urlscan.io logo urlscan.io
SecurityTrails logo

x.email.ncl.com Open in urlscan Pro
63.148.46.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://l.email.ncl.com/rts/go2.aspx?h=1503297&tp=i-1NGB-ED-OLJ-3mZKJL-1x-jB6l1-1c-3mZKJL-l6lPqC8DWJ-HXJSN&x=0a671bb6ba5...
Effective URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&ty...
Submission: On November 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 3 domains to perform 32 HTTP transactions. The main IP is 63.148.46.75, located in United States and belongs to ASN-CHEETA-MAIL, US. The main domain is x.email.ncl.com.
This is the only time x.email.ncl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 63.148.46.72 53316 (ASN-CHEET...)
1 63.148.46.75 53316 (ASN-CHEET...)
3 63.211.90.252 53316 (ASN-CHEET...)
22 104.111.224.137 16625 (AKAMAI-AS)
2 63.211.90.248 53316 (ASN-CHEET...)
2 44.230.169.72 16509 (AMAZON-02)
2 3 52.46.154.242 16509 (AMAZON-02)
32 7
2    63.148.46.72 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: rts.eccmp.com
l.email.ncl.com
1    63.148.46.75 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: ats.eccmp.com
x.email.ncl.com
3    63.211.90.252 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
f.email.ncl.com
22    104.111.224.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-137.deploy.static.akamaitechnologies.com
i.email.ncl.com
2    63.211.90.248 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
f.chtah.com
2    44.230.169.72 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-169-72.us-west-2.compute.amazonaws.com
mi.ncl.com
3    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
Domain Requested by
22 i.email.ncl.com x.email.ncl.com
3 s.amazon-adsystem.com 2 redirects x.email.ncl.com
3 f.email.ncl.com x.email.ncl.com
2 mi.ncl.com x.email.ncl.com
2 f.chtah.com x.email.ncl.com
2 l.email.ncl.com 1 redirects x.email.ncl.com
1 x.email.ncl.com
32 7

This site contains links to these domains. Also see Links.

Domain
l.email.ncl.com
Subject Issuer Validity Valid
wpm.ccmp.eu
R3		 2021-11-15 -
2022-02-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Frame ID: 29CD8599CE8B3809B960EB009CE44172
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://l.email.ncl.com/rts/go2.aspx?h=1503297&tp=i-1NGB-ED-OLJ-3mZKJL-1x-jB6l1-1c-3mZKJL-l6lPqC8DWJ... HTTP 302
    http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45... Page URL

Page Statistics

32
Requests

63 %
HTTPS

0 %
IPv6

3
Domains

7
Subdomains

7
IPs

2
Countries

4933 kB
Transfer

4946 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://l.email.ncl.com/rts/go2.aspx?h=1503297&tp=i-1NGB-ED-OLJ-3mZKJL-1x-jB6l1-1c-3mZKJL-l6lPqC8DWJ-HXJSN&x=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6%7ctype=family%26type=notcn%26type=notfcc%26%7c3%7c3 HTTP 302
    http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • http://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D875880ad-8228-9c5c-9480-d38ba980550c%26type%3D15%26m%3D1&ex-fch=416613&ex-src=https://www.ncl.com&ex-hargs=v%3D1.0%3Bc%3D4881539110401%3Bp%3D875880AD-8228-9C5C-9480-D38BA980550C&cb=140531752605651760 HTTP 301
  • https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D875880ad-8228-9c5c-9480-d38ba980550c%26type%3D15%26m%3D1&ex-fch=416613&ex-src=https://www.ncl.com&ex-hargs=v%3D1.0%3Bc%3D4881539110401%3Bp%3D875880AD-8228-9C5C-9480-D38BA980550C&cb=140531752605651760 HTTP 302
  • https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D875880ad-8228-9c5c-9480-d38ba980550c%26type%3D15%26m%3D1&ex-fch=416613&ex-src=https://www.ncl.com&ex-hargs=v%3D1.0%3Bc%3D4881539110401%3Bp%3D875880AD-8228-9C5C-9480-D38BA980550C&cb=140531752605651760&dcc=t

