Report - edocs.ncl.com/

Report Overview

Submitted URL
edocs.ncl.com/
IP
96.6.16.196
ASN
#16625 AKAMAI-AS
Submitted
2024-04-26 23:54:43
Access
public
Website Title
Login
Final URL
www.ncl.com/fr/en/shorex/login
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
marketserver.motionpointcore.com	unknown	2016-04-07	2018-07-18	2024-04-12	463 B	320 B	52.45.14.224
player.vimeo.com	1858	2004-12-15	2013-09-26	2024-04-25	400 B	12 kB	162.159.138.60
analytics.convertlanguage.com	24972	2005-06-09	2017-01-30	2024-03-16	1.2 kB	29 kB	18.221.115.183
ncl.usablenet.com	211148	1999-10-21	2020-08-31	2024-02-22	971 B	3.8 kB	169.47.214.218
tags.tiqcdn.com	969	2012-07-11	2013-01-15	2024-04-26	1.2 kB	826 kB	54.230.111.26
edocs.ncl.com	984214	unknown	No data	No data	1.9 kB	2.4 kB	96.6.16.196
p11.techlab-cdn.com	3539	2019-07-01	2019-10-17	2024-04-25	1.7 kB	62 kB	104.84.152.59
cdn.cookielaw.org	502	2011-06-20	2013-12-28	2024-04-25	4.2 kB	185 kB	104.19.177.52
norwegiancruiseline.mpeasylink.com	186242	2014-05-15	2016-09-18	2024-02-21	4.4 kB	51 kB	44.197.47.122
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-25	512 B	1.2 kB	35.244.181.201
geolocation.onetrust.com	802	2004-01-12	2018-02-07	2024-04-25	467 B	468 B	104.18.32.137
www.ncl.com	102779	1995-07-20	2012-10-31	2024-04-24	95 kB	2.0 MB	104.110.31.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	mpeasylink.com	Sinkholed
2024-04-26	medium	mpeasylink.com	Sinkholed
2024-04-26	medium	mpeasylink.com	Sinkholed
2024-04-26	medium	mpeasylink.com	Sinkholed
2024-04-26	medium	mpeasylink.com	Sinkholed
2024-04-26	medium	mpeasylink.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (47)

	URL	Size	First Seen	Last Seen
	www.ncl.com/fr/en/shorex/login	4.2 kB	2023-03-07	2024-05-08
Pretty URL www.ncl.com/fr/en/shorex/login IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:34 Last Seen2024-05-08 07:54:09 Times Seen1375 Hash f5f81e7c8e8056c7fed4d18850d4d9d3 6752d4270762725b9fd9a2372860d2ea63d2b8e2 d2012b1f689c821c42b5b42b218d139976a2f6047c292fde3572ace84ed0e833 Loading...

	www.ncl.com/static/scripts/analytics.plain.libraries.js?v=1709081432208	96 kB	2023-03-12	2024-04-27
Pretty URL www.ncl.com/static/scripts/analytics.plain.libraries.js?v=1709081432208 IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:04:23 Last Seen2024-04-27 01:54:52 Times Seen3 Hash 0d117b6d5f107bc1a91c6559c25e4524 11efb8f8bc2a8b68edd33620b5d9176f5005761b c8fb4be88e28420e6b9edf89168d5443858546f8cb3f2080f98aa27795ccb9cf Loading...

	www.ncl.com/fr/en/shorex/login	27 kB	2024-04-26	2024-04-27
Pretty URL www.ncl.com/fr/en/shorex/login IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 06:57:09 Last Seen2024-04-27 01:54:51 Times Seen2 Hash 66da2ba93862598bf4d377e6ae7f2dac 993b7c2f0697d8462cfceafed646dc12a7fa945b 8ce52a645c80fd06ef54b7263eb4ce3987e5ef7c81ca9f6fa5b2d3a827ce7b0a Loading...

	www.ncl.com/fr/en/shorex/login	146 B	2023-03-09	2024-04-27
Pretty URL www.ncl.com/fr/en/shorex/login IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 15:07:44 Last Seen2024-04-27 01:54:51 Times Seen2 Hash c51a2653f1c7e2d1e05de6107834c5c4 7c840e22762422f054bf454094c7971f31a7ae79 888da88ac12b636557573694cd11f6efa2aab39fc2942a64903cef9ab7765c2c Loading...

	www.ncl.com/shorex/login/assets/javascript/vendor.js?v=1709081432208	205 kB	2024-04-27	2024-04-27
Pretty URL www.ncl.com/shorex/login/assets/javascript/vendor.js?v=1709081432208 IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:54:51 Last Seen2024-04-27 01:54:51 Times Seen1 Hash f122fb51b8dd28935fb97a95d1ac4897 297d220ff4bdbe919fb166fa08e54190cebc8d72 37dc6aace48140b929ee5dbf09445416a60862980900d0f7cd5ae5283c34ea58 Loading...

	www.ncl.com/fr/en/shorex/65226_747628217.js	72 kB	2024-01-18	2024-05-08
Pretty URL www.ncl.com/fr/en/shorex/65226_747628217.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-18 14:36:08 Last Seen2024-05-08 01:28:15 Times Seen1615 Hash 15f3f19ce5f224711e4e317791900841 519d1b24d76bf6f108eecc348211fe02352a1ca6 4e5abd4a0506bb0c5426fddde67167e2f86cdad465d7fb77ce459988d26964ca Loading...

	www.ncl.com/static/scripts/analytics/mp_linkcode.js	1.6 kB	2023-03-07	2024-04-27
Pretty URL www.ncl.com/static/scripts/analytics/mp_linkcode.js IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:49 Last Seen2024-04-27 01:54:52 Times Seen118 Hash 2d32a1c2475f2739427197b5eeeda27b b1cfb57623cb70a385959eb2cd519c817058749f 8c5250be4830252c05d165dc4476b90abf0381dabbd559318bb13a62d486e1e3 Loading...

	cdn.cookielaw.org/scripttemplates/otSDKStub.js	21 kB	2024-04-16	2024-05-08
Pretty URL cdn.cookielaw.org/scripttemplates/otSDKStub.js IP 104.19.177.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:31:16 Last Seen2024-05-08 08:42:58 Times Seen3210 Hash 0cd317a7b9c520801230e944f7d50e41 e3985ff0c2e8b1eaacb617c7c5af5bebfcbceda6 6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544 Loading...

	www.ncl.com/fr/en/shorex/login	366 B	2024-04-27	2024-04-27
Pretty URL www.ncl.com/fr/en/shorex/login IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:54:51 Last Seen2024-04-27 01:54:51 Times Seen1 Hash 2410665fb89f2305b4819d67bf615b4d 64d8f27b4f2a55e0433e8cdfb6778c2bee587bbc 270c717eac3683171e51454c76ffe5d43d5c35f83a7ebedb049d98efa5ea1cab Loading...

	www.ncl.com/fr/en/shorex/login/assets/javascript/common.js?v=1709081432208	2.4 kB	2024-04-27	2024-04-27
Pretty URL www.ncl.com/fr/en/shorex/login/assets/javascript/common.js?v=1709081432208 IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:54:51 Last Seen2024-04-27 01:54:53 Times Seen2 Hash 92c5f67e4af3cd4c9215e3df54a34e72 c22630a9bc1ffcce4be306d7abd7989f8a127d9c 675fa2e8df16649722e8933ca09fd7008a52490b687e62495872281033122837 Loading...

	unknown	675 B	2024-04-27	2024-04-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-27 01:54:52 Last Seen2024-04-27 01:54:52 Times Seen1 Hash ef6d051fe4ecca8243ac420e10e813ff 615089eec2e6fb14dab2916758303cd8e954f02b 9a09314f0f342dd356ca02d2729df7cd7f85602241bee721749e2832c8b07496 Loading...

	unknown	16 B	2023-04-10	2024-05-08
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57:29 Last Seen2024-05-08 08:29:55 Times Seen34552 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	unknown	26 B	2023-03-07	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-05-08 07:54:09 Times Seen19881 Hash 0096b3a75c132c10f6a90df56192e4d7 07cfa420d654e1531d97a9dccd23f4bede5edde7 7e519b79026424c478dc1b72f347eb1327c9d01dc2458973bafe2690ca7d016d Loading...

	norwegiancruiseline.mpeasylink.com/mpel/mpel_ssd.js	4.8 kB	2023-03-07	2024-04-27
Pretty URL norwegiancruiseline.mpeasylink.com/mpel/mpel_ssd.js IP 44.197.47.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:49 Last Seen2024-04-27 01:54:52 Times Seen61 Hash 53634d0b38db8c86233117c859965496 d656bad06bb058aaebd491a52f9ca78cfe492252 7c7e594c9f61c880240e00d621a56e6da1b17e3119d7850265568ce76a380896 Loading...

	www.ncl.com/static/scripts/analytics.plain.scripts.js?v=1709081432208	20 kB	2024-04-27	2024-04-27
Pretty URL www.ncl.com/static/scripts/analytics.plain.scripts.js?v=1709081432208 IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:54:52 Last Seen2024-04-27 01:54:52 Times Seen2 Hash 71a5fea092559cfd9df44e8b5079ba59 09751345185dfac4e3582daa87ff412ccf6ae932 03980b14d41242d34ddfb165f57b54f04e66a562ccd50eb3c2c1c54e107e33c3 Loading...

	unknown	26 B	2023-03-07	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-05-08 07:54:09 Times Seen19883 Hash 8cf91652fc7787b535b26f390f9ed9af d39e49793059ab3b8a97b61bac69ad2a451c8ff2 f876a7b1e6234843f5d8487af055addd42fe6018d4f4e2f29ab08c0f08a85d94 Loading...

	www.ncl.com/fr/en/shorex/login	1.5 kB	2024-04-26	2024-04-27
Pretty URL www.ncl.com/fr/en/shorex/login IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 06:57:09 Last Seen2024-04-27 01:54:52 Times Seen2 Hash d31622544b69a994370269f5b9c5a807 74df774d6df42414b35e233ff8112e925e611941 9d09d4900ef65b1811e9f457936462d2c3a4e2b1ddb2bf9df093cb4726d8d5b7 Loading...

	unknown	26 B	2023-03-07	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-05-08 07:54:09 Times Seen19881 Hash 339aaaa033bd435bc3d3442976b21150 309497f761b4649d113688cb611242810ed2a8bc 47536a23eb95f0f1d8f00b6ef54ac4553cc05d06ddce49260dab7dc9f083296d Loading...

	www.ncl.com/z7IsGMF_mhaEoPTS5u2B3TFwPQo/rE5GmfQpXV5DN7/ZkxYJBIC/FSAD/QywKLFk	207 kB	2024-04-23	2024-05-03
Pretty URL www.ncl.com/z7IsGMF_mhaEoPTS5u2B3TFwPQo/rE5GmfQpXV5DN7/ZkxYJBIC/FSAD/QywKLFk IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 04:54:02 Last Seen2024-05-03 19:02:18 Times Seen197 Hash ebb1b6d57148b1e2a8f687add5d372e7 febdbe9dd26d3953c732e3a8f9522382a319b099 818b8580c7436c9300ddcf9ea3f2eb3915170fccf2952727d1d06019b9f12859 Loading...

	www.ncl.com/fr/en/shorex/login	4.2 kB	2024-04-27	2024-04-27
Pretty URL www.ncl.com/fr/en/shorex/login IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:54:52 Last Seen2024-04-27 01:54:52 Times Seen1 Hash 7a0dc8e4d06752a95547262c8054b0d9 c0c8a1dbb8d5abbae1999b69040d1adeb5e37d41 bef33c515896f709ec076d4cdf1f544255cd549d5facc369adb5c91d0106e823 Loading...

	www.ncl.com/fr/en/shorex/login	32 B	2023-03-07	2024-04-27
Pretty URL www.ncl.com/fr/en/shorex/login IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:26:49 Last Seen2024-04-27 01:54:52 Times Seen54 Hash 53a3a32855d5c05af2f22ad560b3e1df 6fb9480d76b8821f78d770722b3d569df90ab05e 1b781401e27b8690bf6169feb2e3d33c46996cf22be89d3afd7daa78d789054d Loading...

	unknown	26 B	2023-03-07	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-05-08 07:54:09 Times Seen19879 Hash 91e37f24be76111b93a0ff728b96cddb e1740ea479e156d424cb918060d779528ecc8fae 49ef43da1c84ec34b398aaab43e8debad168559596297c7586e9c9e8239c79bf Loading...

	www.ncl.com/assets/v1/scripts/login-libraries.js?v=1709081432208	412 kB	2024-04-27	2024-04-27
Pretty URL www.ncl.com/assets/v1/scripts/login-libraries.js?v=1709081432208 IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:54:52 Last Seen2024-04-27 01:54:52 Times Seen2 Hash 1263a9ccb7dac817c03bda41eedbb722 cefb1baf9256456e3c907386319d88ad84aa97c5 1300ea5657b7365bba27f2bee90ef3c82d6e1fed6b6a698a3d58937b7c9deaa9 Loading...

	www.ncl.com/fr/en/shorex/login/assets/javascript/ncl.login.resources.js?v=1709081432208	1.1 kB	2023-03-09	2024-04-27
Pretty URL www.ncl.com/fr/en/shorex/login/assets/javascript/ncl.login.resources.js?v=1709081432208 IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 15:07:44 Last Seen2024-04-27 01:54:53 Times Seen3 Hash 1f38b519b1231b64a5c0da817bdee7b1 c0248509b486dbc1a390a2d7baaa65f9674b03b9 b0e7508c07ead7dcaf6fac239d66506759c4685212b5234f9f35e9f566d24710 Loading...

	www.ncl.com/fr/en/sdcdn/doptimizely/js/5414371492.js	1.2 MB	2024-04-26	2024-04-27
Pretty URL www.ncl.com/fr/en/sdcdn/doptimizely/js/5414371492.js IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 06:57:09 Last Seen2024-04-27 01:54:52 Times Seen4 Hash 9d9e3938cdd361883317f13109af383b cc3713a90379f98a6565dcd691ec835e01b65b86 9a1f2b0a9484dccfa67e4a31ef463b7a709984b612a48b6bb079f7a168790884 Loading...

	norwegiancruiseline.mpeasylink.com/mpel/mpel_toggle.js?v=1714175651	3.2 kB	2023-03-07	2024-04-27
Pretty URL norwegiancruiseline.mpeasylink.com/mpel/mpel_toggle.js?v=1714175651 IP 44.197.47.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:49 Last Seen2024-04-27 01:54:52 Times Seen61 Hash aa9917402afa6dfabb49785f5a100cff 4e0f70da3dd45aa7dcfdde943c034ca05b0096df 361ac42b1a667046576bd0e709f9fda929e1562b2ddafe4871ed2cb2525d8a04 Loading...

	www.ncl.com/fr/en/shorex/login	3.7 kB	2023-03-07	2024-04-27
Pretty URL www.ncl.com/fr/en/shorex/login IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:28:31 Last Seen2024-04-27 01:54:52 Times Seen2 Hash e1c25be6180dadb88b30089de3e96280 625c58e2bfa15483aee05dbdbd577115905471f1 09765bdaba69a3d15848b078ee78d6ad45dfba26f5c40a585f893739cc1f4731 Loading...

	analytics.convertlanguage.com/mpwat.js	28 kB	2023-03-13	2024-04-27
Pretty URL analytics.convertlanguage.com/mpwat.js IP 18.221.115.183 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:31:24 Last Seen2024-04-27 01:54:53 Times Seen144 Hash e0387f6b59d90a76a7f13c46eb0ce23b 88bf77c2979dfab776d4b0a791710464dd2e0df8 fe7305a7dfcc82abff376ca1be4009f6b9ad0424e2d452a3a427d270fb341db8 Loading...

	www.ncl.com/fr/en/shorex/65257_1825232097.js	15 kB	2023-03-09	2024-05-08
Pretty URL www.ncl.com/fr/en/shorex/65257_1825232097.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:23:43 Last Seen2024-05-08 01:28:15 Times Seen24800 Hash eeb74615efbf636cc7b78b17c6a933c7 34bf4dc348cf19180c5a022d7ab98b221d60dad2 74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb Loading...

	www.ncl.com/akam/13/eb2f419	27 kB	2024-04-27	2024-04-28
Pretty URL www.ncl.com/akam/13/eb2f419 IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:54:52 Last Seen2024-04-28 10:10:22 Times Seen4 Hash bd4bdae53dfcab3249e8bc6c2e4de03a 46b1286421943bd4c4926d7dca133943505bba9d d433e553869072e59bd076455c1bf7ffb92b44da00822d2a18935d9ddcca003c Loading...

	www.ncl.com/fr/en/shorex/login	1.0 kB	2023-03-09	2024-04-27
Pretty URL www.ncl.com/fr/en/shorex/login IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 15:07:46 Last Seen2024-04-27 01:54:52 Times Seen2 Hash f080b7cb4d9a29990211c80e9daf7057 058549d996a24a75b63d31aa4d18f30efe42a1c1 c14bb2bd73432dae63d8087354fb34845ed112b03b666f35f6825537058d09ca Loading...

	www.ncl.com/fr/en/static/scripts/ncl.resources.js?v=1709081432208	295 kB	2024-04-26	2024-04-27
Pretty URL www.ncl.com/fr/en/static/scripts/ncl.resources.js?v=1709081432208 IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 06:57:09 Last Seen2024-04-27 01:54:52 Times Seen5 Hash ab13b9cce6c83124ce7de839a5e6fffa 29ecb2e7a2b8f117e457c3dd5076ee861edab69b b75c1c0f3c2f9a164ea58f379b7bdbe37ea543d7cbecfd88148aa26608ab8a09 Loading...

	norwegiancruiseline.mpeasylink.com/mpel/mpel.js	6.8 kB	2023-03-07	2024-04-27
Pretty URL norwegiancruiseline.mpeasylink.com/mpel/mpel.js IP 44.197.47.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:49 Last Seen2024-04-27 01:54:52 Times Seen61 Hash 34f069badbbe6d4f5631d939d6a46597 ad11f13123191c527319bc41b8b96c72c87c88ff f863aa45eed9a82cb97dd374986b3cc3206145864b31b8d8d3d7d869cb2339d8 Loading...

	ncl.usablenet.com/pt/switch	0 B	2023-03-07	2024-05-08
Pretty URL ncl.usablenet.com/pt/switch IP 169.47.214.218 ASN #36351 SOFTLAYER Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-08 08:46:01 Times Seen37431535 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	player.vimeo.com/api/player.js	38 kB	2024-04-24	2024-05-08
Pretty URL player.vimeo.com/api/player.js IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 20:48:56 Last Seen2024-05-08 02:29:37 Times Seen121 Hash da2ba57d91a7f508da290f9fa623eae4 b14816b57ca689786847fef1f5a31288e159e3e4 1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f Loading...

	www.ncl.com/public/7eec493338e114175d125d5bb02af596258f7f5efe1b	153 kB	2024-04-26	2024-04-27
Pretty URL www.ncl.com/public/7eec493338e114175d125d5bb02af596258f7f5efe1b IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 06:57:09 Last Seen2024-04-27 01:54:53 Times Seen5 Hash 0896008a642f961dfb3954374246789a 375da0f341af4d78f7c174154d5cef5635ba361f af502c5c329ee50a4ae76f8ff0b581770e5de7c51dccb7f2f6cbff90d557957d Loading...

