URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Submission: On June 30 via manual from CA — Scanned from CA

Summary

This website contacted 8 IPs in 1 countries across 5 domains to perform 15 HTTP transactions. The main IP is 23.47.144.151, located in Hillsboro, United States and belongs to AKAMAI-ASN1, NL. The main domain is ui.nor1upgrades.com. The Cisco Umbrella rank of the primary domain is 397955.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 17th 2022. Valid for: a year.
This is the only time ui.nor1upgrades.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23.47.144.151 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 23.47.144.136 20940 (AKAMAI-ASN1)
1 108.138.106.49 16509 (AMAZON-02)
1 18.164.96.46 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
15 8
Apex Domain
Subdomains
Transfer
10 nor1upgrades.com
ui.nor1upgrades.com — Cisco Umbrella Rank: 397955
cdn.nor1upgrades.com — Cisco Umbrella Rank: 333778
5 MB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 753
script.hotjar.com — Cisco Umbrella Rank: 1081
73 KB
1 gstatic.com
fonts.gstatic.com
24 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2767
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
779 B
15 5
Domain Requested by
9 cdn.nor1upgrades.com ui.nor1upgrades.com
1 fonts.gstatic.com fonts.googleapis.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com ui.nor1upgrades.com
1 stackpath.bootstrapcdn.com ui.nor1upgrades.com
1 fonts.googleapis.com ui.nor1upgrades.com
1 ui.nor1upgrades.com
15 7

This site contains links to these domains. Also see Links.

Domain
www.nor1.com
www.nor1upgrades.com
Subject Issuer Validity Valid
nor1upgrades.com
DigiCert TLS RSA SHA256 2020 CA1
2022-10-17 -
2023-10-19
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-05-29 -
2023-08-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-30 -
2023-12-30
a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-29 -
2023-08-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Frame ID: 27BF5F70330B8A9F69A9CCD6F85F7D0F
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