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request msg.aspx
x.email.ncl.com/ats/
Redirect Chain
  • http://l.email.ncl.com/rts/go2.aspx?h=1503297&tp=i-1NGB-ED-OLJ-3mZKJL-1x-jB6l1-1c-3mZKJL-l6lPqC8DWJ-HXJSN&x=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6%7ctype=family%26type=not...
  • http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TA...
30 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Server
63.148.46.75 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
ats.eccmp.com
Software
/
Resource Hash
ee9f1183d2b1166dc5df16f52937610e8938029bad5f39aa8bf77e586e5943db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
0
X-Powered-By
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
SERVER
Date
Mon, 29 Nov 2021 16:10:56 GMT
Connection
keep-alive
Content-Length
8377
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Date
Mon, 29 Nov 2021 16:10:55 GMT
Connection
close
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
707
open.aspx
l.email.ncl.com/rts/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://l.email.ncl.com/rts/open.aspx?tp=i-16IJ-ED-OLJ-3mZKJL-1x-jB6l1-1c-ADDZ-G-l6qUxGK4B2-1PBBVe
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Server
63.148.46.72 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
rts.eccmp.com
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 16:10:56 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
no-cache, max-age=0
Connection
close
Expires
0
spacer.gif
f.email.ncl.com/i/52/2076736576/ 		43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://f.email.ncl.com/i/52/2076736576/spacer.gif
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Server
63.211.90.252 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Fri, 13 Nov 2020 17:53:51 GMT
Server
nginx
Age
867
ETag
"5faec82f-2b"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43
NCL_ncl.gif
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/Template/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/Template/NCL_ncl.gif
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ed43eca271722be4d3093309b04d7327f1ab2094f91d227a4ebae38e53060de2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Wed, 17 Apr 2019 18:33:42 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"18d462154cf5d41:0"
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4565
ncl_line.gif
f.email.ncl.com/i/52/2076736576/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://f.email.ncl.com/i/52/2076736576/ncl_line.gif
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Server
63.211.90.252 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
nginx /
Resource Hash
b60d161762aaa381a024845cf801a1d73a6aa1b717fc6da70ba2d446ff8bc56c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Fri, 13 Nov 2020 17:53:50 GMT
Server
nginx
Age
2195
ETag
"5faec82e-50d"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1293
spacer.gif
f.chtah.com/i/52/2076736576/ 		43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://f.chtah.com/i/52/2076736576/spacer.gif
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Server
63.211.90.248 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Fri, 13 Nov 2020 17:53:51 GMT
Server
nginx
Age
867
ETag
"5faec82f-2b"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43
d309eb2fbfe5ccc6.png
mi.ncl.com/p/rp/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mi.ncl.com/p/rp/d309eb2fbfe5ccc6.png?mi_u=3&cid=EM_MKD_NA_PRO_EML_ctdwn_EML_DISC35TAKEALL_FAS35OFF110821&cheetahid=3
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Server
44.230.169.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-169-72.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c2f8f6ac2719d57d77d224b4d0686d7dd4d187cee5a01c7a1cc5976dad45b994
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-top-navigation

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-chosen-image-id
7361484
content-security-policy
sandbox allow-scripts allow-top-navigation
date
Mon, 29 Nov 2021 16:10:57 GMT
content-type
image/png
cache-control
no-cache max-age=0
keep-alive
timeout=5
content-length
5377
x-uuid
fe5fb6d6-2ff0-4fb6-990b-7a593b81b8ba
expires
Thu, 01 Dec 1994 16:00:00 GMT
FAS35OFF110821_hero_v2.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_hero_v2.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db5370743b6571719b0b24ad5e40034adb3079816c8173107cc860f437916496

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Wed, 03 Nov 2021 17:09:34 GMT
Server
X-Powered-By
ETag
"d341cd92d5d0d71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1378338
FAS35OFF110821_copy.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_copy.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7f787ad804cc40528d72db4ce8ee2d75da54f34f8c04ce79b426d589f9ead617

