ui.nor1upgrades.com
Open in
urlscan Pro
104.126.37.138
Public Scan
Submission: On December 20 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 6th 2023. Valid for: a year.
This is the only time ui.nor1upgrades.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 104.126.37.138 104.126.37.138 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 13.32.110.26 13.32.110.26 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.32.27.21 13.32.27.21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.112.15 18.66.112.15 | 16509 (AMAZON-02) (AMAZON-02) | |
18 | 8 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-138.deploy.static.akamaitechnologies.com
ui.nor1upgrades.com | |
cdn.nor1upgrades.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-26.vie50.r.cloudfront.net
static.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net
vc.hotjar.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
nor1upgrades.com
ui.nor1upgrades.com — Cisco Umbrella Rank: 454801 cdn.nor1upgrades.com — Cisco Umbrella Rank: 353656 |
5 MB |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933 |
59 KB |
1 |
hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2580 |
258 B |
1 |
gstatic.com
fonts.gstatic.com |
24 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2842 |
22 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
779 B |
18 | 6 |
Domain | Requested by | |
---|---|---|
11 | cdn.nor1upgrades.com |
ui.nor1upgrades.com
|
1 | vc.hotjar.io |
script.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | static.hotjar.com |
ui.nor1upgrades.com
|
1 | stackpath.bootstrapcdn.com |
ui.nor1upgrades.com
|
1 | fonts.googleapis.com |
ui.nor1upgrades.com
|
1 | ui.nor1upgrades.com | |
18 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nor1.com |
www.nor1upgrades.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
nor1upgrades.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-09-06 - 2024-09-05 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2023-11-30 - 2024-02-28 |
3 months | crt.sh |
*.hotjar.com Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.hotjar.io Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068
Frame ID: 78C6C0212BD91EDE7AC78B761356082F
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Fairmont Royal Palm MarrakeshDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Akamai Bot Manager (Security) Expand
Detected patterns
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Règles de confidentialité
Search URL Search Domain Scan URL
Title: Attribution Statements
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
ui.nor1upgrades.com/ |
98 KB 99 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
717 B 779 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ |
138 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.js
cdn.nor1upgrades.com/guestui/guestui_1687373279/react-ui/dist/js/ |
5 MB 5 MB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-341114.js
static.hotjar.com/c/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
25 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header.jpg
cdn.nor1upgrades.com/room-images/h-073/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
00110687.jpg
cdn.nor1upgrades.com/room-images/h-073/008015/small/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
00158576.jpg
cdn.nor1upgrades.com/room-images/h-073/008015/small/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
00139794.jpg
cdn.nor1upgrades.com/room-images/h-073/008015/small/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
00139793.jpg
cdn.nor1upgrades.com/room-images/h-073/008015/small/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
00159997.jpg
