.jsTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/login/assets/javascript/ncl.login.resources.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com/static/scripts/analytics.plain.libraries.js?v=1661983172893
96.6.17.206200 OK 32 kB URL HTTP/2 www.ncl.com/static/scripts/analytics.plain.libraries.js?v=1661983172893
IP 96.6.17.206:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 81ffafd84e7e5eb229adc4bda7e8388a
8dc228f565132d3f2a48f98494b3c8745b6b46dc
1a1e505583671b5e677020559b8aa3f904c9f417d09876a1004d62a1c2b8d3dd
GET /static/scripts/analytics.plain.libraries.js?v=1661983172893 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 31 Aug 2022 03:55:58 GMT
accept-ranges: bytes
content-encoding: gzip
x-ncl-slog: (null)
x-frame-options: SAMEORIGIN
content-length: 31811
content-type: text/javascript
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:14 GMT
date: Sat, 03 Sep 2022 20:21:14 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=de4d2417392900003ab713635903000095020000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/scripts/analytics.plain.libraries.jsTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/scripts/analytics.plain.libraries.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
booking_redesign_prod=true; expires=Mon, 03-Oct-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=37~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=40c3eba91b60b811de8d8ba8119d5704; path=/; Secure; SameSite=None
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com/static/scripts/analytics.plain.scripts.js?v=1661983172893
96.6.17.206200 OK 6.8 kB URL HTTP/2 www.ncl.com/static/scripts/analytics.plain.scripts.js?v=1661983172893
IP 96.6.17.206:0
File type ASCII text, with very long lines (11793)
Hash 693164529c257972d970899cf876faad
394864a89154aaad32228797d141a7e228e5460f
018255697227a6df04a816e3644a666af543fef236980904d7ccd37e4d8f0864
GET /static/scripts/analytics.plain.scripts.js?v=1661983172893 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 31 Aug 2022 03:58:08 GMT
accept-ranges: bytes
content-encoding: gzip
x-ncl-slog: (null)
x-frame-options: SAMEORIGIN
content-length: 6792
content-type: text/javascript
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:14 GMT
date: Sat, 03 Sep 2022 20:21:14 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=de4d2417392900003ab713636203000097020000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/scripts/analytics.plain.scripts.jsTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/scripts/analytics.plain.scripts.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
booking_redesign_prod=true; expires=Mon, 03-Oct-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=90~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=a21e767c5f7c9f60858c87de53bb1b5d; path=/; Secure; SameSite=None
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com.mx/regional_settings.js?v=1661983172893
104.110.2.164200 OK 509 B URL HTTP/2 www.ncl.com.mx/regional_settings.js?v=1661983172893
IP 104.110.2.164:0
File type ASCII text, with very long lines (920), with no line terminators
Hash fe854004754eb7355cf4bb1ce7933176
b41bd6e238f982f6977ca923843d4fafa3d9d591
5e45fb7e5919ac0baa0347740bd19c882d1871e3f07160ba70647b433683c356
GET /regional_settings.js?v=1661983172893 HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kFzHnx/WCAQAA9roDBQhRdq2SpzciHvCukHesOss98VerI1+PilOGCHBY+9uI1EuMWUfkVo5kEgKUXfvzAkjeKi+3SJVSds1k7FPGtCGXhmD1W7IQdGkcgIJJdE5ISQUXgiXqKmt32qdFsnrD/uyA+4xycu2dLFnLBw0y7sjmurq2Di/KlDta+dZK4AxLiIxtRc1z+LmvU6T/WC0MpOI9EscqYy/2iqhER/haQtRy5YXP+y1HYFj7gY2ZCWgOTg5h3IDyPMjVs8RaD3g38eXZ/SC+LSdgLDy31JZfkNiDIWXNSUBMMK7kIjMilJn+h/OFzfcS+GVfC0VcZeQiHInClW3Zv2I6VmB+GpVHpFRU2W8KcVq/eIU=~-1~-1~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kFz/nx/WCAQAAZ70DBRCdVOrnBBG0zO3WF5Mb1Z+6W0voAuHkH9EmKOmJ2Ji5VK2/0cje70XZfxaoUOL6bdLDce13LMNxDdSp2g42m9KgUMdr5ihG28rsLp2JyySiJ0gibpeMALIrEmA3xcWqahd1zEdi3GV1ZdvOKxB7RXj71dXega+KvuxVqVB07SLGjlcCTCn7fn1SbaZHBwGEBIR0m2RVl9KoD3Nk3snd9T8kfjxrTP6ZooDqu3L1aLphg4JnwiMgsgj6xwTPx2hHfz8sB65jdF35aqKjx3mVmVByrj1Sza4AUWqGCXa7ve0//+/UtDRsWBog9HG+7hCpXyHFc9VqXKvj+oKkflSawNo5+bIaQ+ypQ2hMGCWlkmUrKxv1ZsvR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-security-policy: frame-ancestors 'self' *.motionpoint.com
content-encoding: gzip
content-length: 509
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:14 GMT
date: Sat, 03 Sep 2022 20:21:14 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/regional_settings.jsTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/regional_settings.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com/assets/v1/images/logos/logo-ncl-shield.svg
96.6.17.206200 OK 1.3 kB URL HTTP/2 www.ncl.com/assets/v1/images/logos/logo-ncl-shield.svg
IP 96.6.17.206:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (864)
Hash 67df458407b190a7683dcc1f8116e2bf
cc69a2c49264dba5b015cd3ae87ac04411e3393f
253f1c7805defa4862a3e54925848452a1bc34df413e2c579b413a8fc3f62fa3
GET /assets/v1/images/logos/logo-ncl-shield.svg HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 18 Aug 2022 18:43:05 GMT
accept-ranges: bytes
x-ncl-slog: (null)
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-encoding: gzip
content-length: 1341
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:14 GMT
date: Sat, 03 Sep 2022 20:21:14 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=de4d2417392900003ab713637403000098020000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/images/logos/logo-ncl-shield.svgTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/images/logos/logo-ncl-shield.svgTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
booking_redesign_prod=true; expires=Mon, 03-Oct-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=43~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=79d2dcc0d26830e6de0b2d7fbab4f302; path=/; Secure; SameSite=None
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com.mx/shorex/login/assets/javascript/common.js?v=1661983172893
104.110.2.164200 OK 1.0 kB URL HTTP/2 www.ncl.com.mx/shorex/login/assets/javascript/common.js?v=1661983172893
IP 104.110.2.164:0
File type ASCII text, with very long lines (2275), with no line terminators
Hash 6590d2c35fc10c4ca1156df8488b5c22
5400367719772ad49e36a8fff32abb38dc19bd9b
01bbf77d98fcca95733c64f9ba8fcec77dfccbd0b73e00ee71b7fd4b359cc4e8
GET /shorex/login/assets/javascript/common.js?v=1661983172893 HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kFzHnx/WCAQAA9roDBQhRdq2SpzciHvCukHesOss98VerI1+PilOGCHBY+9uI1EuMWUfkVo5kEgKUXfvzAkjeKi+3SJVSds1k7FPGtCGXhmD1W7IQdGkcgIJJdE5ISQUXgiXqKmt32qdFsnrD/uyA+4xycu2dLFnLBw0y7sjmurq2Di/KlDta+dZK4AxLiIxtRc1z+LmvU6T/WC0MpOI9EscqYy/2iqhER/haQtRy5YXP+y1HYFj7gY2ZCWgOTg5h3IDyPMjVs8RaD3g38eXZ/SC+LSdgLDy31JZfkNiDIWXNSUBMMK7kIjMilJn+h/OFzfcS+GVfC0VcZeQiHInClW3Zv2I6VmB+GpVHpFRU2W8KcVq/eIU=~-1~-1~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kFz/nx/WCAQAAZ70DBRCdVOrnBBG0zO3WF5Mb1Z+6W0voAuHkH9EmKOmJ2Ji5VK2/0cje70XZfxaoUOL6bdLDce13LMNxDdSp2g42m9KgUMdr5ihG28rsLp2JyySiJ0gibpeMALIrEmA3xcWqahd1zEdi3GV1ZdvOKxB7RXj71dXega+KvuxVqVB07SLGjlcCTCn7fn1SbaZHBwGEBIR0m2RVl9KoD3Nk3snd9T8kfjxrTP6ZooDqu3L1aLphg4JnwiMgsgj6xwTPx2hHfz8sB65jdF35aqKjx3mVmVByrj1Sza4AUWqGCXa7ve0//+/UtDRsWBog9HG+7hCpXyHFc9VqXKvj+oKkflSawNo5+bIaQ+ypQ2hMGCWlkmUrKxv1ZsvR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
last-modified: Fri, 01 Jan 2010 05:00:00 GMT
etag: "36ff9cb27b8e8e3b2e3079cc050f7e9314db9e24"
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-security-policy: frame-ancestors 'self' *.motionpoint.com
content-length: 1019
cache-control: public, max-age=2592000
expires: Mon, 03 Oct 2022 20:21:14 GMT
date: Sat, 03 Sep 2022 20:21:14 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/login/assets/javascript/common.jsTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/login/assets/javascript/common.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com.mx/shorex/login/assets/javascript/login_module.js?v=1661983172893
104.110.2.164200 OK 4.2 kB URL HTTP/2 www.ncl.com.mx/shorex/login/assets/javascript/login_module.js?v=1661983172893
IP 104.110.2.164:0
File type ASCII text, with very long lines (15134), with no line terminators
Hash 376e593878a5480ac65672a17a58801c
b6ebb73f0a28635b4fedb9ba1f42c31a0fc4c575
7ed6e54a6f4dbf9eed1891717b3193f9e2abdfb8c36ea773a022875528c1da58
GET /shorex/login/assets/javascript/login_module.js?v=1661983172893 HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kFzHnx/WCAQAA9roDBQhRdq2SpzciHvCukHesOss98VerI1+PilOGCHBY+9uI1EuMWUfkVo5kEgKUXfvzAkjeKi+3SJVSds1k7FPGtCGXhmD1W7IQdGkcgIJJdE5ISQUXgiXqKmt32qdFsnrD/uyA+4xycu2dLFnLBw0y7sjmurq2Di/KlDta+dZK4AxLiIxtRc1z+LmvU6T/WC0MpOI9EscqYy/2iqhER/haQtRy5YXP+y1HYFj7gY2ZCWgOTg5h3IDyPMjVs8RaD3g38eXZ/SC+LSdgLDy31JZfkNiDIWXNSUBMMK7kIjMilJn+h/OFzfcS+GVfC0VcZeQiHInClW3Zv2I6VmB+GpVHpFRU2W8KcVq/eIU=~-1~-1~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kFz/nx/WCAQAAZ70DBRCdVOrnBBG0zO3WF5Mb1Z+6W0voAuHkH9EmKOmJ2Ji5VK2/0cje70XZfxaoUOL6bdLDce13LMNxDdSp2g42m9KgUMdr5ihG28rsLp2JyySiJ0gibpeMALIrEmA3xcWqahd1zEdi3GV1ZdvOKxB7RXj71dXega+KvuxVqVB07SLGjlcCTCn7fn1SbaZHBwGEBIR0m2RVl9KoD3Nk3snd9T8kfjxrTP6ZooDqu3L1aLphg4JnwiMgsgj6xwTPx2hHfz8sB65jdF35aqKjx3mVmVByrj1Sza4AUWqGCXa7ve0//+/UtDRsWBog9HG+7hCpXyHFc9VqXKvj+oKkflSawNo5+bIaQ+ypQ2hMGCWlkmUrKxv1ZsvR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
last-modified: Fri, 01 Jan 2010 05:00:00 GMT
etag: "18a8d2fd67b1b4b0815c48329443b68c2764e72c"
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-security-policy: frame-ancestors 'self' *.motionpoint.com
content-length: 4243
cache-control: public, max-age=2592000
expires: Mon, 03 Oct 2022 20:21:14 GMT
date: Sat, 03 Sep 2022 20:21:14 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/login/assets/javascript/login_module.jsTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/login/assets/javascript/login_module.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com/assets/v1/scripts/login-libraries.js?v=1661983172893
96.6.17.206200 OK 116 kB URL HTTP/2 www.ncl.com/assets/v1/scripts/login-libraries.js?v=1661983172893
IP 96.6.17.206:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 116 kB (116342 bytes)
Hash d8912ba712c81f38c57fb7f00b1ef138
f75479c7e5bc39ec00bb7a3323d667926537a80c
adda3451614053a2a6daeb390548e1da8dda05f1a98bc44998f942e4a921186f
GET /assets/v1/scripts/login-libraries.js?v=1661983172893 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Thu, 18 Aug 2022 18:43:46 GMT
accept-ranges: bytes
content-encoding: gzip
x-ncl-slog: (null)
x-frame-options: SAMEORIGIN
content-type: text/javascript
content-length: 116342
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:14 GMT
date: Sat, 03 Sep 2022 20:21:14 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=de4d2417392900003ab713635a03000096020000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/scripts/login-libraries.jsTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/scripts/login-libraries.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
booking_redesign_prod=true; expires=Mon, 03-Oct-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=63~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=5e5649248fd3aa68f86b34420b79277d; path=/; Secure; SameSite=None
server-timing: cdn-cache; desc=HIT, edge; dur=9
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com.mx/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8
104.110.2.164200 OK 20 kB URL HTTP/2 www.ncl.com.mx/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8
IP 104.110.2.164:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3578b076eb3239f6ab1ef84b9e2b206a
842b4d66a03b1136d2722a6c81c879eab77f99a7
34271e2e5a68be0d6c7180bd2c821038500d2e13756b052ba68762985c311b6f
GET /lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8 HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kFzHnx/WCAQAA9roDBQhRdq2SpzciHvCukHesOss98VerI1+PilOGCHBY+9uI1EuMWUfkVo5kEgKUXfvzAkjeKi+3SJVSds1k7FPGtCGXhmD1W7IQdGkcgIJJdE5ISQUXgiXqKmt32qdFsnrD/uyA+4xycu2dLFnLBw0y7sjmurq2Di/KlDta+dZK4AxLiIxtRc1z+LmvU6T/WC0MpOI9EscqYy/2iqhER/haQtRy5YXP+y1HYFj7gY2ZCWgOTg5h3IDyPMjVs8RaD3g38eXZ/SC+LSdgLDy31JZfkNiDIWXNSUBMMK7kIjMilJn+h/OFzfcS+GVfC0VcZeQiHInClW3Zv2I6VmB+GpVHpFRU2W8KcVq/eIU=~-1~-1~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kFz/nx/WCAQAAZ70DBRCdVOrnBBG0zO3WF5Mb1Z+6W0voAuHkH9EmKOmJ2Ji5VK2/0cje70XZfxaoUOL6bdLDce13LMNxDdSp2g42m9KgUMdr5ihG28rsLp2JyySiJ0gibpeMALIrEmA3xcWqahd1zEdi3GV1ZdvOKxB7RXj71dXega+KvuxVqVB07SLGjlcCTCn7fn1SbaZHBwGEBIR0m2RVl9KoD3Nk3snd9T8kfjxrTP6ZooDqu3L1aLphg4JnwiMgsgj6xwTPx2hHfz8sB65jdF35aqKjx3mVmVByrj1Sza4AUWqGCXa7ve0//+/UtDRsWBog9HG+7hCpXyHFc9VqXKvj+oKkflSawNo5+bIaQ+ypQ2hMGCWlkmUrKxv1ZsvR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 28 Feb 2022 19:29:24 GMT
etag: "a7a61709860c0c57ec0c92584ae4f1bc214dfc71043ea43843572e55d14841f6"
content-type: application/javascript
content-encoding: gzip
content-length: 20456
date: Sat, 03 Sep 2022 20:21:14 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8TeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8TeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
_abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kF0Pnx/WCAQAAGL4DBQiSdz/PKL0aS0vCKjuUENQ+1rJHAJlux4jPiwKVRqzjDyNICANYuzVa+qe5uF4khah8lTyhTAXzCKXpzVsP7XQVx0OJdRpKztVQsvH/OvtvxBX+B0SBtUdTfh4lLQXOtW66JwR3OJf8NWFcyBzVdG+QkibOWlvBfPh5l/1GN/dCbt9y54oxYwe9q7bTRDe34RMxXIFOdkoIK/PwsDuTl3iFiFgbbLaQK9iHaXO1EVaoSNwadcqj8ZdUvmgugMWKiTRvgNBGuoG87DYAQ/SQmzOhJQ/bGYPzr0QHnxMc24jeH4C6dI2fvLJuUI2dtEKDG8gUSxqgZhsHi1Oe2U+6V/LVol2kA1BZf1HVCpsmNyfrdav2HcTVYA==~-1~-1~-1; Domain=.ncl.com.mx; Path=/; Expires=Sun, 03 Sep 2023 20:21:14 GMT; Max-Age=31536000; Secure
cache-control: max-age=21600
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10150
Expires: Sat, 03 Sep 2022 23:10:24 GMT
Date: Sat, 03 Sep 2022 20:21:14 GMT
Connection: keep-alive
www.ncl.com/shorex/login/assets/javascript/vendor.js?v=1661983172893
96.6.17.206200 OK 73 kB URL HTTP/2 www.ncl.com/shorex/login/assets/javascript/vendor.js?v=1661983172893
IP 96.6.17.206:0
File type Unicode text, UTF-8 text, with very long lines (39688)
Hash c52a55f74b60da1525f9f358eb978243
25e2e36be13f28b62356f3fdeafd832003d47f63
0b0c3015f4e7a4952e21650e9579f9d9e16c70b32e0d76c7aae19c09e21a97fb
GET /shorex/login/assets/javascript/vendor.js?v=1661983172893 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "1f18c9318ac6869631a7f87f830ac886b9d7c687"
accept-ranges: bytes
last-modified: Fri, 01 Jan 2010 05:00:00 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-type: application/javascript; charset=UTF-8
content-length: 72839
cache-control: public, max-age=2592000
expires: Mon, 03 Oct 2022 20:21:14 GMT
date: Sat, 03 Sep 2022 20:21:14 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=de4d2417392900003ab71363920300009a020000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/login/assets/javascript/vendor.jsTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/login/assets/javascript/vendor.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
booking_redesign_prod=true; expires=Mon, 03-Oct-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=15~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=146ff857c6143c3e3b210bfb09284917; path=/; Secure; SameSite=None
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com/static/scripts/analytics/mp_linkcode.js
96.6.17.206200 OK 697 B URL HTTP/2 www.ncl.com/static/scripts/analytics/mp_linkcode.js
IP 96.6.17.206:0
File type ASCII text, with very long lines (1615), with no line terminators
Hash 16f84a924d7f92acb1a2ddc8938bd4ae
011f6ec98cdccf7e91870f00e020b333afaddeb8
da120eb1cc8ab8e7d377749757d636435e1c4c396f8ac612c5b705b3d5a7350b
GET /static/scripts/analytics/mp_linkcode.js HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Wed, 31 Aug 2022 03:56:22 GMT
accept-ranges: bytes
content-encoding: gzip
x-ncl-slog: (null)
x-frame-options: SAMEORIGIN
content-length: 697
content-type: text/javascript
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:14 GMT
date: Sat, 03 Sep 2022 20:21:14 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=de4d2417392900003ab713639f0300009b020000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/scripts/analytics/mp_linkcode.jsTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/scripts/analytics/mp_linkcode.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
booking_redesign_prod=true; expires=Mon, 03-Oct-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=92~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=80a43e4ebeb92858acf54461891b6008; path=/; Secure; SameSite=None
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10150
Expires: Sat, 03 Sep 2022 23:10:24 GMT
Date: Sat, 03 Sep 2022 20:21:14 GMT
Connection: keep-alive
www.ncl.com.mx/assets/v1/styles/main.css?v=1661983172893
104.110.2.164200 OK 262 kB URL HTTP/2 www.ncl.com.mx/assets/v1/styles/main.css?v=1661983172893
IP 104.110.2.164:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size 262 kB (261504 bytes)
Hash d0ec53c359a27e64322a74b36634072d
49f845a85b6512a169e8ef747a2cde4f81beca5d