	www.ncl.com/fr/en/shorex/login	296 B	2023-03-07	2024-04-27
Pretty URL www.ncl.com/fr/en/shorex/login IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:26:49 Last Seen2024-04-27 01:54:52 Times Seen71 Hash ed904c861fca6793910ed76258d53306 7caca78700f3d28ef8e5b947eccdbcbf9fdba99b 4b0c8a6d9e785404fb4c6cc1725dc6a00834d25648f7d034bcb437047b85bd46 Loading...

	cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js	344 kB	2023-04-05	2024-05-07
Pretty URL cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js IP 104.19.177.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 02:48:13 Last Seen2024-05-07 14:13:00 Times Seen1658 Hash 656a4fd9013f905080debdd038f06b94 6843484ea4be1a3415ea554bb8b7aaa6e311554a 0152531ece5b19aa743208c31fd9f9284282bc97a2ec666de5cf770a9aeee0fa Loading...

	www.ncl.com/fr/en/regional_settings.js?v=1709081432208	1.1 kB	2023-03-07	2024-04-27
Pretty URL www.ncl.com/fr/en/regional_settings.js?v=1709081432208 IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:49 Last Seen2024-04-27 01:54:53 Times Seen97 Hash 4f955957ab0b4001a9cc751e5599d69e 0fd4cfa97e3c93a9eb207587fc548c6c782f69f7 6280eb78cf7da111747a5464f8ea553e73a399f25629d3de8da198c9a67cfea3 Loading...

	www.ncl.com/fr/en/shorex/login/assets/javascript/login_module.js?v=1709081432208	16 kB	2024-04-27	2024-04-27
Pretty URL www.ncl.com/fr/en/shorex/login/assets/javascript/login_module.js?v=1709081432208 IP 104.110.31.27 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:54:52 Last Seen2024-04-27 01:54:53 Times Seen2 Hash d5c2d229999975471397bf9eb5b1bdbb 67e5f97442f1a840a9f2d446fbc354c8d692a69c f4a5c89f8d984d822934fdfea64f5c687e1c3712d7048a20366bfa38fe6166bc Loading...

	unknown	26 B	2023-03-07	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-05-08 07:54:09 Times Seen19885 Hash 813f7afe12806d2df1c685b53ab49c0e 8ebc2ee97e18dd336b670b53dbccdfb8788a5825 ab008176ac77145e392d8392787e81c90c2592a54b1590d8779c74f956c0e46a Loading...

	ncl.usablenet.com/pt/start	1.8 kB	2023-03-07	2024-04-27
Pretty URL ncl.usablenet.com/pt/start IP 169.47.214.218 ASN #36351 SOFTLAYER Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:49 Last Seen2024-04-27 01:54:52 Times Seen60 Hash c2dcd9a72823eb5829e1f5127ef8c365 19802d5b77f589c81a2ad9dedc342660307f914a aa25a5117ca6da3da0f1dfa2d57e8b18ade1b92f6f99d3da503fe691f4907fbb Loading...

	tags.tiqcdn.com/utag/ncl/main/prod/utag.sync.js	6.3 kB	2024-04-26	2024-04-27
Pretty URL tags.tiqcdn.com/utag/ncl/main/prod/utag.sync.js IP 54.230.111.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 06:57:10 Last Seen2024-04-27 01:54:52 Times Seen4 Hash ed68094e1ccf9f3b7aeb9282eb8c8a97 a4f339376864707f4a8e51a113a5d27e483c4bfb 42366838520def85ae65593243be0e750ba5d158e307b89de6dff3ad5893d6da Loading...

	www.ncl.com/fr/en/shorex/65319_1825202430.js	55 kB	2023-12-20	2024-05-04
Pretty URL www.ncl.com/fr/en/shorex/65319_1825202430.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-20 04:31:14 Last Seen2024-05-04 00:06:19 Times Seen1851 Hash ad404332d90a3f06c80b3c705ba666ba 5df99faa1ba23ff8105cc0505424ceccdf85a5a1 1762a6d546dfc49a32e2e4b2caefb01368b948b0d137b4e03447e18e3119c65a Loading...

	norwegiancruiseline.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin&ref=&lang=&country=undefined&curr=undefined&region=undefined&osl=en-US	1.8 kB	2023-03-07	2024-04-27
Pretty URL norwegiancruiseline.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin&ref=&lang=&country=undefined&curr=undefined&region=undefined&osl=en-US IP 44.197.47.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:49 Last Seen2024-04-27 01:54:53 Times Seen113 Hash dc0be57bcb618e9b266a7088bc795418 d7241767f8789be9e2fca7743affb0ef52c20cd8 78245aa35add9bc71e54a5582bed409d202cd17639c17deb1bb8c1cbfcf6e3db Loading...

	tags.tiqcdn.com/utag/ncl/main/prod/utag.js	409 kB	2024-04-26	2024-04-27
Pretty URL tags.tiqcdn.com/utag/ncl/main/prod/utag.js IP 54.230.111.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 06:57:08 Last Seen2024-04-27 01:54:52 Times Seen2 Hash 7d6f22c651e6a4eea4cc06d805021158 fd74c87ad6364f90a4b760152b44fbb892593df4 5c5958d364fbeb67132eccf606b671b0cbfd2248107cea38f75bc580b2513ad5 Loading...

	www.ncl.com/fr/en/shorex/64885_1825202523.js	2.7 kB	2023-03-07	2024-05-08
Pretty URL www.ncl.com/fr/en/shorex/64885_1825202523.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-05-08 01:28:15 Times Seen26302 Hash 0e7bc16532936d718f36dc47d8feb332 a2c67b619faac3a4aba0407cb4f34d844f4d2071 422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529 Loading...

HTTP Transactions (67)

URL IP Response Size

edocs.ncl.com/

96.6.16.196

301 Moved Permanently

0 B

URL User Request GET HTTP/2
edocs.ncl.com/
IP
96.6.16.196:443
ASN
#16625 AKAMAI-AS

Certificate
IssuerDigiCert Inc
Subject*.ncl.com
FingerprintC7:32:20:63:52:ED:5B:BD:FA:BA:22:8E:95:FF:87:71:72:BE:BF:D8
ValidityTue, 17 Oct 2023 00:00:00 GMT - Thu, 17 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: edocs.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://edocs.ncl.com/edocs/login.aspx
date: Fri, 26 Apr 2024 23:54:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175648701_388255175_161527312_28_10309_1_171_41";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
set-cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; Domain=.ncl.com; Path=/; Expires=Sat, 26 Apr 2025 23:54:08 GMT; Max-Age=31536000; Secure
bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQx00kFyHIXcuOAQAAc6TUHBe59r9845i3NJAW3v5z3ByrgPWCJkoaRjT5/HhFeKhHlN234F81ZcQxk/N+8JiHHyOuVZv/1WbXgJ5ptmZa/4mwsf9kyGCr0S8Iiwt8NjLEi34otsjT765ZSzuwA71lEjtxDClvB33ClQ5GuatA03BHhVTqzTRLBvb37bGUSKRN7NYWdIOnFyRLgH7CFZtscwz0XD0vnlYM90v39lLEmW9eFo5PzNhUoDztdwwyv5IxpjC86Euu3LPOy4zF9oBDLedi+ELZjaxUIzk/CPK0wlbLX2B25qc8NmR1qJkP6YChhhEtA3AAtXI8OZDZYJ8jX6KqNu9N52OEgSVLinArpty/+DUYZ0AC30D6CQQZiGaanQwJashu~4408133~4601400; Domain=.ncl.com; Path=/; Expires=Sat, 27 Apr 2024 03:54:08 GMT; Max-Age=14400; Secure
X-Firefox-Spdy: h2

edocs.ncl.com/edocs/login.aspx

96.6.16.196

301 Moved Permanently

0 B

URL User Request GET HTTP/2
edocs.ncl.com/edocs/login.aspx
IP
96.6.16.196:443
ASN
#16625 AKAMAI-AS

Certificate
IssuerDigiCert Inc
Subject*.ncl.com
FingerprintC7:32:20:63:52:ED:5B:BD:FA:BA:22:8E:95:FF:87:71:72:BE:BF:D8
ValidityTue, 17 Oct 2023 00:00:00 GMT - Thu, 17 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /edocs/login.aspx HTTP/1.1
Host: edocs.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQx00kFyHIXcuOAQAAc6TUHBe59r9845i3NJAW3v5z3ByrgPWCJkoaRjT5/HhFeKhHlN234F81ZcQxk/N+8JiHHyOuVZv/1WbXgJ5ptmZa/4mwsf9kyGCr0S8Iiwt8NjLEi34otsjT765ZSzuwA71lEjtxDClvB33ClQ5GuatA03BHhVTqzTRLBvb37bGUSKRN7NYWdIOnFyRLgH7CFZtscwz0XD0vnlYM90v39lLEmW9eFo5PzNhUoDztdwwyv5IxpjC86Euu3LPOy4zF9oBDLedi+ELZjaxUIzk/CPK0wlbLX2B25qc8NmR1qJkP6YChhhEtA3AAtXI8OZDZYJ8jX6KqNu9N52OEgSVLinArpty/+DUYZ0AC30D6CQQZiGaanQwJashu~4408133~4601400
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://www.ncl.com/shorex/login
date: Fri, 26 Apr 2024 23:54:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175648894_388255175_161527313_23_8220_1_0_41";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
set-cookie: bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQx00kFyLIXcuOAQAAhqTUHBcIQ2SYxtG1dplCifgazkSpsCxH6nPDuzFkzjB+ZNaiKghGs5V6ve+Duq+SnG1drY4fLnjokhMdep7pIpYuAdJqrSbfzoY609xcCPaLfRVP0AjZ4F7mtrqvszaZMrb00oGBK78dlOzRNkym4hoEdMWoARs9m4vmmtzEt/kDp7Y8rLXFBYWjhBQ6TJjzEJpg5wLoDuHp9xTcgIMhYjUv8pFDR9Y9ui91nwD2VO1sHyjVChdDK4B/IfpoAGZh1BT8nSXoIlITtnd5z69OLPW3AykXsncdS9qO9u0VtkOzO4LRSd4aWCBEI6EkuAenCHXT72gEi0tLTxHyjPFXyvXSDab50xd15wOf5qotCD8oK0G5ttSm7fsYpqPZRxI=~4408133~4601400; Domain=.ncl.com; Path=/; Expires=Sat, 27 Apr 2024 03:54:08 GMT; Max-Age=14400; Secure
X-Firefox-Spdy: h2

www.ncl.com/shorex/login

104.110.31.27

301 Moved Permanently

0 B

URL User Request GET HTTP/2
www.ncl.com/shorex/login
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /shorex/login HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQx00kFyLIXcuOAQAAhqTUHBcIQ2SYxtG1dplCifgazkSpsCxH6nPDuzFkzjB+ZNaiKghGs5V6ve+Duq+SnG1drY4fLnjokhMdep7pIpYuAdJqrSbfzoY609xcCPaLfRVP0AjZ4F7mtrqvszaZMrb00oGBK78dlOzRNkym4hoEdMWoARs9m4vmmtzEt/kDp7Y8rLXFBYWjhBQ6TJjzEJpg5wLoDuHp9xTcgIMhYjUv8pFDR9Y9ui91nwD2VO1sHyjVChdDK4B/IfpoAGZh1BT8nSXoIlITtnd5z69OLPW3AykXsncdS9qO9u0VtkOzO4LRSd4aWCBEI6EkuAenCHXT72gEi0tLTxHyjPFXyvXSDab50xd15wOf5qotCD8oK0G5ttSm7fsYpqPZRxI=~4408133~4601400
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://www.ncl.com/fr/en/shorex/login
date: Fri, 26 Apr 2024 23:54:09 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
ak_location=NO,,OSLO,; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; secure
AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/loginTeaLeafLongTokenGeneration; expires=Wed, 30-Apr-2031 23:54:09 GMT; path=/; HttpOnly; domain=.ncl.com; secure; HttpOnly
AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/loginTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure; HttpOnly
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
AKA_A2=A; expires=Sat, 27-Apr-2024 00:54:09 GMT; path=/; domain=ncl.com; secure; HttpOnly
ncl_aws_prod=true; expires=Tue, 25-Jun-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
nosailaway=yes; expires=Tue, 25-Jun-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; path=/; Expires=Tue, 25 Jun 2024 23:54:09 GMT; Secure; SameSite=None
bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF4o3seiOAQAAr6bUHBfZwbljXR9dpjhkZChBMNmIZzMDlrOvYTR9eNZUWey3IY3YNbzm/PnBCedQWjp99rr0yI2oaJ9mm71gEGqeozbvAy+tktRA5Fgrd6538SR8zU6hB77MW2mMBiinMgK+F+ONoaNEoK/gp1yXRpf37sk4PeskU5uQPgy+aOnwyBeCZp3N5W9+fqm98ku0lU4+rWDtpK2T9cuxXPYsyH+SZpNXeWX77W49ZFzhwbrq6+4GC1YSgOpVIOIAhEOeFt1UboJYj1jRkYubvDlouvzesRsHb5Qol1yisqZI4s52T+xqFCSdaAlm/diVHvEcAH2E3Z2Jy9SDPkaPpMMW3wYfinSQ99D3NAsZajsvq5W3a+xZ+uBAeQXNEFvsXhR3WaMDKQ==~4408133~4601400; Domain=.ncl.com; Path=/; Expires=Sat, 27 Apr 2024 03:54:08 GMT; Max-Age=14399; Secure
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175649021_388255198_129679093_49_425656_2_6_41";dur=1
link: <https://www.ncl.com/assets/v1/fonts/noto-sans-v27-latin-regular.woff2>;rel="preload";as="font";type="font/woff2";crossorigin, <https://www.ncl.com/assets/v1/fonts/norwegian-icons-set.woff2?wkwidt>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.ncl.com/assets/v1/fonts/jost-v14-latin-700.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.ncl.com/assets/v1/fonts/jost-v14-latin-500.woff2>;rel="preload";as="font";type="font/woff2";crossorigin, <https://cdn.optimizely.com>;rel="preconnect",<https://tags.tiqcdn.com>;rel="preconnect",<https://norwegiancruiseline.mpeasylink.com>;rel="preconnect",<https://p11.techlab-cdn.com>;rel="preconnect",<https://cdn3.optimizely.com>;rel="preconnect",<https://cdn.cookielaw.org>;rel="preconnect",<https://assets.adobedtm.com>;rel="preconnect",<https://cdn.evgnet.com>;rel="preconnect"
akamai-grn: 0.de4d2417.1714175649.7babef5
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/fr/en/shorex/login

104.110.31.27

200 OK

15 kB

URL User Request GET HTTP/2
www.ncl.com/fr/en/shorex/login
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (4429)
Size
15 kB (14772 bytes)
Hash
66e25c21ac697324689afb7ee48ee516
0ac6bba95a20f23d0aa140230304f06d05085365
694f13e193b0dd25520e9ebb2d8fbb9250e7f5996c6a62c569e98b8995c76fb0

HTTP Headers

GET /fr/en/shorex/login HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF4o3seiOAQAAr6bUHBfZwbljXR9dpjhkZChBMNmIZzMDlrOvYTR9eNZUWey3IY3YNbzm/PnBCedQWjp99rr0yI2oaJ9mm71gEGqeozbvAy+tktRA5Fgrd6538SR8zU6hB77MW2mMBiinMgK+F+ONoaNEoK/gp1yXRpf37sk4PeskU5uQPgy+aOnwyBeCZp3N5W9+fqm98ku0lU4+rWDtpK2T9cuxXPYsyH+SZpNXeWX77W49ZFzhwbrq6+4GC1YSgOpVIOIAhEOeFt1UboJYj1jRkYubvDlouvzesRsHb5Qol1yisqZI4s52T+xqFCSdaAlm/diVHvEcAH2E3Z2Jy9SDPkaPpMMW3wYfinSQ99D3NAsZajsvq5W3a+xZ+uBAeQXNEFvsXhR3WaMDKQ==~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html;charset=UTF-8
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-envoy-upstream-service-time: 5
tracing-context: frontend-routing-ncl-login-response
content-security-policy: frame-ancestors 'self' *.motionpoint.com https://www.ncl.com
x-akamai-transformed: 9 10679 0 pmb=mNONE,1mTOE,5mRUM,3
content-encoding: gzip
expires: Fri, 26 Apr 2024 23:54:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 26 Apr 2024 23:54:09 GMT
content-length: 14772
vary: Accept-Encoding
set-cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; SameSite=Lax; path=/; secure; httponly
optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ; Domain=.ncl.com; Path=/; Expires=Sat, 27 Apr 2024 01:54:09 GMT; Max-Age=7200; Secure
bm_mi=A4D3C6CCFFE7EE3EB6C4FB9F22DD77F7~YAAQ3k0kF403seiOAQAAuafUHBcCA4/gfOc75EQsSn7VUn8re1zs+8Oin/tNgkPndIawP6Ln9ibcxmYQebs8hkk9szxgj5V25B7nWjDBJtlLV0JE+z8jYDKbACDS4+zDeR7sMrYNLaUA2y+XxUboZSeuVq4X21/WncdFcgmk0TIcKgYzVMifwPuKy4wdGOQJFHC8yeT+8MAAkZcpqoWuWM2XXXx30XGiuy9eKiKEfUjAE0gxB8/miaxqihptpL7lEmsFYlqOkJ9pQx67+hn5mVU/aKJJZ8ebZ5hVBXilrgZfLYknth0mtZM5ot1ugV0s8iUDBLmarNZakvI=~1; Domain=.ncl.com; Path=/; Expires=Fri, 26 Apr 2024 23:54:09 GMT; Max-Age=0; Secure
bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; Domain=.ncl.com; Path=/; Expires=Sat, 27 Apr 2024 03:54:08 GMT; Max-Age=14399; Secure
server-timing: cdn-cache; desc=MISS, edge; dur=166, origin; dur=63, ak_p; desc="1714175649474_388255198_129679109_22899_17466_0_0_41";dur=1
x-akam-sw-version: 0.5.0
link: <https://www.ncl.com/assets/v1/fonts/norwegian-icons-set.woff2?wkwidt>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.ncl.com/assets/v1/fonts/jost-v14-latin-700.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.ncl.com/assets/v1/fonts/jost-v14-latin-500.woff2>;rel="preload";as="font";type="font/woff2";crossorigin
akamai-grn: 0.de4d2417.1714175649.7babf05
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/assets/v1/scripts/login-libraries.js?v=1709081432208

104.110.31.27

100 kB

URL GET
www.ncl.com/assets/v1/scripts/login-libraries.js?v=1709081432208
IP
104.110.31.27:0
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
100 kB (99885 bytes)
Hash
1263a9ccb7dac817c03bda41eedbb722
cefb1baf9256456e3c907386319d88ad84aa97c5
1300ea5657b7365bba27f2bee90ef3c82d6e1fed6b6a698a3d58937b7c9deaa9