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 02 Nov 2021 14:30:28 GMT
Server
X-Powered-By
ETag
"e711ca2ef6cfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136193
FAS35OFF110821_dest1.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_dest1.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c37f9f2cd2059c8f7f2630341b6ae8b27c3d414eef02a572864a7b3cb20081c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 02 Nov 2021 14:30:29 GMT
Server
X-Powered-By
ETag
"930672ff6cfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
283407
FAS35OFF110821_dest2.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_dest2.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f905f73f507d2d181bc4a63e5e7b59cea37e735c0c08ba993ae13d693f43c07b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 02 Nov 2021 14:30:30 GMT
Server
X-Powered-By
ETag
"1125fd2ff6cfd71:0"
Content-Type
image/jpeg
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115408
FAS35OFF110821_dest3.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		188 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_dest3.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9c70ff196cf7d3e9d8635d7fa7b1a5b39cdabc6defef83ea76831975ba192767

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 02 Nov 2021 14:30:28 GMT
Server
X-Powered-By
ETag
"424cf72ef6cfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
192889
FAS35OFF110821_dest4.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		338 KB
338 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_dest4.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4154e4f41002a4f46ec8c96488843c14cda3069627a590ef0d4723e27f95eb69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 02 Nov 2021 14:30:29 GMT
Server
X-Powered-By
ETag
"2bd0322ff6cfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
346140
FAS35OFF110821_dest5.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_dest5.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4d0416ae4fd4bf0178e0d390023fcebda4ee7ae61926abfea06ac1398ba1a095

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 02 Nov 2021 14:30:29 GMT
Server
X-Powered-By
ETag
"8df8b02ff6cfd71:0"
Content-Type
image/jpeg
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
187499
FAS35OFF110821_dest6.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_dest6.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a7de148fd70caa5e48883662109ad3e0122e25409326b4ff3dabffa2d7e1cb3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 02 Nov 2021 14:30:29 GMT
Server
X-Powered-By
ETag
"55621d2ff6cfd71:0"
Content-Type
image/jpeg
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136351
FAS35OFF110821_dest7.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		265 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_dest7.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e7719f73bd0f743102b07e55a475250adff852f52d1fcbb0059a8bb9a1d9261

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 02 Nov 2021 14:30:29 GMT
Server
X-Powered-By
ETag
"3b44d2ff6cfd71:0"
Content-Type
image/jpeg
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
271299
FAS35OFF110821_dest8.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		417 KB
417 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_dest8.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ffca8ff4f5e7fe3af0a61307ce915b5902818105cdec2fee4e15ca92c983c1c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 02 Nov 2021 14:30:29 GMT
Server
X-Powered-By
ETag
"c167942ff6cfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
426918
FAS35OFF110821_dest9.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_dest9.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e3564e17858601710d96044d8246ad4e2b3e28e865d8555497ca6d7dbe07dbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 02 Nov 2021 14:30:30 GMT
Server
X-Powered-By
ETag
"afdfbc2ff6cfd71:0"
Content-Type
image/jpeg
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128071
FAS35OFF110821_prima.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_prima.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c352eca003822bf3071cbe7e5969f55ec89f0904580a78deeb12df1953b0b1ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 02 Nov 2021 14:30:31 GMT
Server
X-Powered-By
ETag
"511c9330f6cfd71:0"
Content-Type
image/jpeg
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1136057
FAS35OFF110821_pom.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/FAS35OFF110821_pom.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
005b49d338afc24c36275fc6c3a5de6bd349e1c143ff5edbf671637bddfe51c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 02 Nov 2021 14:30:30 GMT
Server
X-Powered-By
ETag
"dab24b30f6cfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
118521
spacer.gif
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/spacer.gif
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Tue, 14 Jul 2020 14:38:53 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"477c587fec59d61:0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
NCL_ncl.gif
f.chtah.com/i/52/2076736576/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://f.chtah.com/i/52/2076736576/NCL_ncl.gif
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Server
63.211.90.248 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
nginx /
Resource Hash
ed43eca271722be4d3093309b04d7327f1ab2094f91d227a4ebae38e53060de2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Fri, 13 Nov 2020 17:53:50 GMT
Server
nginx
Age
867
ETag
"5faec82e-11d5"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4565
SM_NCL_FB.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/SM_NCL_FB.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c35a452e4f8cee5485e4669d71e204a6effdb3cc029e8cc6873257cd0aa16ad9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Mon, 01 Nov 2021 14:24:22 GMT
Server
X-Powered-By
ETag
"47f8f2292ccfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1723
SM_NCL_IG.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/SM_NCL_IG.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6854c392ca9dfe32fca7cc3adf0f9ef3ab860a258bc3165f3924495c01fdcbad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Mon, 01 Nov 2021 14:24:24 GMT
Server
X-Powered-By
ETag
"e62f2d2b2ccfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2129
SM_NCL_TWT.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/SM_NCL_TWT.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32f1194136e26401341a8b9f1a71920ece892e95b95a47f8f273efdbe303f263