16db615c4928adc49d6fcb264c69a216a9ed2bee1baf0b493573110023c4d683
GET /assets/v1/styles/main.css?v=1661983172893 HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kFzHnx/WCAQAA9roDBQhRdq2SpzciHvCukHesOss98VerI1+PilOGCHBY+9uI1EuMWUfkVo5kEgKUXfvzAkjeKi+3SJVSds1k7FPGtCGXhmD1W7IQdGkcgIJJdE5ISQUXgiXqKmt32qdFsnrD/uyA+4xycu2dLFnLBw0y7sjmurq2Di/KlDta+dZK4AxLiIxtRc1z+LmvU6T/WC0MpOI9EscqYy/2iqhER/haQtRy5YXP+y1HYFj7gY2ZCWgOTg5h3IDyPMjVs8RaD3g38eXZ/SC+LSdgLDy31JZfkNiDIWXNSUBMMK7kIjMilJn+h/OFzfcS+GVfC0VcZeQiHInClW3Zv2I6VmB+GpVHpFRU2W8KcVq/eIU=~-1~-1~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kFz/nx/WCAQAAZ70DBRCdVOrnBBG0zO3WF5Mb1Z+6W0voAuHkH9EmKOmJ2Ji5VK2/0cje70XZfxaoUOL6bdLDce13LMNxDdSp2g42m9KgUMdr5ihG28rsLp2JyySiJ0gibpeMALIrEmA3xcWqahd1zEdi3GV1ZdvOKxB7RXj71dXega+KvuxVqVB07SLGjlcCTCn7fn1SbaZHBwGEBIR0m2RVl9KoD3Nk3snd9T8kfjxrTP6ZooDqu3L1aLphg4JnwiMgsgj6xwTPx2hHfz8sB65jdF35aqKjx3mVmVByrj1Sza4AUWqGCXa7ve0//+/UtDRsWBog9HG+7hCpXyHFc9VqXKvj+oKkflSawNo5+bIaQ+ypQ2hMGCWlkmUrKxv1ZsvR
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 18:45:03 GMT
x-ncl-slog: (null)
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' *.motionpoint.com
content-length: 261504
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:14 GMT
date: Sat, 03 Sep 2022 20:21:14 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/styles/main.cssTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/styles/main.cssTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=63
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60769237af4f32c663d494d91a672d08
31305131f340191799484f212e15513bd1204e88
6df36e459f3a2d0271732b645009b116e6671363f6c3050d22bbfe2d911a77bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4994
x-amzn-requestid: de39357f-d378-4bb8-b4d9-7dd4f82fbb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xgj-kEHvoAMFyBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309b390-119fa01e254e89cb39a1b794;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 06:02:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V6_bFwCNNOb2sZgOQJ8NekZD0pbYwclTg17YlQjCIdKFKGuzfDR0nQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:42:03 GMT
age: 59951
etag: "31305131f340191799484f212e15513bd1204e88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
es.ncl.com/mp/custom_CSS/mpCSS.css
104.110.2.164200 OK 20 B URL HTTP/2 es.ncl.com/mp/custom_CSS/mpCSS.css
IP 104.110.2.164:0
Hash 3970e82605c7d109bb348fc94e9eecc0
e03849ea786b9f7b28a35c17949e85a93eb1cff1
f5d031af01f137ae07fa71720fab94d16cc8a2a59868766002918b7c240f3967
GET /mp/custom_CSS/mpCSS.css HTTP/1.1
Host: es.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:14 GMT
date: Sat, 03 Sep 2022 20:21:14 GMT
content-length: 20
set-cookie: optimizelyEndUserId=854f2417863d00003ab71363dc030000b2000000; expires=Thu, 02-Mar-2023 20:21:14 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:14 GMT; path=/; secure
AkaUTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/mp/custom_CSS/mpCSS.cssTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:14 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/mp/custom_CSS/mpCSS.cssTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4cb62c7c522b71c62a97630d8330ef5
950611314b81428b3d80ff8659272cc800cf48b6
3fd0bbf8a1fe8776136d611d6b99b909b71e6af3a13f8794338af2f0026b59ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7975
x-amzn-requestid: 5ed9a360-5a7f-427a-a750-bd8f25214909
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XwpOBEpjIAMFzXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63102259-4b9d2f6e61cc186f78718168;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 03:09:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BU7CFrnTBhvyqoRVp1t-e_ZErBnJA9l4qGkmxOQd10W48IzyIFGFZw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:46:11 GMT
age: 59703
etag: "950611314b81428b3d80ff8659272cc800cf48b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:37:26 GMT
age: 81828
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c199f7fc2a2857dec134bfdb2673e28c
af3989072b658e2de119d006ae4ca1703468913d
e57411ba0221f6ffa7baf7c374ec790959a66d6a683fad40883ef01cf67e35c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: da379546-9525-4e13-b9f0-a6446839df66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eNeG7kIAMF4-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63127722-37399f67565b06e7111095cd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: alcmiW5Cb3Z96RJNXfz4F54HNERbyV71Q8hqVuNEOTUc48kItzlfHQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:53 GMT
age: 81081
etag: "af3989072b658e2de119d006ae4ca1703468913d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d78cbff83c152b84864606781a29563d
8bdbc6e135be6e582d0e23754399422e3792777b
3c385de9ade05e1652ccc386e73aaccc4c223a07b81af4c5fdf3f73a166909f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14061
x-amzn-requestid: db7b338c-4fb1-46c0-827a-87e43ceacb90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjB_aFGyoAMFbeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ab062-060509a31e21bd514f736d49;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 00:01:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p_pP4bQ_t2iBcAl5CetPTBaNmV8E_Br_0Mn5qIlGeC8JCmILxA_l6A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 10:54:15 GMT
age: 34020
etag: "8bdbc6e135be6e582d0e23754399422e3792777b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23b580e2b673257d24b9c2e80c4c48ce
f3a3d835a37f9b23e7458f9b7bc721bc415b61cc
c0e3559fde3dd08cdbd360f39dddcc98dd7c1b3aebd0861cc07105872a116d11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: bf297fc4-9164-45ee-bfab-06761a52e3ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMJEP1IAMFdpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-6b3e6416133d67a83d8a1469;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: datd5eYK6nOAUdEpy_y4gcqsVmCqjP4qhzTnlJ9pSrquoYk2PPugTA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:54 GMT
age: 81081
etag: "f3a3d835a37f9b23e7458f9b7bc721bc415b61cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.sync.js
23.38.200.249200 OK 14 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.sync.js
IP 23.38.200.249:0
File type ASCII text, with very long lines (31332)
Hash e09b4be6a239cd72cc9dba2498a9ac26
7857692cb77dd730d76329d7400ede53caec4d5f
0ac5ce49a6aa29717e5d5f4c451f80cdd0c8c637db48d0d87153b224096fd1d2
GET /utag/ncl/main/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b9588d498e8246f284929be5076f867e:1661786462.219645"
last-modified: Mon, 29 Aug 2022 15:21:02 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sat, 03 Sep 2022 20:26:15 GMT
date: Sat, 03 Sep 2022 20:21:15 GMT
content-length: 14080
X-Firefox-Spdy: h2
hello.myfonts.net/count/3dc71d
104.17.244.73200 OK 0 B URL HTTP/2 hello.myfonts.net/count/3dc71d
IP 104.17.244.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /count/3dc71d HTTP/1.1
Host: hello.myfonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ncl.com.mx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 20:21:15 GMT
content-type: text/css
content-length: 0
accept-ranges: bytes
access-control-allow-origin: *
age: 1
cache-control: max-age=604800
expires: Sun, 03 Sep 2023 20:21:15 GMT
expect-ct: null
set-cookie: __cf_bm=Ngv9sOVL3zEaicdwytfovDunm_DCeeLXlYK3yi17VWk-1662236475-0-AcH4PZ6YO3xbZ8LSP6W2q0bNpB3qzBlhKWdnvLFNnNEKXc/rurs2b+W/Peh9SPMhW/Ga8pVW0zhzfEM86H6IpVs=; path=/; expires=Sat, 03-Sep-22 20:51:15 GMT; domain=.myfonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 745130d13f17b503-OSL
X-Firefox-Spdy: h2
hello.myfonts.net/count/36b87e
104.17.244.73200 OK 0 B URL HTTP/2 hello.myfonts.net/count/36b87e
IP 104.17.244.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /count/36b87e HTTP/1.1
Host: hello.myfonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ncl.com.mx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 20:21:15 GMT
content-type: text/css
content-length: 0
accept-ranges: bytes
access-control-allow-origin: *
age: 1
cache-control: max-age=604800
expires: Sun, 03 Sep 2023 20:21:15 GMT
expect-ct: null
set-cookie: __cf_bm=dGZd4COAIzdhqWY8Jv9pp2sn1P72j_dcmVlsXg5LtDY-1662236475-0-AftqLEkJ5S6N/Bi3LJrZmOjypmN41nFGIKY0zz7mpIT55YUwXF1HT/pyDZWOZSF/6E34JVrwTfEqNYZBznExGpE=; path=/; expires=Sat, 03-Sep-22 20:51:15 GMT; domain=.myfonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 745130d13f1ab503-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9859951fcb3605c1f40cc9fc94e51830
e0d27e62d77ddb2d6fa939e696c75cbc1023b391
8efe31189692c9cb63f745033dbf6c9f0a4030629da70d7277ccbce9656ef59d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4660
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:15 GMT
Last-Modified: Sat, 03 Sep 2022 19:03:35 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www.ncl.com.mx/akam/13/4eb6d702
104.110.2.164200 OK 8.7 kB URL HTTP/2 www.ncl.com.mx/akam/13/4eb6d702
IP 104.110.2.164:0
File type ASCII text, with very long lines (14360)
Hash 313edee0fc88ad67ac0d2fc4f44d7c28
3bc7d231323a7c47fc1a182862dc2535abc0fd99
6981e5f1b9d7e6871441b136981b6f0096a255fc1b843457de6820f667b8c83a
GET /akam/13/4eb6d702 HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kFzHnx/WCAQAA9roDBQhRdq2SpzciHvCukHesOss98VerI1+PilOGCHBY+9uI1EuMWUfkVo5kEgKUXfvzAkjeKi+3SJVSds1k7FPGtCGXhmD1W7IQdGkcgIJJdE5ISQUXgiXqKmt32qdFsnrD/uyA+4xycu2dLFnLBw0y7sjmurq2Di/KlDta+dZK4AxLiIxtRc1z+LmvU6T/WC0MpOI9EscqYy/2iqhER/haQtRy5YXP+y1HYFj7gY2ZCWgOTg5h3IDyPMjVs8RaD3g38eXZ/SC+LSdgLDy31JZfkNiDIWXNSUBMMK7kIjMilJn+h/OFzfcS+GVfC0VcZeQiHInClW3Zv2I6VmB+GpVHpFRU2W8KcVq/eIU=~-1~-1~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kFz/nx/WCAQAAZ70DBRCdVOrnBBG0zO3WF5Mb1Z+6W0voAuHkH9EmKOmJ2Ji5VK2/0cje70XZfxaoUOL6bdLDce13LMNxDdSp2g42m9KgUMdr5ihG28rsLp2JyySiJ0gibpeMALIrEmA3xcWqahd1zEdi3GV1ZdvOKxB7RXj71dXega+KvuxVqVB07SLGjlcCTCn7fn1SbaZHBwGEBIR0m2RVl9KoD3Nk3snd9T8kfjxrTP6ZooDqu3L1aLphg4JnwiMgsgj6xwTPx2hHfz8sB65jdF35aqKjx3mVmVByrj1Sza4AUWqGCXa7ve0//+/UtDRsWBog9HG+7hCpXyHFc9VqXKvj+oKkflSawNo5+bIaQ+ypQ2hMGCWlkmUrKxv1ZsvR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Feb 2022 15:09:22 GMT
etag: "9a163458656f66314c062a16c687d501314df9cab84af281fca1448f87d4c6d8"
content-type: application/javascript
content-encoding: gzip
content-length: 8748
expires: Sat, 03 Sep 2022 20:21:15 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 03 Sep 2022 20:21:15 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:15 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/akam/13/4eb6d702TeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:15 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/akam/13/4eb6d702TeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kF0jnx/WCAQAAIb8DBRBUttkK/SP4BFA5LjM0ASCalOqw544ljyQxO3+T2v7KPxU6dFt3G7qyIdYgAr7A7BP9g1vMfkvfKHy5kSOGuwzqtPkH4R//wOE7w25FnqOlG0LXLrqAByvFqJqV2I/R2wnIGidX6P+PI00b15w/4aQ2FU2TDnxoNaGL+jNpYNGPIBo8Au3NqiPag2FK3QcTJktEi3JtbXqDtoAaGKazr+REuwNaBvNpOnym34xQqNjwhBpSBSJqSSnB+ipasuKVkHInI3YJOLJW8flSUXjenydszfRtbagWXxs4T0o0uFHYd6dc4UAmtRrDMSowO63q1sceGNdkJ3mDukCixej+Zm1WReXcnCi54zS8lkUhl62udJP2pDN4WidIBJqH3gDKE0dqLEgxwG17coBwL+nKQqVMI52xAyg6GNdlnSZ7xjbpCvFlDOeqWCC3XdLeusUHHt2RkAHKZ2oE0sfv; Domain=.ncl.com.mx; Path=/; Expires=Sat, 03 Sep 2022 22:21:14 GMT; Max-Age=7199; HttpOnly
server-timing: cdn-cache; desc=HIT, edge; dur=308
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com.mx/static/styles/compatibility.css?v=1661983172893
104.110.2.164200 OK 147 kB URL HTTP/2 www.ncl.com.mx/static/styles/compatibility.css?v=1661983172893
IP 104.110.2.164:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 147 kB (147154 bytes)
Hash 7003ab92eed6fdf896b3454de8321097
9158ffcd02120688c5e83644da7e40a559e612da
8dc3ffd6cf602b324191eb70652f5a35165107345536242343a262157a847a18
GET /static/styles/compatibility.css?v=1661983172893 HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kF0Pnx/WCAQAAGL4DBQiSdz/PKL0aS0vCKjuUENQ+1rJHAJlux4jPiwKVRqzjDyNICANYuzVa+qe5uF4khah8lTyhTAXzCKXpzVsP7XQVx0OJdRpKztVQsvH/OvtvxBX+B0SBtUdTfh4lLQXOtW66JwR3OJf8NWFcyBzVdG+QkibOWlvBfPh5l/1GN/dCbt9y54oxYwe9q7bTRDe34RMxXIFOdkoIK/PwsDuTl3iFiFgbbLaQK9iHaXO1EVaoSNwadcqj8ZdUvmgugMWKiTRvgNBGuoG87DYAQ/SQmzOhJQ/bGYPzr0QHnxMc24jeH4C6dI2fvLJuUI2dtEKDG8gUSxqgZhsHi1Oe2U+6V/LVol2kA1BZf1HVCpsmNyfrdav2HcTVYA==~-1~-1~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kF0jnx/WCAQAAIb8DBRBUttkK/SP4BFA5LjM0ASCalOqw544ljyQxO3+T2v7KPxU6dFt3G7qyIdYgAr7A7BP9g1vMfkvfKHy5kSOGuwzqtPkH4R//wOE7w25FnqOlG0LXLrqAByvFqJqV2I/R2wnIGidX6P+PI00b15w/4aQ2FU2TDnxoNaGL+jNpYNGPIBo8Au3NqiPag2FK3QcTJktEi3JtbXqDtoAaGKazr+REuwNaBvNpOnym34xQqNjwhBpSBSJqSSnB+ipasuKVkHInI3YJOLJW8flSUXjenydszfRtbagWXxs4T0o0uFHYd6dc4UAmtRrDMSowO63q1sceGNdkJ3mDukCixej+Zm1WReXcnCi54zS8lkUhl62udJP2pDN4WidIBJqH3gDKE0dqLEgxwG17coBwL+nKQqVMI52xAyg6GNdlnSZ7xjbpCvFlDOeqWCC3XdLeusUHHt2RkAHKZ2oE0sfv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 03:54:00 GMT
x-ncl-slog: (null)
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' *.motionpoint.com
content-length: 147154
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:15 GMT
date: Sat, 03 Sep 2022 20:21:15 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:15 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236475Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/styles/compatibility.cssTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:15 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236475Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/styles/compatibility.cssTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
norwegiancruiseline.mpeasylink.com/mpel/mpel.js
54.174.98.17200 2.2 kB URL HTTP/1.1 norwegiancruiseline.mpeasylink.com/mpel/mpel.js
IP 54.174.98.17:0
File type ASCII text, with very long lines (347), with CRLF line terminators
Hash 981a2e9f23846e8f1624c6c381c9655e
bdf3f03e2bc39d156034aedc13cef3a513dc9a87
5fdc595e02dc282a40c20a1f9753cdb9c27398d6bbb1234e8cc94be85f50b9b8
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel.js HTTP/1.1
Host: norwegiancruiseline.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Sat, 03 Sep 2022 20:21:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"6848-1465303194000"
Last-Modified: Tue, 07 Jun 2016 12:39:54 GMT
Cache-Control: max-age=86400
Expires: Sun, 04 Sep 2022 20:21:15 GMT
vary: accept-encoding
Content-Encoding: gzip
www.ncl.com.mx/sdcdn/doptimizely/js/5414371492.js
104.110.2.164200 OK 223 kB URL HTTP/2 www.ncl.com.mx/sdcdn/doptimizely/js/5414371492.js
IP 104.110.2.164:0
File type exported SGML document, ASCII text, with very long lines (65404)
Size 223 kB (223382 bytes)
Hash d1cbf68ccfefb4b10b0271c212095a8a
8441e983a7ccd8ff85e15e815c479e18a439bea5
2c0ba6ad7d19aac4037e7d989474b9effe3af89077f75860c124a4f120e6e048
GET /sdcdn/doptimizely/js/5414371492.js HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kFzHnx/WCAQAA9roDBQhRdq2SpzciHvCukHesOss98VerI1+PilOGCHBY+9uI1EuMWUfkVo5kEgKUXfvzAkjeKi+3SJVSds1k7FPGtCGXhmD1W7IQdGkcgIJJdE5ISQUXgiXqKmt32qdFsnrD/uyA+4xycu2dLFnLBw0y7sjmurq2Di/KlDta+dZK4AxLiIxtRc1z+LmvU6T/WC0MpOI9EscqYy/2iqhER/haQtRy5YXP+y1HYFj7gY2ZCWgOTg5h3IDyPMjVs8RaD3g38eXZ/SC+LSdgLDy31JZfkNiDIWXNSUBMMK7kIjMilJn+h/OFzfcS+GVfC0VcZeQiHInClW3Zv2I6VmB+GpVHpFRU2W8KcVq/eIU=~-1~-1~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kFz/nx/WCAQAAZ70DBRCdVOrnBBG0zO3WF5Mb1Z+6W0voAuHkH9EmKOmJ2Ji5VK2/0cje70XZfxaoUOL6bdLDce13LMNxDdSp2g42m9KgUMdr5ihG28rsLp2JyySiJ0gibpeMALIrEmA3xcWqahd1zEdi3GV1ZdvOKxB7RXj71dXega+KvuxVqVB07SLGjlcCTCn7fn1SbaZHBwGEBIR0m2RVl9KoD3Nk3snd9T8kfjxrTP6ZooDqu3L1aLphg4JnwiMgsgj6xwTPx2hHfz8sB65jdF35aqKjx3mVmVByrj1Sza4AUWqGCXa7ve0//+/UtDRsWBog9HG+7hCpXyHFc9VqXKvj+oKkflSawNo5+bIaQ+ypQ2hMGCWlkmUrKxv1ZsvR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
content-encoding: gzip
last-modified: Fri, 02 Sep 2022 20:09:36 GMT
etag: "b9927f23086686a16f72e61dae1eee8c"
x-amz-id-2: eJ8pf77YyMMwQ6VDAkCyAs5AzUbrkxsp5qNh28JitlHuxAeRVVjxWVNzoeX+oaeosdnyKyIg21w=
x-amz-request-id: 8Z5ZYD0VFVT14FG8
x-amz-replication-status: PENDING
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 37553
x-amz-meta-pci_enabled: False
x-amz-version-id: hZCeLRfm39QEYdT5JVKthJbZsO_T_yi9
access-control-expose-headers: x-amz-meta-revision
timing-allow-origin: *
content-security-policy: frame-ancestors 'self' *.motionpoint.com
content-length: 223382
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:15 GMT
date: Sat, 03 Sep 2022 20:21:15 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:15 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/sdcdn/doptimizely/js/5414371492.jsTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:15 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236474Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/sdcdn/doptimizely/js/5414371492.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=629, cdn;desc="AkamaiION";dur=0,rtt;desc="29";dur=0,cdnip;desc="23.55.248.163";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="";dur=0
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
s.go-mpulse.net/boomerang/TCZKH-A3E5K-R7UEE-8AYTU-FWV9Y
23.38.200.138200 OK 51 kB URL HTTP/2 s.go-mpulse.net/boomerang/TCZKH-A3E5K-R7UEE-8AYTU-FWV9Y