HTTP Headers

GET /assets/v1/scripts/login-libraries.js?v=1709081432208 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
etag: W/"64936ec8-648dd"
last-modified: Wed, 17 Apr 2024 19:59:44 GMT
server: Akamai Resource Optimizer
tracing-context: frontend-routing-redesign-ncl-static-response
x-envoy-upstream-service-time: 3
x-frame-options: SAMEORIGIN
content-length: 99885
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:09 GMT
date: Fri, 26 Apr 2024 23:54:09 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66d9010000d7570000; expires=Wed, 23-Oct-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
ak_location=NO,,OSLO,; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; secure
AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/scripts/login-libraries.jsTeaLeafLongTokenGeneration; expires=Wed, 30-Apr-2031 23:54:09 GMT; path=/; HttpOnly; domain=.ncl.com; secure; HttpOnly
AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/assets/v1/scripts/login-libraries.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure; HttpOnly
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175649462_388255198_129679098_23_10569_0_0_40";dur=1
akamai-grn: 0.adec655f.1713383982.38e59701, 0.de4d2417.1714175649.7babefa
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-akamai-http2-push: 1
X-Firefox-Spdy: h2

www.ncl.com/shorex/login/assets/javascript/vendor.js?v=1709081432208

104.110.31.27

63 kB

URL GET
www.ncl.com/shorex/login/assets/javascript/vendor.js?v=1709081432208
IP
104.110.31.27:0
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (39688)
Size
63 kB (63053 bytes)
Hash
23c9d2636c215f126055ed950fbcdb6f
b07c17b5ab7b62d926c552dc5717fd76cfca9412
50e79307c01dd70b8b6ff8e235e3735f6d271bbb1c6bc2704c322e11229f4bec

HTTP Headers

GET /shorex/login/assets/javascript/vendor.js?v=1709081432208 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
content-encoding: br
etag: "7ee1efd42aabc4fb0369419db1795498fac57829"
last-modified: Tue, 23 Apr 2024 02:11:35 GMT
server: Akamai Resource Optimizer
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
tracing-context: frontend-routing-ncl-login-response
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
content-length: 63053
cache-control: public, max-age=2592000
expires: Sun, 26 May 2024 23:54:09 GMT
date: Fri, 26 Apr 2024 23:54:09 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66ce010000d1570000; expires=Wed, 23-Oct-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
ak_location=NO,,OSLO,; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; secure
AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/login/assets/javascript/vendor.jsTeaLeafLongTokenGeneration; expires=Wed, 30-Apr-2031 23:54:09 GMT; path=/; HttpOnly; domain=.ncl.com; secure; HttpOnly
AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/shorex/login/assets/javascript/vendor.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure; HttpOnly
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175649454_388255198_129679100_38_8119_1_0_40";dur=1
akamai-grn: 0.4dfb6d68.1713838294.43b05c3, 0.de4d2417.1714175649.7babefc
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-akamai-http2-push: 1
X-Firefox-Spdy: h2

www.ncl.com/assets/v1/fonts/norwegian-icons-set.woff2?wkwidt

104.110.31.27

200 OK

28 kB

URL GET HTTP/2
www.ncl.com/assets/v1/fonts/norwegian-icons-set.woff2?wkwidt
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27592, version 1.0
Size
28 kB (27592 bytes)
Hash
e52e4052ed71ee6a5417aba648209c23
3423b4979207d80e7efe30778dc1bf53d53cfa05
d60e94cb5c0be99e7cdc454cb19eb02f9ed44c6071efe57b379b70a8385b320a

HTTP Headers

GET /assets/v1/fonts/norwegian-icons-set.woff2?wkwidt HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
content-length: 27592
last-modified: Wed, 21 Jun 2023 21:42:06 GMT
etag: "64936eae-6bc8"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-envoy-upstream-service-time: 1
tracing-context: frontend-routing-redesign-ncl-static-response
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650066_388255198_129679119_53_15986_2_0_31";dur=1
akamai-grn: 0.de4d2417.1714175650.7babf0f
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/assets/v1/fonts/jost-v14-latin-700.woff2

104.110.31.27

200 OK

10 kB

URL GET HTTP/2
www.ncl.com/assets/v1/fonts/jost-v14-latin-700.woff2
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10056, version 1.0
Size
10 kB (10056 bytes)
Hash
f62ba83f3cfa9202fb0b9b5817aa8825
ee75dafa8d03afdcd5cfe59f390b11e9626885a8
50e9b11979e71bd4f39d607163bc058e2a01b250fc259944ccd7b061067f01f5

HTTP Headers

GET /assets/v1/fonts/jost-v14-latin-700.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
content-length: 10056
last-modified: Wed, 21 Jun 2023 21:42:06 GMT
etag: "64936eae-2748"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-envoy-upstream-service-time: 1
tracing-context: frontend-routing-redesign-ncl-static-response
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650067_388255198_129679120_44_15196_2_0_31";dur=1
akamai-grn: 0.de4d2417.1714175650.7babf10
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/akam/13/eb2f419

104.110.31.27

200 OK

8.8 kB

URL GET HTTP/2
www.ncl.com/akam/13/eb2f419
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14360)
Size
8.8 kB (8797 bytes)
Hash
bd4bdae53dfcab3249e8bc6c2e4de03a
46b1286421943bd4c4926d7dca133943505bba9d
d433e553869072e59bd076455c1bf7ffb92b44da00822d2a18935d9ddcca003c

HTTP Headers

GET /akam/13/eb2f419 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
stored-attribute-sha-checksum: d433e553869072e59bd076455c1bf7ffb92b44da00822d2a18935d9ddcca003c
last-modified: Thu, 22 Feb 2024 19:48:08 GMT
etag: "d5f500c248a48cb760dbc3dfe450f9f20b2e623c79ae50e8602e67b3c2491e95"
content-type: application/javascript
content-encoding: gzip
content-length: 8797
expires: Fri, 26 Apr 2024 23:54:10 GMT
pragma: no-cache
date: Fri, 26 Apr 2024 23:54:10 GMT
vary: Accept-Encoding
cache-control: max-age=21600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650084_388255198_129679128_99_10668_0_0_21";dur=1
akamai-grn: 0.de4d2417.1714175650.7babf18
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF483seiOAQAAMKnUHBcJHADYSHLdMnM7xPchs9KkeATsY6LFROC+2nyzfzV0F3xVGpekrzLHwrB5aTyFct2XMKgyPQCvtULDycPRVn1F1xP9TuPziK37T/fomcirZ2BzyvtScC8UjYGjPwMZf7GchmXoMUU4QIWcxvgclRlGgC54WryIKnzfwJsKb3ncXm2XO/bWbXarVlY/nzlUx/xY+7IVXzVJbADXMofj4BrncJIklVRwYhXRGEF6wWsju4xUuXKHblSMUXuyHMi45dXIm2O47ZMb3dDv248/BQYP6JiMQmMh0fljekHBzburb3T+PuZAl+k9ZrTnzS387ob8dyg4vnlD9xN/tGFySqtN5u7PeQjv6/H6/mbuh8yg8mzP/9CgJkDdrJv6Wot7E3QeXwJedqPM8nOr//3i; Domain=.ncl.com; Path=/; Expires=Sat, 27 Apr 2024 01:54:09 GMT; Max-Age=7199; Secure
X-Firefox-Spdy: h2

www.ncl.com/static/scripts/analytics.plain.libraries.js?v=1709081432208

104.110.31.27

30 kB

URL GET
www.ncl.com/static/scripts/analytics.plain.libraries.js?v=1709081432208
IP
104.110.31.27:0
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
30 kB (29833 bytes)
Hash
0d117b6d5f107bc1a91c6559c25e4524
11efb8f8bc2a8b68edd33620b5d9176f5005761b
c8fb4be88e28420e6b9edf89168d5443858546f8cb3f2080f98aa27795ccb9cf

HTTP Headers

GET /static/scripts/analytics.plain.libraries.js?v=1709081432208 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
etag: W/"661ee411-175a5"
last-modified: Tue, 23 Apr 2024 22:02:52 GMT
server: Akamai Resource Optimizer
tracing-context: frontend-routing-ncl-static-response
x-envoy-upstream-service-time: 4
x-frame-options: SAMEORIGIN
content-length: 29833
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:09 GMT
date: Fri, 26 Apr 2024 23:54:09 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66d7010000d5570000; expires=Wed, 23-Oct-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
ak_location=NO,,OSLO,; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; secure
AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/scripts/analytics.plain.libraries.jsTeaLeafLongTokenGeneration; expires=Wed, 30-Apr-2031 23:54:09 GMT; path=/; HttpOnly; domain=.ncl.com; secure; HttpOnly
AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/scripts/analytics.plain.libraries.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure; HttpOnly
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175649463_388255198_129679103_23_7698_0_0_40";dur=1
akamai-grn: 0.de007c68.1713909770.1d60c25f, 0.de4d2417.1714175649.7babeff
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-akamai-http2-push: 1
X-Firefox-Spdy: h2

www.ncl.com/static/scripts/analytics.plain.scripts.js?v=1709081432208

104.110.31.27

6.0 kB

URL GET
www.ncl.com/static/scripts/analytics.plain.scripts.js?v=1709081432208
IP
104.110.31.27:0
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (11804)
Size
6.0 kB (5953 bytes)
Hash
71a5fea092559cfd9df44e8b5079ba59
09751345185dfac4e3582daa87ff412ccf6ae932
03980b14d41242d34ddfb165f57b54f04e66a562ccd50eb3c2c1c54e107e33c3

HTTP Headers

GET /static/scripts/analytics.plain.scripts.js?v=1709081432208 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
etag: W/"661ee4e0-4e94"
last-modified: Tue, 23 Apr 2024 21:58:08 GMT
server: Akamai Resource Optimizer
tracing-context: frontend-routing-ncl-static-response
x-envoy-upstream-service-time: 1
x-frame-options: SAMEORIGIN
content-length: 5953
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:09 GMT
date: Fri, 26 Apr 2024 23:54:09 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66e0010000db570000; expires=Wed, 23-Oct-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
ak_location=NO,,OSLO,; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; secure
AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/scripts/analytics.plain.scripts.jsTeaLeafLongTokenGeneration; expires=Wed, 30-Apr-2031 23:54:09 GMT; path=/; HttpOnly; domain=.ncl.com; secure; HttpOnly
AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/scripts/analytics.plain.scripts.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure; HttpOnly
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175649471_388255198_129679104_26_8574_1_0_40";dur=1
akamai-grn: 0.de007c68.1713909487.1d5d6a8d, 0.de4d2417.1714175649.7babf00
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-akamai-http2-push: 1
X-Firefox-Spdy: h2

www.ncl.com/static/scripts/analytics/mp_linkcode.js

104.110.31.27

547 B

URL GET
www.ncl.com/static/scripts/analytics/mp_linkcode.js
IP
104.110.31.27:0
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1615), with no line terminators
Size
547 B (547 bytes)
Hash
2d32a1c2475f2739427197b5eeeda27b
b1cfb57623cb70a385959eb2cd519c817058749f
8c5250be4830252c05d165dc4476b90abf0381dabbd559318bb13a62d486e1e3

HTTP Headers

GET /static/scripts/analytics/mp_linkcode.js HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
etag: W/"661ee439-64f"
last-modified: Tue, 23 Apr 2024 21:58:08 GMT
server: Akamai Resource Optimizer
tracing-context: frontend-routing-ncl-static-response
x-envoy-upstream-service-time: 1
x-frame-options: SAMEORIGIN
content-length: 547
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:09 GMT
date: Fri, 26 Apr 2024 23:54:09 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66ce010000d3570000; expires=Wed, 23-Oct-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
ak_location=NO,,OSLO,; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
Ncl_region=; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; domain=.ncl.com; secure
ak_country=NOR; expires=Fri, 03-May-2024 23:54:09 GMT; path=/; secure
AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/scripts/analytics/mp_linkcode.jsTeaLeafLongTokenGeneration; expires=Wed, 30-Apr-2031 23:54:09 GMT; path=/; HttpOnly; domain=.ncl.com; secure; HttpOnly
AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0/static/scripts/analytics/mp_linkcode.jsTeaLeafLongTokenGeneration; path=/; HttpOnly; domain=.ncl.com; secure; HttpOnly
ak_long=10.75; path=/; domain=.ncl.com; secure
ak_lat=59.92; path=/; domain=.ncl.com; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175649454_388255198_129679096_25_8160_1_0_40";dur=1
akamai-grn: 0.de007c68.1713909487.1d5d6a97, 0.de4d2417.1714175649.7babef8
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-akamai-http2-push: 1
X-Firefox-Spdy: h2

www.ncl.com/fr/en/static/scripts/ncl.resources.js?v=1709081432208

104.110.31.27

200 OK

89 kB

URL GET HTTP/2
www.ncl.com/fr/en/static/scripts/ncl.resources.js?v=1709081432208
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (64520)
Size
89 kB (88932 bytes)
Hash
ab13b9cce6c83124ce7de839a5e6fffa
29ecb2e7a2b8f117e457c3dd5076ee861edab69b
b75c1c0f3c2f9a164ea58f379b7bdbe37ea543d7cbecfd88148aa26608ab8a09

HTTP Headers

GET /fr/en/static/scripts/ncl.resources.js?v=1709081432208 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-encoding: br
content-security-policy: frame-ancestors 'self' *.motionpoint.com https://www.ncl.com/static
etag: W/"661ee4e0-479f7"
last-modified: Wed, 17 Apr 2024 20:23:02 GMT
server: Akamai Resource Optimizer
tracing-context: frontend-routing-ncl-static-response
x-envoy-upstream-service-time: 2
x-frame-options: SAMEORIGIN
content-length: 88932
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650084_388255198_129679125_56_14747_0_0_21";dur=1
akamai-grn: 0.46401002.1713385381.2010dabe, 0.de4d2417.1714175650.7babf15
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/fr/en/mp/custom_CSS/mpCSS.css

104.110.31.27

200 OK

5.5 kB

URL GET HTTP/2
www.ncl.com/fr/en/mp/custom_CSS/mpCSS.css
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5800)
Size
5.5 kB (5503 bytes)
Hash
588c330b71b290955756113cdac65850
382e3b46c9d785d291029f7ec47b2c2b7c1781b6
132596d94e41089d7c4a7277476c06032838c4a72a7c0df8795c132d9434e9a1

HTTP Headers

GET /fr/en/mp/custom_CSS/mpCSS.css HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
content-security-policy: frame-ancestors 'self' *.motionpoint.com
last-modified: Wed, 17 Apr 2024 20:36:51 GMT
server: Akamai Resource Optimizer
content-length: 5503
cache-control: must-revalidate, max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650084_388255198_129679127_56_14712_0_0_21";dur=1
akamai-grn: 0.56496768.1713386210.6b66b9d, 0.de4d2417.1714175650.7babf17
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/assets/v1/images/logos/logo-ncl-shield.svg

104.110.31.27

200 OK

1.1 kB

URL GET HTTP/2
www.ncl.com/assets/v1/images/logos/logo-ncl-shield.svg
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1148 bytes)
Hash
8a0473bb9ee4553a9ead1619aea46042
f195adbbf384513f468a5f1cd1d9d3ae1bae5d24
bbcddf09d9eb9ba8a783914fd92e403225ae073d95919c47088d263fe1c26c37

HTTP Headers

GET /assets/v1/images/logos/logo-ncl-shield.svg HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "64936eb0-ab3"
last-modified: Wed, 17 Apr 2024 19:54:42 GMT
server: Akamai Resource Optimizer
tracing-context: frontend-routing-redesign-ncl-static-response
x-envoy-upstream-service-time: 1
x-frame-options: SAMEORIGIN
content-length: 1148
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650085_388255198_129679130_65_14602_0_0_11";dur=1
akamai-grn: 0.8bc04c68.1713383681.769e312, 0.de4d2417.1714175650.7babf1a
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/assets/v1/fonts/jost-v14-latin-500.woff2

104.110.31.27

200 OK

10 kB

URL GET HTTP/2
www.ncl.com/assets/v1/fonts/jost-v14-latin-500.woff2
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10012, version 1.0
Size
10 kB (10012 bytes)
Hash
ad57e7c303c98c098069883f76c6f4b6
67e09576458b4f21321fdc9715844b0a9d020841
c99aaa9d35986f17f4b940fdb18ad3eb19eaa6afca98f0ca60b3477c4bd0f819

HTTP Headers

GET /assets/v1/fonts/jost-v14-latin-500.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
content-length: 10012
last-modified: Wed, 21 Jun 2023 21:42:06 GMT
etag: "64936eae-271c"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-envoy-upstream-service-time: 1
tracing-context: frontend-routing-redesign-ncl-static-response
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650084_388255198_129679121_42_17127_0_0_31";dur=1
akamai-grn: 0.de4d2417.1714175650.7babf11
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/fr/en/regional_settings.js?v=1709081432208

104.110.31.27

200 OK

499 B

URL GET HTTP/2
www.ncl.com/fr/en/regional_settings.js?v=1709081432208
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1115), with no line terminators
Size
499 B (499 bytes)
Hash
4f955957ab0b4001a9cc751e5599d69e
0fd4cfa97e3c93a9eb207587fc548c6c782f69f7
6280eb78cf7da111747a5464f8ea553e73a399f25629d3de8da198c9a67cfea3

HTTP Headers

GET /fr/en/regional_settings.js?v=1709081432208 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-security-policy: frame-ancestors 'self' *.motionpoint.com
last-modified: Wed, 17 Apr 2024 20:08:18 GMT
server: Akamai Resource Optimizer
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
tracing-context: frontend-routing-ncl-browse-response
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
content-length: 499
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650085_388255198_129679131_69_16919_0_0_21";dur=1
akamai-grn: 0.a7ec655f.1713384498.47a38018, 0.de4d2417.1714175650.7babf1b
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/assets/v1/images/logos/logo-ncl-black.svg

104.110.31.27

200 OK

3.9 kB

URL GET HTTP/2
www.ncl.com/assets/v1/images/logos/logo-ncl-black.svg
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
3.9 kB (3899 bytes)
Hash
8291daa5c54d0765c1d9b6e80c9f99db
eec5f832d51a0e9e209f54f7856541b18f057fed
e169ada715dcc9dce1c662f3bb5f122600975a3ac8a590027375007ece3bad58

HTTP Headers

GET /assets/v1/images/logos/logo-ncl-black.svg HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "64936eb0-356b"
last-modified: Wed, 17 Apr 2024 19:55:59 GMT
server: Akamai Resource Optimizer
tracing-context: frontend-routing-redesign-ncl-static-response
x-envoy-upstream-service-time: 1
x-frame-options: SAMEORIGIN
content-length: 3899
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650084_388255198_129679129_66_16767_0_0_11";dur=1
akamai-grn: 0.0dc94d17.1713383759.3ac02ce, 0.de4d2417.1714175650.7babf19
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/public/7eec493338e114175d125d5bb02af596258f7f5efe1b

104.110.31.27

200 OK

54 kB

URL GET HTTP/2
www.ncl.com/public/7eec493338e114175d125d5bb02af596258f7f5efe1b
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1096)
Size
54 kB (54290 bytes)
Hash
0896008a642f961dfb3954374246789a
375da0f341af4d78f7c174154d5cef5635ba361f
af502c5c329ee50a4ae76f8ff0b581770e5de7c51dccb7f2f6cbff90d557957d

HTTP Headers

GET /public/7eec493338e114175d125d5bb02af596258f7f5efe1b HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-md5: CJYAimQvlh37OVQ3QkZ4mg==
last-modified: Wed, 03 Apr 2024 00:04:30 GMT
etag: 0x8DC5371A25C0864
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
content-length: 54290
timing-allow-origin: *
cache-control: max-age=600
expires: Sat, 27 Apr 2024 00:04:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: edge; dur=1, origin; dur=11, cdn-cache; desc=MISS, ak_p; desc="1714175650084_388255198_129679122_1194_9308_0_0_21";dur=1
akamai-grn: 0.de4d2417.1714175650.7babf12
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/fr/en/shorex/login/assets/javascript/common.js?v=1709081432208