Hilton Birmingham Metropole

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

15
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

8
IPs

1
Countries

4917 kB
Transfer

5252 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ui.nor1upgrades.com/
75 KB
76 KB
Document
General
Full URL
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.151 Hillsboro, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-151.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
de1678fd71065fecee62857e03b7b3c12ed0745e9c058686ed2beedb1fa2ff11
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.orbitz.com *.duncllc.com:* *.dev.orbitz.net:7443 *.dev.orbitz.net *.dev.orbitz.net:* dev.orbitz.net *.orbztest.com *.ctixtest.com *.cheaptickets.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive Transfer-Encoding
Content-Security-Policy
frame-ancestors *.orbitz.com *.duncllc.com:* *.dev.orbitz.net:7443 *.dev.orbitz.net *.dev.orbitz.net:* dev.orbitz.net *.orbztest.com *.ctixtest.com *.cheaptickets.com
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 16:26:09 GMT
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/
717 B
779 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: ui.nor1upgrades.com
URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Jun 2023 16:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 14:52:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Jun 2023 16:26:09 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/
138 KB
22 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: ui.nor1upgrades.com
URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Origin
https://ui.nor1upgrades.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 16:26:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617
age
5893652
cdn-cachedat
2021-03-10 13:26:22
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5419a33921fb2120c01909d2545a20fc
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7df7c4f3ceb233ff-YUL
cdn-requestpullsuccess
True
bundle.js
cdn.nor1upgrades.com/guestui/guestui_1687373279/react-ui/dist/js/
5 MB
5 MB
Script
General
Full URL
https://cdn.nor1upgrades.com/guestui/guestui_1687373279/react-ui/dist/js/bundle.js
Requested by
Host: ui.nor1upgrades.com
URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.136 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55109df374e122a78876d8c6efc5c39c4ece12e26b53a215af7f7ffe649df0c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
b3a6f172-ebde-4da0-93a7-11d0419130b6
Date
Fri, 30 Jun 2023 16:26:09 GMT
Content-MD5
sdfEa7shNpjuWKIeI+qNMQ==
x-amz-request-id
iad-1:xsmHiwm3YcZRaDKXXWDfLk9wtP9udby6xPFCmFQ1LgvMiabE_PSkjHs5WSm3Zf0X
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Last-Modified
Wed, 28 Jun 2023 06:23:46 GMT
opc-request-id
iad-1:xsmHiwm3YcZRaDKXXWDfLk9wtP9udby6xPFCmFQ1LgvMiabE_PSkjHs5WSm3Zf0X
x-api-id
s3-compatible
ETag
"b1d7c46bbb213698ee58a21e23ea8d31"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-request-id,x-amz-version-id,x-api-id
Access-Control-Allow-Credentials
true
hotjar-341114.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-341114.js?sv=5
Requested by
Host: ui.nor1upgrades.com
URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
20bf2f960e09a96a58f587b5c9eebca983d363afb75dbab98eccc8a29a91ecae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 16:26:10 GMT
via
1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/41b19997efa1232104eb4780793d520d
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
YbMfulG7QcUwAEOy8B0IIKYQ1mvgCuTk6XESreMQDCq7M8HTpKZwtA==
modules.4aa8d748500a28f64f6e.js
script.hotjar.com/
270 KB
69 KB
Script
General
Full URL
https://script.hotjar.com/modules.4aa8d748500a28f64f6e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-341114.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-46.jfk50.r.cloudfront.net
Software
/
Resource Hash
e83759f64381b941b0b687685d4467221ac99f443723a48726e3ad69346b4782
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 eb2e4893b47f0d155cd51b82c2a8d596.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
13503
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
70334
last-modified
Fri, 30 Jun 2023 12:40:24 GMT
etag
"7b1ec7231fe995a40692ba1a1f8b2e8a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
iqI-RsummfxNWe-EcC6oisW_BQRWuIer92-fvbJftdZZ0iHZSFReTA==
truncated
/
25 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fb32c341d6235fae0e7ab5c79ed370259cdbdcd7c235c39161b1dd64d8cc83f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ui.nor1upgrades.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 23:25:04 GMT
x-content-type-options
nosniff
age
147667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2024 23:25:04 GMT
header.jpg
cdn.nor1upgrades.com/room-images/h-008/
6 KB
7 KB
Image
General
Full URL
https://cdn.nor1upgrades.com/room-images/h-008/header.jpg?version=2609
Requested by
Host: ui.nor1upgrades.com
URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.136 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4e7c4fdc5058844ed8e56627607a26b6ca9d27a95a3d141324d4ccd7e048645e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
e37d15ed-77c8-4b95-9262-68b12b55c2e7
Date
Fri, 30 Jun 2023 16:26:11 GMT
Content-MD5
uqW3M4KsOSjrwmVf1JX2CQ==
x-amz-request-id
iad-1:Ag_y1JUH9RZWac7o-vZMcOz7nhszyaNkagE-O_lLocWGOEQqqqkmwpeqqoPxa3kF
Connection
keep-alive
Content-Length
6050
Last-Modified
Mon, 24 Apr 2023 11:33:04 GMT
opc-request-id
iad-1:Ag_y1JUH9RZWac7o-vZMcOz7nhszyaNkagE-O_lLocWGOEQqqqkmwpeqqoPxa3kF
x-api-id
s3-compatible
ETag
"baa5b73382ac3928ebc2655fd495f609"
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-request-id,x-amz-version-id,x-api-id
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
00007348.jpg
cdn.nor1upgrades.com/room-images/h-008/000544/small/
10 KB
11 KB
Image
General
Full URL
https://cdn.nor1upgrades.com/room-images/h-008/000544/small/00007348.jpg?version=2609
Requested by
Host: ui.nor1upgrades.com
URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.136 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b9fba4185ecba37dc796baecabd71dfc7a3507a004351bde1d6c5d55ea08c164

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
40c40f55-4405-4f16-8e8d-ea8249e8247c
Date
Fri, 30 Jun 2023 16:26:11 GMT
Content-MD5
NCiMWdTL2Rh5cI6MHZCBag==
x-amz-request-id
iad-1:LC6Ev6qxFVGtbnGdQwkjU511Vssf2E6ssw1QfVyQBKRRJnc_OT2KRC12V5WaQ6hj
Connection
keep-alive
Content-Length
9908
Last-Modified
Mon, 27 Mar 2023 06:50:19 GMT
opc-request-id
iad-1:LC6Ev6qxFVGtbnGdQwkjU511Vssf2E6ssw1QfVyQBKRRJnc_OT2KRC12V5WaQ6hj
x-api-id
s3-compatible
ETag
"34288c59d4cbd91879708e8c1d90816a"
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
x-amz-meta-mtime
1642105694
00160555.jpg
cdn.nor1upgrades.com/room-images/h-008/000544/small/
14 KB
15 KB
Image
General
Full URL
https://cdn.nor1upgrades.com/room-images/h-008/000544/small/00160555.jpg?version=2609
Requested by
Host: ui.nor1upgrades.com
URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.136 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5bc9a3ae70951dae9f84c34e273b1555d7467175c0ded8b86602993158441699