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Mon, 01 Nov 2021 14:24:22 GMT
Server
X-Powered-By
ETag
"b1e7432a2ccfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2058
SM_NCL_YT.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/SM_NCL_YT.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a5552c234b97f142ef9c015988a2dc86a13070eb8179fb212d57b9a13daa39c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Mon, 01 Nov 2021 14:24:23 GMT
Server
X-Powered-By
ETag
"dea1de2a2ccfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1973
SM_NCL_PINT.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/SM_NCL_PINT.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
27286beb3419fc5cd7d4f148301573f036f1b9cb9ec61530d38e2a5acdcd2984

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Mon, 01 Nov 2021 14:24:24 GMT
Server
X-Powered-By
ETag
"8be7b2b2ccfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2060
SM_NCL_TIKTOK.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/SM_NCL_TIKTOK.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9bba27ec5a97c0e3b5b0f280bf095486972949c901d8365f26f6425b862f5c3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Mon, 01 Nov 2021 14:24:25 GMT
Server
X-Powered-By
ETag
"5aadcc2b2ccfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9631
footer-bg-image.jpg
i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.email.ncl.com/wpm/881/ContentUploads/Domestic_Acq/footer-bg-image.jpg
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.224.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d8455b72a273146790adb052482f2aae273cbe1db1f88e49dff5ebbe47caebaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Mon, 01 Nov 2021 14:24:23 GMT
Server
X-Powered-By
ETag
"3575922a2ccfd71:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
141731
spacer_002.gif
f.email.ncl.com/i/52/2076736576/ 		43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://f.email.ncl.com/i/52/2076736576/spacer_002.gif
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Server
63.211.90.252 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
nginx /
Resource Hash
4c791f4ef7b857ef4db4a3e21bbcb91cefb5447bbef49db65879876a5d0894e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 16:10:57 GMT
Last-Modified
Fri, 13 Nov 2020 17:53:52 GMT
Server
nginx
Age
867
ETag
"5faec830-2b"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43
o.gif
mi.ncl.com/p/cp/8b0e61801e3622d3/ 		42 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mi.ncl.com/p/cp/8b0e61801e3622d3/o.gif?mi_u=3
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Server
44.230.169.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-169-72.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 16:10:57 GMT
content-type
image/gif
access-control-allow-origin
https://app.movableink.com
access-control-expose-headers
X-Error
cache-control
no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
keep-alive
timeout=5
content-length
42
x-uuid
519c6709-e674-4ee7-9610-7d2e6face864
iu3
s.amazon-adsystem.com/
Redirect Chain
  • http://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D875880ad-8228-9c5c-9480-d38ba980550c%26type%3D15%26m%3D1&ex-fch=416613&ex-src=https://www.ncl.com&ex-hargs=v%3D1.0%3Bc%3D48815391104...
  • https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D875880ad-8228-9c5c-9480-d38ba980550c%26type%3D15%26m%3D1&ex-fch=416613&ex-src=https://www.ncl.com&ex-hargs=v%3D1.0%3Bc%3D4881539110...
  • https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D875880ad-8228-9c5c-9480-d38ba980550c%26type%3D15%26m%3D1&ex-fch=416613&ex-src=https://www.ncl.com&ex-hargs=v%3D1.0%3Bc%3D4881539110...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D875880ad-8228-9c5c-9480-d38ba980550c%26type%3D15%26m%3D1&ex-fch=416613&ex-src=https://www.ncl.com&ex-hargs=v%3D1.0%3Bc%3D4881539110401%3Bp%3D875880AD-8228-9C5C-9480-D38BA980550C&cb=140531752605651760&dcc=t
Requested by
Host: x.email.ncl.com
URL: http://x.email.ncl.com/ats/msg.aspx?sg1=0a671bb6ba5b32f0e11e98e94264265db5051120c3b96c5e0697c7fca45f75c6&type=family&type=notcn&type=notfcc&cheetahid=3&mi_u=3&cid=EM_MKD_NA_PRO_EML_web_EML_DISC35TAKEALL_FAS35OFF110821
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://x.email.ncl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 16:10:57 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
B99HS7XDGYFR9T70CESJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fargs=%3Fid%3D875880ad-8228-9c5c-9480-d38ba980550c%26type%3D15%26m%3D1&ex-fch=416613&ex-src=https://www.ncl.com&ex-hargs=v%3D1.0%3Bc%3D4881539110401%3Bp%3D875880AD-8228-9C5C-9480-D38BA980550C&cb=140531752605651760&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _pix string| protocol number| a