104.110.31.27

200 OK

927 B

URL GET HTTP/2
www.ncl.com/fr/en/shorex/login/assets/javascript/common.js?v=1709081432208
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2422), with no line terminators
Size
927 B (927 bytes)
Hash
92c5f67e4af3cd4c9215e3df54a34e72
c22630a9bc1ffcce4be306d7abd7989f8a127d9c
675fa2e8df16649722e8933ca09fd7008a52490b687e62495872281033122837

HTTP Headers

GET /fr/en/shorex/login/assets/javascript/common.js?v=1709081432208 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-encoding: br
content-security-policy: frame-ancestors 'self' *.motionpoint.com https://www.ncl.com
etag: "9fc56becb54e28f2d0626670da8f8aa1ec336697"
last-modified: Fri, 19 Apr 2024 14:24:34 GMT
server: Akamai Resource Optimizer
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
tracing-context: frontend-routing-ncl-login-response
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
content-length: 927
cache-control: public, max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650171_388255198_129679137_60_16488_6_0_21";dur=1
akamai-grn: 0.5e0ad717.1713536673.5e82f9e, 0.de4d2417.1714175650.7babf21
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/z7IsGMF_mhaEoPTS5u2B3TFwPQo/rE5GmfQpXV5DN7/ZkxYJBIC/FSAD/QywKLFk

104.110.31.27

200 OK

75 kB

URL GET HTTP/2
www.ncl.com/z7IsGMF_mhaEoPTS5u2B3TFwPQo/rE5GmfQpXV5DN7/ZkxYJBIC/FSAD/QywKLFk
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
data
Size
75 kB (74686 bytes)
Hash
ebb1b6d57148b1e2a8f687add5d372e7
febdbe9dd26d3953c732e3a8f9522382a319b099
818b8580c7436c9300ddcf9ea3f2eb3915170fccf2952727d1d06019b9f12859

HTTP Headers

GET /z7IsGMF_mhaEoPTS5u2B3TFwPQo/rE5GmfQpXV5DN7/ZkxYJBIC/FSAD/QywKLFk HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
stored-attribute-sha-checksum: 818b8580c7436c9300ddcf9ea3f2eb3915170fccf2952727d1d06019b9f12859
last-modified: Wed, 02 Aug 2023 16:13:51 GMT
etag: "f6051ff743a105c874c82d55d0ae6b4b69258c489f8c8ff0fa167c298a74e744"
content-type: application/javascript
content-encoding: br
content-length: 74686
date: Fri, 26 Apr 2024 23:54:10 GMT
cache-control: max-age=21600, max-age=21600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650258_388255198_129679145_41_9033_7_0_21";dur=1
akamai-grn: 0.de4d2417.1714175650.7babf29
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
_abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQ3k0kF5A3seiOAQAA3KnUHAsx+bgvNJAYwasantXPiC4gSorbQ6ED10NO7ZWzM2Oe/9o15DYI8j15aL+cYtU/wNshmYEtX4nctx4MaO04dKsCzmvqXgAn8eiOlM+IyobrvHqrM4VoWRxTpJdRMBIfZ1OTldCRb79tfHmZWuCa9zP3PYzddixdaIQCFfn/3RsmfrN5qyJPXQXHw0r8+JDWgaRUsKR8251HHgk3J7hA28F/ukPxQOKL0FAGadiWe4PXYVkf2H1xunAbT+9doGTDLP8LC2vbUj/Q7lfujlfoLOzIekD5LM9N1zo4PAXuTjQ+7g/WPMglla9KSgvZnxeQ9iddQ5DcqA3f/M7aVq51hKUxwU3PLTjku4n3W5sx4kusN/ZkAh4mOMy+Ekc6tlcV~-1~-1~-1; Domain=.ncl.com; Path=/; Expires=Sat, 26 Apr 2025 23:54:10 GMT; Max-Age=31536000; Secure
X-Firefox-Spdy: h2

www.ncl.com/fr/en/shorex/login/assets/javascript/ncl.login.resources.js?v=1709081432208

104.110.31.27

200 OK

475 B

URL GET HTTP/2
www.ncl.com/fr/en/shorex/login/assets/javascript/ncl.login.resources.js?v=1709081432208
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1110), with no line terminators
Size
475 B (475 bytes)
Hash
1f38b519b1231b64a5c0da817bdee7b1
c0248509b486dbc1a390a2d7baaa65f9674b03b9
b0e7508c07ead7dcaf6fac239d66506759c4685212b5234f9f35e9f566d24710

HTTP Headers

GET /fr/en/shorex/login/assets/javascript/ncl.login.resources.js?v=1709081432208 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-encoding: br
content-security-policy: frame-ancestors 'self' *.motionpoint.com https://www.ncl.com/shorex/login/assets
etag: "646b22b9a4407d982df73fd929b709a850e88f4d"
last-modified: Thu, 18 Apr 2024 15:21:45 GMT
server: Akamai Resource Optimizer
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
tracing-context: frontend-routing-ncl-login-response
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
content-length: 475
cache-control: public, max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=332, origin; dur=0, ak_p; desc="1714175650084_388255198_129679124_33174_14794_8_0_21";dur=1
akamai-grn: 0.3e87dd58.1713453705.1534e6a0, 0.de4d2417.1714175650.7babf14
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

p11.techlab-cdn.com/e/65226_747628217.js

104.84.152.59

200 OK

33 kB

URL GET HTTP/2
p11.techlab-cdn.com/e/65226_747628217.js
IP
104.84.152.59:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerLet's Encrypt
Subjectp11.techlab-cdn.com
Fingerprint9D:7F:54:AF:3D:27:DB:16:62:EC:97:F3:48:C6:70:9D:C7:5D:2F:97
ValidityThu, 28 Mar 2024 09:48:16 GMT - Wed, 26 Jun 2024 09:48:15 GMT

File type
JavaScript source, ASCII text, with very long lines (45825)
Size
33 kB (33072 bytes)
Hash
15f3f19ce5f224711e4e317791900841
519d1b24d76bf6f108eecc348211fe02352a1ca6
4e5abd4a0506bb0c5426fddde67167e2f86cdad465d7fb77ce459988d26964ca

HTTP Headers

GET /e/65226_747628217.js HTTP/1.1
Host: p11.techlab-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-md5: FfPxnOXyJHEeTjF3kZAIQQ==
last-modified: Thu, 07 Dec 2023 21:28:41 GMT
etag: 0x8DBF76B7C0E97C7
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
content-length: 33072
cache-control: max-age=600
expires: Sat, 27 Apr 2024 00:04:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

p11.techlab-cdn.com/e/65257_1825232097.js

104.84.152.59

200 OK

6.1 kB

URL GET HTTP/2
p11.techlab-cdn.com/e/65257_1825232097.js
IP
104.84.152.59:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerLet's Encrypt
Subjectp11.techlab-cdn.com
Fingerprint9D:7F:54:AF:3D:27:DB:16:62:EC:97:F3:48:C6:70:9D:C7:5D:2F:97
ValidityThu, 28 Mar 2024 09:48:16 GMT - Wed, 26 Jun 2024 09:48:15 GMT

File type
JavaScript source, ASCII text, with very long lines (519)
Size
6.1 kB (6061 bytes)
Hash
eeb74615efbf636cc7b78b17c6a933c7
34bf4dc348cf19180c5a022d7ab98b221d60dad2
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb

HTTP Headers

GET /e/65257_1825232097.js HTTP/1.1
Host: p11.techlab-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-md5: 7rdGFe+/Y2zHt4sXxqkzxw==
last-modified: Thu, 01 Dec 2022 12:38:55 GMT
etag: 0x8DAD39902829531
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
content-length: 6061
cache-control: max-age=600
expires: Sat, 27 Apr 2024 00:04:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

p11.techlab-cdn.com/e/65319_1825202430.js

104.84.152.59

200 OK

18 kB

URL GET HTTP/2
p11.techlab-cdn.com/e/65319_1825202430.js
IP
104.84.152.59:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerLet's Encrypt
Subjectp11.techlab-cdn.com
Fingerprint9D:7F:54:AF:3D:27:DB:16:62:EC:97:F3:48:C6:70:9D:C7:5D:2F:97
ValidityThu, 28 Mar 2024 09:48:16 GMT - Wed, 26 Jun 2024 09:48:15 GMT

File type
JavaScript source, ASCII text, with very long lines (552)
Size
18 kB (18224 bytes)
Hash
ad404332d90a3f06c80b3c705ba666ba
5df99faa1ba23ff8105cc0505424ceccdf85a5a1
1762a6d546dfc49a32e2e4b2caefb01368b948b0d137b4e03447e18e3119c65a

HTTP Headers

GET /e/65319_1825202430.js HTTP/1.1
Host: p11.techlab-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-md5: rUBDMtkKPwbICzxwW6Zmug==
last-modified: Mon, 04 Dec 2023 13:18:33 GMT
etag: 0x8DBF4CB84416B0B
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
content-length: 18224
cache-control: max-age=600
expires: Sat, 27 Apr 2024 00:04:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

p11.techlab-cdn.com/e/64885_1825202523.js

104.84.152.59

200 OK

1.5 kB

URL GET HTTP/2
p11.techlab-cdn.com/e/64885_1825202523.js
IP
104.84.152.59:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerLet's Encrypt
Subjectp11.techlab-cdn.com
Fingerprint9D:7F:54:AF:3D:27:DB:16:62:EC:97:F3:48:C6:70:9D:C7:5D:2F:97
ValidityThu, 28 Mar 2024 09:48:16 GMT - Wed, 26 Jun 2024 09:48:15 GMT

File type
JavaScript source, ASCII text, with very long lines (507)
Size
1.5 kB (1470 bytes)
Hash
0e7bc16532936d718f36dc47d8feb332
a2c67b619faac3a4aba0407cb4f34d844f4d2071
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529

HTTP Headers

GET /e/64885_1825202523.js HTTP/1.1
Host: p11.techlab-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-md5: DnvBZTKTbXGPNtxH2P6zMg==
last-modified: Sun, 24 Apr 2022 12:00:07 GMT
accept-ranges: bytes
etag: "0x8DA25E9F9A41165"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
content-length: 1470
cache-control: max-age=600
expires: Sat, 27 Apr 2024 00:04:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.ncl.com/fr/en/static/styles/compatibility.css?v=1709081432208

104.110.31.27

200 OK

121 kB

URL GET HTTP/2
www.ncl.com/fr/en/static/styles/compatibility.css?v=1709081432208
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
121 kB (120723 bytes)
Hash
bc1622ea50671fc009f7243c80d17ea2
8e98c9067ca19359a09268dc9cf436c96b6fb42e
46b7feddbc9754313980b09ab410dfd1b4115a540c0491ea35145e8c99483fe7

HTTP Headers

GET /fr/en/static/styles/compatibility.css?v=1709081432208 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQ3k0kF5A3seiOAQAA3KnUHAsx+bgvNJAYwasantXPiC4gSorbQ6ED10NO7ZWzM2Oe/9o15DYI8j15aL+cYtU/wNshmYEtX4nctx4MaO04dKsCzmvqXgAn8eiOlM+IyobrvHqrM4VoWRxTpJdRMBIfZ1OTldCRb79tfHmZWuCa9zP3PYzddixdaIQCFfn/3RsmfrN5qyJPXQXHw0r8+JDWgaRUsKR8251HHgk3J7hA28F/ukPxQOKL0FAGadiWe4PXYVkf2H1xunAbT+9doGTDLP8LC2vbUj/Q7lfujlfoLOzIekD5LM9N1zo4PAXuTjQ+7g/WPMglla9KSgvZnxeQ9iddQ5DcqA3f/M7aVq51hKUxwU3PLTjku4n3W5sx4kusN/ZkAh4mOMy+Ekc6tlcV~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF483seiOAQAAMKnUHBcJHADYSHLdMnM7xPchs9KkeATsY6LFROC+2nyzfzV0F3xVGpekrzLHwrB5aTyFct2XMKgyPQCvtULDycPRVn1F1xP9TuPziK37T/fomcirZ2BzyvtScC8UjYGjPwMZf7GchmXoMUU4QIWcxvgclRlGgC54WryIKnzfwJsKb3ncXm2XO/bWbXarVlY/nzlUx/xY+7IVXzVJbADXMofj4BrncJIklVRwYhXRGEF6wWsju4xUuXKHblSMUXuyHMi45dXIm2O47ZMb3dDv248/BQYP6JiMQmMh0fljekHBzburb3T+PuZAl+k9ZrTnzS387ob8dyg4vnlD9xN/tGFySqtN5u7PeQjv6/H6/mbuh8yg8mzP/9CgJkDdrJv6Wot7E3QeXwJedqPM8nOr//3i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
content-security-policy: frame-ancestors 'self' *.motionpoint.com https://www.ncl.com/static
etag: W/"661ee36e-92bf3"
last-modified: Wed, 17 Apr 2024 20:35:13 GMT
server: Akamai Resource Optimizer
tracing-context: frontend-routing-ncl-static-response
x-envoy-upstream-service-time: 3
x-frame-options: SAMEORIGIN
content-length: 120723
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650762_388255198_129679169_50_16782_6_0_21";dur=1
akamai-grn: 0.114e1202.1713386111.303416e9, 0.de4d2417.1714175650.7babf41
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Q3seiOAQAA26vUHBcuyxAetskIFPNASsgM5gUkP4QkBcrC7kkjdZHoylBk2nnEntEZNqYV6w0GaxK6hJZmC/BAqZ19P7kGZ0lNJy970kf0sukyafUeqBTD6pvWv4gKyVr15L3U7ngohX9dGwFrNOsN2pJh4daJjKJVw8RXThHhjY+zhlyP5BvrwHVQwSzcxXobJmeU9+yisnBAcJ6qRjWP7FCRfY7hJvBe1mYJ1zIj7ykFfosiYPh6DmYgLTuXEoj7C2Nhj00Mp/6CvBAqP5F69IgiVmp7pqHvQ9SEDvXTjCreUgRZZ977lzg6z7y7py72kmCrFAoYYXema6KGnSioFjYvVkF2InoVlTpn/SdJNFROuf2DUPL2l2dLd2MQzfsqkajpLV0tFn72W0+tNtoNswlIAhTVH12vM2gNhg4Tsx1huMw=; Domain=.ncl.com; Path=/; Expires=Sat, 27 Apr 2024 01:54:09 GMT; Max-Age=7199; Secure
X-Firefox-Spdy: h2

www.ncl.com/fr/en/shorex/login/assets/javascript/login_module.js?v=1709081432208

104.110.31.27

200 OK

3.9 kB

URL GET HTTP/2
www.ncl.com/fr/en/shorex/login/assets/javascript/login_module.js?v=1709081432208
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15896), with no line terminators
Size
3.9 kB (3869 bytes)
Hash
d5c2d229999975471397bf9eb5b1bdbb
67e5f97442f1a840a9f2d446fbc354c8d692a69c
f4a5c89f8d984d822934fdfea64f5c687e1c3712d7048a20366bfa38fe6166bc

HTTP Headers

GET /fr/en/shorex/login/assets/javascript/login_module.js?v=1709081432208 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-encoding: br
content-security-policy: frame-ancestors 'self' *.motionpoint.com https://www.ncl.com/shorex/login/assets
etag: "39f846c711d2b326f80289f6343ea2019447612b"
last-modified: Tue, 23 Apr 2024 01:54:55 GMT
server: Akamai Resource Optimizer
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
tracing-context: frontend-routing-ncl-login-response
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
content-length: 3869
cache-control: public, max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=606, origin; dur=0, ak_p; desc="1714175650211_388255198_129679140_60615_16313_1_0_21";dur=1
akamai-grn: 0.1b52c817.1713837294.bd86aae, 0.de4d2417.1714175650.7babf24
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/otSDKStub.js

104.19.177.52

200 OK

6.9 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21229)
Size
6.9 kB (6882 bytes)
Hash
0cd317a7b9c520801230e944f7d50e41
e3985ff0c2e8b1eaacb617c7c5af5bebfcbceda6
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544

HTTP Headers

GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:54:11 GMT
content-type: application/javascript
content-length: 6882
content-encoding: gzip
content-md5: zgTRIDojRJmnmBTwUyI2Vw==
last-modified: Thu, 25 Apr 2024 20:00:12 GMT
etag: 0x8DC6562513BC785
x-ms-request-id: 73ddc489-601e-005b-02f4-9700b8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 20812
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa7f1abe84b529-OSL
X-Firefox-Spdy: h2

marketserver.motionpointcore.com/marketserver/?mpactionid=1073741850

52.45.14.224

200 200

101 B

URL GET HTTP/1.1
marketserver.motionpointcore.com/marketserver/?mpactionid=1073741850
IP
52.45.14.224:443
ASN
#14618 AMAZON-AES

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subject*.motionpointcore.com
FingerprintAA:48:14:53:4D:23:9C:55:D3:BB:E7:39:14:97:12:E0:FB:CB:41:B6
ValidityTue, 16 May 2023 00:00:00 GMT - Sun, 09 Jun 2024 23:59:59 GMT

File type
JSON text data
Size
101 B (101 bytes)
Hash
78796b0fd1cbf549568eb48fd0659327
77363b153accc25e25b7eb898894f668cbd07268
63b54e7d9bf795e7437ac81f74fe08044438da229b15054f968197fbd995686d

HTTP Headers

GET /marketserver/?mpactionid=1073741850 HTTP/1.1
Host: marketserver.motionpointcore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 200
Content-Type: text/html;charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: https://www.ncl.com
Access-Control-Allow-Credentials: true
Date: Fri, 26 Apr 2024 23:54:10 GMT
Content-Length: 101

www.ncl.com/static/fonts/noto-sans-v27-latin-regular.woff2

104.110.31.27

200 OK

13 kB

URL GET HTTP/2
www.ncl.com/static/fonts/noto-sans-v27-latin-regular.woff2
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12860, version 1.0
Size
13 kB (12860 bytes)
Hash
ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

HTTP Headers

GET /static/fonts/noto-sans-v27-latin-regular.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ncl.com/fr/en/static/styles/compatibility.css?v=1709081432208
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQ3k0kF5A3seiOAQAA3KnUHAsx+bgvNJAYwasantXPiC4gSorbQ6ED10NO7ZWzM2Oe/9o15DYI8j15aL+cYtU/wNshmYEtX4nctx4MaO04dKsCzmvqXgAn8eiOlM+IyobrvHqrM4VoWRxTpJdRMBIfZ1OTldCRb79tfHmZWuCa9zP3PYzddixdaIQCFfn/3RsmfrN5qyJPXQXHw0r8+JDWgaRUsKR8251HHgk3J7hA28F/ukPxQOKL0FAGadiWe4PXYVkf2H1xunAbT+9doGTDLP8LC2vbUj/Q7lfujlfoLOzIekD5LM9N1zo4PAXuTjQ+7g/WPMglla9KSgvZnxeQ9iddQ5DcqA3f/M7aVq51hKUxwU3PLTjku4n3W5sx4kusN/ZkAh4mOMy+Ekc6tlcV~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Q3seiOAQAA26vUHBcuyxAetskIFPNASsgM5gUkP4QkBcrC7kkjdZHoylBk2nnEntEZNqYV6w0GaxK6hJZmC/BAqZ19P7kGZ0lNJy970kf0sukyafUeqBTD6pvWv4gKyVr15L3U7ngohX9dGwFrNOsN2pJh4daJjKJVw8RXThHhjY+zhlyP5BvrwHVQwSzcxXobJmeU9+yisnBAcJ6qRjWP7FCRfY7hJvBe1mYJ1zIj7ykFfosiYPh6DmYgLTuXEoj7C2Nhj00Mp/6CvBAqP5F69IgiVmp7pqHvQ9SEDvXTjCreUgRZZ977lzg6z7y7py72kmCrFAoYYXema6KGnSioFjYvVkF2InoVlTpn/SdJNFROuf2DUPL2l2dLd2MQzfsqkajpLV0tFn72W0+tNtoNswlIAhTVH12vM2gNhg4Tsx1huMw=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
content-length: 12860
last-modified: Tue, 16 Apr 2024 20:48:28 GMT
etag: "661ee41c-323c"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-envoy-upstream-service-time: 0
tracing-context: frontend-routing-ncl-static-response
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:11 GMT
date: Fri, 26 Apr 2024 23:54:11 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:11 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175651080_388255198_129679175_46_13134_1_0_31";dur=1
akamai-grn: 0.de4d2417.1714175651.7babf47
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/fr/en/regional_settings.js?v=1709081432208