IP 23.38.200.138:0
File type C source, ASCII text, with very long lines (65098)
Hash 95b7b611f7eec841ded80e2eaa59c179
c0a5d2c7f7abb5ba10fa27ab0c5860ef93a9969a
5f6af986478ff514b73784ebebd6ae0e1fb55aa7667bd30385fd96afff661162
GET /boomerang/TCZKH-A3E5K-R7UEE-8AYTU-FWV9Y HTTP/1.1
Host: s.go-mpulse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Sun, 28 Aug 2022 14:34:57 GMT
timing-allow-origin: *
vary: Accept-Encoding
x-n: S
content-length: 51064
date: Sat, 03 Sep 2022 20:21:15 GMT
X-Firefox-Spdy: h2
tapi.optimizely.com/api/targeting/5414371492/6582630919/854f2417863d00003ab7136366000000b1000000
95.100.12.199200 OK 947 B URL HTTP/1.1 tapi.optimizely.com/api/targeting/5414371492/6582630919/854f2417863d00003ab7136366000000b1000000
IP 95.100.12.199:0
File type JSON data\012- , ASCII text, with very long lines (15232), with no line terminators
Hash 480d04e7c93b6d18c6eb9ce2eb622b03
3752a028755882f2464bb67cfed4e3705749656c
21c578c723841962013a331179d07709502695c97b7668e67063d8bd5f9de942
GET /api/targeting/5414371492/6582630919/854f2417863d00003ab7136366000000b1000000 HTTP/1.1
Host: tapi.optimizely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.ncl.com.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Server: nginx
X-Powered-By: Express
Content-Encoding: gzip
Cache-Control: max-age=1200
Date: Sat, 03 Sep 2022 20:21:15 GMT
Content-Length: 947
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin: https://www.ncl.com.mx
www.ncl.com/assets/v1/fonts/36B87E_3_0.woff2
96.6.17.206200 OK 27 kB URL HTTP/2 www.ncl.com/assets/v1/fonts/36B87E_3_0.woff2
IP 96.6.17.206:0
File type Web Open Font Format (Version 2), TrueType, length 26607, version 3.6553\012- data
Hash e46c155d65d6e8305340431fef3ee332
8cb9410d91aee0c47ea5527d7dcaaa35fc27a1d3
236efe4f0a71e805c913f99bb42022e64d67796b46685f82cf42fee4d03d0192
GET /assets/v1/fonts/36B87E_3_0.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ncl.com.mx
Connection: keep-alive
Referer: https://www.ncl.com.mx/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 18 Aug 2022 18:43:05 GMT
x-ncl-slog: (null)
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:15 GMT
date: Sat, 03 Sep 2022 20:21:15 GMT
content-length: 26607
set-cookie: optimizelyEndUserId=de4d2417392900003bb71363b60300009c020000; expires=Thu, 02-Mar-2023 20:21:15 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236475Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/fonts/36B87E_3_0.woff2TeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:15 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236475Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/fonts/36B87E_3_0.woff2TeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
booking_redesign_prod=true; expires=Mon, 03-Oct-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=30~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=1ee9620bd267fd26b1c0690c3f60d59c; path=/; Secure; SameSite=None
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com/assets/v1/fonts/norwegian-icons-set.woff2?wkwidt
96.6.17.206200 OK 28 kB URL HTTP/2 www.ncl.com/assets/v1/fonts/norwegian-icons-set.woff2?wkwidt
IP 96.6.17.206:0
File type Web Open Font Format (Version 2), TrueType, length 27592, version 1.0\012- data
Hash e52e4052ed71ee6a5417aba648209c23
3423b4979207d80e7efe30778dc1bf53d53cfa05
d60e94cb5c0be99e7cdc454cb19eb02f9ed44c6071efe57b379b70a8385b320a
GET /assets/v1/fonts/norwegian-icons-set.woff2?wkwidt HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ncl.com.mx
Connection: keep-alive
Referer: https://www.ncl.com.mx/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 18 Aug 2022 18:43:05 GMT
x-ncl-slog: (null)
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:15 GMT
date: Sat, 03 Sep 2022 20:21:15 GMT
content-length: 27592
set-cookie: optimizelyEndUserId=de4d2417392900003bb71363c20300009d020000; expires=Thu, 02-Mar-2023 20:21:15 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236475Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/fonts/norwegian-icons-set.woff2TeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:15 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236475Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/fonts/norwegian-icons-set.woff2TeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
booking_redesign_prod=true; expires=Mon, 03-Oct-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=20~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=4b629462dc7b0f9fd019c0b9537cc3b0; path=/; Secure; SameSite=None
ak_bmsc=46175B81932FE410E60F49A669603DCE~000000000000000000000000000000~YAAQ3k0kFyfFRwCDAQAAOsIDBRDTtTfH2gNNV9ANlCEVswRJT8RxEkjj05RRvUzEnh5ulFRAwnO7mnmAJlRuZRK3s7RwdzdqzTrConyLKyPT1gqpjXIR4JKV3eUdnEjageMRPl3TNpBELdUecVj+71pMdItqgpsr6lUnoEJHfab0SVjo/qx3gocIbdbMNNJzYUIioOdwNKrKjN23g6q48f9W6Z/CUg5urR/663U9COc7BUkF/G7QQl5gAboIu0cElun34PvxZ113dIzLhH4g5JjBFPH/8XX+7l/bmABabgECBdedL7xOj8u30RDvISvU9LbpChatd8egn+rsR2h/RRiM7+5IpcSNXu4BNy7df85zuYYYQjZ65sJJdgK0nSORld2+grpX; Domain=.ncl.com; Path=/; Expires=Sat, 03 Sep 2022 22:21:15 GMT; Max-Age=7200; HttpOnly
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com/assets/v1/fonts/merriweather-v19-latin-300.woff2
96.6.17.206200 OK 19 kB URL HTTP/2 www.ncl.com/assets/v1/fonts/merriweather-v19-latin-300.woff2
IP 96.6.17.206:0
File type Web Open Font Format (Version 2), TrueType, length 18676, version 1.0\012- data
Hash a50c381443e6993188ed9cc4b6806866
5ab53d1b93862045e669aefca50492275cd25e3d
0400bc0e9a44cbf547f238a457496bc5919e55724460d0c2cfb9d66883d743a3
GET /assets/v1/fonts/merriweather-v19-latin-300.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ncl.com.mx
Connection: keep-alive
Referer: https://www.ncl.com.mx/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 18 Aug 2022 18:43:05 GMT
x-ncl-slog: (null)
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:15 GMT
date: Sat, 03 Sep 2022 20:21:15 GMT
content-length: 18676
set-cookie: optimizelyEndUserId=de4d2417392900003bb71363ce0300009e020000; expires=Thu, 02-Mar-2023 20:21:15 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236475Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/fonts/merriweather-v19-latin-300.woff2TeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:15 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236475Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/fonts/merriweather-v19-latin-300.woff2TeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
booking_redesign_prod=true; expires=Mon, 03-Oct-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=64~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=e2d10525be82517c324179d0e0ebca3e; path=/; Secure; SameSite=None
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com/assets/v1/fonts/36B87E_2_0.woff2
96.6.17.206200 OK 27 kB URL HTTP/2 www.ncl.com/assets/v1/fonts/36B87E_2_0.woff2
IP 96.6.17.206:0
File type Web Open Font Format (Version 2), TrueType, length 26833, version 3.6553\012- data
Hash 0eae776f2f0e2ea97b3205cdf13deec6
dde227892ddd2352f693fccb748960bdac02efe4
231c08eac9209df2f8a61b3d417ac0a1002a7c2e541dedf404195247333a967c
GET /assets/v1/fonts/36B87E_2_0.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ncl.com.mx
Connection: keep-alive
Referer: https://www.ncl.com.mx/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 18 Aug 2022 18:43:05 GMT
x-ncl-slog: (null)
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:15 GMT
date: Sat, 03 Sep 2022 20:21:15 GMT
content-length: 26833
set-cookie: optimizelyEndUserId=de4d2417392900003bb71363da0300009f020000; expires=Thu, 02-Mar-2023 20:21:15 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236475Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/fonts/36B87E_2_0.woff2TeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:15 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236475Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/fonts/36B87E_2_0.woff2TeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
booking_redesign_prod=true; expires=Mon, 03-Oct-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=33~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ded3eb4a2f3c4153a8eeb24fdd8d447c; path=/; Secure; SameSite=None
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.ncl.com/assets/v1/fonts/36B87E_0_0.woff2
96.6.17.206200 OK 19 kB URL HTTP/2 www.ncl.com/assets/v1/fonts/36B87E_0_0.woff2
IP 96.6.17.206:0
File type Web Open Font Format (Version 2), TrueType, length 18724, version 1.1\012- data
Hash a31857faba3b8bc1cb08eef26f7d103b
e1a192272c3ad11ac4ce139250ff834e2b8e31a2
88986eb98d68bfc0e083151426bd5cec12f0f27133afad4e9ec8db3bd1d885d5
GET /assets/v1/fonts/36B87E_0_0.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ncl.com.mx
Connection: keep-alive
Referer: https://www.ncl.com.mx/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 18 Aug 2022 18:43:05 GMT
x-ncl-slog: (null)
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=2592000
expires: Mon, 03 Oct 2022 20:21:15 GMT
date: Sat, 03 Sep 2022 20:21:15 GMT
content-length: 18724
set-cookie: optimizelyEndUserId=de4d2417392900003bb71363e0030000a0020000; expires=Thu, 02-Mar-2023 20:21:15 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:15 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236475Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/fonts/36B87E_0_0.woff2TeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:15 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236475Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/fonts/36B87E_0_0.woff2TeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
booking_redesign_prod=true; expires=Mon, 03-Oct-2022 20:21:15 GMT; path=/; domain=.ncl.com; secure
akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=5~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=7585bd97a9b53c8175100568ae88e1e4; path=/; Secure; SameSite=None
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
norwegiancruiseline.mpeasylink.com/mpel/mpel_toggle.js?v=1662236473
54.174.98.17200 1.3 kB URL HTTP/1.1 norwegiancruiseline.mpeasylink.com/mpel/mpel_toggle.js?v=1662236473
IP 54.174.98.17:0
File type Unicode text, UTF-8 text, with very long lines (697), with CRLF line terminators
Hash d5f53e44399ec2d8921e6e79deda601c
b6b33fa554ce6c476e03eaa2e617e983f222ae0c
fe8d1f98d88e5f8a7a203db4878210943c7a832b53936fb1b4d47d5a423cce9d
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_toggle.js?v=1662236473 HTTP/1.1
Host: norwegiancruiseline.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Sat, 03 Sep 2022 20:21:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"3159-1639662362000"
Last-Modified: Thu, 16 Dec 2021 13:46:02 GMT
Cache-Control: max-age=86400
Expires: Sun, 04 Sep 2022 20:21:15 GMT
vary: accept-encoding
Content-Encoding: gzip
norwegiancruiseline.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
54.174.98.17200 1.6 kB URL HTTP/1.1 norwegiancruiseline.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
IP 54.174.98.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 3aead7c32b39ea8d22709acee4f42aa8
dfcacb25d20c1c4cfce637988be464b36488d2a9
4042cfb44ce165c34d2081f6dae97332788c256c1e1eaabc762e4034d961406b
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin HTTP/1.1
Host: norwegiancruiseline.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Sat, 03 Sep 2022 20:21:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"4342-1474031000000"
Last-Modified: Fri, 16 Sep 2016 13:03:20 GMT
vary: accept-encoding
Content-Encoding: gzip
tags.tiqcdn.com/utag/tiqapp/utag.currency.js?utv=ut4.45.202208291520
23.38.200.249200 OK 1.8 kB URL HTTP/2 tags.tiqcdn.com/utag/tiqapp/utag.currency.js?utv=ut4.45.202208291520
IP 23.38.200.249:0
File type ASCII text, with very long lines (2508)
Hash 36f7a71bc3f633d8d945f67a1e0d9e8c
2a210497e6841fdc6f271e044a8e728f822f9f21
06ff1aa71b4c5af64169ea8264525a4bb16e37f215a7e1c6811dbf7553b7bab5
GET /utag/tiqapp/utag.currency.js?utv=ut4.45.202208291520 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "44d62799d201db9b3b5c7d53ea6c8d83:1661734806.747335"
last-modified: Mon, 29 Aug 2022 01:00:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 1803
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.244.js?utv=ut4.45.202208291520
23.38.200.249200 OK 32 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.244.js?utv=ut4.45.202208291520
IP 23.38.200.249:0
File type ASCII text, with very long lines (8911)
Hash c7a15231e086b0b52e77391f54d97563
cc4e8b05adf9fd868f9168fc80e1e88e99d7f04a
6e49cb39e7964fd7475f06a00ccd7996139b17c1d3c40b4216f78fee4833cad9
GET /utag/ncl/main/prod/utag.244.js?utv=ut4.45.202208291520 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b4595cd8dcafab5c60dd0e3c9bef931f:1661786462.732913"
last-modified: Mon, 29 Aug 2022 15:21:02 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 31498
X-Firefox-Spdy: h2
a5414371492.cdn.optimizely.com/client_storage/a5414371492.html
104.110.8.48200 OK 806 B URL HTTP/2 a5414371492.cdn.optimizely.com/client_storage/a5414371492.html
IP 104.110.8.48:0
File type HTML document, ASCII text, with very long lines (1371)
Hash c011f4dafc549cb8303dcc15f405d611
7a8eb97f0841db0f1cf36c18151b7c937904eeea
3f04575f00d785656cecf8767da7b3e6bf8bd2936f43d60b100931d41793dafa
GET /client_storage/a5414371492.html HTTP/1.1
Host: a5414371492.cdn.optimizely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EliGKcTK9M2yKCHapMJttqp2i0zMQWKAFDP2xVsCD/ubLoaETHrP/53vgYizEKsik+6lhfL//7kM1ALS0029Ug==
x-amz-request-id: A1E7XB8KVFB3WJ6N
x-amz-replication-status: COMPLETED
last-modified: Fri, 02 Sep 2022 20:09:04 GMT
etag: "c011f4dafc549cb8303dcc15f405d611"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: .kW2Kcc2iKa1nB5OlR5g2_NyRuI_NIyI
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
content-length: 806
vary: Accept-Encoding
cache-control: max-age=120
date: Sat, 03 Sep 2022 20:21:16 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="1";dur=0,cdnip;desc="104.110.8.48";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.4.js?utv=ut4.45.202008121951
23.38.200.249200 OK 5.0 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.4.js?utv=ut4.45.202008121951
IP 23.38.200.249:0
File type ASCII text, with very long lines (1199)
Hash 019b48d31b58546ee221d30df07ce1d4
f805d434c30d355d97dfb6db8310d0ec725fc664
82acd81c93eabc078c13049f980e7b0aa3972c274c31a2f9f94324cd8f8c683a
GET /utag/ncl/main/prod/utag.4.js?utv=ut4.45.202008121951 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "793d0b67ebccade80e87ee84c51b4430:1538769625"
last-modified: Fri, 05 Oct 2018 20:00:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 4956
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.493.js?utv=ut4.45.202208081506
23.38.200.249200 OK 8.3 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.493.js?utv=ut4.45.202208081506
IP 23.38.200.249:0
File type ASCII text, with very long lines (2654)
Hash f41b587489ce1ec66790b3c0095549ff
de30c7b7c3b159174523bc0decaab3d01659f77c
941f481fb0ef388609b97d6d38ae5d4052ed4a0d05a60d6a368d51f5b9f11902
GET /utag/ncl/main/prod/utag.493.js?utv=ut4.45.202208081506 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "e28d4ace203150e051c1aaaca22775d9:1659971248.932926"
last-modified: Mon, 08 Aug 2022 15:07:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 8291
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.84.js?utv=ut4.45.202112151652
23.38.200.249200 OK 1.6 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.84.js?utv=ut4.45.202112151652
IP 23.38.200.249:0
File type ASCII text, with very long lines (1640)
Hash 4f41ed4068376c34d76c8494a2167bca
8673c1733237258d7300d6eb86313f8d8b73b80c
19c1c29903149fbad13903c7a625eaf007ef70d282e2cd2f9953858ba3aa5ca4
GET /utag/ncl/main/prod/utag.84.js?utv=ut4.45.202112151652 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "e8c9691352c9708793842981ce93368f:1639587151.614218"
last-modified: Wed, 15 Dec 2021 16:52:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 1620
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.260.js?utv=ut4.45.202111301615
23.38.200.249200 OK 965 B URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.260.js?utv=ut4.45.202111301615
IP 23.38.200.249:0
File type ASCII text, with very long lines (1048)
Hash 870f90c3a3bf0ebf6bee3cd5b1d10247
fe4d54cf7bd01801e087eab9b15a89328d9bbf92
2ef72cb8a38c8258094130f23137f93a67a6c1cfcf539b1d3be5850b19f0f743
GET /utag/ncl/main/prod/utag.260.js?utv=ut4.45.202111301615 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "78a40ac96eaafd6bee16110122e801f7:1638288923.251273"
last-modified: Tue, 30 Nov 2021 16:15:23 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 965
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.285.js?utv=ut4.45.202009221910
23.38.200.249200 OK 2.9 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.285.js?utv=ut4.45.202009221910
IP 23.38.200.249:0
File type ASCII text, with very long lines (1380)
Hash 185a429df6b544afe1d68e68ec256820
e5b3800967292980d94e4252bf585ba1cb4f832b
c40b8b774e4b614e34e20519dca05bbfd1bd2319c9d9cc8c5a29ec2c512739f5