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
28a5a528-7736-4d9f-8309-84fa93b84f1a
Date
Fri, 30 Jun 2023 16:26:11 GMT
Content-MD5
qxaSziaqRe/fZ9FPiLz5ig==
x-amz-request-id
iad-1:hQ9GQX31ikHR4SnNpOZX8ahkWNiY8MkHPlBDKHuaz-1drIvnIt_awH_M4DJhvePl
Connection
keep-alive
Content-Length
14537
Last-Modified
Mon, 27 Mar 2023 06:50:26 GMT
opc-request-id
iad-1:hQ9GQX31ikHR4SnNpOZX8ahkWNiY8MkHPlBDKHuaz-1drIvnIt_awH_M4DJhvePl
x-api-id
s3-compatible
ETag
"ab1692ce26aa45efdf67d14f88bcf98a"
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
x-amz-meta-mtime
1677843703
00007353.jpg
cdn.nor1upgrades.com/room-images/h-008/000544/small/
7 KB
8 KB
Image
General
Full URL
https://cdn.nor1upgrades.com/room-images/h-008/000544/small/00007353.jpg?version=2609
Requested by
Host: ui.nor1upgrades.com
URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.136 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92418a9a51c21b93da505d4a6c356a871eadbb43640c6deb298f7388f8781e21

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
cf353924-7e51-4743-99e8-1cb2da3452c4
Date
Fri, 30 Jun 2023 16:26:11 GMT
Content-MD5
drsk5uUFQkR79+ARbM44bQ==
x-amz-request-id
iad-1:GSc8vERgx9VmHRLtnDTvpgyAJ1Yy4Z0f1fk0_Duh4sK9vFb0SVJtyOat8BZT8BS5
Connection
keep-alive
Content-Length
7238
Last-Modified
Mon, 27 Mar 2023 06:50:20 GMT
opc-request-id
iad-1:GSc8vERgx9VmHRLtnDTvpgyAJ1Yy4Z0f1fk0_Duh4sK9vFb0SVJtyOat8BZT8BS5
x-api-id
s3-compatible
ETag
"76bb24e6e50542447bf7e0116cce386d"
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
x-amz-meta-mtime
1642008466
00160701.jpg
cdn.nor1upgrades.com/room-images/h-008/000544/small/
6 KB
7 KB
Image
General
Full URL
https://cdn.nor1upgrades.com/room-images/h-008/000544/small/00160701.jpg?version=2609
Requested by
Host: ui.nor1upgrades.com
URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.136 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5c87ad799e65ce82d8bd4caa5fd5365bdd6a6cf3b739ec6c558c61aed9e6f704