104.110.31.27

200 OK

499 B

URL GET HTTP/2
www.ncl.com/fr/en/regional_settings.js?v=1709081432208
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1115), with no line terminators
Size
499 B (499 bytes)
Hash
4f955957ab0b4001a9cc751e5599d69e
0fd4cfa97e3c93a9eb207587fc548c6c782f69f7
6280eb78cf7da111747a5464f8ea553e73a399f25629d3de8da198c9a67cfea3

HTTP Headers

GET /fr/en/regional_settings.js?v=1709081432208 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQ3k0kF5A3seiOAQAA3KnUHAsx+bgvNJAYwasantXPiC4gSorbQ6ED10NO7ZWzM2Oe/9o15DYI8j15aL+cYtU/wNshmYEtX4nctx4MaO04dKsCzmvqXgAn8eiOlM+IyobrvHqrM4VoWRxTpJdRMBIfZ1OTldCRb79tfHmZWuCa9zP3PYzddixdaIQCFfn/3RsmfrN5qyJPXQXHw0r8+JDWgaRUsKR8251HHgk3J7hA28F/ukPxQOKL0FAGadiWe4PXYVkf2H1xunAbT+9doGTDLP8LC2vbUj/Q7lfujlfoLOzIekD5LM9N1zo4PAXuTjQ+7g/WPMglla9KSgvZnxeQ9iddQ5DcqA3f/M7aVq51hKUxwU3PLTjku4n3W5sx4kusN/ZkAh4mOMy+Ekc6tlcV~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Q3seiOAQAA26vUHBcuyxAetskIFPNASsgM5gUkP4QkBcrC7kkjdZHoylBk2nnEntEZNqYV6w0GaxK6hJZmC/BAqZ19P7kGZ0lNJy970kf0sukyafUeqBTD6pvWv4gKyVr15L3U7ngohX9dGwFrNOsN2pJh4daJjKJVw8RXThHhjY+zhlyP5BvrwHVQwSzcxXobJmeU9+yisnBAcJ6qRjWP7FCRfY7hJvBe1mYJ1zIj7ykFfosiYPh6DmYgLTuXEoj7C2Nhj00Mp/6CvBAqP5F69IgiVmp7pqHvQ9SEDvXTjCreUgRZZ977lzg6z7y7py72kmCrFAoYYXema6KGnSioFjYvVkF2InoVlTpn/SdJNFROuf2DUPL2l2dLd2MQzfsqkajpLV0tFn72W0+tNtoNswlIAhTVH12vM2gNhg4Tsx1huMw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-security-policy: frame-ancestors 'self' *.motionpoint.com
last-modified: Wed, 17 Apr 2024 20:08:18 GMT
server: Akamai Resource Optimizer
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
tracing-context: frontend-routing-ncl-browse-response
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
content-length: 499
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:11 GMT
date: Fri, 26 Apr 2024 23:54:11 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:11 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175651159_388255198_129679176_55_16641_0_0_21";dur=1
akamai-grn: 0.a7ec655f.1713384498.47a38018, 0.de4d2417.1714175651.7babf48
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/267f51d2-ba28-48dd-a9fb-506a0b0665cc/267f51d2-ba28-48dd-a9fb-506a0b0665cc.json

104.19.177.52

200 OK

1.8 kB

URL GET HTTP/2
cdn.cookielaw.org/consent/267f51d2-ba28-48dd-a9fb-506a0b0665cc/267f51d2-ba28-48dd-a9fb-506a0b0665cc.json
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
1.8 kB (1762 bytes)
Hash
ba6a189485b9b45dbd5c6a996d8e3f5f
0ca735886c4843e0f5daedb7ffe667df96d1bb0c
175569a94676b3ecc7539381fb6f910fa4ed4a04f053ceb8b2237ff9b7973a04

HTTP Headers

GET /consent/267f51d2-ba28-48dd-a9fb-506a0b0665cc/267f51d2-ba28-48dd-a9fb-506a0b0665cc.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:54:11 GMT
content-type: application/x-javascript
content-length: 1762
cf-ray: 87aa7f1bffe3b4f1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 20393
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DBFFEBF841F814
expires: Sat, 27 Apr 2024 23:54:11 GMT
last-modified: Mon, 18 Dec 2023 17:08:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: yaTTQYEg7Mq2MD8XQwS4KQ==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 1d8d0aae-001e-0096-3fd4-313052000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2

www.ncl.com/assets/v1/fonts/jost-v14-latin-700.woff2

104.110.31.27

200 OK

10 kB

URL GET HTTP/2
www.ncl.com/assets/v1/fonts/jost-v14-latin-700.woff2
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10056, version 1.0
Size
10 kB (10056 bytes)
Hash
f62ba83f3cfa9202fb0b9b5817aa8825
ee75dafa8d03afdcd5cfe59f390b11e9626885a8
50e9b11979e71bd4f39d607163bc058e2a01b250fc259944ccd7b061067f01f5

HTTP Headers

GET /assets/v1/fonts/jost-v14-latin-700.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ncl.com/fr/en/assets/v1/styles/main.css?v=1709081432208
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQ3k0kF5A3seiOAQAA3KnUHAsx+bgvNJAYwasantXPiC4gSorbQ6ED10NO7ZWzM2Oe/9o15DYI8j15aL+cYtU/wNshmYEtX4nctx4MaO04dKsCzmvqXgAn8eiOlM+IyobrvHqrM4VoWRxTpJdRMBIfZ1OTldCRb79tfHmZWuCa9zP3PYzddixdaIQCFfn/3RsmfrN5qyJPXQXHw0r8+JDWgaRUsKR8251HHgk3J7hA28F/ukPxQOKL0FAGadiWe4PXYVkf2H1xunAbT+9doGTDLP8LC2vbUj/Q7lfujlfoLOzIekD5LM9N1zo4PAXuTjQ+7g/WPMglla9KSgvZnxeQ9iddQ5DcqA3f/M7aVq51hKUxwU3PLTjku4n3W5sx4kusN/ZkAh4mOMy+Ekc6tlcV~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Q3seiOAQAA26vUHBcuyxAetskIFPNASsgM5gUkP4QkBcrC7kkjdZHoylBk2nnEntEZNqYV6w0GaxK6hJZmC/BAqZ19P7kGZ0lNJy970kf0sukyafUeqBTD6pvWv4gKyVr15L3U7ngohX9dGwFrNOsN2pJh4daJjKJVw8RXThHhjY+zhlyP5BvrwHVQwSzcxXobJmeU9+yisnBAcJ6qRjWP7FCRfY7hJvBe1mYJ1zIj7ykFfosiYPh6DmYgLTuXEoj7C2Nhj00Mp/6CvBAqP5F69IgiVmp7pqHvQ9SEDvXTjCreUgRZZ977lzg6z7y7py72kmCrFAoYYXema6KGnSioFjYvVkF2InoVlTpn/SdJNFROuf2DUPL2l2dLd2MQzfsqkajpLV0tFn72W0+tNtoNswlIAhTVH12vM2gNhg4Tsx1huMw=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
content-length: 10056
last-modified: Wed, 21 Jun 2023 21:42:06 GMT
etag: "64936eae-2748"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-envoy-upstream-service-time: 1
tracing-context: frontend-routing-redesign-ncl-static-response
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:11 GMT
date: Fri, 26 Apr 2024 23:54:11 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:11 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175651355_388255198_129679180_45_16017_0_0_31";dur=1
akamai-grn: 0.de4d2417.1714175651.7babf4c
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/static/fonts/noto-sans-v27-latin-regular.woff2

104.110.31.27

200 OK

13 kB

URL GET HTTP/2
www.ncl.com/static/fonts/noto-sans-v27-latin-regular.woff2
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12860, version 1.0
Size
13 kB (12860 bytes)
Hash
ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

HTTP Headers

GET /static/fonts/noto-sans-v27-latin-regular.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ncl.com/fr/en/static/styles/compatibility.css?v=1709081432208
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQ3k0kF5A3seiOAQAA3KnUHAsx+bgvNJAYwasantXPiC4gSorbQ6ED10NO7ZWzM2Oe/9o15DYI8j15aL+cYtU/wNshmYEtX4nctx4MaO04dKsCzmvqXgAn8eiOlM+IyobrvHqrM4VoWRxTpJdRMBIfZ1OTldCRb79tfHmZWuCa9zP3PYzddixdaIQCFfn/3RsmfrN5qyJPXQXHw0r8+JDWgaRUsKR8251HHgk3J7hA28F/ukPxQOKL0FAGadiWe4PXYVkf2H1xunAbT+9doGTDLP8LC2vbUj/Q7lfujlfoLOzIekD5LM9N1zo4PAXuTjQ+7g/WPMglla9KSgvZnxeQ9iddQ5DcqA3f/M7aVq51hKUxwU3PLTjku4n3W5sx4kusN/ZkAh4mOMy+Ekc6tlcV~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Q3seiOAQAA26vUHBcuyxAetskIFPNASsgM5gUkP4QkBcrC7kkjdZHoylBk2nnEntEZNqYV6w0GaxK6hJZmC/BAqZ19P7kGZ0lNJy970kf0sukyafUeqBTD6pvWv4gKyVr15L3U7ngohX9dGwFrNOsN2pJh4daJjKJVw8RXThHhjY+zhlyP5BvrwHVQwSzcxXobJmeU9+yisnBAcJ6qRjWP7FCRfY7hJvBe1mYJ1zIj7ykFfosiYPh6DmYgLTuXEoj7C2Nhj00Mp/6CvBAqP5F69IgiVmp7pqHvQ9SEDvXTjCreUgRZZ977lzg6z7y7py72kmCrFAoYYXema6KGnSioFjYvVkF2InoVlTpn/SdJNFROuf2DUPL2l2dLd2MQzfsqkajpLV0tFn72W0+tNtoNswlIAhTVH12vM2gNhg4Tsx1huMw=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
content-length: 12860
last-modified: Tue, 16 Apr 2024 20:48:28 GMT
etag: "661ee41c-323c"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-envoy-upstream-service-time: 0
tracing-context: frontend-routing-ncl-static-response
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:11 GMT
date: Fri, 26 Apr 2024 23:54:11 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:11 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175651363_388255198_129679181_588_10851_0_0_31";dur=1
akamai-grn: 0.de4d2417.1714175651.7babf4d
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/assets/v1/fonts/jost-v14-latin-500.woff2

104.110.31.27

200 OK

10 kB

URL GET HTTP/2
www.ncl.com/assets/v1/fonts/jost-v14-latin-500.woff2
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10012, version 1.0
Size
10 kB (10012 bytes)
Hash
ad57e7c303c98c098069883f76c6f4b6
67e09576458b4f21321fdc9715844b0a9d020841
c99aaa9d35986f17f4b940fdb18ad3eb19eaa6afca98f0ca60b3477c4bd0f819

HTTP Headers

GET /assets/v1/fonts/jost-v14-latin-500.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ncl.com/fr/en/assets/v1/styles/main.css?v=1709081432208
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQ3k0kF5A3seiOAQAA3KnUHAsx+bgvNJAYwasantXPiC4gSorbQ6ED10NO7ZWzM2Oe/9o15DYI8j15aL+cYtU/wNshmYEtX4nctx4MaO04dKsCzmvqXgAn8eiOlM+IyobrvHqrM4VoWRxTpJdRMBIfZ1OTldCRb79tfHmZWuCa9zP3PYzddixdaIQCFfn/3RsmfrN5qyJPXQXHw0r8+JDWgaRUsKR8251HHgk3J7hA28F/ukPxQOKL0FAGadiWe4PXYVkf2H1xunAbT+9doGTDLP8LC2vbUj/Q7lfujlfoLOzIekD5LM9N1zo4PAXuTjQ+7g/WPMglla9KSgvZnxeQ9iddQ5DcqA3f/M7aVq51hKUxwU3PLTjku4n3W5sx4kusN/ZkAh4mOMy+Ekc6tlcV~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Q3seiOAQAA26vUHBcuyxAetskIFPNASsgM5gUkP4QkBcrC7kkjdZHoylBk2nnEntEZNqYV6w0GaxK6hJZmC/BAqZ19P7kGZ0lNJy970kf0sukyafUeqBTD6pvWv4gKyVr15L3U7ngohX9dGwFrNOsN2pJh4daJjKJVw8RXThHhjY+zhlyP5BvrwHVQwSzcxXobJmeU9+yisnBAcJ6qRjWP7FCRfY7hJvBe1mYJ1zIj7ykFfosiYPh6DmYgLTuXEoj7C2Nhj00Mp/6CvBAqP5F69IgiVmp7pqHvQ9SEDvXTjCreUgRZZ977lzg6z7y7py72kmCrFAoYYXema6KGnSioFjYvVkF2InoVlTpn/SdJNFROuf2DUPL2l2dLd2MQzfsqkajpLV0tFn72W0+tNtoNswlIAhTVH12vM2gNhg4Tsx1huMw=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
content-length: 10012
last-modified: Wed, 21 Jun 2023 21:42:06 GMT
etag: "64936eae-271c"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-envoy-upstream-service-time: 1
tracing-context: frontend-routing-redesign-ncl-static-response
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:11 GMT
date: Fri, 26 Apr 2024 23:54:11 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:11 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175651359_388255198_129679182_30_14467_0_0_31";dur=1
akamai-grn: 0.de4d2417.1714175651.7babf4e
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

norwegiancruiseline.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin

44.197.47.122

200 OK

1.6 kB

URL GET HTTP/2
norwegiancruiseline.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin
IP
44.197.47.122:443
ASN
#14618 AMAZON-AES

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subject*.mpeasylink.com
Fingerprint91:59:ED:BB:E1:EA:51:7B:16:61:26:18:45:7B:DF:C9:B9:B9:77:C8
ValidityTue, 13 Feb 2024 00:00:00 GMT - Sat, 01 Mar 2025 23:59:59 GMT

File type
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size
1.6 kB (1579 bytes)
Hash
65546d84c6fd12ec1c2b090d3389792e
30147b35c79936245e046c3ffc43baaecbab5585
30b5596ba791d19c26559e0bb2214e7944e2fe1cfd76381096e5cd2e6c4ef07e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin HTTP/1.1
Host: norwegiancruiseline.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:54:11 GMT
content-type: text/html
accept-ranges: bytes
etag: W/"4342-1474031000000"
last-modified: Fri, 16 Sep 2016 13:03:20 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.ncl.com/fr/en/assets/v1/styles/main.css?v=1709081432208

104.110.31.27

200 OK

1.8 kB

URL GET HTTP/2
www.ncl.com/fr/en/assets/v1/styles/main.css?v=1709081432208
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1816), with no line terminators
Size
1.8 kB (1816 bytes)
Hash
dc0be57bcb618e9b266a7088bc795418
d7241767f8789be9e2fca7743affb0ef52c20cd8
78245aa35add9bc71e54a5582bed409d202cd17639c17deb1bb8c1cbfcf6e3db

HTTP Headers

GET /fr/en/assets/v1/styles/main.css?v=1709081432208 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
content-security-policy: frame-ancestors 'self' *.motionpoint.com https://www.ncl.com/assets/v1
etag: W/"64936f23-2885c7"
last-modified: Wed, 17 Apr 2024 21:02:33 GMT
server: Akamai Resource Optimizer
tracing-context: frontend-routing-redesign-ncl-static-response
x-envoy-upstream-service-time: 3
x-frame-options: SAMEORIGIN
content-length: 187662
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175650084_388255198_129679123_60_17163_0_0_21";dur=1
akamai-grn: 0.ca403617.1713387745.1f1d2f1d, 0.de4d2417.1714175650.7babf13
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/assets/v1/images/favicon/apple-touch-icon-128x128.png

104.110.31.27

200 OK

1.8 kB

URL GET HTTP/2
www.ncl.com/assets/v1/images/favicon/apple-touch-icon-128x128.png
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.8 kB (1844 bytes)
Hash
4b4992861ae12345c9ee63c3453bfb26
93d2b1cb8bf2840137459ef6b4ebbe61f817b036
cd84fc72c6d96221540aac96e41564747cee3a29e9b96d7cab726fd18f086412

HTTP Headers

GET /assets/v1/images/favicon/apple-touch-icon-128x128.png HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~0~YAAQ3k0kF5U3seiOAQAA3a7UHAu8caatl2oMlSeqcJfsIOlZTACrzarrW5DnWg4ZuaxeSr4/fC/zoLhQp825qi4/XhWS0LZayl7blWEPxfcAfqQiy004V8SayHnc2818zrqQ4e1WN9Wt8c0nJDIsculbKp3xDR6ZZziBaO4s2bwwvJqJZ9gXm8zYA+iuLx19KbbnUGHxzxe8NJgvCITuHFLOIy6hEvz7C2UlYfisJCR2vOW0NHw+mxzr286DywqHBYhYfJToME28Dv6sXvDkvPFyYI0+THGrJOg/LmQLD4mBpBdMZo/Nggk9zwVJ0wdIMmKfWXcASLXg4+RjfgtmCO19kpw3eQwkdV2rUH5NHz1VwrVQAE9e//OYVJy2pn76aR1veRKs/r96uZXqVJ+cJ8SnCo1hihqh0WYuYscB0f0=~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Q3seiOAQAA26vUHBcuyxAetskIFPNASsgM5gUkP4QkBcrC7kkjdZHoylBk2nnEntEZNqYV6w0GaxK6hJZmC/BAqZ19P7kGZ0lNJy970kf0sukyafUeqBTD6pvWv4gKyVr15L3U7ngohX9dGwFrNOsN2pJh4daJjKJVw8RXThHhjY+zhlyP5BvrwHVQwSzcxXobJmeU9+yisnBAcJ6qRjWP7FCRfY7hJvBe1mYJ1zIj7ykFfosiYPh6DmYgLTuXEoj7C2Nhj00Mp/6CvBAqP5F69IgiVmp7pqHvQ9SEDvXTjCreUgRZZ977lzg6z7y7py72kmCrFAoYYXema6KGnSioFjYvVkF2InoVlTpn/SdJNFROuf2DUPL2l2dLd2MQzfsqkajpLV0tFn72W0+tNtoNswlIAhTVH12vM2gNhg4Tsx1huMw=; CONSENTMGR=c1:0%7Cc2:0%7Cc3:0%7Cc4:0%7Cc5:0%7Cc6:0%7Cc7:0%7Cc8:0%7Cc9:0%7Cc10:0%7Cc11:0%7Cc12:0%7Cc13:0%7Cc14:0%7Cc15:0%7Cts:1714175651719%7Cconsent:false; utag_main=v_id:018f1cd4af890016a78f12df9cbf05044002600900918$_sn:1$_ss:1$_st:1714177451722$ses_id:1714175651722%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 17 Apr 2024 19:10:42 GMT
x-frame-options: SAMEORIGIN
etag: "64936eb0-2fd8"
server: Akamai Image Manager
content-length: 1844
content-type: image/webp
cache-control: private, no-transform, max-age=1797364
expires: Fri, 17 May 2024 19:10:15 GMT
date: Fri, 26 Apr 2024 23:54:11 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:11 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175651871_388255198_129679188_54_17047_0_0_21";dur=1
akamai-grn: 0.de4d2417.1714175651.7babf54
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/assets/v1/images/favicon/windows-icon-32x32.png