GET /utag/ncl/main/prod/utag.285.js?utv=ut4.45.202009221910 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "bba7f9f490b197470b603fa549bceb8e:1538769911"
last-modified: Fri, 05 Oct 2018 20:05:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 2933
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.301.js?utv=ut4.45.202009221910
23.38.200.249200 OK 2.3 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.301.js?utv=ut4.45.202009221910
IP 23.38.200.249:0
File type ASCII text, with very long lines (1213)
Hash e6ac5c9c133a9997e27814f29cbdd150
5b4f304556e7c8ca63f102a54caca95d0dc70bf0
e482b1263877e75fd480beea25edbf60cc4dabf2b064cbfd7fe201d61a112b7c
GET /utag/ncl/main/prod/utag.301.js?utv=ut4.45.202009221910 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "4cc032fa8a020d173b7a061231675a0c:1541094084"
last-modified: Thu, 01 Nov 2018 17:41:24 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 2268
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.357.js?utv=ut4.45.202010211543
23.38.200.249200 OK 551 B URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.357.js?utv=ut4.45.202010211543
IP 23.38.200.249:0
File type ASCII text, with very long lines (453)
Hash 534b90fc016626a5ae8ed49493e4946e
165cfb52471569f60dddbe1b5037622c4fbce33d
4fc84aa4d915acdc21a5a4b141dd6a871d621792f4895a87cc37bd70e0dc196a
GET /utag/ncl/main/prod/utag.357.js?utv=ut4.45.202010211543 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "9b7f3396362282ecf67f75d416e192bf:1568845555.477891"
last-modified: Wed, 18 Sep 2019 22:25:55 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 551
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.401.js?utv=ut4.45.202103031654
23.38.200.249200 OK 3.0 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.401.js?utv=ut4.45.202103031654
IP 23.38.200.249:0
File type ASCII text, with very long lines (1850)
Hash c12e9883441fb09d259edd2d8f28c2dc
2d4d1387d9f3a09ae850736ffa2fdc93690e1b98
daf4b1078e8afd8ee438dd958d7f395c591644b6a23ddee56394080175744736
GET /utag/ncl/main/prod/utag.401.js?utv=ut4.45.202103031654 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "a4649905132018fd8fb00bded9424d40:1614790488.967824"
last-modified: Wed, 03 Mar 2021 16:54:48 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 3044
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9274147e4b28d562a0b80cbdfc5df3ab
0b97173db95a8e51051f1c3af7d5ffe0ce6b490e
dba546ff8241b4aaa5681ff40f801acde7353697b3d7d84d4eb52134189cb117
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2359
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:16 GMT
Last-Modified: Sat, 03 Sep 2022 19:41:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
tags.tiqcdn.com/utag/ncl/main/prod/utag.403.js?utv=ut4.45.202201101606
23.38.200.249200 OK 3.9 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.403.js?utv=ut4.45.202201101606
IP 23.38.200.249:0
File type ASCII text, with very long lines (3169)
Hash 219145a8b4c1951c311bf8c2ff1f2480
0ed71d0789aca58714557ff5c0a99efb9a50d9f4
6277ca1704712e172d1dc4847dcf1946fbf251db40452a59736941105a36cd4c
GET /utag/ncl/main/prod/utag.403.js?utv=ut4.45.202201101606 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "2d047149933ee09f0e8ae7a0f3f2c6cc:1641830935.926389"
last-modified: Mon, 10 Jan 2022 16:08:55 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 3856
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.404.js?utv=ut4.45.202008121951
23.38.200.249200 OK 1.3 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.404.js?utv=ut4.45.202008121951
IP 23.38.200.249:0
File type ASCII text, with very long lines (1490)
Hash ee6ef3d1bbc7dc779e2de0b5c3aa062d
d9b149025809d369b72d78fac56417d5b76112b3
003f8a101638cf7f0335d863902bf521802845bb9e19a3dce0c99a4e1078c47b
GET /utag/ncl/main/prod/utag.404.js?utv=ut4.45.202008121951 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "eb3fb74e44d1ffe71251f1f1cd778dc3:1573828462.372351"
last-modified: Fri, 15 Nov 2019 14:34:22 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 1328
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.405.js?utv=ut4.45.202008121951
23.38.200.249200 OK 1.0 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.405.js?utv=ut4.45.202008121951
IP 23.38.200.249:0
File type ASCII text, with very long lines (1048)
Hash a5ced5c3c4df2f1abf414f52cc553c20
0d786874e7b9d83178f09e683e82fbb30eb791cd
f885e4683a1c0d7270ced6b7059bac918e1e299a516c5aa01fe8b3c3bec85162
GET /utag/ncl/main/prod/utag.405.js?utv=ut4.45.202008121951 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "32add27e4705511e82dd17b2026472b4:1574261920.796328"
last-modified: Wed, 20 Nov 2019 14:58:40 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 1002
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.410.js?utv=ut4.45.202008121951
23.38.200.249200 OK 1.2 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.410.js?utv=ut4.45.202008121951
IP 23.38.200.249:0
File type ASCII text, with very long lines (1241)
Hash e4dabbc4d373191663605c6eb6d29fb7
eb47dd4bc745093a63a61123e437cc3407dd7154
79ccfd64b9a7de8e7f0ee0ba30813c7030a7f2467a4d9b2b1b9df4664aba4d07
GET /utag/ncl/main/prod/utag.410.js?utv=ut4.45.202008121951 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "222de2e141c62b9dce52eddd1a7ca8cd:1579618327.211511"
last-modified: Tue, 21 Jan 2020 14:52:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 1205
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.431.js?utv=ut4.45.202009162117
23.38.200.249200 OK 1.0 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.431.js?utv=ut4.45.202009162117
IP 23.38.200.249:0
File type ASCII text, with very long lines (1048)
Hash 14a3e388dffef56c10a8456f4c849be0
e9722d79ca99e6b107ad5149e697ca430110d3d3
ee1cf278a69ece192055b250b1e03ce66d4c3ad316a5e770eb0985a854944df6
GET /utag/ncl/main/prod/utag.431.js?utv=ut4.45.202009162117 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "998c2cb661aded68e18e2a1d4f28589e:1595256795.957089"
last-modified: Mon, 20 Jul 2020 14:53:15 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 1001
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.451.js?utv=ut4.45.202111301615
23.38.200.249200 OK 2.2 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.451.js?utv=ut4.45.202111301615
IP 23.38.200.249:0
File type ASCII text, with very long lines (1117)
Hash a3207fb3d3bde728f50ca3811d32207b
297c0b9a7bbe151dec4dac49b44e5c3f64b4b023
632b4b160f17e4880d3ad6ea2ba9eb6dd782475849a2263cef5672658c1f3abc
GET /utag/ncl/main/prod/utag.451.js?utv=ut4.45.202111301615 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "0342fa6fa85af8c18853b267e6be6b3a:1638288924.03673"
last-modified: Tue, 30 Nov 2021 16:15:24 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 2208
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.457.js?utv=ut4.45.202107260845
23.38.200.249200 OK 2.8 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.457.js?utv=ut4.45.202107260845
IP 23.38.200.249:0
File type ASCII text, with very long lines (1143)
Hash bf2c0ffd81ab167e7368964b873f3591
a8b578f023a1d2235847114b0cf401ecfa1f20a9
a60d37eb22d971f52019a1c879f812cba7657ca4fd2b694035bde4eebbc80981
GET /utag/ncl/main/prod/utag.457.js?utv=ut4.45.202107260845 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "0dd68aec533d40d05dbdf4febfe6d482:1627289163.029442"
last-modified: Mon, 26 Jul 2021 08:46:03 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 2789
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.486.js?utv=ut4.45.202205171523
23.38.200.249200 OK 944 B URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.486.js?utv=ut4.45.202205171523
IP 23.38.200.249:0
File type ASCII text, with very long lines (1048)
Hash a67a962620ba1d5a9f1b25eb7b89fa15
1b30b3c219b9b9e9007078f4d59324b6c8a6a31f
9cbfd209febd2d40cfcc94ffdabd757a9aede29a09f3d3edddfdbdcd6cbc9d81
GET /utag/ncl/main/prod/utag.486.js?utv=ut4.45.202205171523 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "81b8531f9d668fc0da8db72643148cfe:1652801056.643806"
last-modified: Tue, 17 May 2022 15:24:16 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 944
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.397.js?utv=ut4.45.202208081506
23.38.200.249200 OK 5.5 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.397.js?utv=ut4.45.202208081506
IP 23.38.200.249:0
File type ASCII text, with very long lines (1813)
Hash 8e999ab73ae7285c417d46b14aebb8f0
07e47e16882050b4e56d2b22b47fa6c1ceb442cc
639c118480183cfc204a007f78d6b613b60d2c28e4fbfd133eb6a6c63013d33a
GET /utag/ncl/main/prod/utag.397.js?utv=ut4.45.202208081506 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "c95643445a5f585a7820182841026947:1659971250.10987"
last-modified: Mon, 08 Aug 2022 15:07:30 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Sun, 18 Sep 2022 20:21:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
content-length: 5469
X-Firefox-Spdy: h2
norwegiancruiseline.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
54.174.98.17200 0 B URL HTTP/1.1 norwegiancruiseline.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
IP 54.174.98.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel?href=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US HTTP/1.1
Host: norwegiancruiseline.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Sat, 03 Sep 2022 20:21:16 GMT
Content-Length: 0
Connection: keep-alive
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ncl/main/202208291520&cb=1662236473829
23.38.200.249200 OK 2 B URL HTTP/2 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ncl/main/202208291520&cb=1662236473829
IP 23.38.200.249:0
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=ncl/main/202208291520&cb=1662236473829 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
content-length: 2
cache-control: max-age=600
expires: Sat, 03 Sep 2022 20:31:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ncl.com.mx/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8
104.110.2.164201 Created 18 B URL HTTP/2 www.ncl.com.mx/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8
IP 104.110.2.164:0
File type JSON data\012- , ASCII text
Hash 78b25f4f8b72d4f5826b1d665a46de1d
2703ab1d8a2b3ff3c63a72c2ef50ff1b49ca45c8
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
POST /lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8 HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Content-Type: text/plain;charset=UTF-8
Content-Length: 1433
Origin: https://www.ncl.com.mx
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~-1~YAAQhU8kF0Pnx/WCAQAAGL4DBQiSdz/PKL0aS0vCKjuUENQ+1rJHAJlux4jPiwKVRqzjDyNICANYuzVa+qe5uF4khah8lTyhTAXzCKXpzVsP7XQVx0OJdRpKztVQsvH/OvtvxBX+B0SBtUdTfh4lLQXOtW66JwR3OJf8NWFcyBzVdG+QkibOWlvBfPh5l/1GN/dCbt9y54oxYwe9q7bTRDe34RMxXIFOdkoIK/PwsDuTl3iFiFgbbLaQK9iHaXO1EVaoSNwadcqj8ZdUvmgugMWKiTRvgNBGuoG87DYAQ/SQmzOhJQ/bGYPzr0QHnxMc24jeH4C6dI2fvLJuUI2dtEKDG8gUSxqgZhsHi1Oe2U+6V/LVol2kA1BZf1HVCpsmNyfrdav2HcTVYA==~-1~-1~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kF0jnx/WCAQAAIb8DBRBUttkK/SP4BFA5LjM0ASCalOqw544ljyQxO3+T2v7KPxU6dFt3G7qyIdYgAr7A7BP9g1vMfkvfKHy5kSOGuwzqtPkH4R//wOE7w25FnqOlG0LXLrqAByvFqJqV2I/R2wnIGidX6P+PI00b15w/4aQ2FU2TDnxoNaGL+jNpYNGPIBo8Au3NqiPag2FK3QcTJktEi3JtbXqDtoAaGKazr+REuwNaBvNpOnym34xQqNjwhBpSBSJqSSnB+ipasuKVkHInI3YJOLJW8flSUXjenydszfRtbagWXxs4T0o0uFHYd6dc4UAmtRrDMSowO63q1sceGNdkJ3mDukCixej+Zm1WReXcnCi54zS8lkUhl62udJP2pDN4WidIBJqH3gDKE0dqLEgxwG17coBwL+nKQqVMI52xAyg6GNdlnSZ7xjbpCvFlDOeqWCC3XdLeusUHHt2RkAHKZ2oE0sfv
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 201 Created
content-length: 18
x_req_id: 3565f2c4-7f7e-4f2c-b07c-0832bd2c2648
date: Sat, 03 Sep 2022 20:21:16 GMT
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:16 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236476Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8TeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:16 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236476Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8TeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
_abck=8519C5655105B98A1A67B14ED52C1DB2~0~YAAQhU8kF1Tnx/WCAQAAlMQDBQjqx1mKuvSu1zodRjWlWVAWmPSEvzsDnx8lLhRdGzYO6/uXivP4DCjiBwy/5yk7zJ/cNiaNlNzIK6F9s1mbeJKPgKF9W7scrzE3rMb6BQNtNP263xl63hjFJZBju+kVD9N9ZzdUNkxq7hgviT7jUfNQZPshUEe67yMxeiYKkBT0ZY6IVXtT+OLjCn8SS3r9rZrPbf/c+JAq1j6yhvobTSMlIK5dO25P9SI3OwTbp1fMVG703rvhW3+Hm3pHlnq74lb2VEAZrSJsnzsLjApt/W0/y8lAMMXz2EA0jY90vGRGI7q5KueIMrE0B4U7m1UA2POZIs0GPpqIu3zMZTC5GHME7LFr1FBDl62c9dL31qe5wtnrqqDRTY5lIfW2ar+uomOK7jiI~-1~||1-vfuPLcnsMe-1-10-1000-2||~-1; Domain=.ncl.com.mx; Path=/; Expires=Sun, 03 Sep 2023 20:21:16 GMT; Max-Age=31536000; Secure
content-type: application/json
vary: Origin
server-timing: edge; dur=3, origin; dur=520, cdn-cache; desc=MISS
access-control-max-age: 86400
access-control-allow-credentials: true, false
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.ncl.com.mx, *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-1017367666
142.250.74.72200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-1017367666
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash da4729572728fc7d5b9a7f07fd5bffea
aaebc20bda4b33056d5a200ed860857cbcf40631
013f7e281c79e129882e1d5ea9c0577c0ef20750084f1a577fb4f090df3d8ee9
GET /gtag/js?id=AW-1017367666 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Sep 2022 20:21:16 GMT
expires: Sat, 03 Sep 2022 20:21:16 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46122
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TM94GFD&l=dataLayer
142.250.74.72200 OK 57 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TM94GFD&l=dataLayer
IP 142.250.74.72:0
File type ASCII text, with very long lines (55096)
Hash 389337879074c942d6d26e583fd658ee
37af5cea495edb30256ca3e246cbb1b8e8fa73fe
c89e05cfcef485c28c4fce67a0ea447cda49fbd43b2abf234f0cf8a47cebc5b9
GET /gtm.js?id=GTM-TM94GFD&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Sep 2022 20:21:16 GMT
expires: Sat, 03 Sep 2022 20:21:16 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56872
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.convertlanguage.com/mpwat.js
3.143.65.195200 OK 28 kB URL HTTP/2 analytics.convertlanguage.com/mpwat.js
IP 3.143.65.195:0
File type C source, ASCII text, with very long lines (2301)
Hash 8772fcb2faac2b0f5a8dadcbdf34e4ae
d20404934d6db3b7aafeff08169c22c676f5293e
fa8d7c0c17500bcb5e91eee17ba759eab4a23ba0efe2fb56f137830a8c4a1243
GET /mpwat.js HTTP/1.1
Host: analytics.convertlanguage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 20:21:16 GMT
content-type: application/javascript
content-length: 27848
server: Apache
last-modified: Wed, 11 Aug 2021 16:12:58 GMT
etag: "6cc8-5c94ae4507def"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 5e5872adcd09386231f0f2c3837a38eb
98ef02616f58d87bd2e71c250a9a4903c2d9fa3b
b525e5dde3fce0c98b0e7542a2a801d3de9a00865b53a4587ea97750257377ab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 20:21:16 GMT
Last-Modified: Sat, 03 Sep 2022 18:31:34 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m5_MakQ19-dSYQ6SLKOCpMWZWO_h2_BX1D-pm6feqj97trFHQvC8_A==
Age: 6582
collect.tealiumiq.com/ncl/main/2/i.gif
3.120.29.102200 OK 43 B URL HTTP/2 collect.tealiumiq.com/ncl/main/2/i.gif
IP 3.120.29.102:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
POST /ncl/main/2/i.gif HTTP/1.1
Host: collect.tealiumiq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Content-Type: multipart/form-data; boundary=---------------------------91203426127351245962441430320
Content-Length: 16216
Origin: https://www.ncl.com.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 20:21:16 GMT
content-type: image/gif
content-length: 43
x-acc: ncl:main:2:datacloud
x-did: 01830503b894000360cb493f346b00044002300900918
x-region: eu-central-1
access-control-allow-origin: https://www.ncl.com.mx
x-serverid: uconnect_i-0f61643e1e2a86067
pragma: no-cache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-tid: 01830503b894000360cb493f346b00044002300900918
access-control-allow-credentials: true
x-ulver: 8d6a5db2a0fd5a08495299b6f0148f19ef78176d-SNAPSHOT
vary: Origin
expires: Sat, 03 Sep 2022 20:21:16 GMT
x-uuid: 7f4ea227-f519-4321-9c40-69180f6746db
set-cookie: TAPID=ncl/main>01830503b894000360cb493f346b00044002300900918|; Path=/; Domain=.tealiumiq.com; Expires=Sun, 03-Sep-2023 20:21:16 GMT; Max-Age=31536000; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2
analytics.convertlanguage.com/__utm.gif?utmwv=1&utmn=559469485&utmcs=UTF-8&utmsr=1280x1024&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhn=www.ncl.com.mx&utmr=-&utmcc=__utma%3D123318676.559469485.1662236474.1662236474.1662236474.1%3B%2B__utmb%3D123318676%3B%2B__utmc%3D123318676%3B%2B__utmz%3D123318676.1662236474.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B&utmdt=Ingresar&utmp=%2Fshorex%2Flogin
3.143.65.195200 OK 35 B URL HTTP/2 analytics.convertlanguage.com/__utm.gif?utmwv=1&utmn=559469485&utmcs=UTF-8&utmsr=1280x1024&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhn=www.ncl.com.mx&utmr=-&utmcc=__utma%3D123318676.559469485.1662236474.1662236474.1662236474.1%3B%2B__utmb%3D123318676%3B%2B__utmc%3D123318676%3B%2B__utmz%3D123318676.1662236474.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B&utmdt=Ingresar&utmp=%2Fshorex%2Flogin