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
385bf9eb-3a4b-4bd9-a362-f9404ac8e1fd
Date
Fri, 30 Jun 2023 16:26:11 GMT
Content-MD5
eGSY6ttWPlWU27G45EbdWQ==
x-amz-request-id
iad-1:_UqPwcP-XemcgPz_azZAiW4uMiDSPhDJkYnR4hbY7Cy2qQ20jmeYunUUoYvo_2p6
Connection
keep-alive
Content-Length
6528
Last-Modified
Mon, 27 Mar 2023 06:50:27 GMT
opc-request-id
iad-1:_UqPwcP-XemcgPz_azZAiW4uMiDSPhDJkYnR4hbY7Cy2qQ20jmeYunUUoYvo_2p6
x-api-id
s3-compatible
ETag
"786498eadb563e5594dbb1b8e446dd59"
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
x-amz-meta-mtime
1678270732
00007351.jpg
cdn.nor1upgrades.com/room-images/h-008/000544/small/
9 KB
10 KB
Image
General
Full URL
https://cdn.nor1upgrades.com/room-images/h-008/000544/small/00007351.jpg?version=2609
Requested by
Host: ui.nor1upgrades.com
URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.136 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
97599519b254b0946d6ceab38aebf10630b9bd20ad0559d053a3d353a89371c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
d0fdea94-e6c7-4c1b-9a8d-1b6823b03ec7
Date
Fri, 30 Jun 2023 16:26:11 GMT
Content-MD5
pQu73sNEX5U+lhDgIqJoBA==
x-amz-request-id
iad-1:HuLFylFNhDL1Md28KBGh9VTzDLlpIGV0Z86_oGRxMRj5wKngHnT4JS94TSsOgHU_
Connection
keep-alive
Content-Length
8970
Last-Modified
Mon, 27 Mar 2023 06:50:19 GMT
opc-request-id
iad-1:HuLFylFNhDL1Md28KBGh9VTzDLlpIGV0Z86_oGRxMRj5wKngHnT4JS94TSsOgHU_
x-api-id
s3-compatible
ETag
"a50bbbdec3445f953e9610e022a26804"
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
x-amz-meta-mtime
1647277983
00160556.jpg
cdn.nor1upgrades.com/room-images/h-008/000544/small/
16 KB
17 KB
Image
General
Full URL
https://cdn.nor1upgrades.com/room-images/h-008/000544/small/00160556.jpg?version=2609
Requested by
Host: ui.nor1upgrades.com
URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.136 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5267f9e5eb2402b892366c682325fcd6ceae1e74288ebe9bf2d351e26e4a561e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
8f9a9a20-66e7-478a-a7c8-fe24eec71aab
Date
Fri, 30 Jun 2023 16:26:11 GMT
Content-MD5
jH/EmsfbBCV9GKY4+pArjA==
x-amz-request-id
iad-1:20nsqfcEFaFaScn1WMZ6zlfHegvw8Ug94qDa5vewphpA-udrBjk5GMfdNUIeuGBe
Connection
keep-alive
Content-Length
16861
Last-Modified
Mon, 27 Mar 2023 06:50:27 GMT
opc-request-id
iad-1:20nsqfcEFaFaScn1WMZ6zlfHegvw8Ug94qDa5vewphpA-udrBjk5GMfdNUIeuGBe
x-api-id
s3-compatible
ETag
"8c7fc49ac7db04257d18a638fa902b8c"
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
x-amz-meta-mtime
1677844031
00144892.jpg
cdn.nor1upgrades.com/room-images/h-008/000544/small/
10 KB
11 KB
Image
General
Full URL
https://cdn.nor1upgrades.com/room-images/h-008/000544/small/00144892.jpg?version=2609
Requested by
Host: ui.nor1upgrades.com
URL: https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.136 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d32d50ece7a510ebe6fffe4f917d8172714570625f2f4c41426f8fe9e786499f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ui.nor1upgrades.com/?7960b5c30f484bd7c39a76a5347482fa6507e1a968354919a603769a21422ea9t115493880&PET=RTG&PID=NOR1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
306e9b11-fc12-4ffa-9620-195a5d85cc64
Date
Fri, 30 Jun 2023 16:26:11 GMT
Content-MD5
RyLd58+jXdSWwCm/7uWakQ==
x-amz-request-id
iad-1:7zeyE2b51H28GxkFyeTaKIfVZC07IuUZO8aR8QmANMow-QhIfrYkvsp1FLMHFeYC
Connection
keep-alive
Content-Length
10083
Last-Modified
Mon, 27 Mar 2023 06:50:26 GMT
opc-request-id
iad-1:7zeyE2b51H28GxkFyeTaKIfVZC07IuUZO8aR8QmANMow-QhIfrYkvsp1FLMHFeYC
x-api-id
s3-compatible
ETag
"4722dde7cfa35dd496c029bfeee59a91"
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
x-amz-meta-mtime
1647277035

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend number| currentScrollOffset object| data object| page_data function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| __mobxInstanceCount object| __mobxGlobals string| __react_router_build__

5 Cookies

Domain/Path Name / Value
.nor1upgrades.com/ Name: _hjSessionUser_341114
Value: eyJpZCI6IjE5YjYzNTFjLWE0NDMtNTFlZC05NTVmLThlMmVkODY3MzI0MiIsImNyZWF0ZWQiOjE2ODgxNDIzNzEzOTMsImV4aXN0aW5nIjpmYWxzZX0=
.nor1upgrades.com/ Name: _hjFirstSeen
Value: 1
.nor1upgrades.com/ Name: _hjIncludedInSessionSample_341114
Value: 0
.nor1upgrades.com/ Name: _hjSession_341114
Value: eyJpZCI6IjA3ZTc2OGVhLWYyOGYtNDkzYi1iMTlkLWUxZDZjNGI0MzRiNyIsImNyZWF0ZWQiOjE2ODgxNDIzNzE0MTAsImluU2FtcGxlIjpmYWxzZX0=
.nor1upgrades.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.orbitz.com *.duncllc.com:* *.dev.orbitz.net:7443 *.dev.orbitz.net *.dev.orbitz.net:* dev.orbitz.net *.orbztest.com *.ctixtest.com *.cheaptickets.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block