104.110.31.27

200 OK

558 B

URL GET HTTP/2
www.ncl.com/assets/v1/images/favicon/windows-icon-32x32.png
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
558 B (558 bytes)
Hash
c622ebb86ffa476cdcff8e5714dca059
0cacb60f56175f32ed3e1edb263ee769775e0225
a9b7ae93760d2d9d55d7ebf82ad96b1c9144f32cdaa2c13a769ac971b164f055

HTTP Headers

GET /assets/v1/images/favicon/windows-icon-32x32.png HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~0~YAAQ3k0kF5U3seiOAQAA3a7UHAu8caatl2oMlSeqcJfsIOlZTACrzarrW5DnWg4ZuaxeSr4/fC/zoLhQp825qi4/XhWS0LZayl7blWEPxfcAfqQiy004V8SayHnc2818zrqQ4e1WN9Wt8c0nJDIsculbKp3xDR6ZZziBaO4s2bwwvJqJZ9gXm8zYA+iuLx19KbbnUGHxzxe8NJgvCITuHFLOIy6hEvz7C2UlYfisJCR2vOW0NHw+mxzr286DywqHBYhYfJToME28Dv6sXvDkvPFyYI0+THGrJOg/LmQLD4mBpBdMZo/Nggk9zwVJ0wdIMmKfWXcASLXg4+RjfgtmCO19kpw3eQwkdV2rUH5NHz1VwrVQAE9e//OYVJy2pn76aR1veRKs/r96uZXqVJ+cJ8SnCo1hihqh0WYuYscB0f0=~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Q3seiOAQAA26vUHBcuyxAetskIFPNASsgM5gUkP4QkBcrC7kkjdZHoylBk2nnEntEZNqYV6w0GaxK6hJZmC/BAqZ19P7kGZ0lNJy970kf0sukyafUeqBTD6pvWv4gKyVr15L3U7ngohX9dGwFrNOsN2pJh4daJjKJVw8RXThHhjY+zhlyP5BvrwHVQwSzcxXobJmeU9+yisnBAcJ6qRjWP7FCRfY7hJvBe1mYJ1zIj7ykFfosiYPh6DmYgLTuXEoj7C2Nhj00Mp/6CvBAqP5F69IgiVmp7pqHvQ9SEDvXTjCreUgRZZ977lzg6z7y7py72kmCrFAoYYXema6KGnSioFjYvVkF2InoVlTpn/SdJNFROuf2DUPL2l2dLd2MQzfsqkajpLV0tFn72W0+tNtoNswlIAhTVH12vM2gNhg4Tsx1huMw=; CONSENTMGR=c1:0%7Cc2:0%7Cc3:0%7Cc4:0%7Cc5:0%7Cc6:0%7Cc7:0%7Cc8:0%7Cc9:0%7Cc10:0%7Cc11:0%7Cc12:0%7Cc13:0%7Cc14:0%7Cc15:0%7Cts:1714175651719%7Cconsent:false; utag_main=v_id:018f1cd4af890016a78f12df9cbf05044002600900918$_sn:1$_ss:1$_st:1714177451722$ses_id:1714175651722%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 17 Apr 2024 19:10:27 GMT
x-frame-options: SAMEORIGIN
etag: "64936eb0-b8a"
server: Akamai Image Manager
content-length: 558
content-type: image/webp
cache-control: private, no-transform, max-age=1797368
expires: Fri, 17 May 2024 19:10:19 GMT
date: Fri, 26 Apr 2024 23:54:11 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:11 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175651871_388255198_129679189_51_16895_0_0_21";dur=1
akamai-grn: 0.de4d2417.1714175651.7babf55
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

player.vimeo.com/api/player.js

162.159.138.60

200 OK

11 kB

URL GET HTTP/1.1
player.vimeo.com/api/player.js
IP
162.159.138.60:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerLet's Encrypt
Subjectplayer.vimeo.com
FingerprintE8:45:41:E9:31:D2:A5:77:D5:5E:75:89:F8:00:24:2E:C3:3F:C8:BE
ValidityFri, 29 Mar 2024 06:04:47 GMT - Thu, 27 Jun 2024 06:04:46 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (37934)
Size
11 kB (11390 bytes)
Hash
da2ba57d91a7f508da290f9fa623eae4
b14816b57ca689786847fef1f5a31288e159e3e4
1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f

HTTP Headers

GET /api/player.js HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:54:11 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 11390
Connection: keep-alive
access-control-allow-origin: *
Cache-Control: max-age=1800
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
expires: Fri, 26 Apr 2024 20:21:19 GMT
x-player-backend: g
x-backend-server: player-backend-edge-entry
x-bapp-server: 
Content-Encoding: gzip
accept-ranges: bytes
via: 1.1 varnish
Age: 173
x-served-by: cache-osl6526-OSL
x-cache: HIT
x-cache-hits: 40
x-timer: S1714175652.892160,VS0,VE0
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=TZEHXOKFIuief1tksiK.2zDf1pgGrIJi9LiUKbd3LnE-1714175651-1.0.1.1-tLCx6ijuw1N_2QBaUvdZ9ukhopwV.m7MtqCgY1RBr0.zCBTs9edekmIg8EckkGYlOq.hK6io88cXM45pS3OU.Q; path=/; expires=Sat, 27-Apr-24 00:24:11 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
_cfuvid=kf6ZVvaWYaFca16dnVMQQR0UODFs3WOrM4pNP5jenA4-1714175651893-0.0.1.1-604800000; path=/; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 87aa7f204cf856c6-OSL

norwegiancruiseline.mpeasylink.com/mpel/mpel_toggle.js?v=1714175651

44.197.47.122

200 OK

30 kB

URL GET HTTP/2
norwegiancruiseline.mpeasylink.com/mpel/mpel_toggle.js?v=1714175651
IP
44.197.47.122:443
ASN
#14618 AMAZON-AES

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subject*.mpeasylink.com
Fingerprint91:59:ED:BB:E1:EA:51:7B:16:61:26:18:45:7B:DF:C9:B9:B9:77:C8
ValidityTue, 13 Feb 2024 00:00:00 GMT - Sat, 01 Mar 2025 23:59:59 GMT

File type
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size
30 kB (29521 bytes)
Hash
c8b58ea2a4c7d997ad2cf408f96256fd
17e24acbae52569d658a11c73040ff8a2c014080
53da1476d5c861820383a1bd27f9a0678304b112bff0becea05c16b1c4cb8efb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mpel/mpel_toggle.js?v=1714175651 HTTP/1.1
Host: norwegiancruiseline.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:54:11 GMT
content-type: application/javascript
accept-ranges: bytes
etag: W/"3159-1639662362000"
last-modified: Thu, 16 Dec 2021 13:46:02 GMT
cache-control: max-age=86400
expires: Sat, 27 Apr 2024 23:54:11 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.ncl.com/akam/13/pixel_eb2f419

104.110.31.27

200 OK

0 B

URL POST HTTP/2
www.ncl.com/akam/13/pixel_eb2f419
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /akam/13/pixel_eb2f419 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
Content-Type: application/x-www-form-urlencoded
Content-Length: 2903
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~0~YAAQ3k0kF5U3seiOAQAA3a7UHAu8caatl2oMlSeqcJfsIOlZTACrzarrW5DnWg4ZuaxeSr4/fC/zoLhQp825qi4/XhWS0LZayl7blWEPxfcAfqQiy004V8SayHnc2818zrqQ4e1WN9Wt8c0nJDIsculbKp3xDR6ZZziBaO4s2bwwvJqJZ9gXm8zYA+iuLx19KbbnUGHxzxe8NJgvCITuHFLOIy6hEvz7C2UlYfisJCR2vOW0NHw+mxzr286DywqHBYhYfJToME28Dv6sXvDkvPFyYI0+THGrJOg/LmQLD4mBpBdMZo/Nggk9zwVJ0wdIMmKfWXcASLXg4+RjfgtmCO19kpw3eQwkdV2rUH5NHz1VwrVQAE9e//OYVJy2pn76aR1veRKs/r96uZXqVJ+cJ8SnCo1hihqh0WYuYscB0f0=~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Q3seiOAQAA26vUHBcuyxAetskIFPNASsgM5gUkP4QkBcrC7kkjdZHoylBk2nnEntEZNqYV6w0GaxK6hJZmC/BAqZ19P7kGZ0lNJy970kf0sukyafUeqBTD6pvWv4gKyVr15L3U7ngohX9dGwFrNOsN2pJh4daJjKJVw8RXThHhjY+zhlyP5BvrwHVQwSzcxXobJmeU9+yisnBAcJ6qRjWP7FCRfY7hJvBe1mYJ1zIj7ykFfosiYPh6DmYgLTuXEoj7C2Nhj00Mp/6CvBAqP5F69IgiVmp7pqHvQ9SEDvXTjCreUgRZZ977lzg6z7y7py72kmCrFAoYYXema6KGnSioFjYvVkF2InoVlTpn/SdJNFROuf2DUPL2l2dLd2MQzfsqkajpLV0tFn72W0+tNtoNswlIAhTVH12vM2gNhg4Tsx1huMw=; CONSENTMGR=c1:0%7Cc2:0%7Cc3:0%7Cc4:0%7Cc5:0%7Cc6:0%7Cc7:0%7Cc8:0%7Cc9:0%7Cc10:0%7Cc11:0%7Cc12:0%7Cc13:0%7Cc14:0%7Cc15:0%7Cts:1714175651719%7Cconsent:false; utag_main=v_id:018f1cd4af890016a78f12df9cbf05044002600900918$_sn:1$_ss:1$_st:1714177451722$ses_id:1714175651722%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Fri, 26 Apr 2024 23:54:11 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1714175651943_388255198_129679191_254_11563_0_0_21";dur=1
x-akam-sw-version: 0.5.0
akamai-grn: 0.de4d2417.1714175651.7babf57
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:11 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Y3seiOAQAAdbDUHBd9xm6TOIMacNjDQ/hc9Gq5n5DM58CsFCfkcSqK7lFNO6UmC1A9be7rpLQExn7MiLrlmkO/kj436Plb0ZHgqYu6sXpNVy27sBKWDMcNVGCDpEtYOYpiOh/Js5khflQi/walCRSmg1kLm6MmMm55zYFZMJXukyk/3+E4ncXl/QTls6VSsbcw2JrVKxPuFfsGtYq6190PBkZtyDxqbY81bVhULcXuixeAxTNl3K23SNa7+JgYBIwPxqTFUnbCFIGoSHTpMqayQ5Mi2xVKbMl2pqYID02NXW5s3a+Xn7dVRKx76fuoQJV1sbwIl51eduPv8Tx8tj5uvCvlAFK5LvtAqXkvkKRtXRx3ODaVRTBx9xDAZimS7+mZvbeAFvgYq9Sfh+770TGCCHziJmCy3Md356E7cpwoWaYbnwvqKe/SUTs//eb9iug=; Domain=.ncl.com; Path=/; Expires=Sat, 27 Apr 2024 01:54:09 GMT; Max-Age=7198; Secure
X-Firefox-Spdy: h2

analytics.convertlanguage.com/__utm.gif?utmwv=1&utmn=1709597600&utmcs=UTF-8&utmsr=1280x1024&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhn=www.ncl.com&utmr=-&utmcc=__utma%3D35125182.1709597600.1714175652.1714175652.1714175652.1%3B%2B__utmb%3D35125182%3B%2B__utmc%3D35125182%3B%2B__utmz%3D35125182.1714175652.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B&utmdt=Login&utmp=%2Ffr%2Fen%2Fshorex%2Flogin

18.221.115.183

200 OK

35 B

URL GET HTTP/2
analytics.convertlanguage.com/__utm.gif?utmwv=1&utmn=1709597600&utmcs=UTF-8&utmsr=1280x1024&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhn=www.ncl.com&utmr=-&utmcc=__utma%3D35125182.1709597600.1714175652.1714175652.1714175652.1%3B%2B__utmb%3D35125182%3B%2B__utmc%3D35125182%3B%2B__utmz%3D35125182.1714175652.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B&utmdt=Login&utmp=%2Ffr%2Fen%2Fshorex%2Flogin
IP
18.221.115.183:443
ASN
#16509 AMAZON-02

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectanalytics.convertlanguage.com
Fingerprint12:E7:13:B1:3B:2F:54:FF:5E:7D:A3:CA:23:45:80:3F:54:17:E5:3F
ValidityTue, 13 Feb 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /__utm.gif?utmwv=1&utmn=1709597600&utmcs=UTF-8&utmsr=1280x1024&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhn=www.ncl.com&utmr=-&utmcc=__utma%3D35125182.1709597600.1714175652.1714175652.1714175652.1%3B%2B__utmb%3D35125182%3B%2B__utmc%3D35125182%3B%2B__utmz%3D35125182.1714175652.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B&utmdt=Login&utmp=%2Ffr%2Fen%2Fshorex%2Flogin HTTP/1.1
Host: analytics.convertlanguage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:54:12 GMT
content-type: image/gif
content-length: 35
server: Apache
last-modified: Tue, 14 May 2019 17:36:38 GMT
etag: "23-588dc79a526c8"
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js

104.19.177.52

200 OK

81 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65455)
Size
81 kB (81354 bytes)
Hash
656a4fd9013f905080debdd038f06b94
6843484ea4be1a3415ea554bb8b7aaa6e311554a
0152531ece5b19aa743208c31fd9f9284282bc97a2ec666de5cf770a9aeee0fa

HTTP Headers

GET /scripttemplates/6.33.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:54:12 GMT
content-type: application/javascript
content-length: 81354
content-encoding: gzip
content-md5: snqI9a2h7X2bbSiony0guw==
last-modified: Wed, 13 Apr 2022 01:38:27 GMT
etag: 0x8DA1CEE4EF01A44
x-ms-request-id: 80039c49-c01e-0089-5a19-158356000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 20805
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa7f224ad9b529-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/267f51d2-ba28-48dd-a9fb-506a0b0665cc/58dbebf3-4fa1-472e-a9c6-bff4fee048c3/en.json

104.19.177.52

200 OK

34 kB

URL GET HTTP/2
cdn.cookielaw.org/consent/267f51d2-ba28-48dd-a9fb-506a0b0665cc/58dbebf3-4fa1-472e-a9c6-bff4fee048c3/en.json
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
34 kB (33783 bytes)
Hash
74e97ace88c6b367fcb2824164147907
7cb0c93c25fc2f12a38fa49568b7d2d3e6a24e25
db020491d51cf92ba16ecab3f755f0022424b4ee7fced98ae66a559f863401bd

HTTP Headers

GET /consent/267f51d2-ba28-48dd-a9fb-506a0b0665cc/58dbebf3-4fa1-472e-a9c6-bff4fee048c3/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:54:12 GMT
content-type: application/x-javascript
content-length: 33783
cf-ray: 87aa7f230ae5b4f1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 16089
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DBFFEC00B1105E
expires: Sat, 27 Apr 2024 23:54:12 GMT
last-modified: Mon, 18 Dec 2023 17:08:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: V2TqffsiebNLvhzLBq9oYg==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 74204dbc-301e-008d-55d4-310e51000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.33.0/assets/otFlat.json

104.19.177.52

200 OK

3.0 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/6.33.0/assets/otFlat.json
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
3.0 kB (2959 bytes)
Hash
803b2c8a7143c1fae821a92911644919
4499b1ab1361d38c38044f0707f4bff0cc36fcd6
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6

HTTP Headers

GET /scripttemplates/6.33.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:54:12 GMT
content-type: application/json
content-length: 2959
content-encoding: gzip
content-md5: sKd74iX+eTxIn9FxDVtzyw==
last-modified: Wed, 13 Apr 2022 01:38:17 GMT
etag: 0x8DA1CEE4903C133
x-ms-request-id: bad52d26-f01e-0059-0c1b-15be00000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 20374
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa7f24abc0b4f1-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.33.0/assets/v2/otPcCenter.json

104.19.177.52

200 OK

12 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/6.33.0/assets/v2/otPcCenter.json
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
12 kB (11627 bytes)
Hash
5774767ebdfc6493c63c19b62ea2cbc5
56834fb84d6aa4917e1b4a9e9f950b533250ea75
25f5cc4a39b2d6a0d908fe93f98f6f4e9b9a821a35547dd7b19504150db76f6a

HTTP Headers

GET /scripttemplates/6.33.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:54:12 GMT
content-type: application/json
content-length: 11627
content-encoding: gzip
content-md5: bANqBAaG5LxlStWRgKEy2g==
last-modified: Wed, 13 Apr 2022 01:38:20 GMT
etag: 0x8DA1CEE4A6394DD
x-ms-request-id: 0aa30f42-601e-0074-4dd2-210d73000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 20374
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa7f24abc2b4f1-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.33.0/assets/otCookieSettingsButton.json

104.19.177.52

200 OK

1.8 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/6.33.0/assets/otCookieSettingsButton.json
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
1.8 kB (1780 bytes)
Hash
bf5f073ae076b3c1d4fd416b128e9cec
9e5ea2008bf8bbc473798738a567ee8f60941b18
9e413fe14135b1fe89832925dad54fd79bef183a189868be478726d11f3942d1

HTTP Headers

GET /scripttemplates/6.33.0/assets/otCookieSettingsButton.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:54:12 GMT
content-type: application/json
content-length: 1780
content-encoding: gzip
content-md5: 1SSwYSVOrM1BQMnnGszv8A==
last-modified: Wed, 13 Apr 2022 01:38:19 GMT
etag: 0x8DA1CEE4A1901CB
x-ms-request-id: dc6d3db0-e01e-0055-16be-0b2908000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 20374
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa7f24bbc3b4f1-OSL
X-Firefox-Spdy: h2

www.ncl.com/static/fonts/noto-sans-v27-latin-300.woff2

104.110.31.27

200 OK

13 kB

URL GET HTTP/2
www.ncl.com/static/fonts/noto-sans-v27-latin-300.woff2
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13024, version 1.0
Size
13 kB (13024 bytes)
Hash
92aadfbc05c69fdeb19657dfe45c1083
cd2574914e14fb3326976b6c8d26b4e4e097be71
1aea802d16476a74c8683213c1f62c53c76006d007ee244b3899f304ebcc52e0