IP 3.143.65.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=1&utmn=559469485&utmcs=UTF-8&utmsr=1280x1024&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhn=www.ncl.com.mx&utmr=-&utmcc=__utma%3D123318676.559469485.1662236474.1662236474.1662236474.1%3B%2B__utmb%3D123318676%3B%2B__utmc%3D123318676%3B%2B__utmz%3D123318676.1662236474.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B&utmdt=Ingresar&utmp=%2Fshorex%2Flogin HTTP/1.1
Host: analytics.convertlanguage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 20:21:16 GMT
content-type: image/gif
content-length: 35
server: Apache
last-modified: Tue, 14 May 2019 17:36:38 GMT
etag: "23-588dc79a526c8"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ncl.com.mx/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8
104.110.2.164201 Created 18 B URL HTTP/2 www.ncl.com.mx/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8
IP 104.110.2.164:0
File type JSON data\012- , ASCII text
Hash 78b25f4f8b72d4f5826b1d665a46de1d
2703ab1d8a2b3ff3c63a72c2ef50ff1b49ca45c8
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
POST /lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8 HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Content-Type: text/plain;charset=UTF-8
Content-Length: 1540
Origin: https://www.ncl.com.mx
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~0~YAAQhU8kF1Tnx/WCAQAAlMQDBQjqx1mKuvSu1zodRjWlWVAWmPSEvzsDnx8lLhRdGzYO6/uXivP4DCjiBwy/5yk7zJ/cNiaNlNzIK6F9s1mbeJKPgKF9W7scrzE3rMb6BQNtNP263xl63hjFJZBju+kVD9N9ZzdUNkxq7hgviT7jUfNQZPshUEe67yMxeiYKkBT0ZY6IVXtT+OLjCn8SS3r9rZrPbf/c+JAq1j6yhvobTSMlIK5dO25P9SI3OwTbp1fMVG703rvhW3+Hm3pHlnq74lb2VEAZrSJsnzsLjApt/W0/y8lAMMXz2EA0jY90vGRGI7q5KueIMrE0B4U7m1UA2POZIs0GPpqIu3zMZTC5GHME7LFr1FBDl62c9dL31qe5wtnrqqDRTY5lIfW2ar+uomOK7jiI~-1~||1-vfuPLcnsMe-1-10-1000-2||~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kF0jnx/WCAQAAIb8DBRBUttkK/SP4BFA5LjM0ASCalOqw544ljyQxO3+T2v7KPxU6dFt3G7qyIdYgAr7A7BP9g1vMfkvfKHy5kSOGuwzqtPkH4R//wOE7w25FnqOlG0LXLrqAByvFqJqV2I/R2wnIGidX6P+PI00b15w/4aQ2FU2TDnxoNaGL+jNpYNGPIBo8Au3NqiPag2FK3QcTJktEi3JtbXqDtoAaGKazr+REuwNaBvNpOnym34xQqNjwhBpSBSJqSSnB+ipasuKVkHInI3YJOLJW8flSUXjenydszfRtbagWXxs4T0o0uFHYd6dc4UAmtRrDMSowO63q1sceGNdkJ3mDukCixej+Zm1WReXcnCi54zS8lkUhl62udJP2pDN4WidIBJqH3gDKE0dqLEgxwG17coBwL+nKQqVMI52xAyg6GNdlnSZ7xjbpCvFlDOeqWCC3XdLeusUHHt2RkAHKZ2oE0sfv; CONSENTMGR=c1:1%7Cc2:1%7Cc3:1%7Cc4:1%7Cc5:1%7Cc6:1%7Cc7:1%7Cc8:1%7Cc9:1%7Cc10:1%7Cc11:1%7Cc12:1%7Cc13:1%7Cc14:1%7Cc15:1%7Cts:1662236473505%7Cconsent:true; utag_main=v_id:01830503b894000360cb493f346b00044002300900918$_sn:1$_ss:1$_st:1662238273493$ses_id:1662236473493%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:ncl.com.mx$dc_visit:1$dc_event:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 201 Created
content-length: 18
x_req_id: ffdeef75-2861-40b5-9bf6-24871c9ccdc1
date: Sat, 03 Sep 2022 20:21:16 GMT
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:16 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236476Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8TeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:16 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236476Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8TeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
_abck=8519C5655105B98A1A67B14ED52C1DB2~0~YAAQhU8kF1rnx/WCAQAAncUDBQjMeNpJ8BgNnmjnZuCURnmBeizdEnZCnEWbWHqr+R747YHEpeJfzOl8swKdioLUEvovO+Gu7lwduXYp+4BQf/lrQ7V5uolusZCyDzPHH8ZBYZKIJV9/0yakDYSBKzzYOpKZkVnPreVlQNcvMFtmcydCYjHVM6PjD9VfmeCIKPqJbNUPvnPPwNJQMeriOujsRPsnf5YlmcbT/mzRgjf8lq8UP71UxpLcnDTlJ+tus8PdrD6ZW4CVrpSyK+XFpP26wrNDxHC1yQnyORNFIlx3LZaQMSd3/4qVdmL+B3AwkB3mh4feR4Ng3iOoTuCzQ74OtnN6tw+BYw1c0l0GLrd/03zTT3Hg9PraxdYQCVjxaAhtPKkBrm1yFHML1mWE8SIqH74diqf3~-1~||1-vfuPLcnsMe-1-10-1000-2||~-1; Domain=.ncl.com.mx; Path=/; Expires=Sun, 03 Sep 2023 20:21:16 GMT; Max-Age=31536000; Secure
content-type: application/json
vary: Origin
server-timing: edge; dur=17, origin; dur=219, cdn-cache; desc=MISS
access-control-max-age: 86400
access-control-allow-credentials: true, false
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.ncl.com.mx, *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2a93541e0561e7e62bf5b2ecbb2021f9
47970ee954abc5187c54ebf63fb86406be2c588f
4b5315e9009017cb3f37ac77524966daea1f13cba36ec67f18981faa0e2d8a13
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2a93541e0561e7e62bf5b2ecbb2021f9
47970ee954abc5187c54ebf63fb86406be2c588f
4b5315e9009017cb3f37ac77524966daea1f13cba36ec67f18981faa0e2d8a13
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2a93541e0561e7e62bf5b2ecbb2021f9
47970ee954abc5187c54ebf63fb86406be2c588f
4b5315e9009017cb3f37ac77524966daea1f13cba36ec67f18981faa0e2d8a13
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ncl.com.mx/akam/13/pixel_4eb6d702
104.110.2.164200 OK 0 B URL HTTP/2 www.ncl.com.mx/akam/13/pixel_4eb6d702
IP 104.110.2.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /akam/13/pixel_4eb6d702 HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Content-Type: application/x-www-form-urlencoded
Content-Length: 2638
Origin: https://www.ncl.com.mx
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~0~YAAQhU8kF1rnx/WCAQAAncUDBQjMeNpJ8BgNnmjnZuCURnmBeizdEnZCnEWbWHqr+R747YHEpeJfzOl8swKdioLUEvovO+Gu7lwduXYp+4BQf/lrQ7V5uolusZCyDzPHH8ZBYZKIJV9/0yakDYSBKzzYOpKZkVnPreVlQNcvMFtmcydCYjHVM6PjD9VfmeCIKPqJbNUPvnPPwNJQMeriOujsRPsnf5YlmcbT/mzRgjf8lq8UP71UxpLcnDTlJ+tus8PdrD6ZW4CVrpSyK+XFpP26wrNDxHC1yQnyORNFIlx3LZaQMSd3/4qVdmL+B3AwkB3mh4feR4Ng3iOoTuCzQ74OtnN6tw+BYw1c0l0GLrd/03zTT3Hg9PraxdYQCVjxaAhtPKkBrm1yFHML1mWE8SIqH74diqf3~-1~||1-vfuPLcnsMe-1-10-1000-2||~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kF0jnx/WCAQAAIb8DBRBUttkK/SP4BFA5LjM0ASCalOqw544ljyQxO3+T2v7KPxU6dFt3G7qyIdYgAr7A7BP9g1vMfkvfKHy5kSOGuwzqtPkH4R//wOE7w25FnqOlG0LXLrqAByvFqJqV2I/R2wnIGidX6P+PI00b15w/4aQ2FU2TDnxoNaGL+jNpYNGPIBo8Au3NqiPag2FK3QcTJktEi3JtbXqDtoAaGKazr+REuwNaBvNpOnym34xQqNjwhBpSBSJqSSnB+ipasuKVkHInI3YJOLJW8flSUXjenydszfRtbagWXxs4T0o0uFHYd6dc4UAmtRrDMSowO63q1sceGNdkJ3mDukCixej+Zm1WReXcnCi54zS8lkUhl62udJP2pDN4WidIBJqH3gDKE0dqLEgxwG17coBwL+nKQqVMI52xAyg6GNdlnSZ7xjbpCvFlDOeqWCC3XdLeusUHHt2RkAHKZ2oE0sfv; CONSENTMGR=c1:1%7Cc2:1%7Cc3:1%7Cc4:1%7Cc5:1%7Cc6:1%7Cc7:1%7Cc8:1%7Cc9:1%7Cc10:1%7Cc11:1%7Cc12:1%7Cc13:1%7Cc14:1%7Cc15:1%7Cts:1662236473505%7Cconsent:true; utag_main=v_id:01830503b894000360cb493f346b00044002300900918$_sn:1$_ss:1$_st:1662238273493$ses_id:1662236473493%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:ncl.com.mx$dc_visit:1$dc_event:1%3Bexp-session$dc_region:eu-central-1%3Bexp-session; mp__utma=123318676.559469485.1662236474.1662236474.1662236474.1; mp__utmb=123318676; mp__utmc=123318676; mp__utmz=123318676.1662236474.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); _gcl_au=1.1.1145589229.1662236474; _ga_D2HMRJDJR4=GS1.1.1662236474.1.0.1662236474.60.0.0; _ga=GA1.1.819594843.1662236474
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Sat, 03 Sep 2022 20:21:16 GMT
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:16 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236476Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/akam/13/pixel_4eb6d702TeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:16 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236476Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/akam/13/pixel_4eb6d702TeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kF2bnx/WCAQAAJsYDBRBaejxe7g0ub5xLNGn0zSS2MFny5D/HYgIsJDgLTYSAUMEhIEo8UtfiKwTnQ6C2zORNoiK/KetVvnOu3ZSBPdZ8KLe6RC3lmXMPctmREceeAK3ag7+dLSKTVa38T50H6C8jY6OK+Z76jzhiidsE05gn7BzFpi8ueYXP9RF9HIaiecsfysvvJddASi0ifck6NWAQrxjmZGRsVjNSFXPhzBD4lLqN2C/SKKYrayv+YGSrVrcHhgH1lVFW4UvH5n+XR6+Lb4W1qAPdRBGy5cnOcYzJZN04FUQeRbcL0rFpISN59V8qLDco2x0f6ueFDNehI/BYfO+zYs+r8RXdGsFnG9WAYQsp743v9zLJJH4dUb/DYhrIuV4Z4ld5vNZbC5mEKwHZpWoE8+EnVtTDVCTa72IoyIgybZPRV+77mhk0vYS05SlEuVWt2fyj/6SM809ors6V3z9lIDQlMWa3W9Xi1OTl3MN/eJUr; Domain=.ncl.com.mx; Path=/; Expires=Sat, 03 Sep 2022 22:21:14 GMT; Max-Age=7198; HttpOnly
server-timing: cdn-cache; desc=HIT, edge; dur=6
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
9706277.fls.doubleclick.net/activityi;src=9706277;type=norw;cat=norwe003;ord=1328772024581;gtm=2od8v0;auiddc=1145589229.1662236474;u10=%2Fshorex%2Flogin;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin?
142.250.74.70200 OK 368 B URL HTTP/2 9706277.fls.doubleclick.net/activityi;src=9706277;type=norw;cat=norwe003;ord=1328772024581;gtm=2od8v0;auiddc=1145589229.1662236474;u10=%2Fshorex%2Flogin;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (481), with no line terminators
Hash 4115bf2f20e6a5b0147722305c11a870
713d68d0b0ad13040f85c9a5ad63cc9a8d41e11b
53cea9b51b4cf5675ca6b903bfe955c499223622196998b3b33ead7b76765b71
GET /activityi;src=9706277;type=norw;cat=norwe003;ord=1328772024581;gtm=2od8v0;auiddc=1145589229.1662236474;u10=%2Fshorex%2Flogin;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin? HTTP/1.1
Host: 9706277.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 368
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
6922612.fls.doubleclick.net/activityi;src=6922612;type=remar0;cat=remar1;ord=8127311402417;gtm=2od8v0;auiddc=1145589229.1662236474;u3=content%3A%20node%3A%20login;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin?
142.250.74.70200 OK 372 B URL HTTP/2 6922612.fls.doubleclick.net/activityi;src=6922612;type=remar0;cat=remar1;ord=8127311402417;gtm=2od8v0;auiddc=1145589229.1662236474;u3=content%3A%20node%3A%20login;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (491), with no line terminators
Hash ea2281143be1df306b84a44e3b75ad46
0dd87fadc0970564f887280099e28aa91f81dbb2
2fe837851724982d3dd0e1ef824ea6ceab40c905a819f981f92161bebd3fe1ae
GET /activityi;src=6922612;type=remar0;cat=remar1;ord=8127311402417;gtm=2od8v0;auiddc=1145589229.1662236474;u3=content%3A%20node%3A%20login;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin? HTTP/1.1
Host: 6922612.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 372
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
9706277.fls.doubleclick.net/activityi;src=9706277;type=norw;cat=norwe005;ord=1662236473493;gtm=2od8v0;auiddc=1145589229.1662236474;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin?
142.250.74.70200 OK 366 B URL HTTP/2 9706277.fls.doubleclick.net/activityi;src=9706277;type=norw;cat=norwe005;ord=1662236473493;gtm=2od8v0;auiddc=1145589229.1662236474;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (472), with no line terminators
Hash ddb53a2b4944e81786c5b890fe0220ef
22e55877dacabdc26df7ab3d5f6112bd6c80cfa8
1b574b7077e8dcd536b18bb681e61e5336666c4fe6ad804233489379084e0af6
GET /activityi;src=9706277;type=norw;cat=norwe005;ord=1662236473493;gtm=2od8v0;auiddc=1145589229.1662236474;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin? HTTP/1.1
Host: 9706277.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 366
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2a93541e0561e7e62bf5b2ecbb2021f9
47970ee954abc5187c54ebf63fb86406be2c588f
4b5315e9009017cb3f37ac77524966daea1f13cba36ec67f18981faa0e2d8a13
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2a93541e0561e7e62bf5b2ecbb2021f9
47970ee954abc5187c54ebf63fb86406be2c588f
4b5315e9009017cb3f37ac77524966daea1f13cba36ec67f18981faa0e2d8a13
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9665d92cfb2f9db5f7032ed692dff0e0
2ca6220de116f04429a7ce3f3c8f95cae61db137
5cc77ac9117df4aa52cc268287bf82f9dde172f1bcd7f640d3f0ef04a5ed07c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9665d92cfb2f9db5f7032ed692dff0e0
2ca6220de116f04429a7ce3f3c8f95cae61db137
5cc77ac9117df4aa52cc268287bf82f9dde172f1bcd7f640d3f0ef04a5ed07c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9665d92cfb2f9db5f7032ed692dff0e0
2ca6220de116f04429a7ce3f3c8f95cae61db137
5cc77ac9117df4aa52cc268287bf82f9dde172f1bcd7f640d3f0ef04a5ed07c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=9706277;type=norw;cat=norwe003;ord=1328772024581;gtm=2od8v0;auiddc=1145589229.1662236474;u10=%2Fshorex%2Flogin;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
216.58.211.2200 OK 368 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9706277;type=norw;cat=norwe003;ord=1328772024581;gtm=2od8v0;auiddc=1145589229.1662236474;u10=%2Fshorex%2Flogin;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (480), with no line terminators
Hash 9a2aa359f5e0618bc8aa14445666e1cc
5ac225f328f4080f01de062a653f18c24986a913
6ec87907cac1b112e33cbf8611e706c4b1347ae021a88741529e52c42c88fb77
GET /ddm/fls/i/src=9706277;type=norw;cat=norwe003;ord=1328772024581;gtm=2od8v0;auiddc=1145589229.1662236474;u10=%2Fshorex%2Flogin;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 368
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=6922612;type=remar0;cat=remar1;ord=8127311402417;gtm=2od8v0;auiddc=1145589229.1662236474;u3=content%3A%20node%3A%20login;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
216.58.211.2200 OK 372 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=6922612;type=remar0;cat=remar1;ord=8127311402417;gtm=2od8v0;auiddc=1145589229.1662236474;u3=content%3A%20node%3A%20login;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (490), with no line terminators
Hash 485c241ecd67c34b52319819f78f010c
45fe2df507d29162abe84451e28eb39ea8b5cd13
542e6ffb6fbefb71b68a1cf3d1968653dea0308c7da41f9ca4fddea8ab9f4960
GET /ddm/fls/i/src=6922612;type=remar0;cat=remar1;ord=8127311402417;gtm=2od8v0;auiddc=1145589229.1662236474;u3=content%3A%20node%3A%20login;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6922612.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 372
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=9706277;type=norw;cat=norwe005;ord=1662236473493;gtm=2od8v0;auiddc=1145589229.1662236474;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
216.58.211.2200 OK 365 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9706277;type=norw;cat=norwe005;ord=1662236473493;gtm=2od8v0;auiddc=1145589229.1662236474;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (471), with no line terminators
Hash 419e6453a1eda0677e43f18c7b93a874
9319f31517ef4b093f2f1d46bada22fa0dc9aef7
266b66f3082ce2ea3635f0a761daec17d8e9d7c80949f46cbd685f6dc4d7f620
GET /ddm/fls/i/src=9706277;type=norw;cat=norwe005;ord=1662236473493;gtm=2od8v0;auiddc=1145589229.1662236474;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 51df98c169fb7de773301d014bcea4b8
9bdf9bdb9b5eee378e9ac4ec68ca07c665ae4819
c8336f3a2e16c9390b610c612ce9be7c19286f04a6328a29200cbf65db5801c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uqddyyxa.micpn.com/p/cp/-1/track.gif?t=1662236474362&mi_u=anon-1662236474361-9674517272&mi_cid=7014&page_title=Ingresar&event_type=pageview&cdate=1662236474361&ck=false&anon=true
143.204.55.31200 OK 42 B URL HTTP/2 uqddyyxa.micpn.com/p/cp/-1/track.gif?t=1662236474362&mi_u=anon-1662236474361-9674517272&mi_cid=7014&page_title=Ingresar&event_type=pageview&cdate=1662236474361&ck=false&anon=true
IP 143.204.55.31:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /p/cp/-1/track.gif?t=1662236474362&mi_u=anon-1662236474361-9674517272&mi_cid=7014&page_title=Ingresar&event_type=pageview&cdate=1662236474361&ck=false&anon=true HTTP/1.1
Host: uqddyyxa.micpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
x-uuid: a0e45618-d543-4bfd-b2fb-dfa75393c945
pragma: no-cache
access-control-expose-headers: X-Error
access-control-allow-origin: https://app.movableink.com
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
set-cookie: _mibhv=anon-1662236474361-9674517272_7014; Expires=Sun, 03 Sep 2023 20:21:17 GMT; Path=/; HttpOnly; Secure; SameSite=None;
_midat=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Path=/; HttpOnly; Secure; SameSite=None;
date: Sat, 03 Sep 2022 20:21:17 GMT
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SIiq8oYFkHgcsTjwilMF9F7-WvAgIborl9UJHMXivK99vGgAzHOadg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cebfe28b301ffe9583a29d4e2e787a07
c312300cb020f4f61edaf4b51394aa889bc815e8
faf415663681aab7051de03f75a3163352ff9cffa4f72e38f56d4e0eb337af4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cebfe28b301ffe9583a29d4e2e787a07
c312300cb020f4f61edaf4b51394aa889bc815e8
faf415663681aab7051de03f75a3163352ff9cffa4f72e38f56d4e0eb337af4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1a4f17bd63350fcbd827d3598f23afa1
6bd2b6656712c2ca057e2a22baebbf20b3cd3772
9303c40cbc559e8a5bdcde4a1bd32c41e1b9403fcee96b5581bf511499eedb3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=9706277;type=norw;cat=norwe003;ord=1328772024581;gtm=2od8v0;auiddc=1145589229.1662236474;u10=%2Fshorex%2Flogin;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