cdn.nor1upgrades.com/room-images/h-073/008015/small/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
00158577.jpg
cdn.nor1upgrades.com/room-images/h-073/008015/small/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
00158578.jpg
cdn.nor1upgrades.com/room-images/h-073/008015/small/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
00110688.jpg
cdn.nor1upgrades.com/room-images/h-073/008015/small/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
00110689.jpg
cdn.nor1upgrades.com/room-images/h-073/008015/small/ |
13 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.f8398e1fcf749800c3fc.js
script.hotjar.com/ |
220 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
341114
vc.hotjar.io/sessions/ |
0 258 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture number| currentScrollOffset object| data object| page_data function| hj object| _hjSettings object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| __mobxInstanceCount object| __mobxGlobals string| __react_router_build__ object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nor1upgrades.com/ | Name: ak_bmsc Value: 2E334DEA26EBAD9D30BCD0B423DE152E~000000000000000000000000000000~YAAQhiV+aIPAkYSMAQAApEoNhha3ik7yms78Cnag4uwTR8wB7bTuFM17SAhliCfbqwFgwErJHpWUjycDQMC7TQIvaeyq5MolY+A1kV5dW3nArhL7rXsG6tJr3D0h0Y+P7hWWyVQXaBhPEx46OKQLWFJ5vHXu1LMDpmlv9+MNZ4DawP8aW8LgVV3aXKP4RhlhiyFhM8tIHhRFhJ+zm+JhNJ1Lc6FQ8zsA2LjJ6tq72MhugAca93znSG7ualI10o/se0oSVEvSQ7RS192KoSHqw2xZCUTfDDoNN7Oq/qmMm+wlrpLUeLt5w0c7OGtjou+8OX6+0SAdgnPMwk0e0l4J23aheDcokCrrIuzuvxW7BrJiLLlRG+/SMBPfJ47ZF7o199t1VPKJ |
|
.nor1upgrades.com/ | Name: _hjSessionUser_341114 Value: eyJpZCI6IjA4YmNkOWRlLWZkOGUtNTY0Yy1iZjUzLTRlZDVmNTliOGUwYyIsImNyZWF0ZWQiOjE3MDMwNTYwNjc5MjIsImV4aXN0aW5nIjpmYWxzZX0= |
|
.nor1upgrades.com/ | Name: _hjFirstSeen Value: 1 |
|
.nor1upgrades.com/ | Name: _hjIncludedInSessionSample_341114 Value: 0 |
|
.nor1upgrades.com/ | Name: _hjSession_341114 Value: eyJpZCI6ImZlNzQ0ZmMzLTVlNjEtNDYzNy1hMTQ5LWIwZWQ0Yjg1Y2NhYiIsImMiOjE3MDMwNTYwNjc5MjMsInMiOjAsInIiOjAsInNiIjowfQ== |
|
.nor1upgrades.com/ | Name: _hjAbsoluteSessionInProgress Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors *.orbitz.com *.duncllc.com:* *.dev.orbitz.net:7443 *.dev.orbitz.net *.dev.orbitz.net:* dev.orbitz.net *.orbztest.com *.ctixtest.com *.cheaptickets.com |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.nor1upgrades.com
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
stackpath.bootstrapcdn.com
static.hotjar.com
ui.nor1upgrades.com
vc.hotjar.io
104.126.37.138
13.32.110.26
13.32.27.21
18.66.112.15
2606:4700::6812:bcf
2a00:1450:4001:808::200a
2a00:1450:4001:813::2003
1cec4cf418ef87c1760f1c09fc6b2db2b9dd0a0564ab63653ee47d9c181a9e03
35f7e9729365a6e49d4a89b4a7f411e317fc6ad45f000f26a560dec23fd01270
3fb32c341d6235fae0e7ab5c79ed370259cdbdcd7c235c39161b1dd64d8cc83f
55109df374e122a78876d8c6efc5c39c4ece12e26b53a215af7f7ffe649df0c0
73ba3063c4d64e81aa8562bf8d4ac33d416eff35dcaaddeb671079701e6d4621
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
8ccbad416e2fc25800096614ac135d2d06bfaae2177577a719bf0e1e5a26b721
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a10f1d68330cba05a9cfb5be89ebe3a5dbd87582f698d58571382752460a7c28
adca5b6484f558d7adc4d55bce185ce5d419b8aa31c07c2d80401512a0c6fa6b
b77d3ab1ec41d65cbffb1f909ede3ef3f79b41711ce2f059569fe1e3e24f479a
c687fe25303cbe34dbb19206f7cdde29f78fd3fc95fb3659a45d43fdf89a875a
c751dd9ac46ca6784ab5ae5e5cae26949cd102057a2e12b9b8fe0a772da696e0
c7a1b7958377abe4abfc1d0416754cd63bb384a9dfcc3f4a6dc6fdb762631df8
d48dbb72637706736d2011d30fe4a439ba0eb77bd5bc337a00931d2bb4ab3737
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
ee82fc3d4101a3d0c20a1b867c5ccae5ad9400dfd2875b283c203adf5e20b47b
fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361