4 Cookies

Domain/Path Name / Value
l.email.ncl.com/ Name: ASP.NET_SessionId
Value: xohrdeqmcq14gppywvgnayui
x.email.ncl.com/ Name: BIGipServercnv_ats_pool
Value: !+x9KFJwlpVcjRhNZ4oVQDEKIKoEeNq+udauI14mQAgiGSC2730GF200ii1YVXNtozbdxU3MgLOlvd4Q=
.amazon-adsystem.com/ Name: ad-id
Value: AwwUekruqURGqcMndIEwqo8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

f.chtah.com
f.email.ncl.com
i.email.ncl.com
l.email.ncl.com
mi.ncl.com
s.amazon-adsystem.com
x.email.ncl.com
104.111.224.137
44.230.169.72
52.46.154.242
63.148.46.72
63.148.46.75
63.211.90.248
63.211.90.252
005b49d338afc24c36275fc6c3a5de6bd349e1c143ff5edbf671637bddfe51c6
0c37f9f2cd2059c8f7f2630341b6ae8b27c3d414eef02a572864a7b3cb20081c
27286beb3419fc5cd7d4f148301573f036f1b9cb9ec61530d38e2a5acdcd2984
32f1194136e26401341a8b9f1a71920ece892e95b95a47f8f273efdbe303f263
4154e4f41002a4f46ec8c96488843c14cda3069627a590ef0d4723e27f95eb69
4c791f4ef7b857ef4db4a3e21bbcb91cefb5447bbef49db65879876a5d0894e8
4d0416ae4fd4bf0178e0d390023fcebda4ee7ae61926abfea06ac1398ba1a095
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6854c392ca9dfe32fca7cc3adf0f9ef3ab860a258bc3165f3924495c01fdcbad
6e3564e17858601710d96044d8246ad4e2b3e28e865d8555497ca6d7dbe07dbf
6e7719f73bd0f743102b07e55a475250adff852f52d1fcbb0059a8bb9a1d9261
7f787ad804cc40528d72db4ce8ee2d75da54f34f8c04ce79b426d589f9ead617
9bba27ec5a97c0e3b5b0f280bf095486972949c901d8365f26f6425b862f5c3a
9c70ff196cf7d3e9d8635d7fa7b1a5b39cdabc6defef83ea76831975ba192767
a5552c234b97f142ef9c015988a2dc86a13070eb8179fb212d57b9a13daa39c8
a7de148fd70caa5e48883662109ad3e0122e25409326b4ff3dabffa2d7e1cb3c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b60d161762aaa381a024845cf801a1d73a6aa1b717fc6da70ba2d446ff8bc56c
c2f8f6ac2719d57d77d224b4d0686d7dd4d187cee5a01c7a1cc5976dad45b994
c352eca003822bf3071cbe7e5969f55ec89f0904580a78deeb12df1953b0b1ca
c35a452e4f8cee5485e4669d71e204a6effdb3cc029e8cc6873257cd0aa16ad9
d8455b72a273146790adb052482f2aae273cbe1db1f88e49dff5ebbe47caebaa
db5370743b6571719b0b24ad5e40034adb3079816c8173107cc860f437916496
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed43eca271722be4d3093309b04d7327f1ab2094f91d227a4ebae38e53060de2
ee9f1183d2b1166dc5df16f52937610e8938029bad5f39aa8bf77e586e5943db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f905f73f507d2d181bc4a63e5e7b59cea37e735c0c08ba993ae13d693f43c07b
ffca8ff4f5e7fe3af0a61307ce915b5902818105cdec2fee4e15ca92c983c1c5