216.58.207.194302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9706277;type=norw;cat=norwe003;ord=1328772024581;gtm=2od8v0;auiddc=1145589229.1662236474;u10=%2Fshorex%2Flogin;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=9706277;type=norw;cat=norwe003;ord=1328772024581;gtm=2od8v0;auiddc=1145589229.1662236474;u10=%2Fshorex%2Flogin;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://9706277.fls.doubleclick.net/ddm/fls/r/src=9706277;type=norw;cat=norwe003;ord=1328772024581;gtm=2od8v0;auiddc=1145589229.1662236474;u10=%2Fshorex%2Flogin;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=9706277;type=norw;cat=norwe005;ord=1662236473493;gtm=2od8v0;auiddc=1145589229.1662236474;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
216.58.207.194302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9706277;type=norw;cat=norwe005;ord=1662236473493;gtm=2od8v0;auiddc=1145589229.1662236474;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=9706277;type=norw;cat=norwe005;ord=1662236473493;gtm=2od8v0;auiddc=1145589229.1662236474;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://9706277.fls.doubleclick.net/ddm/fls/r/src=9706277;type=norw;cat=norwe005;ord=1662236473493;gtm=2od8v0;auiddc=1145589229.1662236474;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=6922612;type=remar0;cat=remar1;ord=8127311402417;gtm=2od8v0;auiddc=1145589229.1662236474;u3=content%3A%20node%3A%20login;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
216.58.207.194200 OK 177 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=6922612;type=remar0;cat=remar1;ord=8127311402417;gtm=2od8v0;auiddc=1145589229.1662236474;u3=content%3A%20node%3A%20login;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
GET /ddm/fls/i/src=6922612;type=remar0;cat=remar1;ord=8127311402417;gtm=2od8v0;auiddc=1145589229.1662236474;u3=content%3A%20node%3A%20login;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
expires: Sat, 03 Sep 2022 20:21:17 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8014ea74946aee77ef2f3b9a264be553
fda85fc27ac2f811e543c11436cf5623cbd46bb2
271b1db0f8cff912a931b78cedb32fd59adeb60025dbcbd7cc5add7d03c82f7c
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Fri, 02 Sep 2022 23:26:01 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ojlOUgO53EDkI_uCHepw34l8mzBmM6q6_3XeuSV30rf4tkho9m2-TQ==
Age: 75317
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1a4f17bd63350fcbd827d3598f23afa1
6bd2b6656712c2ca057e2a22baebbf20b3cd3772
9303c40cbc559e8a5bdcde4a1bd32c41e1b9403fcee96b5581bf511499eedb3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.go-mpulse.net/api/config.json?key=TCZKH-A3E5K-R7UEE-8AYTU-FWV9Y&d=www.ncl.com.mx&t=5540788&v=1.746.0&sl=0&si=3acbdaef-6075-42ee-941b-42d8cf89bedd-rhnhva&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=225862
23.38.200.138200 OK 4.1 kB URL HTTP/1.1 c.go-mpulse.net/api/config.json?key=TCZKH-A3E5K-R7UEE-8AYTU-FWV9Y&d=www.ncl.com.mx&t=5540788&v=1.746.0&sl=0&si=3acbdaef-6075-42ee-941b-42d8cf89bedd-rhnhva&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=225862
IP 23.38.200.138:0
File type JSON data\012- , ASCII text, with very long lines (24714), with no line terminators
Hash 580ab76d1683f0d70ae414696e6f9fa5
9957588b4933a16ea0b57d9c1a9cdbfeb9ac9614
7a672e1a579f96ed7c914449df2c0d027c481afbe7f6665e0b541544a78d9f0d
GET /api/config.json?key=TCZKH-A3E5K-R7UEE-8AYTU-FWV9Y&d=www.ncl.com.mx&t=5540788&v=1.746.0&sl=0&si=3acbdaef-6075-42ee-941b-42d8cf89bedd-rhnhva&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=225862 HTTP/1.1
Host: c.go-mpulse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Origin: https://www.ncl.com.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Timing-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 03 Sep 2022 20:21:17 GMT
Content-Length: 4063
Connection: keep-alive
Content-Type: application/json
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 64b60a06c24c7626b2a30bd11008d59e
44b309ce5ad9f521b49cf1e30d9cf3482ed65c64
98b0ee105907a37aa0772aecfc662462b2a8dabc2f661f1506f92ae880f61457
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 20:21:17 GMT
Last-Modified: Sat, 03 Sep 2022 20:10:32 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Yxiiox-D3SQg32SB7iH-Wh9XBA88joIFhIIuD5t_mPiiQ9_b0j_AlQ==
Age: 645
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 27cb103b67ecb4771ee45b89f18f5630
6b7b51a8bf7a40122e9517ad6c13a35600921c5a
02fab82d279ed77e3137a750d48c82fe5327854befe7fe1cd7e3d7f612b47fdc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 25b244012469ec62abbbc30d46a7cc94
33fdd833346e49159078242c3a44b402c907732e
cf53987384bc7eb35b332eac33a65db58ee53404aa748a1e42c755add5414723
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion.js
142.250.74.130200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (1952)
Hash 2c26ce3715fa6c6a679d87314f70554c
f467520f68fa8d79ae6089e3cc58f70b671f3c18
651b4d861db24281be0c9b2e01cd3f49386f7937504d1219c9183a17e67bfb41
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 03 Sep 2022 20:21:17 GMT
expires: Sat, 03 Sep 2022 20:21:17 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6623093480649364478
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 17446
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.ncl.com/assets/v1/images/favicon/apple-touch-icon-128x128.png
96.6.17.206200 OK 1.8 kB URL HTTP/2 www.ncl.com/assets/v1/images/favicon/apple-touch-icon-128x128.png
IP 96.6.17.206:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 94c2d073fbb7dbcc92ab53f2e610cbf0
5c71aa66f3621b33ac8771778e305ecac930467f
3f5af90cc63e3e0801dbdcca1572b8d1244faefdb260040a7452899d6bab8243
GET /assets/v1/images/favicon/apple-touch-icon-128x128.png HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Cookie: optimizelyEndUserId=854f2417863d00003ab71363dc030000b2000000; akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=92~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=80a43e4ebeb92858acf54461891b6008
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 17:16:05 GMT
server: Akamai Image Manager
content-length: 1842
content-type: image/webp
cache-control: private, no-transform, max-age=2494478
expires: Sun, 02 Oct 2022 17:15:55 GMT
date: Sat, 03 Sep 2022 20:21:17 GMT
set-cookie: optimizelyEndUserId=854f2417863d00003ab71363dc030000b2000000; expires=Thu, 02-Mar-2023 20:21:17 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:17 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:17 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:17 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236477Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/images/favicon/apple-touch-icon-128x128.pngTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:17 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236477Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/images/favicon/apple-touch-icon-128x128.pngTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad56516f7302ec579a2ac494f84eeec2
8eb6930176531f5783ad1211ea528df143368403
e047155909ff78f0ba75cd9ed4ad78a060b33a05610f66f388e7291aecd32d4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
logx.optimizely.com/v1/events
44.196.18.144204 No Content 0 B URL HTTP/1.1 logx.optimizely.com/v1/events
IP 44.196.18.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/events HTTP/1.1
Host: logx.optimizely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1025
Origin: https://www.ncl.com.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.ncl.com.mx
Access-Control-Expose-Headers: X-Results-Data-Source
Content-Type: text/plain
Date: Sat, 03 Sep 2022 20:21:17 GMT
Server: nginx/1.21.0
Timing-Allow-Origin: *
X-Request-Id: cd750295-31ab-40a8-beb8-1a7a9d2f004b
Connection: keep-alive
www.ncl.com/assets/v1/images/favicon/windows-icon-32x32.png
96.6.17.206200 OK 554 B URL HTTP/2 www.ncl.com/assets/v1/images/favicon/windows-icon-32x32.png
IP 96.6.17.206:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d153e1b7d61fc3bbc473a4ec0f3567c6
42802631370c0be615cf4928f97dcf20404cc69b
3b292a77f3a11f9267f427fced6f410673ece2112500c693bc81436982f3c761
GET /assets/v1/images/favicon/windows-icon-32x32.png HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Cookie: optimizelyEndUserId=854f2417863d00003ab71363dc030000b2000000; akaalb_www_ncl_alb=~op=www_prod_new:prod_www_new|~rv=92~m=prod_www_new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=80a43e4ebeb92858acf54461891b6008
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 17:16:06 GMT
server: Akamai Image Manager
content-length: 554
content-type: image/webp
cache-control: private, no-transform, max-age=2494414
expires: Sun, 02 Oct 2022 17:14:51 GMT
date: Sat, 03 Sep 2022 20:21:17 GMT
set-cookie: optimizelyEndUserId=854f2417863d00003ab71363dc030000b2000000; expires=Thu, 02-Mar-2023 20:21:17 GMT; path=/; domain=.ncl.com; secure; SameSite=None
ak_location=NO,,OSLO,; expires=Sat, 10-Sep-2022 20:21:17 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Sat, 10-Sep-2022 20:21:17 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Sat, 10-Sep-2022 20:21:17 GMT; path=/; secure
AkaUTrackingID=91.90.42.15496.6.17.2061662236477Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/images/favicon/windows-icon-32x32.pngTeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:17 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.15496.6.17.2061662236477Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/images/favicon/windows-icon-32x32.pngTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/629322291/?random=1662236474722&cv=9&fst=1662236474722&num=1&npa=1&label=UlJ4CPXf4uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe005%3Bord%3D1662236473493%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.130200 OK 1.2 kB URL HTTP/2 www.googleadservices.com/pagead/conversion/629322291/?random=1662236474722&cv=9&fst=1662236474722&num=1&npa=1&label=UlJ4CPXf4uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe005%3Bord%3D1662236473493%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2028), with no line terminators
Hash 4ee9e3d56e5b2c0849a10b0c62965bd6
de09a047b704fb774d2b3aad2369f7a581201e27
fd72eff6b7fdcda17432acf3ce4837c45d3691c0d3984e177d5ae8bef512d160
GET /pagead/conversion/629322291/?random=1662236474722&cv=9&fst=1662236474722&num=1&npa=1&label=UlJ4CPXf4uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe005%3Bord%3D1662236473493%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1229
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn3.optimizely.com/js/geo4.js
104.110.9.127200 OK 302 B URL HTTP/1.1 cdn3.optimizely.com/js/geo4.js
IP 104.110.9.127:0
Hash 56e10233eaa57653e63ee929e1c619cf
864e4dfc0f6b0a2d73680b80eb476003b303eab7
4515bfcea10a9dfd175ba279138db6023e67d536edb9c9b542b4af85d8fc7146
GET /js/geo4.js HTTP/1.1
Host: cdn3.optimizely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AmazonS3
Content-Length: 302
Content-Type: application/javascript
x-amz-id-2: +tkr/7Ns7kenSzCK7455ZyE4sN+8K/pZ+M8ci8OpfMRII6vk5qGLnhIQW4kmSFsTbjS5D/kX93I=
Unused62: 8096267
x-amz-version-id: F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
x-amz-server-side-encryption: AES256
ETag: "8777c006589ecabfa3d63a6b5bf24393"
x-amz-replication-status: COMPLETED
x-amz-request-id: M8KPVV219SSHET6W
Cache-Control: max-age=45813
Date: Sat, 03 Sep 2022 20:21:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f40932022c00daae8bb8e8d21e65641
bcac67288cb0c77ea071070ed836a650be4a7752
0c6eccb2f2a91f6b4269eaa57efa9f929358dfa51a27e6cc38379e807d2120d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3061
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Last-Modified: Sat, 03 Sep 2022 19:30:16 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3f5b4e778429d4ba70b497cc9fbb1127
db17f774a14f160caa77eb0222152767a364bba7
64da763bf84ec2d6284a112f50392f15a8b11122f3875317c52bd6c5e8e8d894
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
player.vimeo.com/api/player.js
162.159.128.61200 OK 6.1 kB URL HTTP/1.1 player.vimeo.com/api/player.js
IP 162.159.128.61:0
File type Unicode text, UTF-8 text, with very long lines (20390)
Hash 517096278768b4afc862e5816d65a0cd
efb337f1d1c369be5b5fa5fb34c3742d54dcb87d
e39f4bcf8422e05cf4600c00ec36a02ee3ef772f947874272456534c6bffbe13
GET /api/player.js HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 20:21:17 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 6136
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Sat, 03 Sep 2022 20:23:19 GMT
x-host: player-65494d8d99-p2pnw
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-0
x-backend-proxy: playproxy1
x-bapp-server: player-65494d8d99-p2pnw
Accept-Ranges: bytes
Age: 1676
X-Served-By: cache-bma1668-BMA
X-Cache: HIT
X-Cache-Hits: 1104
X-Timer: S1662236478.501422,VS0,VE0
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=561RxNhEGx._Iv983rLcaXTZz89HxOdXep0lfswWZBE-1662236477-0-AS65NbXHfc/PVtwYTllMsZwUvPNZRnvfvOOyHF5HKwj5kUFWxjjPUrVoAaVCiHcMp68CAxl1QCgH9B+ueNn1Pqs=; path=/; expires=Sat, 03-Sep-22 20:51:17 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 745130e04969b512-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1278db78948279716d72ac203ad8fb0d
1746b9863b781ed9a0c26a126b9b80d36c903974
8d9e31a35490bc2ebef4c4c2152c89b62491c0cdfc31ec0594bc21fd2e9f43f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=168839D827F4697C26BD2BCC26A368EF; domain=.bing.com; expires=Thu, 28-Sep-2023 20:21:17 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4F9E8D9906FD450882D69C5C0837EEFC Ref B: OSL30EDGE0407 Ref C: 2022-09-03T20:21:17Z
date: Sat, 03 Sep 2022 20:21:17 GMT
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 03 Sep 2022 18:41:12 GMT
expires: Sat, 03 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 6005
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 76dcbad68de6958beabb7aeab54ed358
c4197b32bd92ea9ff3dbfb3a71b90c44597f8aee
ef120ca56abebe770d7975a5a4b32907308832de97de61cdb3ae61b4522b49e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6263
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Last-Modified: Sat, 03 Sep 2022 18:36:54 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 53e4933126779cbf269a5819d467ad4b
1c3c6b27a0660a44717be304d90834cf2f9cf3ce
ed5ad968f7d95b37c817e86b54062702bef60b1ffd3977248aad23072af06b87
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: x2L05RbnIjKWgU3vs2X8f5m5qmd5BuFXGVjRecsAfjiTWlNr5Xare+cDmJZlKalaQsPdrqcq6DViLc9biy4zHA==
content-length: 26752
x-fb-trip-id: 1904183273
date: Sat, 03 Sep 2022 20:21:17 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 03 Sep 2022 20:21:17 GMT
expires: Sat, 03 Sep 2022 20:21:17 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.doubleclick.net/activity;src=6922612;type=;cat=;gtm=2od8v0;auiddc=1145589229.1662236474;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin?
216.58.207.198302 Found 0 B URL HTTP/2 ad.doubleclick.net/activity;src=6922612;type=;cat=;gtm=2od8v0;auiddc=1145589229.1662236474;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin?
IP 216.58.207.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /activity;src=6922612;type=;cat=;gtm=2od8v0;auiddc=1145589229.1662236474;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=6922612;type=;cat=;gtm=2od8v0;auiddc=1145589229.1662236474;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e4b6f1300431fe7ad5b6e4c35992c399
a480e3d5b0f237988c2b240bfa12788ea51aa99a
4c7c3c7c22317b2a8424a9e02299f205740a665bc1f137a11fb2354bd23cf313
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1799
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Last-Modified: Sat, 03 Sep 2022 19:51:18 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
pixel.quantserve.com/api/segments.json?a=p-GYA0CHMM_yK5P&callback=jQuery22406231105986202643_1662236473330&_=1662236473331
91.228.74.168200 OK 69 B URL HTTP/2 pixel.quantserve.com/api/segments.json?a=p-GYA0CHMM_yK5P&callback=jQuery22406231105986202643_1662236473330&_=1662236473331
IP 91.228.74.168:0
Hash 7053a92d417ac925f1f17234b77ea35a
cf30a12399d18312f5c37582f08f9468004985c0
da4fbf4f146d7f1cd63ea67aa8849e67f021439d9c3e862a486eefce691d10c0
GET /api/segments.json?a=p-GYA0CHMM_yK5P&callback=jQuery22406231105986202643_1662236473330&_=1662236473331 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 20:21:17 GMT
content-type: application/x-javascript
content-length: 69
cache-control: private, no-transform, must-revalidate, max-age=600
expires: Sat, 03 Sep 2022 20:31:17 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
set-cookie: mc=6313b73d-985aa-8ca29-39b1d; expires=Wed, 04-Oct-2023 20:21:17 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
pubads.g.doubleclick.net/activity;dc_iu=/11222444/DFPAudiencePixel;ord=6713557776926725;dc_seg=7204577880?
142.250.74.66200 OK 42 B URL HTTP/2 pubads.g.doubleclick.net/activity;dc_iu=/11222444/DFPAudiencePixel;ord=6713557776926725;dc_seg=7204577880?
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /activity;dc_iu=/11222444/DFPAudiencePixel;ord=6713557776926725;dc_seg=7204577880? HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.doubleclick.net/activity;src=9706277;type=;cat=;gtm=2od8v0;auiddc=1145589229.1662236474;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin?
216.58.207.198302 Found 0 B URL HTTP/2 ad.doubleclick.net/activity;src=9706277;type=;cat=;gtm=2od8v0;auiddc=1145589229.1662236474;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin?