HTTP Headers

GET /static/fonts/noto-sans-v27-latin-300.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ncl.com/fr/en/static/styles/compatibility.css?v=1709081432208
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~0~YAAQ3k0kF5U3seiOAQAA3a7UHAu8caatl2oMlSeqcJfsIOlZTACrzarrW5DnWg4ZuaxeSr4/fC/zoLhQp825qi4/XhWS0LZayl7blWEPxfcAfqQiy004V8SayHnc2818zrqQ4e1WN9Wt8c0nJDIsculbKp3xDR6ZZziBaO4s2bwwvJqJZ9gXm8zYA+iuLx19KbbnUGHxzxe8NJgvCITuHFLOIy6hEvz7C2UlYfisJCR2vOW0NHw+mxzr286DywqHBYhYfJToME28Dv6sXvDkvPFyYI0+THGrJOg/LmQLD4mBpBdMZo/Nggk9zwVJ0wdIMmKfWXcASLXg4+RjfgtmCO19kpw3eQwkdV2rUH5NHz1VwrVQAE9e//OYVJy2pn76aR1veRKs/r96uZXqVJ+cJ8SnCo1hihqh0WYuYscB0f0=~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Y3seiOAQAAdbDUHBd9xm6TOIMacNjDQ/hc9Gq5n5DM58CsFCfkcSqK7lFNO6UmC1A9be7rpLQExn7MiLrlmkO/kj436Plb0ZHgqYu6sXpNVy27sBKWDMcNVGCDpEtYOYpiOh/Js5khflQi/walCRSmg1kLm6MmMm55zYFZMJXukyk/3+E4ncXl/QTls6VSsbcw2JrVKxPuFfsGtYq6190PBkZtyDxqbY81bVhULcXuixeAxTNl3K23SNa7+JgYBIwPxqTFUnbCFIGoSHTpMqayQ5Mi2xVKbMl2pqYID02NXW5s3a+Xn7dVRKx76fuoQJV1sbwIl51eduPv8Tx8tj5uvCvlAFK5LvtAqXkvkKRtXRx3ODaVRTBx9xDAZimS7+mZvbeAFvgYq9Sfh+770TGCCHziJmCy3Md356E7cpwoWaYbnwvqKe/SUTs//eb9iug=; CONSENTMGR=c1:0%7Cc2:0%7Cc3:0%7Cc4:0%7Cc5:0%7Cc6:0%7Cc7:0%7Cc8:0%7Cc9:0%7Cc10:0%7Cc11:0%7Cc12:0%7Cc13:0%7Cc14:0%7Cc15:0%7Cts:1714175651719%7Cconsent:false; utag_main=v_id:018f1cd4af890016a78f12df9cbf05044002600900918$_sn:1$_ss:1$_st:1714177451722$ses_id:1714175651722%3Bexp-session$_pn:1%3Bexp-session; mp__utma=35125182.1709597600.1714175652.1714175652.1714175652.1; mp__utmb=35125182; mp__utmc=35125182; mp__utmz=35125182.1714175652.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); OptanonConsent=isGpcEnabled=0&datestamp=Fri+Apr+26+2024+23%3A54%3A12+GMT%2B0000+(GMT)&version=6.33.0&isIABGlobal=false&hosts=&consentId=88878282-1e02-4efe-a0e4-496667bc41f6&interactionCount=0&landingPath=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
content-length: 13024
last-modified: Tue, 16 Apr 2024 20:47:46 GMT
etag: "661ee3f2-32e0"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-envoy-upstream-service-time: 1
tracing-context: frontend-routing-ncl-static-response
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:12 GMT
date: Fri, 26 Apr 2024 23:54:12 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:12 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175652713_388255198_129679218_44_14400_0_0_31";dur=1
akamai-grn: 0.de4d2417.1714175652.7babf72
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/static/fonts/noto-sans-v27-latin-700.woff2

104.110.31.27

200 OK

13 kB

URL GET HTTP/2
www.ncl.com/static/fonts/noto-sans-v27-latin-700.woff2
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12684, version 1.0
Size
13 kB (12684 bytes)
Hash
0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

HTTP Headers

GET /static/fonts/noto-sans-v27-latin-700.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ncl.com/fr/en/static/styles/compatibility.css?v=1709081432208
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~0~YAAQ3k0kF5U3seiOAQAA3a7UHAu8caatl2oMlSeqcJfsIOlZTACrzarrW5DnWg4ZuaxeSr4/fC/zoLhQp825qi4/XhWS0LZayl7blWEPxfcAfqQiy004V8SayHnc2818zrqQ4e1WN9Wt8c0nJDIsculbKp3xDR6ZZziBaO4s2bwwvJqJZ9gXm8zYA+iuLx19KbbnUGHxzxe8NJgvCITuHFLOIy6hEvz7C2UlYfisJCR2vOW0NHw+mxzr286DywqHBYhYfJToME28Dv6sXvDkvPFyYI0+THGrJOg/LmQLD4mBpBdMZo/Nggk9zwVJ0wdIMmKfWXcASLXg4+RjfgtmCO19kpw3eQwkdV2rUH5NHz1VwrVQAE9e//OYVJy2pn76aR1veRKs/r96uZXqVJ+cJ8SnCo1hihqh0WYuYscB0f0=~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Y3seiOAQAAdbDUHBd9xm6TOIMacNjDQ/hc9Gq5n5DM58CsFCfkcSqK7lFNO6UmC1A9be7rpLQExn7MiLrlmkO/kj436Plb0ZHgqYu6sXpNVy27sBKWDMcNVGCDpEtYOYpiOh/Js5khflQi/walCRSmg1kLm6MmMm55zYFZMJXukyk/3+E4ncXl/QTls6VSsbcw2JrVKxPuFfsGtYq6190PBkZtyDxqbY81bVhULcXuixeAxTNl3K23SNa7+JgYBIwPxqTFUnbCFIGoSHTpMqayQ5Mi2xVKbMl2pqYID02NXW5s3a+Xn7dVRKx76fuoQJV1sbwIl51eduPv8Tx8tj5uvCvlAFK5LvtAqXkvkKRtXRx3ODaVRTBx9xDAZimS7+mZvbeAFvgYq9Sfh+770TGCCHziJmCy3Md356E7cpwoWaYbnwvqKe/SUTs//eb9iug=; CONSENTMGR=c1:0%7Cc2:0%7Cc3:0%7Cc4:0%7Cc5:0%7Cc6:0%7Cc7:0%7Cc8:0%7Cc9:0%7Cc10:0%7Cc11:0%7Cc12:0%7Cc13:0%7Cc14:0%7Cc15:0%7Cts:1714175651719%7Cconsent:false; utag_main=v_id:018f1cd4af890016a78f12df9cbf05044002600900918$_sn:1$_ss:1$_st:1714177451722$ses_id:1714175651722%3Bexp-session$_pn:1%3Bexp-session; mp__utma=35125182.1709597600.1714175652.1714175652.1714175652.1; mp__utmb=35125182; mp__utmc=35125182; mp__utmz=35125182.1714175652.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); OptanonConsent=isGpcEnabled=0&datestamp=Fri+Apr+26+2024+23%3A54%3A12+GMT%2B0000+(GMT)&version=6.33.0&isIABGlobal=false&hosts=&consentId=88878282-1e02-4efe-a0e4-496667bc41f6&interactionCount=0&landingPath=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
content-length: 12684
last-modified: Tue, 16 Apr 2024 20:48:17 GMT
etag: "661ee411-318c"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-envoy-upstream-service-time: 1
tracing-context: frontend-routing-ncl-static-response
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:12 GMT
date: Fri, 26 Apr 2024 23:54:12 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:12 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175652718_388255198_129679219_129_12798_0_0_31";dur=1
akamai-grn: 0.de4d2417.1714175652.7babf73
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

cdn.cookielaw.org/logos/static/powered_by_logo.svg

104.19.177.52

200 OK

15 kB

URL GET HTTP/2
cdn.cookielaw.org/logos/static/powered_by_logo.svg
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
15 kB (14893 bytes)
Hash
b3ebb6ea6d2ad5dba071de619da5f10e
782f6693ae48ccffaae6bcfc6e279cdc572225b0
9b70ffca37de23b040d2fa36e3da9ac434623b632e8105c1b1313deda2baf39f

HTTP Headers

GET /logos/static/powered_by_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:54:12 GMT
content-type: image/svg+xml
content-md5: Y+c301RBZNK39PvKQWrIBw==
last-modified: Thu, 25 Apr 2024 02:29:06 GMT
x-ms-request-id: b91dce97-301e-0056-1143-97c86c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 20813
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa7f25acb6b529-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=b6XbprtzzVn1GQuuw3Ckwhq-7So4vLAEn62oDEHLgipLEDMZ7ddcJRglWu9cgj-Si6kig3LPi5JxeFyuEi_m9jJEf4S7eCMtn5mjNQMEkhoGAdx7UzG1CIotblgL7T3I
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
content-length: 444
date: Fri, 26 Apr 2024 23:52:39 GMT
age: 108
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

ncl.usablenet.com/pt/start

169.47.214.218

200 OK

1.8 kB

URL GET HTTP/2
ncl.usablenet.com/pt/start
IP
169.47.214.218:443
ASN
#36351 SOFTLAYER

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subject*.usablenet.com
FingerprintB0:18:07:BA:77:93:8D:7E:FC:E8:C3:76:77:E6:09:7F:1F:82:52:9B
ValidityMon, 13 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1919), with no line terminators
Size
1.8 kB (1840 bytes)
Hash
b07c49a282b2730b2f2bd26c4997d0f7
2c93adbb7dffd0fe8a0000de1bf8c9b52d43893e
63e8d67a1876559450249febf91830c6186709f3eda267dc2a25012e42a7ce21

HTTP Headers

GET /pt/start HTTP/1.1
Host: ncl.usablenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
cache-control: max-age=3600, public
content-type: text/javascript;charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
date: Fri, 26 Apr 2024 23:54:11 GMT
accept-ranges: bytes
set-cookie: X-Mapping-mhmffnck=7EDE74ACD8590ECDBE5E716A5009D961; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

analytics.convertlanguage.com/mpwat.js

18.221.115.183

200 OK

28 kB

URL GET HTTP/2
analytics.convertlanguage.com/mpwat.js
IP
18.221.115.183:443
ASN
#16509 AMAZON-02

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectanalytics.convertlanguage.com
Fingerprint12:E7:13:B1:3B:2F:54:FF:5E:7D:A3:CA:23:45:80:3F:54:17:E5:3F
ValidityTue, 13 Feb 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT

File type
C source, ASCII text, with very long lines (2301), with CRLF line terminators
Size
28 kB (28233 bytes)
Hash
e0387f6b59d90a76a7f13c46eb0ce23b
88bf77c2979dfab776d4b0a791710464dd2e0df8
fe7305a7dfcc82abff376ca1be4009f6b9ad0424e2d452a3a427d270fb341db8

HTTP Headers

GET /mpwat.js HTTP/1.1
Host: analytics.convertlanguage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:54:11 GMT
content-type: application/javascript
content-length: 28233
server: Apache
last-modified: Wed, 18 Jan 2023 19:11:25 GMT
etag: "6e49-5f28e952cc6fc"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.ncl.com/fr/en/sdcdn/doptimizely/js/5414371492.js

104.110.31.27

200 OK

1.2 MB

URL GET HTTP/2
www.ncl.com/fr/en/sdcdn/doptimizely/js/5414371492.js
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type

Size
1.2 MB (1236667 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fr/en/sdcdn/doptimizely/js/5414371492.js HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/fr/en/shorex/login
DNT: 1
Connection: keep-alive
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~-1~YAAQx00kFyDIXcuOAQAAc6TUHAvoqVt5v9qwp+e845kBJ6E67Mu9msErWs+LA+nWVsL0tyn5ImsZoii/+iy0Miv/rZOiBk5twhk4FnGl9fErPUqADyTe5HRDsPqnqi9HPEEHBab9nT17mRJLz1DNNdclkLXy+TtzV0sqsnkQhgwv7Tw+gRCCaVa16BPx/CeFE16BsC3HiyDP4d5j55uO36WPkrgeE47oW/tCBKx7mV/jpYIPIb2AHBDkMfeA9tVOyt7NEI/JHgaMaj7jNxftyt1nP9BUv/iyoDmjtPXXHO+8/TE5uWNrPv/yaz3aGownSbS7yySfoauVgg52cybNDS9+041FTDzzf+g+ceLHl205S5xLUdeezVrnIbpFuOaosbhvDQ==~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=E1EC78A1F5062D11F65E4AEC9A4B4485~000000000000000000000000000000~YAAQ3k0kF4w3seiOAQAAuafUHBfLXBvMc2BLihA62VjRkFUiHCvKpADxOub69+m+fjwK2Klq6q+frJGp9jZG7iNq21bBWPHa6vWybwxgSzKXMrl+MXUPBHpfXEqS8u0/HvYC7eAhcjLKM4yXA24YX2kuotVetAlQ0yG4nfx5lxiJV8RXwhVNNkFRVBiZhOnmxHBGVaAp9kbUHJIlS8vcfAfvOzcM7NImoHiTIsLM7YdsuE1LpudqFIYae1RKKUH5FgqJeMM+VSxYgdF9zNw4niokpef7sPGKDU3+fjX6Eo2VjeV+U+kwBomRImG9y9f5Sukx5hLYpKEMZSXgYb8CRbscIzpYbLfSX8I8W187pvrCw1WeOUmKPM3txrJ6s04VoQcCLPCJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
content-length: 221095
x-amz-id-2: u8+cSFwMqwn8Zr54auGS54t1xAJ91fx6i0FRm0hK8m5GkbHWhnHHGi97IWSIrqRtTpvaocAjdkk=
x-amz-request-id: 9T0WMH9JPCM0MX55
x-amz-replication-status: PENDING
last-modified: Thu, 25 Apr 2024 14:56:43 GMT
etag: "a51ec681a900a8aca5b721b3cc465900"
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 45922
x-amz-meta-pci_enabled: False
x-amz-version-id: Zllln0jNvsKTPxEgZdQeabYkl1V68I_3
access-control-expose-headers: x-amz-meta-revision
timing-allow-origin: *
content-security-policy: frame-ancestors 'self' *.motionpoint.com https://cdn.optimizely.com
content-encoding: gzip
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:10 GMT
date: Fri, 26 Apr 2024 23:54:10 GMT
vary: Accept-Encoding
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:10 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="1";dur=0,cdnip;desc="23.202.152.194";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="";dur=0, ak_p; desc="1714175650084_388255198_129679126_84_14810_0_0_21";dur=1
akamai-grn: 0.57f47568.1714058106.e516865, 0.de4d2417.1714175650.7babf16
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.ncl.com/assets/v1/fonts/noto-sans-v27-latin-regular.woff2

104.110.31.27

200 OK

13 kB

URL GET HTTP/2
www.ncl.com/assets/v1/fonts/noto-sans-v27-latin-regular.woff2
IP
104.110.31.27:443
ASN
#16625 AKAMAI-AS

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subjectwww.ncl.com
Fingerprint3F:EE:F4:18:7C:86:9C:21:0F:93:D6:EF:4D:09:CA:9B:35:51:EE:9C
ValidityWed, 01 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12860, version 1.0
Size
13 kB (12860 bytes)
Hash
ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

HTTP Headers

GET /assets/v1/fonts/noto-sans-v27-latin-regular.woff2 HTTP/1.1
Host: www.ncl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ncl.com/fr/en/assets/v1/styles/main.css?v=1709081432208
Cookie: _abck=C12F536CA0AEB355618DD7FB2B5EEA8E~0~YAAQ3k0kF5U3seiOAQAA3a7UHAu8caatl2oMlSeqcJfsIOlZTACrzarrW5DnWg4ZuaxeSr4/fC/zoLhQp825qi4/XhWS0LZayl7blWEPxfcAfqQiy004V8SayHnc2818zrqQ4e1WN9Wt8c0nJDIsculbKp3xDR6ZZziBaO4s2bwwvJqJZ9gXm8zYA+iuLx19KbbnUGHxzxe8NJgvCITuHFLOIy6hEvz7C2UlYfisJCR2vOW0NHw+mxzr286DywqHBYhYfJToME28Dv6sXvDkvPFyYI0+THGrJOg/LmQLD4mBpBdMZo/Nggk9zwVJ0wdIMmKfWXcASLXg4+RjfgtmCO19kpw3eQwkdV2rUH5NHz1VwrVQAE9e//OYVJy2pn76aR1veRKs/r96uZXqVJ+cJ8SnCo1hihqh0WYuYscB0f0=~-1~-1~-1; bm_sz=18B135A0F74DD894E40745EA3CD97F7D~YAAQ3k0kF443seiOAQAAuafUHBeP/3ZDO6Ng9wKy5XgKVLzZVZ9WJLPdBOsJWRe5aSGFO3pobiKX6g07RXeHZdYbkszZ3MAC4BcKTGhJGqSEgTb3JoEXObMkYSQhPqWOhvL+7Q5jlYJzPxXk4iXtS9Jl67VEdnN8B3Vg0vpH8mnAx1FWCzNHOsjCi8WwYHDifIjRY4j23PKubWtvYjwZgFC8AYgCRPmJ2xM0s3p8BUtSmHc7nhDms0VXeNoIRaqdTo7oaghevFnLTvs/zbhPR0zHMyfJRZBCvAlSEivk3NIj69DqyXFFEUgHL0gkrRY5Lk/eDkKd2NGBhI0CVmpsS8oIpeVpAansshBNr5l0M8vJz+pBz+4HNwgbQMuo/VbHBx4EaBzTg6vuZzc6LWTqHr5BNQLPStSB~4408133~4601400; optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; ak_location=NO,,OSLO,; Ncl_region=; ak_country=NOR; AkaUTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; AkaSTrackingID=91.90.42.154104.110.31.271714175649Mozilla/5.0 (X11; ak_long=10.75; ak_lat=59.92; AKA_A2=A; ncl_aws_prod=true; nosailaway=yes; akaalb_www_web2aws=1719359649~op=web2aws_ncl_prod_new:www_ncl_route2new|~rv=7~m=www_ncl_route2new:0|~os=5041aa2c50a20f17379585bbefdfedb9~id=ecf5603c735e5e42441a5ddaf24d458a; PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjNjN2YwYjNjYmEzN2MzN2QzZmU5MTg3ODFmOWZjZWFmNWNkMjJiMTgtMTcxNDE3NTY0OTY0My1lOTc4ODZlMGY5YjFiMjUzODViOTZhMWQifSwibmJmIjoxNzE0MTc1NjQ5LCJpYXQiOjE3MTQxNzU2NDl9.BIdBjYIAn9Pby-Ifcg4mVK0tLUKGkNM7pBqlFg2O0hk; ak_bmsc=B419D384B1F3A61326936CC132C8B911~000000000000000000000000000000~YAAQ3k0kF5Y3seiOAQAAdbDUHBd9xm6TOIMacNjDQ/hc9Gq5n5DM58CsFCfkcSqK7lFNO6UmC1A9be7rpLQExn7MiLrlmkO/kj436Plb0ZHgqYu6sXpNVy27sBKWDMcNVGCDpEtYOYpiOh/Js5khflQi/walCRSmg1kLm6MmMm55zYFZMJXukyk/3+E4ncXl/QTls6VSsbcw2JrVKxPuFfsGtYq6190PBkZtyDxqbY81bVhULcXuixeAxTNl3K23SNa7+JgYBIwPxqTFUnbCFIGoSHTpMqayQ5Mi2xVKbMl2pqYID02NXW5s3a+Xn7dVRKx76fuoQJV1sbwIl51eduPv8Tx8tj5uvCvlAFK5LvtAqXkvkKRtXRx3ODaVRTBx9xDAZimS7+mZvbeAFvgYq9Sfh+770TGCCHziJmCy3Md356E7cpwoWaYbnwvqKe/SUTs//eb9iug=; CONSENTMGR=c1:0%7Cc2:0%7Cc3:0%7Cc4:0%7Cc5:0%7Cc6:0%7Cc7:0%7Cc8:0%7Cc9:0%7Cc10:0%7Cc11:0%7Cc12:0%7Cc13:0%7Cc14:0%7Cc15:0%7Cts:1714175651719%7Cconsent:false; utag_main=v_id:018f1cd4af890016a78f12df9cbf05044002600900918$_sn:1$_ss:1$_st:1714177451722$ses_id:1714175651722%3Bexp-session$_pn:1%3Bexp-session; mp__utma=35125182.1709597600.1714175652.1714175652.1714175652.1; mp__utmb=35125182; mp__utmc=35125182; mp__utmz=35125182.1714175652.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); OptanonConsent=isGpcEnabled=0&datestamp=Fri+Apr+26+2024+23%3A54%3A12+GMT%2B0000+(GMT)&version=6.33.0&isIABGlobal=false&hosts=&consentId=88878282-1e02-4efe-a0e4-496667bc41f6&interactionCount=0&landingPath=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0%2CC0009%3A0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
content-length: 12860
last-modified: Wed, 21 Jun 2023 21:42:06 GMT
etag: "64936eae-323c"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-envoy-upstream-service-time: 0
tracing-context: frontend-routing-redesign-ncl-static-response
cache-control: max-age=2592000
expires: Sun, 26 May 2024 23:54:12 GMT
date: Fri, 26 Apr 2024 23:54:12 GMT
set-cookie: optimizelyEndUserId=de4d2417f5b30000a13e2c66c6010000d0570000; expires=Wed, 23-Oct-2024 23:54:12 GMT; path=/; domain=.ncl.com; secure; SameSite=Lax
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714175652850_388255198_129679223_51_17551_0_0_31";dur=1
akamai-grn: 0.de4d2417.1714175652.7babf77
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.33.0/assets/otCommonStyles.css