IP 216.58.207.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /activity;src=9706277;type=;cat=;gtm=2od8v0;auiddc=1145589229.1662236474;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=9706277;type=;cat=;gtm=2od8v0;auiddc=1145589229.1662236474;~oref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/ncl/main/prod/utag.js
23.38.200.249200 OK 41 kB URL HTTP/2 tags.tiqcdn.com/utag/ncl/main/prod/utag.js
IP 23.38.200.249:0
Hash 1294db75221ff1f13ae628d0ddb97790
8e5341c1df11d350399e95c4fdda598308328556
9297854ab881b88d846de5b0b8f080956eb5bec1d153de2b1833993c02cd20cd
GET /utag/ncl/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b2101cd058468a62e5698e694c6f9023:1661786463.177752"
last-modified: Mon, 29 Aug 2022 15:21:03 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sat, 03 Sep 2022 20:26:16 GMT
date: Sat, 03 Sep 2022 20:21:16 GMT
X-Firefox-Spdy: h2
www.ncl.com.mx/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8
104.110.2.164201 Created 18 B URL HTTP/2 www.ncl.com.mx/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8
IP 104.110.2.164:0
File type JSON data\012- , ASCII text
Hash 78b25f4f8b72d4f5826b1d665a46de1d
2703ab1d8a2b3ff3c63a72c2ef50ff1b49ca45c8
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
POST /lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8 HTTP/1.1
Host: www.ncl.com.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/shorex/login
Content-Type: text/plain;charset=UTF-8
Content-Length: 2130
Origin: https://www.ncl.com.mx
Connection: keep-alive
Cookie: _abck=8519C5655105B98A1A67B14ED52C1DB2~0~YAAQhU8kF1rnx/WCAQAAncUDBQjMeNpJ8BgNnmjnZuCURnmBeizdEnZCnEWbWHqr+R747YHEpeJfzOl8swKdioLUEvovO+Gu7lwduXYp+4BQf/lrQ7V5uolusZCyDzPHH8ZBYZKIJV9/0yakDYSBKzzYOpKZkVnPreVlQNcvMFtmcydCYjHVM6PjD9VfmeCIKPqJbNUPvnPPwNJQMeriOujsRPsnf5YlmcbT/mzRgjf8lq8UP71UxpLcnDTlJ+tus8PdrD6ZW4CVrpSyK+XFpP26wrNDxHC1yQnyORNFIlx3LZaQMSd3/4qVdmL+B3AwkB3mh4feR4Ng3iOoTuCzQ74OtnN6tw+BYw1c0l0GLrd/03zTT3Hg9PraxdYQCVjxaAhtPKkBrm1yFHML1mWE8SIqH74diqf3~-1~||1-vfuPLcnsMe-1-10-1000-2||~-1; bm_sz=5A7F1BA01BAC91BE2899EE3A8F9D5C2E~YAAQhU8kFzLnx/WCAQAA9roDBRClnGk4/ubvnCQ3jXrR1mbCrH1hmNXmhqFb2Ih7mGYpduVYCGa1IOR1geaUnq5OGc2lId/FZkvvXEp4SAIe9Lgcz+mjXR1Sn+HqfyWvH/7gZ229iy7ehMzR61OsNiWtcEunWztRK+iwEQQ7HRYF9FU5pSiKtGZxe7grjBzu251p1FXaJqbSjHacaGpzL6YunTJyJE928vo9ivSFQzwB34umaXMgRi6Vy6zIYpq9yUwkgi6FhgO8tSCyB9363HSFwjBjLJ7tl5Rmf8XO3C+tpB8=~4340017~3228210; NCL_R4_PROD=f08c722715fbc12e2d51b6abafc8736ad72ce7df-relayUrl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2F263143764%2F48876696%2Fprint-booked-items; BIGipServerpreprod2_www2.ncl.com_http=145402048.20480.0000; optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImFjYzEyMmI4NDViYjMwYTMwYWEyMjg1NDU2Zjc2ZDZlNDVjZTJjOTYtMTY2MjIzNjQ2OTAxNy0zYzA4Zjc4YjBmOGQ5YWFlMTVhNzNkOTUifSwibmJmIjoxNjYyMjM2NDY5LCJpYXQiOjE2NjIyMzY0Njl9.WvLfpK-dwGo6Fabqd1qT2Q_AKBfdnIOuEqwEiQ3C93Q; ak_bmsc=428DECD5C5D4E0D8185B2452BBA451FF~000000000000000000000000000000~YAAQhU8kF2bnx/WCAQAAJsYDBRBaejxe7g0ub5xLNGn0zSS2MFny5D/HYgIsJDgLTYSAUMEhIEo8UtfiKwTnQ6C2zORNoiK/KetVvnOu3ZSBPdZ8KLe6RC3lmXMPctmREceeAK3ag7+dLSKTVa38T50H6C8jY6OK+Z76jzhiidsE05gn7BzFpi8ueYXP9RF9HIaiecsfysvvJddASi0ifck6NWAQrxjmZGRsVjNSFXPhzBD4lLqN2C/SKKYrayv+YGSrVrcHhgH1lVFW4UvH5n+XR6+Lb4W1qAPdRBGy5cnOcYzJZN04FUQeRbcL0rFpISN59V8qLDco2x0f6ueFDNehI/BYfO+zYs+r8RXdGsFnG9WAYQsp743v9zLJJH4dUb/DYhrIuV4Z4ld5vNZbC5mEKwHZpWoE8+EnVtTDVCTa72IoyIgybZPRV+77mhk0vYS05SlEuVWt2fyj/6SM809ors6V3z9lIDQlMWa3W9Xi1OTl3MN/eJUr; CONSENTMGR=c1:1%7Cc2:1%7Cc3:1%7Cc4:1%7Cc5:1%7Cc6:1%7Cc7:1%7Cc8:1%7Cc9:1%7Cc10:1%7Cc11:1%7Cc12:1%7Cc13:1%7Cc14:1%7Cc15:1%7Cts:1662236473505%7Cconsent:true; utag_main=v_id:01830503b894000360cb493f346b00044002300900918$_sn:1$_ss:1$_st:1662238273493$ses_id:1662236473493%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:ncl.com.mx$dc_visit:1$dc_event:1%3Bexp-session$dc_region:eu-central-1%3Bexp-session; mp__utma=123318676.559469485.1662236474.1662236474.1662236474.1; mp__utmb=123318676; mp__utmc=123318676; mp__utmz=123318676.1662236474.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); _gcl_au=1.1.1145589229.1662236474; _ga_D2HMRJDJR4=GS1.1.1662236474.1.0.1662236474.60.0.0; _ga=GA1.1.819594843.1662236474; _mibhv=anon-1662236474361-9674517272_7014
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 201 Created
content-length: 18
x_req_id: ae5b9452-f743-4de2-92d9-22baccb717b2
date: Sat, 03 Sep 2022 20:21:17 GMT
set-cookie: optimizelyEndUserId=854f2417863d00003ab7136366000000b1000000; expires=Thu, 02-Mar-2023 20:21:17 GMT; path=/; domain=.ncl.com.mx; secure; SameSite=None
AkaUTrackingID=91.90.42.154104.110.2.1641662236477Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8TeaLeafLongTokenGeneration; expires=Thu, 06-Sep-2029 20:21:17 GMT; path=/; HttpOnly; domain=.ncl.com; secure
AkaSTrackingID=91.90.42.154104.110.2.1641662236477Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/lPm1SY8XptrUuv-pNcJp8hh4ERg/c9S5XwV8JuiL/CBpnMBcC/e1NSV2/4IRB8TeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
_abck=8519C5655105B98A1A67B14ED52C1DB2~0~YAAQhU8kF37nx/WCAQAA3cgDBQgI3gix5zBzjEqVDVQpeImZDqPC5qo+Ajw6uoK2HXNPpXJIZ1hCm1O8ZAewNQdg9i6vaAgKECSSqEotwzuoyfFmbu6OETVAv/39X5Ghru5EqW6uir0ZqxD3mM2vuxgQIGefyG1jplWrabt7Wu2W2BceNDjeE1ZHa/iehC4AchXJ3WLAqrpvDevSCZfp48KHnGWbW5jAa0T0Ohc5iDDY9R4gAfhvo8caae9Z9Nx/AbZHu1WJvQBLGewtBQ0z94XKkt30lzJbvg/0Ob7uezrgqdq+AXjP38ARD5VKbEhEf+oP1b7xzRln3pVcVqkN2LwBzHty5xKdiv3EN8FgneqcRd0U78ZXFXqgh11UeTPadtAswWg+Dm+6tcuVVvCOE2pHMhkccoE4~-1~||-1||~-1; Domain=.ncl.com.mx; Path=/; Expires=Sun, 03 Sep 2023 20:21:17 GMT; Max-Age=31536000; Secure
content-type: application/json
vary: Origin
server-timing: edge; dur=3, origin; dur=165, cdn-cache; desc=MISS
access-control-max-age: 86400
access-control-allow-credentials: true, false
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.ncl.com.mx, *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
norwegiancruiseline.112.2o7.net/b/ss/nclncbeprod/1/JS-2.8.2/s05153332076267?AQB=1&ndh=1&pf=1&t=3%2F8%2F2022%2020%3A21%3A13%206%200&ce=UTF-8&ns=norwegiancruiseline&pageName=content%3A%20node%3A%20login&g=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&cc=MXN&ch=bge&server=www.ncl.com.mx&c2=%2Fshorex%2Flogin&c20=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c21=content%3A%20node%3A%20login&v31=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c46=New&v46=New&c47=New%3A%20bge&v47=New%3A%20bge&c48=Drupal&v71=mx%20%7C%20es&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
13.36.218.177302 Found 0 B URL HTTP/2 norwegiancruiseline.112.2o7.net/b/ss/nclncbeprod/1/JS-2.8.2/s05153332076267?AQB=1&ndh=1&pf=1&t=3%2F8%2F2022%2020%3A21%3A13%206%200&ce=UTF-8&ns=norwegiancruiseline&pageName=content%3A%20node%3A%20login&g=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&cc=MXN&ch=bge&server=www.ncl.com.mx&c2=%2Fshorex%2Flogin&c20=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c21=content%3A%20node%3A%20login&v31=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c46=New&v46=New&c47=New%3A%20bge&v47=New%3A%20bge&c48=Drupal&v71=mx%20%7C%20es&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 13.36.218.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/nclncbeprod/1/JS-2.8.2/s05153332076267?AQB=1&ndh=1&pf=1&t=3%2F8%2F2022%2020%3A21%3A13%206%200&ce=UTF-8&ns=norwegiancruiseline&pageName=content%3A%20node%3A%20login&g=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&cc=MXN&ch=bge&server=www.ncl.com.mx&c2=%2Fshorex%2Flogin&c20=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c21=content%3A%20node%3A%20login&v31=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c46=New&v46=New&c47=New%3A%20bge&v47=New%3A%20bge&c48=Drupal&v71=mx%20%7C%20es&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: norwegiancruiseline.112.2o7.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
access-control-allow-origin: *
vary: Origin
date: Sat, 03 Sep 2022 20:21:17 GMT
content-type: text/plain;charset=utf-8
expires: Fri, 02 Sep 2022 20:21:17 GMT
last-modified: Sun, 04 Sep 2022 20:21:17 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|3189DB9E99D6C996-60001993D51E83F4[CE]; Path=/; Domain=norwegiancruiseline.112.2o7.net; Max-Age=63072000; Expires=Mon, 02 Sep 2024 20:21:21 GMT; SameSite=None; Secure
location: https://norwegiancruiseline.112.2o7.net/b/ss/nclncbeprod/1/JS-2.8.2/s05153332076267?AQB=1&pccr=true&vidn=3189DB9E99D6C996-60001993D51E83F4&ndh=1&pf=1&t=3%2F8%2F2022%2020%3A21%3A13%206%200&ce=UTF-8&ns=norwegiancruiseline&pageName=content%3A%20node%3A%20login&g=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&cc=MXN&ch=bge&server=www.ncl.com.mx&c2=%2Fshorex%2Flogin&c20=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c21=content%3A%20node%3A%20login&v31=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c46=New&v46=New&c47=New%3A%20bge&v47=New%3A%20bge&c48=Drupal&v71=mx%20%7C%20es&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/561584784/?random=1429503666&cv=9&fst=1662236474709&num=2&npa=1&label=yojDCOag2-EBEJC15IsC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PbcTY46WHrmS78EPo4WsgA8&sscte=1&crd=CJuqsQI
142.250.74.66302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/561584784/?random=1429503666&cv=9&fst=1662236474709&num=2&npa=1&label=yojDCOag2-EBEJC15IsC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PbcTY46WHrmS78EPo4WsgA8&sscte=1&crd=CJuqsQI
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/561584784/?random=1429503666&cv=9&fst=1662236474709&num=2&npa=1&label=yojDCOag2-EBEJC15IsC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PbcTY46WHrmS78EPo4WsgA8&sscte=1&crd=CJuqsQI HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/561584784/?random=1429503666&cv=9&fst=1662236474709&num=2&npa=1&label=yojDCOag2-EBEJC15IsC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJuqsQI&is_vtc=1&ocp_id=PbcTY46WHrmS78EPo4WsgA8&random=2274545116&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/629322291/?random=1833259102&cv=9&fst=1662236474709&num=1&npa=1&label=jlYFCJjV8uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PbcTY4mWHoKR78EP9qyd2AM&sscte=1&crd=
142.250.74.66302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/629322291/?random=1833259102&cv=9&fst=1662236474709&num=1&npa=1&label=jlYFCJjV8uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PbcTY4mWHoKR78EP9qyd2AM&sscte=1&crd=
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/629322291/?random=1833259102&cv=9&fst=1662236474709&num=1&npa=1&label=jlYFCJjV8uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PbcTY4mWHoKR78EP9qyd2AM&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/629322291/?random=1833259102&cv=9&fst=1662236474709&num=1&npa=1&label=jlYFCJjV8uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PbcTY4mWHoKR78EP9qyd2AM&random=3493766058&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/629322291/?random=284558751&cv=9&fst=1662236474722&num=1&npa=1&label=UlJ4CPXf4uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe005%3Bord%3D1662236473493%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PbcTY6GEGc207gT8lKOwBA&sscte=1&crd=
142.250.74.66302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/629322291/?random=284558751&cv=9&fst=1662236474722&num=1&npa=1&label=UlJ4CPXf4uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe005%3Bord%3D1662236473493%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PbcTY6GEGc207gT8lKOwBA&sscte=1&crd=
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/629322291/?random=284558751&cv=9&fst=1662236474722&num=1&npa=1&label=UlJ4CPXf4uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe005%3Bord%3D1662236473493%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PbcTY6GEGc207gT8lKOwBA&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/629322291/?random=284558751&cv=9&fst=1662236474722&num=1&npa=1&label=UlJ4CPXf4uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe005%3Bord%3D1662236473493%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PbcTY6GEGc207gT8lKOwBA&random=4161169309&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f40932022c00daae8bb8e8d21e65641
bcac67288cb0c77ea071070ed836a650be4a7752
0c6eccb2f2a91f6b4269eaa57efa9f929358dfa51a27e6cc38379e807d2120d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3061
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Last-Modified: Sat, 03 Sep 2022 19:30:16 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
bat.bing.com/action/0?ti=4016364&Ver=2&mid=7faf9f25-3d7f-41b3-8d06-4710ba09c140&sid=f5b5a6f02bc511eda0d8a5c2ffc97755&vid=f5b5eb602bc511ed9c59578bb789dad1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Ingresar&p=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&r=<=3688&evt=pageLoad&sv=1&rn=322594
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=4016364&Ver=2&mid=7faf9f25-3d7f-41b3-8d06-4710ba09c140&sid=f5b5a6f02bc511eda0d8a5c2ffc97755&vid=f5b5eb602bc511ed9c59578bb789dad1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Ingresar&p=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&r=<=3688&evt=pageLoad&sv=1&rn=322594
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=4016364&Ver=2&mid=7faf9f25-3d7f-41b3-8d06-4710ba09c140&sid=f5b5a6f02bc511eda0d8a5c2ffc97755&vid=f5b5eb602bc511ed9c59578bb789dad1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Ingresar&p=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&r=<=3688&evt=pageLoad&sv=1&rn=322594 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=099E5B6AFB096AF93C6A497EFA5E6B82; domain=.bing.com; expires=Thu, 28-Sep-2023 20:21:17 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CFF46C4EBACA43C1B9A62ED344444598 Ref B: OSL30EDGE0407 Ref C: 2022-09-03T20:21:17Z
date: Sat, 03 Sep 2022 20:21:17 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1017367666/?random=1662236475013&cv=9&fst=1662236475013&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.66200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1017367666/?random=1662236475013&cv=9&fst=1662236475013&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2240), with no line terminators
Hash 4317453119caa59afee3b9ae3b1400cc
a60dc3ec280fe2af6995039eb352138c3950d7d3
4dcda43203f2828d79fccb175ca3968d3c17010b299ea7ec8a41db6b12cf37f6
GET /pagead/viewthroughconversion/1017367666/?random=1662236475013&cv=9&fst=1662236475013&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1033
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1017367666/?random=1662236475016&cv=9&fst=1662236475016&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.66200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1017367666/?random=1662236475016&cv=9&fst=1662236475016&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2236), with no line terminators
Hash fa8ae1eade22aa6556a7ee7e1ad40d41
995debf12ca600bddb2cda22de73f4d65649372c
d1c69be028855050eb0188770cd1baa6d3157ab947cef417faeee201bc8838e3
GET /pagead/viewthroughconversion/1017367666/?random=1662236475016&cv=9&fst=1662236475016&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1032
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1017367666/?random=1662236475018&cv=9&fst=1662236475018&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.66200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1017367666/?random=1662236475018&cv=9&fst=1662236475018&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2238), with no line terminators
Hash 5095c8527bb5bf3cd840f6d09affd234
4336f1e2968eea68e247481a02fccbdba9e56f65
3a4f23e37d7c120bb69726321cdffd60830848734a5d0637082afdc4b8af6825
GET /pagead/viewthroughconversion/1017367666/?random=1662236475018&cv=9&fst=1662236475018&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1032
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
norwegiancruiseline.112.2o7.net/b/ss/nclncbeprod/1/JS-2.8.2/s05153332076267?AQB=1&pccr=true&vidn=3189DB9E99D6C996-60001993D51E83F4&ndh=1&pf=1&t=3%2F8%2F2022%2020%3A21%3A13%206%200&ce=UTF-8&ns=norwegiancruiseline&pageName=content%3A%20node%3A%20login&g=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&cc=MXN&ch=bge&server=www.ncl.com.mx&c2=%2Fshorex%2Flogin&c20=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c21=content%3A%20node%3A%20login&v31=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c46=New&v46=New&c47=New%3A%20bge&v47=New%3A%20bge&c48=Drupal&v71=mx%20%7C%20es&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
13.36.218.177200 OK 43 B URL HTTP/2 norwegiancruiseline.112.2o7.net/b/ss/nclncbeprod/1/JS-2.8.2/s05153332076267?AQB=1&pccr=true&vidn=3189DB9E99D6C996-60001993D51E83F4&ndh=1&pf=1&t=3%2F8%2F2022%2020%3A21%3A13%206%200&ce=UTF-8&ns=norwegiancruiseline&pageName=content%3A%20node%3A%20login&g=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&cc=MXN&ch=bge&server=www.ncl.com.mx&c2=%2Fshorex%2Flogin&c20=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c21=content%3A%20node%3A%20login&v31=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c46=New&v46=New&c47=New%3A%20bge&v47=New%3A%20bge&c48=Drupal&v71=mx%20%7C%20es&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 13.36.218.177:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/nclncbeprod/1/JS-2.8.2/s05153332076267?AQB=1&pccr=true&vidn=3189DB9E99D6C996-60001993D51E83F4&ndh=1&pf=1&t=3%2F8%2F2022%2020%3A21%3A13%206%200&ce=UTF-8&ns=norwegiancruiseline&pageName=content%3A%20node%3A%20login&g=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&cc=MXN&ch=bge&server=www.ncl.com.mx&c2=%2Fshorex%2Flogin&c20=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c21=content%3A%20node%3A%20login&v31=Weekend%20%3A%20Saturday%20%3A%204%3A00PM&c46=New&v46=New&c47=New%3A%20bge&v47=New%3A%20bge&c48=Drupal&v71=mx%20%7C%20es&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: norwegiancruiseline.112.2o7.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sat, 03 Sep 2022 20:21:17 GMT
expires: Fri, 02 Sep 2022 20:21:17 GMT
last-modified: Sun, 04 Sep 2022 20:21:17 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|3189DB9EB1E5DDC2-60000F2DB51D3F67[CE]; Path=/; Domain=norwegiancruiseline.112.2o7.net; Max-Age=63072000; Expires=Mon, 02 Sep 2024 20:21:21 GMT; SameSite=None; Secure
etag: 3569625654303752192-4619443269273468774
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/701488714/?random=1662236475054&cv=9&fst=1662236475054&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.66200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/701488714/?random=1662236475054&cv=9&fst=1662236475054&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2236), with no line terminators
Hash 4f7b63172a86e891959e72fa79aa2e94
35ffcdc3b2994d0e654761fd285ba0dc8a257003
40445ac729d81027f71adb9424650bf2d8a5eb0082ba555cdbcd7099d5e5fbb7
GET /pagead/viewthroughconversion/701488714/?random=1662236475054&cv=9&fst=1662236475054&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1030
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/701488714/?random=1662236475052&cv=9&fst=1662236475052&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.66200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/701488714/?random=1662236475052&cv=9&fst=1662236475052&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2238), with no line terminators
Hash 0f9602e5b8affce96e05653ba1c8915b
346ee2863e6ef7787c3b50e74aa38d66d964e3a0
f258b91be1111664f70083328ae9744db2e0855921412a552b9907deee2d27a4
GET /pagead/viewthroughconversion/701488714/?random=1662236475052&cv=9&fst=1662236475052&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&tiba=Ingresar&auid=1145589229.1662236474&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1034
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 20:36:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-D2HMRJDJR4>m=2oe8v0&_p=53351334&_gaz=1&gdid=dYmQxMT&cid=819594843.1662236474&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662236474&sct=1&seg=0&dl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&dt=Ingresar&en=page_view&_fv=1&_nsi=1&_ss=1&ep.login_status=&ep.page_name=content%3A%20node%3A%20login&ep.site_country=mx&ep.site_language=es
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-D2HMRJDJR4>m=2oe8v0&_p=53351334&_gaz=1&gdid=dYmQxMT&cid=819594843.1662236474&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662236474&sct=1&seg=0&dl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&dt=Ingresar&en=page_view&_fv=1&_nsi=1&_ss=1&ep.login_status=&ep.page_name=content%3A%20node%3A%20login&ep.site_country=mx&ep.site_language=es
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-D2HMRJDJR4>m=2oe8v0&_p=53351334&_gaz=1&gdid=dYmQxMT&cid=819594843.1662236474&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662236474&sct=1&seg=0&dl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&dt=Ingresar&en=page_view&_fv=1&_nsi=1&_ss=1&ep.login_status=&ep.page_name=content%3A%20node%3A%20login&ep.site_country=mx&ep.site_language=es HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Origin: https://www.ncl.com.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.ncl.com.mx
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3f5b4e778429d4ba70b497cc9fbb1127
db17f774a14f160caa77eb0222152767a364bba7
64da763bf84ec2d6284a112f50392f15a8b11122f3875317c52bd6c5e8e8d894
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=15133279&Ver=2&mid=30a6c15b-b1b8-4765-9b22-f78be25ba71d&sid=f5b5a6f02bc511eda0d8a5c2ffc97755&vid=f5b5eb602bc511ed9c59578bb789dad1&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Ingresar&p=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&r=<=3688&evt=pageLoad&sv=1&rn=82066
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=15133279&Ver=2&mid=30a6c15b-b1b8-4765-9b22-f78be25ba71d&sid=f5b5a6f02bc511eda0d8a5c2ffc97755&vid=f5b5eb602bc511ed9c59578bb789dad1&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Ingresar&p=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&r=<=3688&evt=pageLoad&sv=1&rn=82066
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=15133279&Ver=2&mid=30a6c15b-b1b8-4765-9b22-f78be25ba71d&sid=f5b5a6f02bc511eda0d8a5c2ffc97755&vid=f5b5eb602bc511ed9c59578bb789dad1&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Ingresar&p=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&r=<=3688&evt=pageLoad&sv=1&rn=82066 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=14395CAFEDE969F13C6B4EBBECBE6870; domain=.bing.com; expires=Thu, 28-Sep-2023 20:21:17 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 25E965C6037441AF80F4DEE8C61F23BE Ref B: OSL30EDGE0407 Ref C: 2022-09-03T20:21:17Z
date: Sat, 03 Sep 2022 20:21:17 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/561584784/?random=1429503666&cv=9&fst=1662236474709&num=2&npa=1&label=yojDCOag2-EBEJC15IsC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJuqsQI&is_vtc=1&ocp_id=PbcTY46WHrmS78EPo4WsgA8&random=2274545116&resp=GooglemKTybQhCsO
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/561584784/?random=1429503666&cv=9&fst=1662236474709&num=2&npa=1&label=yojDCOag2-EBEJC15IsC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJuqsQI&is_vtc=1&ocp_id=PbcTY46WHrmS78EPo4WsgA8&random=2274545116&resp=GooglemKTybQhCsO
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/561584784/?random=1429503666&cv=9&fst=1662236474709&num=2&npa=1&label=yojDCOag2-EBEJC15IsC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJuqsQI&is_vtc=1&ocp_id=PbcTY46WHrmS78EPo4WsgA8&random=2274545116&resp=GooglemKTybQhCsO HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9706277.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/561584784/?random=1429503666&cv=9&fst=1662236474709&num=2&npa=1&label=yojDCOag2-EBEJC15IsC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJuqsQI&is_vtc=1&ocp_id=PbcTY46WHrmS78EPo4WsgA8&random=2274545116&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/629322291/?random=1833259102&cv=9&fst=1662236474709&num=1&npa=1&label=jlYFCJjV8uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PbcTY4mWHoKR78EP9qyd2AM&random=3493766058&resp=GooglemKTybQhCsO
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/629322291/?random=1833259102&cv=9&fst=1662236474709&num=1&npa=1&label=jlYFCJjV8uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PbcTY4mWHoKR78EP9qyd2AM&random=3493766058&resp=GooglemKTybQhCsO
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/629322291/?random=1833259102&cv=9&fst=1662236474709&num=1&npa=1&label=jlYFCJjV8uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PbcTY4mWHoKR78EP9qyd2AM&random=3493766058&resp=GooglemKTybQhCsO HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9706277.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/629322291/?random=1833259102&cv=9&fst=1662236474709&num=1&npa=1&label=jlYFCJjV8uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PbcTY4mWHoKR78EP9qyd2AM&random=3493766058&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3f5b4e778429d4ba70b497cc9fbb1127
db17f774a14f160caa77eb0222152767a364bba7
64da763bf84ec2d6284a112f50392f15a8b11122f3875317c52bd6c5e8e8d894
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/629322291/?random=284558751&cv=9&fst=1662236474722&num=1&npa=1&label=UlJ4CPXf4uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe005%3Bord%3D1662236473493%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PbcTY6GEGc207gT8lKOwBA&random=4161169309&resp=GooglemKTybQhCsO
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/629322291/?random=284558751&cv=9&fst=1662236474722&num=1&npa=1&label=UlJ4CPXf4uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe005%3Bord%3D1662236473493%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PbcTY6GEGc207gT8lKOwBA&random=4161169309&resp=GooglemKTybQhCsO
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/629322291/?random=284558751&cv=9&fst=1662236474722&num=1&npa=1&label=UlJ4CPXf4uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe005%3Bord%3D1662236473493%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PbcTY6GEGc207gT8lKOwBA&random=4161169309&resp=GooglemKTybQhCsO HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9706277.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/629322291/?random=284558751&cv=9&fst=1662236474722&num=1&npa=1&label=UlJ4CPXf4uYBELPkiqwC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe005%3Bord%3D1662236473493%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PbcTY6GEGc207gT8lKOwBA&random=4161169309&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-D2HMRJDJR4&cid=819594843.1662236474>m=2oe8v0&aip=1
173.194.221.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-D2HMRJDJR4&cid=819594843.1662236474>m=2oe8v0&aip=1
IP 173.194.221.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-D2HMRJDJR4&cid=819594843.1662236474>m=2oe8v0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Origin: https://www.ncl.com.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.ncl.com.mx
date: Sat, 03 Sep 2022 20:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10109826.json
188.125.94.204200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10109826.json
IP 188.125.94.204:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10109826.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://9706277.fls.doubleclick.net
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 3QN6RKWKVFBJC59D
x-amz-id-2: iwHXPnUlit1u6OcxfmnP3W+O0fckvxzpYHsFWF266m9JzwQ5cp2mfpeBzoScXPsHsw/1mfi4jeE=
content-type: application/json
date: Sat, 03 Sep 2022 19:41:10 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-encoding: gzip
content-length: 22
age: 2407
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bat.bing.com/p/action/15133279.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/15133279.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/15133279.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1AD296FF5C606DFF0FE484EB5D376C8C; domain=.bing.com; expires=Thu, 28-Sep-2023 20:21:17 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5CA4F632247D427FAC2A91BA08B1173E Ref B: OSL30EDGE0407 Ref C: 2022-09-03T20:21:17Z
date: Sat, 03 Sep 2022 20:21:17 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=798296406850522&ev=PageView&dl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&rl=&if=false&ts=1662236475244&sw=1280&sh=1024&v=2.9.79&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.2.1662236475243.1743189611&it=1662236475001&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=c0d3b22e8650117695addb95af7349d6&tm=1&exp=e1&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=798296406850522&ev=PageView&dl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&rl=&if=false&ts=1662236475244&sw=1280&sh=1024&v=2.9.79&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.2.1662236475243.1743189611&it=1662236475001&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=c0d3b22e8650117695addb95af7349d6&tm=1&exp=e1&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=798296406850522&ev=PageView&dl=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&rl=&if=false&ts=1662236475244&sw=1280&sh=1024&v=2.9.79&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.2.1662236475243.1743189611&it=1662236475001&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=c0d3b22e8650117695addb95af7349d6&tm=1&exp=e1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sat, 03 Sep 2022 20:21:17 GMT
expires: Sat, 03 Sep 2022 20:21:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/p/action/4016364.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/4016364.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/4016364.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=06FFC5AE5F16610521A7D7BA5E416054; domain=.bing.com; expires=Thu, 28-Sep-2023 20:21:17 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 864F7344112F41528BE91913FB8933B7 Ref B: OSL30EDGE0407 Ref C: 2022-09-03T20:21:17Z
date: Sat, 03 Sep 2022 20:21:18 GMT
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
188.125.94.204200 OK 92 kB IP 188.125.94.204:0
File type ASCII text, with very long lines (47918)
Hash 7ac54a01c6029dc68e39a8a8c917b8e1
f98bc6d9881c690bd1564cf2e9723a357810fb1f
5175bc494d8c99b99204a031af25e826500a81fe661b95594e0657f129e3edd4
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UqX68sFfY9sZ31Y0+Ofz6Eors5fkqdlaCpS/WYbGYMSAGSH2hUNnsL01HZWWp+8Lu+QAEHvNxDo=
x-amz-request-id: H6DT9AMJKSR5P77N
date: Sat, 03 Sep 2022 20:16:43 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 275
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=uv7gy3o&ref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&upid=e3bn5i4&upv=1.1.0
52.223.40.198302 Found 333 B URL HTTP/2 insight.adsrvr.org/track/up?adv=uv7gy3o&ref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&upid=e3bn5i4&upv=1.1.0
IP 52.223.40.198:0
Hash fd89882c5c0e24cb7908600699366e69
b9d717ac0ffffc3d282878aa2c53a22804d499b2
2922b7f4a41272d73477a8b4fb0b6dea82e7fe729668d95169f11b8b2d767850
GET /track/up?adv=uv7gy3o&ref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&upid=e3bn5i4&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 03 Sep 2022 20:21:18 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=uv7gy3o&ref=https%3A%2F%2Fwww.ncl.com.mx%2Fshorex%2Flogin&upid=e3bn5i4&upv=1.1.0
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=f139b103-e5d7-4694-baa7-53b4b19ef4a8; domain=.adsrvr.org; expires=Sun, 03-Sep-2023 20:21:18 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=hugqf9n&ref=https%3A%2F%2Fadservice.google.com%2F&upid=gal93j2&upv=1.1.0
52.223.40.198200 OK 18 kB URL HTTP/2 insight.adsrvr.org/track/up?adv=hugqf9n&ref=https%3A%2F%2Fadservice.google.com%2F&upid=gal93j2&upv=1.1.0
IP 52.223.40.198:0
File type gzip compressed data, from Unix\012- data
Hash 8c4aeccfa61b4ced72c0dfefff6d6aa0
477695cb494200de352c74f99961a31138dac3a9
983db71c26988847e288640dd3d8c50eb9e6575e7192b7343a4ff2a0a19ab472
GET /track/up?adv=hugqf9n&ref=https%3A%2F%2Fadservice.google.com%2F&upid=gal93j2&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 20:21:18 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10109826&f=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.13.0&isIframe=1
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10109826&f=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.13.0&isIframe=1
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&.yp=10109826&f=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.13.0&isIframe=1 HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 20:21:18 GMT
expires: Sat, 03 Sep 2022 20:21:18 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBD63E2MCEPIHzzcvLyYEbA0fXxv4Ms0FEgEBAQEIFWMdYwAAAAAA_eMAAA&S=AQAAAslkMjTnhjRwRxAfiCHZyD4; Expires=Mon, 4 Sep 2023 02:21:18 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10109826&f=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.13.0&isIframe=1&et=custom&ec=NCLRetargeting
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10109826&f=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.13.0&isIframe=1&et=custom&ec=NCLRetargeting
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&.yp=10109826&f=https%3A%2F%2F9706277.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9706277%3Btype%3Dnorw%3Bcat%3Dnorwe003%3Bord%3D1328772024581%3Bgtm%3D2od8v0%3Bauiddc%3D1145589229.1662236474%3Bu10%3D%252Fshorex%252Flogin%3B~oref%3Dhttps%253A%252F%252Fwww.ncl.com.mx%252Fshorex%252Flogin&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.13.0&isIframe=1&et=custom&ec=NCLRetargeting HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9706277.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 20:21:18 GMT
expires: Sat, 03 Sep 2022 20:21:18 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBD63E2MCEB6bqI1PIfQx2nMUfVjOlNkFEgEBAQEIFWMdYwAAAAAA_eMAAA&S=AQAAAs-tl_x2LxsDr7xlnQiUgnA; Expires=Mon, 4 Sep 2023 02:21:18 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
universal.iperceptions.com/iFrame.html
54.230.111.54200 OK 731 B URL HTTP/2 universal.iperceptions.com/iFrame.html
IP 54.230.111.54:0
Hash 879ad810c5b07ce2c4528c50c5e7ff64
c2b65942ac09ed5fd0a2a48309e02614471e42f4
1956bcb056b2f85c6ed2c3b5a726d90f07f6d2439fef823eab39051d4e688f08
GET /iFrame.html HTTP/1.1
Host: universal.iperceptions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-md5: Vmg/mBwwVR6Kl52r4KoGqg==
last-modified: Tue, 28 Jan 2020 16:03:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cbd5557d-701e-0027-4dad-bd7381000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
date: Sat, 03 Sep 2022 20:18:41 GMT
vary: Accept-Encoding
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
age: 156
cache-control: public,max-age=7200
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y1_lhkyw-g0Fw_IMVGWtC1LwaX5sQ4QpIEzbMcdNZ3J95bKW9xd65A==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash ede9182e413e151b647c533ddc3838f8
961d5dad93971b6deb2755e384c85b184c9aca40
6b6cbdb8c4a4f714ddffa9db45001187d8ccdde0652db2946a2eb8e0f457d907
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 20:21:18 GMT
Last-Modified: Sat, 03 Sep 2022 19:23:20 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FypTQqRs7JbUa9IEOSEW6nv0rkggHiErajc9v3EWs8A5xRZBoflqgg==
Age: 3478
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash ede9182e413e151b647c533ddc3838f8
961d5dad93971b6deb2755e384c85b184c9aca40
6b6cbdb8c4a4f714ddffa9db45001187d8ccdde0652db2946a2eb8e0f457d907
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 20:21:18 GMT
Last-Modified: Sat, 03 Sep 2022 19:24:14 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9f4Qd2rNCT2wihZBt-GlD5eG-MD3cmHvRYx85t2g3hcfmbKKFUM6QA==
Age: 3424
errors.client.optimizely.com/log
107.21.143.126200 OK 13 B URL HTTP/1.1 errors.client.optimizely.com/log
IP 107.21.143.126:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /log HTTP/1.1
Host: errors.client.optimizely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.ncl.com.mx/
Origin: https://www.ncl.com.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://www.ncl.com.mx
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Sat, 03 Sep 2022 20:21:18 GMT
Content-Length: 13
Connection: keep-alive
errors.client.optimizely.com/log
107.21.143.126204 No Content 0 B URL HTTP/1.1 errors.client.optimizely.com/log
IP 107.21.143.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log HTTP/1.1
Host: errors.client.optimizely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Content-Type: application/json
Content-Length: 328
Origin: https://www.ncl.com.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.ncl.com.mx
Access-Control-Expose-Headers:
Content-Type: text/plain
Date: Sat, 03 Sep 2022 20:21:18 GMT
Connection: keep-alive
bam-cell.nr-data.net/1/64b95318bc?a=1103118551&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=5918&ck=1&ref=https://www.ncl.com.mx/shorex/login&be=3451&fe=5642&dc=3680&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662236469738,%22n%22:0,%22f%22:1708,%22dn%22:1708,%22dne%22:1708,%22c%22:1708,%22s%22:1708,%22ce%22:1708,%22rq%22:1712,%22rp%22:2331,%22rpe%22:2332,%22dl%22:2338,%22di%22:3624,%22ds%22:3677,%22de%22:3688,%22dc%22:5641,%22l%22:5641,%22le%22:5659%7D,%22navigation%22:%7B%7D%7D&fcp=3516&jsonp=NREUM.setToken
162.247.241.2200 OK 72 B URL HTTP/1.1 bam-cell.nr-data.net/1/64b95318bc?a=1103118551&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=5918&ck=1&ref=https://www.ncl.com.mx/shorex/login&be=3451&fe=5642&dc=3680&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662236469738,%22n%22:0,%22f%22:1708,%22dn%22:1708,%22dne%22:1708,%22c%22:1708,%22s%22:1708,%22ce%22:1708,%22rq%22:1712,%22rp%22:2331,%22rpe%22:2332,%22dl%22:2338,%22di%22:3624,%22ds%22:3677,%22de%22:3688,%22dc%22:5641,%22l%22:5641,%22le%22:5659%7D,%22navigation%22:%7B%7D%7D&fcp=3516&jsonp=NREUM.setToken
IP 162.247.241.2:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/64b95318bc?a=1103118551&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=5918&ck=1&ref=https://www.ncl.com.mx/shorex/login&be=3451&fe=5642&dc=3680&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662236469738,%22n%22:0,%22f%22:1708,%22dn%22:1708,%22dne%22:1708,%22c%22:1708,%22s%22:1708,%22ce%22:1708,%22rq%22:1712,%22rp%22:2331,%22rpe%22:2332,%22dl%22:2338,%22di%22:3624,%22ds%22:3677,%22de%22:3688,%22dc%22:5641,%22l%22:5641,%22le%22:5659%7D,%22navigation%22:%7B%7D%7D&fcp=3516&jsonp=NREUM.setToken HTTP/1.1
Host: bam-cell.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 20:21:18 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 745130e63be1b521-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=a8d4aab7985adc68; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCtX5vvbWgxlyUiMOCOYUvOvXGMzt1BNn3wLUvzvGVp0MX7enkQn4hyH%2Fy2LICZ%2Fh%2BMizixfVVv2fS3BPoRRDlfCnyG2BqTa5rzfBM6adW64HL8JPfOZ%2BKpMFP9%2BC%2FuI1GKQTwZ9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
api.iperceptions.com/InviteTriggers
52.138.200.61200 OK 0 B URL HTTP/2 api.iperceptions.com/InviteTriggers
IP 52.138.200.61:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /InviteTriggers HTTP/1.1
Host: api.iperceptions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: securitytoken
Referer: https://www.ncl.com.mx/
Origin: https://www.ncl.com.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-allow-headers: securitytoken
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Sat, 03 Sep 2022 20:21:17 GMT
content-length: 0
X-Firefox-Spdy: h2
api.iperceptions.com/InviteTriggers
52.138.200.61200 OK 239 B URL HTTP/2 api.iperceptions.com/InviteTriggers
IP 52.138.200.61:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 154cb5ba78e02e84b52ec0cb608b3992
4993f589ae8d66d5b37b0cee8bd430b6f94e1718
56703dceeda48ddd1f3d55b4db4e0ccfd2b7e9c129f59fc5a417b5fa1fe78f06
GET /InviteTriggers HTTP/1.1
Host: api.iperceptions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
SecurityToken: 2dad496a-8e40-423a-b5de-c7693ae73da9
Origin: https://www.ncl.com.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Sat, 03 Sep 2022 20:21:17 GMT
content-length: 239
X-Firefox-Spdy: h2
bam-cell.nr-data.net/events/1/64b95318bc?a=1103118551&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=6230&ck=1&ref=https://www.ncl.com.mx/shorex/login
162.247.241.2200 OK 24 B URL HTTP/1.1 bam-cell.nr-data.net/events/1/64b95318bc?a=1103118551&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=6230&ck=1&ref=https://www.ncl.com.mx/shorex/login
IP 162.247.241.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/64b95318bc?a=1103118551&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=6230&ck=1&ref=https://www.ncl.com.mx/shorex/login HTTP/1.1
Host: bam-cell.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
content-type: text/plain
Content-Length: 969
Origin: https://www.ncl.com.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 20:21:18 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 745130e77de1b521-OSL
Access-Control-Allow-Origin: https://www.ncl.com.mx
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyKPvLU%2FQr5AgNU6iy62X8RHLkq8PEFADXQsWoja4tb1XtfDzRzD1Ov07vqnurCn66Xfk50Ca4bFtP5cA2Al7FV3C%2F7QS7IHntLPKTed86dVfsqwMDs4nOFOaAbhPh5nl6YSS%2Faz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
universal.iperceptions.com/core/IpEngine_v78.0.js
54.230.111.54200 OK 6.5 kB URL HTTP/2 universal.iperceptions.com/core/IpEngine_v78.0.js
IP 54.230.111.54:0
File type ASCII text, with very long lines (22350)
Hash 7ced549311ce13591ed8a2940f19b095
3b391d18fd80ab4eaf0b531e7de339351756bdcf
a38ba2617004fcf6869f80c4e1e21f82ae7461fc33d10d2f08a8007af2ca9301
GET /core/IpEngine_v78.0.js HTTP/1.1
Host: universal.iperceptions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-md5: ofN/a2/Vf6dAsat1lPzqnA==
last-modified: Mon, 22 Mar 2021 17:01:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4c18cce0-401e-002f-399f-bd68f2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
date: Sat, 03 Sep 2022 20:20:10 GMT
vary: Accept-Encoding
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
age: 74
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3GVZuyYbeleuREVmols4ngeYs2hckWLIDlHAMKwoYLdZDGkpjWS4Og==
X-Firefox-Spdy: h2
684dd32b.akstat.io/
23.38.200.138204 No Content 0 B IP 23.38.200.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 684dd32b.akstat.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Content-Type: application/x-www-form-urlencoded
Content-Length: 26172
Origin: https://www.ncl.com.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://www.ncl.com.mx
x-xss-protection: 0
access-control-allow-credentials: true
timing-allow-origin: *
content-type: image/gif
expires: Sat, 03 Sep 2022 20:21:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 03 Sep 2022 20:21:19 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 0 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10150
Expires: Sat, 03 Sep 2022 23:10:24 GMT
Date: Sat, 03 Sep 2022 20:21:14 GMT
Connection: keep-alive
uqddyyxa.micpn.com/p/js/1.js
143.204.55.31200 OK 0 B URL HTTP/2 uqddyyxa.micpn.com/p/js/1.js
IP 143.204.55.31:0
GET /p/js/1.js HTTP/1.1
Host: uqddyyxa.micpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
x-uuid: 29e0adb2-f5c5-44e9-aee2-4b146374218d
cache-control: no-cache max-age=0
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
p3p: policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
timing-allow-origin: https://www.ncl.com.mx
date: Sat, 03 Sep 2022 20:21:16 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NTFIf5rVp0bV6ibcPanBT80AmMsFvFwIc2FLtKslAuEzKGXcpuF1Bw==
X-Firefox-Spdy: h2
universal.iperceptions.com/wrapper.js
54.230.111.54200 OK 0 B URL HTTP/2 universal.iperceptions.com/wrapper.js
IP 54.230.111.54:0
GET /wrapper.js HTTP/1.1
Host: universal.iperceptions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com.mx/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-md5: d5YIeO59lrTqhttidyvULA==
last-modified: Mon, 22 Mar 2021 18:02:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 738df3d5-b01e-005c-57c6-bd1831000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
date: Sat, 03 Sep 2022 20:20:42 GMT
vary: Accept-Encoding
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
age: 36
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cnEyQqvM42IkfAPW0Ia6y6BsxyhjV4y15MDjJPTszdCSkKsiVeedLg==
X-Firefox-Spdy: h2