104.19.177.52

200 OK

22 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/6.33.0/assets/otCommonStyles.css
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11123)
Size
22 kB (21595 bytes)
Hash
487143b593b69c366e88f0d6f37a7521
24c38c758bd6ec62b838e5e9fb4a3d7a9e2acb17
8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375

HTTP Headers

GET /scripttemplates/6.33.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:54:12 GMT
content-type: text/css
content-md5: SHFDtZO2nDZuiPDW83p1IQ==
last-modified: Wed, 13 Apr 2022 01:38:32 GMT
x-ms-request-id: 5008c953-701e-009c-524f-1494e5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 20374
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa7f24bbc6b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

tags.tiqcdn.com/utag/ncl/main/prod/utag.js

54.230.111.26

200 OK

409 kB

URL GET HTTP/2
tags.tiqcdn.com/utag/ncl/main/prod/utag.js
IP
54.230.111.26:443
ASN
#16509 AMAZON-02

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerAmazon
Subjecttags.tiqcdn.com
FingerprintC9:35:85:08:90:40:E2:F4:B8:03:14:E3:5B:04:8F:D9:EB:BD:35:61
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT

File type

Size
409 kB (409114 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utag/ncl/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 16:08:17 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Nm3kNm3exekAFQ.rnFOt_5epxUKmC_jU
server: AmazonS3
content-encoding: br
date: Fri, 26 Apr 2024 23:54:11 GMT
etag: W/"298dcd29ad69685260edb97b3b4c052e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x2_z4DHHZqr-BiNYz2WCPXybGxPbPtizWAiVMbY6ZOBWaYiL8WdZzA==
age: 280
cache-control: max-age=300
X-Firefox-Spdy: h2

norwegiancruiseline.mpeasylink.com/mpel/mpel_ssd.js

44.197.47.122

200 OK

4.8 kB

URL GET HTTP/2
norwegiancruiseline.mpeasylink.com/mpel/mpel_ssd.js
IP
44.197.47.122:443
ASN
#14618 AMAZON-AES

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subject*.mpeasylink.com
Fingerprint91:59:ED:BB:E1:EA:51:7B:16:61:26:18:45:7B:DF:C9:B9:B9:77:C8
ValidityTue, 13 Feb 2024 00:00:00 GMT - Sat, 01 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5688), with no line terminators
Size
4.8 kB (4830 bytes)
Hash
f24d7ba685ec0abc3fb92d411f829513
4ebadce1785f2e4a958494d3999b53b3f434d493
7e991298d9b1e1ec6104ad419c95d493c94043af142e58f903883598356defec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mpel/mpel_ssd.js HTTP/1.1
Host: norwegiancruiseline.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:54:11 GMT
content-type: application/javascript
accept-ranges: bytes
etag: W/"4830-1478603288000"
last-modified: Tue, 08 Nov 2016 11:08:08 GMT
cache-control: max-age=86400
expires: Sat, 27 Apr 2024 23:54:11 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2

geolocation.onetrust.com/cookieconsentpub/v1/geo/location

104.18.32.137

200 OK

72 B

URL GET HTTP/2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP
104.18.32.137:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerCloudflare, Inc.
Subjectonetrust.com
Fingerprint9B:BC:B4:A8:C7:6C:6C:02:0F:FD:9F:06:F2:67:FB:DD:A1:E0:3F:47
ValidityMon, 13 Nov 2023 00:00:00 GMT - Tue, 12 Nov 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
adf75b99dbbf416c627dfc5de30f9ad1
699f3845f7dfb3fa9968c2117b44c3f3eb728fff
a0e4a8f457272bd17d07ae2e1e09731df6cc6fdc3ea9e32e713ef4a8a012fc27

HTTP Headers

GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
Origin: https://www.ncl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:54:12 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87aa7f21ebd15699-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

norwegiancruiseline.mpeasylink.com/mpel/mpel.js

44.197.47.122

200 OK

6.8 kB

URL GET HTTP/2
norwegiancruiseline.mpeasylink.com/mpel/mpel.js
IP
44.197.47.122:443
ASN
#14618 AMAZON-AES

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subject*.mpeasylink.com
Fingerprint91:59:ED:BB:E1:EA:51:7B:16:61:26:18:45:7B:DF:C9:B9:B9:77:C8
ValidityTue, 13 Feb 2024 00:00:00 GMT - Sat, 01 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7715), with no line terminators
Size
6.8 kB (6848 bytes)
Hash
a639bef04020418d4411b092de27cc7e
ae06a98ad5d72f904dc32fa1d18e0d9f6b11ab85
aebae9ef55d38eb82a3b4cac3f10655db59765978800d834524fcd8a0f91ccc7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mpel/mpel.js HTTP/1.1
Host: norwegiancruiseline.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:54:10 GMT
content-type: application/javascript
accept-ranges: bytes
etag: W/"6848-1465303194000"
last-modified: Tue, 07 Jun 2016 12:39:54 GMT
cache-control: max-age=86400
expires: Sat, 27 Apr 2024 23:54:10 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2

tags.tiqcdn.com/utag/ncl/main/prod/utag.sync.js

54.230.111.26

200 OK

6.3 kB

URL GET HTTP/2
tags.tiqcdn.com/utag/ncl/main/prod/utag.sync.js
IP
54.230.111.26:443
ASN
#16509 AMAZON-02

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerAmazon
Subjecttags.tiqcdn.com
FingerprintC9:35:85:08:90:40:E2:F4:B8:03:14:E3:5B:04:8F:D9:EB:BD:35:61
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6554), with no line terminators
Size
6.3 kB (6276 bytes)
Hash
df26775c7101559b90c44a20b26c167c
b6e51dc7479b6d7dc1413d7e8d74d5a509b3a5e3
d000a7c43f5e617072d1ee8f3532ba5dd893664b43cc3ddeac1d347bf3ba0fc5

HTTP Headers

GET /utag/ncl/main/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 16:08:18 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 1ekQew8ZvcbAuP6GbFLa0nQM3a4_77eO
server: AmazonS3
content-encoding: br
date: Fri, 26 Apr 2024 23:54:10 GMT
etag: W/"ed68094e1ccf9f3b7aeb9282eb8c8a97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MxtnN-o9DTsWKKD5rlD8MPzFrOYikxJgvuqTjSCItENbnESnHlU1-w==
age: 182
cache-control: max-age=300
X-Firefox-Spdy: h2

norwegiancruiseline.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin&siteurl=www.ncl.com/fr/en&lang=en&country=fr&region=&sitelist=www.ncl.com,ncl.com,qa2-web.ncl.com,staging.ncl.com,preprod.ncl.com,qa2-web.ncl.com,qa3-web.ncl.com,qa4-web.ncl.com,local.ncl.com;www.ncl.com/ca/fr,ncl.com/ca/fr,sso.ncl.com/ca/fr;www.ncl.com/it/en,ncl.com/it/en,sso.ncl.com/it/en;www.ncl.com/it/it,ncl.com/it/it,sso.ncl.com/it/it;www.ncl.com/il/en,ncl.com/il/en,sso.ncl.com/il/en;www.ncl.com/il/he,ncl.com/il/he,sso.ncl.com/il/he;www.ncl.com/jp/en,ncl.com/jp/en,sso.ncl.com/jp/en;www.ncl.com/jp/ja,ncl.com/jp/ja,sso.ncl.com/jp/ja;www.ncl.com/es/en,ncl.com/es/en,sso.ncl.com/es/en;www.ncl.com/es/es,ncl.com/es/es,sso.ncl.com/es/es;www.ncl.com/no/en,ncl.com/no/en,sso.ncl.com/no/en;es.ncl.com;www.ncl.com/in/en,ncl.com/in/en,sso.ncl.com/in/en;www.ncl.com/au/en,ncl.com/au/en;www.ncl.com/nz/en,ncl.com/nz/en;www.ncl.com/ar/es,ncl.com/ar/es;www.ncl.com/br/pt,ncl.com/br/pt;www.ncl.com/uk/en,ncl.com/uk/en;www.ncl.com/de/en,ncl.com/de/en,sso.ncl.com/de/en;www.ncl.com/de/de,ncl.com/de/de,sso.ncl.com/de/de,qa2-web.ncl.com/de/de;www.ncl.com/ch/en,ncl.com/ch/en,sso.ncl.com/ch/en;www.ncl.com/ch/de,ncl.com/ch/de,sso.ncl.com/ch/de;www.ncl.com/fr/en,ncl.com/fr/en,sso.ncl.com/fr/en;www.ncl.com/fr/fr,ncl.com/fr/fr,sso.ncl.com/fr/fr;www.ncl.com/ca/en,ncl.com/ca/en,sso.ncl.com/ca/en&currency=&nonMP=false&mode=&uuid=

44.197.47.122

200 OK

4.3 kB

URL GET HTTP/2
norwegiancruiseline.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin&siteurl=www.ncl.com/fr/en&lang=en&country=fr&region=&sitelist=www.ncl.com,ncl.com,qa2-web.ncl.com,staging.ncl.com,preprod.ncl.com,qa2-web.ncl.com,qa3-web.ncl.com,qa4-web.ncl.com,local.ncl.com;www.ncl.com/ca/fr,ncl.com/ca/fr,sso.ncl.com/ca/fr;www.ncl.com/it/en,ncl.com/it/en,sso.ncl.com/it/en;www.ncl.com/it/it,ncl.com/it/it,sso.ncl.com/it/it;www.ncl.com/il/en,ncl.com/il/en,sso.ncl.com/il/en;www.ncl.com/il/he,ncl.com/il/he,sso.ncl.com/il/he;www.ncl.com/jp/en,ncl.com/jp/en,sso.ncl.com/jp/en;www.ncl.com/jp/ja,ncl.com/jp/ja,sso.ncl.com/jp/ja;www.ncl.com/es/en,ncl.com/es/en,sso.ncl.com/es/en;www.ncl.com/es/es,ncl.com/es/es,sso.ncl.com/es/es;www.ncl.com/no/en,ncl.com/no/en,sso.ncl.com/no/en;es.ncl.com;www.ncl.com/in/en,ncl.com/in/en,sso.ncl.com/in/en;www.ncl.com/au/en,ncl.com/au/en;www.ncl.com/nz/en,ncl.com/nz/en;www.ncl.com/ar/es,ncl.com/ar/es;www.ncl.com/br/pt,ncl.com/br/pt;www.ncl.com/uk/en,ncl.com/uk/en;www.ncl.com/de/en,ncl.com/de/en,sso.ncl.com/de/en;www.ncl.com/de/de,ncl.com/de/de,sso.ncl.com/de/de,qa2-web.ncl.com/de/de;www.ncl.com/ch/en,ncl.com/ch/en,sso.ncl.com/ch/en;www.ncl.com/ch/de,ncl.com/ch/de,sso.ncl.com/ch/de;www.ncl.com/fr/en,ncl.com/fr/en,sso.ncl.com/fr/en;www.ncl.com/fr/fr,ncl.com/fr/fr,sso.ncl.com/fr/fr;www.ncl.com/ca/en,ncl.com/ca/en,sso.ncl.com/ca/en&currency=&nonMP=false&mode=&uuid=
IP
44.197.47.122:443
ASN
#14618 AMAZON-AES

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subject*.mpeasylink.com
Fingerprint91:59:ED:BB:E1:EA:51:7B:16:61:26:18:45:7B:DF:C9:B9:B9:77:C8
ValidityTue, 13 Feb 2024 00:00:00 GMT - Sat, 01 Mar 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (4771), with no line terminators
Size
4.3 kB (4342 bytes)
Hash
68442b6365cfed3a4ab723c3c7444e35
fee1ea574212bfe76fd63ef386efcd5727c1cdab
ce593878fbf4178d7b627e77f1f06c1c8cc15549fc6bf111212b910ccbd522e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin&siteurl=www.ncl.com/fr/en&lang=en&country=fr&region=&sitelist=www.ncl.com,ncl.com,qa2-web.ncl.com,staging.ncl.com,preprod.ncl.com,qa2-web.ncl.com,qa3-web.ncl.com,qa4-web.ncl.com,local.ncl.com;www.ncl.com/ca/fr,ncl.com/ca/fr,sso.ncl.com/ca/fr;www.ncl.com/it/en,ncl.com/it/en,sso.ncl.com/it/en;www.ncl.com/it/it,ncl.com/it/it,sso.ncl.com/it/it;www.ncl.com/il/en,ncl.com/il/en,sso.ncl.com/il/en;www.ncl.com/il/he,ncl.com/il/he,sso.ncl.com/il/he;www.ncl.com/jp/en,ncl.com/jp/en,sso.ncl.com/jp/en;www.ncl.com/jp/ja,ncl.com/jp/ja,sso.ncl.com/jp/ja;www.ncl.com/es/en,ncl.com/es/en,sso.ncl.com/es/en;www.ncl.com/es/es,ncl.com/es/es,sso.ncl.com/es/es;www.ncl.com/no/en,ncl.com/no/en,sso.ncl.com/no/en;es.ncl.com;www.ncl.com/in/en,ncl.com/in/en,sso.ncl.com/in/en;www.ncl.com/au/en,ncl.com/au/en;www.ncl.com/nz/en,ncl.com/nz/en;www.ncl.com/ar/es,ncl.com/ar/es;www.ncl.com/br/pt,ncl.com/br/pt;www.ncl.com/uk/en,ncl.com/uk/en;www.ncl.com/de/en,ncl.com/de/en,sso.ncl.com/de/en;www.ncl.com/de/de,ncl.com/de/de,sso.ncl.com/de/de,qa2-web.ncl.com/de/de;www.ncl.com/ch/en,ncl.com/ch/en,sso.ncl.com/ch/en;www.ncl.com/ch/de,ncl.com/ch/de,sso.ncl.com/ch/de;www.ncl.com/fr/en,ncl.com/fr/en,sso.ncl.com/fr/en;www.ncl.com/fr/fr,ncl.com/fr/fr,sso.ncl.com/fr/fr;www.ncl.com/ca/en,ncl.com/ca/en,sso.ncl.com/ca/en&currency=&nonMP=false&mode=&uuid= HTTP/1.1
Host: norwegiancruiseline.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:54:11 GMT
content-type: text/html
accept-ranges: bytes
etag: W/"4342-1474031000000"
last-modified: Fri, 16 Sep 2016 13:03:20 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ncl.usablenet.com/pt/switch

169.47.214.218

200 OK

1.4 kB

URL GET HTTP/2
ncl.usablenet.com/pt/switch
IP
169.47.214.218:443
ASN
#36351 SOFTLAYER

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subject*.usablenet.com
FingerprintB0:18:07:BA:77:93:8D:7E:FC:E8:C3:76:77:E6:09:7F:1F:82:52:9B
ValidityMon, 13 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (1593), with no line terminators
Size
1.4 kB (1403 bytes)
Hash
71075b18491ad5fd6d7b35d18d947958
b31eb0d4d415ee5e2336b90038b40be999a5a268
64599453bd310ebb930e9ebdeea1926505681a1330fba4cd31049efc6de02b0c

HTTP Headers

GET /pt/switch HTTP/1.1
Host: ncl.usablenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Cookie: X-Mapping-mhmffnck=7EDE74ACD8590ECDBE5E716A5009D961
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
cache-control: max-age=29030400, public
content-type: text/html;charset=utf-8
content-encoding: gzip
date: Fri, 26 Apr 2024 23:54:11 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

norwegiancruiseline.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin&ref=&lang=&country=undefined&curr=undefined&region=undefined&osl=en-US

44.197.47.122

200 OK

1.8 kB

URL GET HTTP/2
norwegiancruiseline.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin&ref=&lang=&country=undefined&curr=undefined&region=undefined&osl=en-US
IP
44.197.47.122:443
ASN
#14618 AMAZON-AES

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerDigiCert Inc
Subject*.mpeasylink.com
Fingerprint91:59:ED:BB:E1:EA:51:7B:16:61:26:18:45:7B:DF:C9:B9:B9:77:C8
ValidityTue, 13 Feb 2024 00:00:00 GMT - Sat, 01 Mar 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1816), with no line terminators
Size
1.8 kB (1816 bytes)
Hash
dc0be57bcb618e9b266a7088bc795418
d7241767f8789be9e2fca7743affb0ef52c20cd8
78245aa35add9bc71e54a5582bed409d202cd17639c17deb1bb8c1cbfcf6e3db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mpel/mpel?href=https%3A%2F%2Fwww.ncl.com%2Ffr%2Fen%2Fshorex%2Flogin&ref=&lang=&country=undefined&curr=undefined&region=undefined&osl=en-US HTTP/1.1
Host: norwegiancruiseline.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:54:11 GMT
content-type: text/javascript;charset=UTF-8
content-length: 1816
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa OUR IND COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
X-Firefox-Spdy: h2

tags.tiqcdn.com/utag/ncl/main/prod/utag.js

54.230.111.26

200 OK

409 kB

URL GET HTTP/2
tags.tiqcdn.com/utag/ncl/main/prod/utag.js
IP
54.230.111.26:443
ASN
#16509 AMAZON-02

Requested by
https://www.ncl.com/fr/en/shorex/login
Certificate
IssuerAmazon
Subjecttags.tiqcdn.com
FingerprintC9:35:85:08:90:40:E2:F4:B8:03:14:E3:5B:04:8F:D9:EB:BD:35:61
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT

File type

Size
409 kB (409114 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utag/ncl/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ncl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 16:08:17 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Nm3kNm3exekAFQ.rnFOt_5epxUKmC_jU
server: AmazonS3
content-encoding: br
date: Fri, 26 Apr 2024 23:54:11 GMT
etag: W/"298dcd29ad69685260edb97b3b4c052e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jfa3zi_YzFz-80CJ3u9O6e44mZQnae5Xv3lZug5XJpnZEdkDNoD4ag==
age: 281
cache-control: max-age=300
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (47)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML