ui.nor1upgrades.com Open in urlscan Pro
104.126.37.138  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ui.nor1upgrades.com/	98 KB 99 KB	739ms 694ms	Document text/html	104.126.37.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-138.deploy.static.akamaitechnologies.com Software nginx / Resource Hash ee82fc3d4101a3d0c20a1b867c5ccae5ad9400dfd2875b283c203adf5e20b47b Security Headers Name Value Content-Security-Policy frame-ancestors *.orbitz.com *.duncllc.com:* *.dev.orbitz.net:7443 *.dev.orbitz.net *.dev.orbitz.net:* dev.orbitz.net *.orbztest.com *.ctixtest.com *.cheaptickets.com Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache Connection keep-alive Transfer-Encoding Content-Security-Policy frame-ancestors *.orbitz.com *.duncllc.com:* *.dev.orbitz.net:7443 *.dev.orbitz.net *.dev.orbitz.net:* dev.orbitz.net *.orbztest.com *.ctixtest.com *.cheaptickets.com Content-Type text/html; charset=utf-8 Date Wed, 20 Dec 2023 07:07:47 GMT Referrer-Policy no-referrer-when-downgrade Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains Transfer-Encoding chunked Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	717 B 779 B	38ms 16ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 20 Dec 2023 07:07:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 20 Dec 2023 07:05:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 20 Dec 2023 07:07:47 GMT
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/	138 KB 22 KB	51ms 23ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Origin https://ui.nor1upgrades.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:07:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 756 age 1740384 cdn-cachedat 10/31/2023 18:48:38 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:06 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"04aca1f4cd3ec3c05a75a879f3be75a3" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 2f6202408bdadfb30fd2682fc7a47197 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 83860ce50c29694c-FRA cdn-requestpullsuccess True
GET H/1.1	200 OK	bundle.js Show response cdn.nor1upgrades.com/guestui/guestui_1687373279/react-ui/dist/js/	5 MB 5 MB	49ms 17ms	Script application/octet-stream	104.126.37.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.nor1upgrades.com/guestui/guestui_1687373279/react-ui/dist/js/bundle.js Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-138.deploy.static.akamaitechnologies.com Software / Resource Hash 55109df374e122a78876d8c6efc5c39c4ece12e26b53a215af7f7ffe649df0c0 Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id ed323e66-af96-43d4-811c-5a8aecd560c2 Date Wed, 20 Dec 2023 07:07:47 GMT Content-MD5 sdfEa7shNpjuWKIeI+qNMQ== x-amz-request-id iad-1:A-ls_psxpAlgv5_WNjhwAzuz4ePz_xQUwZM8MMBPy37QVQOtOOPAHZ4aCrLhj7hw Transfer-Encoding chunked Connection keep-alive, Transfer-Encoding Last-Modified Fri, 08 Dec 2023 11:10:02 GMT opc-request-id iad-1:A-ls_psxpAlgv5_WNjhwAzuz4ePz_xQUwZM8MMBPy37QVQOtOOPAHZ4aCrLhj7hw x-api-id s3-compatible ETag "b1d7c46bbb213698ee58a21e23ea8d31" Vary Accept-Encoding Access-Control-Allow-Methods POST,PUT,GET,HEAD,DELETE,OPTIONS Content-Type application/octet-stream Access-Control-Allow-Origin * Access-Control-Expose-Headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-request-id,x-amz-version-id,x-api-id Access-Control-Allow-Credentials true
GET H2	200	hotjar-341114.js Show response static.hotjar.com/c/	9 KB 4 KB	454ms 122ms	Script application/javascript	13.32.110.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-341114.js?sv=5 Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.110.26 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-110-26.vie50.r.cloudfront.net Software / Resource Hash c687fe25303cbe34dbb19206f7cdde29f78fd3fc95fb3659a45d43fdf89a875a Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Wed, 20 Dec 2023 07:07:47 GMT via 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 34 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/b4524010e5ac09b120171b9308ac14d7 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 x-amz-cf-id -8X1v8cBckfvfwjmaqz2Lk_ZtTKVoAU_1HiOpGtRvtlx-CXnWA5h5Q==
GET DATA	200 OK	truncated /	25 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3fb32c341d6235fae0e7ab5c79ed370259cdbdcd7c235c39161b1dd64d8cc83f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 24 KB	28ms 7ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ui.nor1upgrades.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 15:36:20 GMT x-content-type-options nosniff age 142287 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 17 Dec 2024 15:36:20 GMT
GET H/1.1	200 OK	header.jpg cdn.nor1upgrades.com/room-images/h-073/	4 KB 5 KB	418ms 417ms	Image image/jpeg	104.126.37.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.nor1upgrades.com/room-images/h-073/header.jpg?version=0747 Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-138.deploy.static.akamaitechnologies.com Software / Resource Hash c751dd9ac46ca6784ab5ae5e5cae26949cd102057a2e12b9b8fe0a772da696e0 Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 30ce2d98-b3d2-4e7a-b77e-7a431926ecba Date Wed, 20 Dec 2023 07:07:48 GMT Content-MD5 Fiy2e8iX7HarBgtM2v01nA== x-amz-request-id iad-1:9jclvtyrK7bUHO2cPF1-RGyGHIf4P15SfrcjRjnWyFCXHPGXT9s_5DREZOe6t2TS Connection keep-alive Content-Length 4458 Last-Modified Mon, 27 Mar 2023 05:19:18 GMT opc-request-id iad-1:9jclvtyrK7bUHO2cPF1-RGyGHIf4P15SfrcjRjnWyFCXHPGXT9s_5DREZOe6t2TS x-api-id s3-compatible ETag "162cb67bc897ec76ab060b4cdafd359c" Access-Control-Allow-Methods POST,PUT,GET,HEAD,DELETE,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id Access-Control-Allow-Credentials true Accept-Ranges bytes x-amz-meta-mtime 1621876958
GET H/1.1	200 OK	00110687.jpg cdn.nor1upgrades.com/room-images/h-073/008015/small/	12 KB 13 KB	446ms 434ms	Image image/jpeg	104.126.37.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.nor1upgrades.com/room-images/h-073/008015/small/00110687.jpg?version=0747 Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-138.deploy.static.akamaitechnologies.com Software / Resource Hash 8ccbad416e2fc25800096614ac135d2d06bfaae2177577a719bf0e1e5a26b721 Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 764db0af-d6db-4e57-986a-ac020e5dad44 Date Wed, 20 Dec 2023 07:07:48 GMT Content-MD5 6zIi9p1Q95bXHFfQ+S6yDg== x-amz-request-id iad-1:w7QBcaDxKpch50Lxmi9gT-J4StrPAB2th3sbFAZz5xKE46WChnx5eqLSxNi_UOo5 Connection keep-alive Content-Length 11832 Last-Modified Mon, 27 Mar 2023 06:14:18 GMT opc-request-id iad-1:w7QBcaDxKpch50Lxmi9gT-J4StrPAB2th3sbFAZz5xKE46WChnx5eqLSxNi_UOo5 x-api-id s3-compatible ETag "eb3222f69d50f796d71c57d0f92eb20e" Access-Control-Allow-Methods POST,PUT,GET,HEAD,DELETE,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id Access-Control-Allow-Credentials true Accept-Ranges bytes x-amz-meta-mtime 1621876948
GET H/1.1	200 OK	00158576.jpg cdn.nor1upgrades.com/room-images/h-073/008015/small/	12 KB 13 KB	425ms 413ms	Image image/jpeg	104.126.37.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.nor1upgrades.com/room-images/h-073/008015/small/00158576.jpg?version=0747 Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-138.deploy.static.akamaitechnologies.com Software / Resource Hash c7a1b7958377abe4abfc1d0416754cd63bb384a9dfcc3f4a6dc6fdb762631df8 Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 197c2a83-473c-4c73-b3dd-e58970935189 Date Wed, 20 Dec 2023 07:07:48 GMT Content-MD5 sUyUTc2O8DKbweSRbzEZ8g== x-amz-request-id iad-1:r1Y7zxPSxxoocBu1Mm3BPDIHyvs2pIstA69I_i0-eeE5sdzH7_LCYvAPTCwqregl Connection keep-alive Content-Length 12548 Last-Modified Mon, 27 Mar 2023 06:14:21 GMT opc-request-id iad-1:r1Y7zxPSxxoocBu1Mm3BPDIHyvs2pIstA69I_i0-eeE5sdzH7_LCYvAPTCwqregl x-api-id s3-compatible ETag "b14c944dcd8ef0329bc1e4916f3119f2" Access-Control-Allow-Methods POST,PUT,GET,HEAD,DELETE,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id Access-Control-Allow-Credentials true Accept-Ranges bytes x-amz-meta-mtime 1673457544
GET H/1.1	200 OK	00139794.jpg cdn.nor1upgrades.com/room-images/h-073/008015/small/	19 KB 20 KB	470ms 458ms	Image image/jpeg	104.126.37.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.nor1upgrades.com/room-images/h-073/008015/small/00139794.jpg?version=0747 Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-138.deploy.static.akamaitechnologies.com Software / Resource Hash 35f7e9729365a6e49d4a89b4a7f411e317fc6ad45f000f26a560dec23fd01270 Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id ede632b6-aab1-4438-810a-36ae281a71cf Date Wed, 20 Dec 2023 07:07:48 GMT Content-MD5 e6xkVTsTVPArKccZCn7H/Q== x-amz-request-id iad-1:4sLbSQtqqt88rmlilR6OZdv1rsRfxnAKeSGW8W-uOSWsCywZv6rlWQs9FQeQ-_w9 Connection keep-alive Content-Length 19046 Last-Modified Mon, 27 Mar 2023 06:14:20 GMT opc-request-id iad-1:4sLbSQtqqt88rmlilR6OZdv1rsRfxnAKeSGW8W-uOSWsCywZv6rlWQs9FQeQ-_w9 x-api-id s3-compatible ETag "7bac64553b1354f02b29c7190a7ec7fd" Access-Control-Allow-Methods POST,PUT,GET,HEAD,DELETE,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id Access-Control-Allow-Credentials true Accept-Ranges bytes x-amz-meta-mtime 1630684635
GET H/1.1	200 OK	00139793.jpg cdn.nor1upgrades.com/room-images/h-073/008015/small/	12 KB 13 KB	791ms 778ms	Image image/jpeg	104.126.37.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.nor1upgrades.com/room-images/h-073/008015/small/00139793.jpg?version=0747 Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-138.deploy.static.akamaitechnologies.com Software / Resource Hash d48dbb72637706736d2011d30fe4a439ba0eb77bd5bc337a00931d2bb4ab3737 Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 8d8b8549-5a75-4b64-91b0-aacb915f86f8 Date Wed, 20 Dec 2023 07:07:48 GMT Content-MD5 dd0JwD12WM8mfJ5z5o/rFw== x-amz-request-id iad-1:A5wVZJzxUD1rcgOj3B_ugi1GO7-rTol1bchp_DP20B0F4Cae82gJrTxRG00AP-wk Connection keep-alive Content-Length 12256 Last-Modified Mon, 27 Mar 2023 06:14:20 GMT opc-request-id iad-1:A5wVZJzxUD1rcgOj3B_ugi1GO7-rTol1bchp_DP20B0F4Cae82gJrTxRG00AP-wk x-api-id s3-compatible ETag "75dd09c03d7658cf267c9e73e68feb17" Access-Control-Allow-Methods POST,PUT,GET,HEAD,DELETE,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id Access-Control-Allow-Credentials true Accept-Ranges bytes x-amz-meta-mtime 1630685222
GET H/1.1	200 OK	00159997.jpg cdn.nor1upgrades.com/room-images/h-073/008015/small/	11 KB 12 KB	583ms 164ms	Image image/jpeg	104.126.37.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.nor1upgrades.com/room-images/h-073/008015/small/00159997.jpg?version=0747 Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-138.deploy.static.akamaitechnologies.com Software / Resource Hash b77d3ab1ec41d65cbffb1f909ede3ef3f79b41711ce2f059569fe1e3e24f479a Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 3c8025e5-19bc-4bbd-899b-a1817790ebca Date Wed, 20 Dec 2023 07:07:48 GMT Content-MD5 a1hi4axRmHoCO2Ueb76tbw== x-amz-request-id iad-1:UY-YdvJG_GHtKofujrRIDfna5YHBybxQnlkoTG1dtCiAsQNyIEEKMYVG54E69hYr Connection keep-alive Content-Length 11539 Last-Modified Mon, 27 Mar 2023 06:14:22 GMT opc-request-id iad-1:UY-YdvJG_GHtKofujrRIDfna5YHBybxQnlkoTG1dtCiAsQNyIEEKMYVG54E69hYr x-api-id s3-compatible ETag "6b5862e1ac51987a023b651e6fbead6f" Access-Control-Allow-Methods POST,PUT,GET,HEAD,DELETE,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id Access-Control-Allow-Credentials true Accept-Ranges bytes x-amz-meta-mtime 1676562693
GET H/1.1	200 OK	00158577.jpg cdn.nor1upgrades.com/room-images/h-073/008015/small/	10 KB 11 KB	512ms 501ms	Image image/jpeg	104.126.37.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.nor1upgrades.com/room-images/h-073/008015/small/00158577.jpg?version=0747 Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-138.deploy.static.akamaitechnologies.com Software / Resource Hash 1cec4cf418ef87c1760f1c09fc6b2db2b9dd0a0564ab63653ee47d9c181a9e03 Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id e3763422-db54-47a8-8c58-4899f0ee339e Date Wed, 20 Dec 2023 07:07:48 GMT Content-MD5 WUnvG75eAjzsDYfwq25kyA== x-amz-request-id iad-1:K_3Hh99TzkhAXBphfbFPd0Qxzh027DXUCOf4PY7qarZbFYnQra7sdyzi0QHVc5Da Connection keep-alive Content-Length 10116 Last-Modified Mon, 27 Mar 2023 06:14:21 GMT opc-request-id iad-1:K_3Hh99TzkhAXBphfbFPd0Qxzh027DXUCOf4PY7qarZbFYnQra7sdyzi0QHVc5Da x-api-id s3-compatible ETag "5949ef1bbe5e023cec0d87f0ab6e64c8" Access-Control-Allow-Methods POST,PUT,GET,HEAD,DELETE,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id Access-Control-Allow-Credentials true Accept-Ranges bytes x-amz-meta-mtime 1673457723
GET H/1.1	200 OK	00158578.jpg cdn.nor1upgrades.com/room-images/h-073/008015/small/	9 KB 10 KB	487ms 487ms	Image image/jpeg	104.126.37.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.nor1upgrades.com/room-images/h-073/008015/small/00158578.jpg?version=0747 Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-138.deploy.static.akamaitechnologies.com Software / Resource Hash adca5b6484f558d7adc4d55bce185ce5d419b8aa31c07c2d80401512a0c6fa6b Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 029d46b5-aa5f-482f-a273-7eb80f058ce3 Date Wed, 20 Dec 2023 07:07:48 GMT Content-MD5 28vfueigkTH8ug6cOixg4g== x-amz-request-id iad-1:UrNOiZt5mskgkfcjOBstLjtXZ1MIu6eAHws9oniVqiB2mkhAT6XkOdG7R0Hqy-zA Connection keep-alive Content-Length 9354 Last-Modified Mon, 27 Mar 2023 06:14:22 GMT opc-request-id iad-1:UrNOiZt5mskgkfcjOBstLjtXZ1MIu6eAHws9oniVqiB2mkhAT6XkOdG7R0Hqy-zA x-api-id s3-compatible ETag "dbcbdfb9e8a09131fcba0e9c3a2c60e2" Access-Control-Allow-Methods POST,PUT,GET,HEAD,DELETE,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id Access-Control-Allow-Credentials true Accept-Ranges bytes x-amz-meta-mtime 1673457936
GET H/1.1	200 OK	00110688.jpg cdn.nor1upgrades.com/room-images/h-073/008015/small/	10 KB 11 KB	122ms 122ms	Image image/jpeg	104.126.37.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.nor1upgrades.com/room-images/h-073/008015/small/00110688.jpg?version=0747 Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-138.deploy.static.akamaitechnologies.com Software / Resource Hash 73ba3063c4d64e81aa8562bf8d4ac33d416eff35dcaaddeb671079701e6d4621 Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 28f70544-5d64-409a-b64f-778555a14976 Date Wed, 20 Dec 2023 07:07:48 GMT Content-MD5 kN+ZsnBjzPXqka41nDyTxQ== x-amz-request-id iad-1:XrC2Of14nnPrt9YLtGpBTncirPlIVhYaHpZ-HsKZv0OyzmgXjPad2Y5ohYWaigSJ Connection keep-alive Content-Length 10378 Last-Modified Mon, 27 Mar 2023 06:14:18 GMT opc-request-id iad-1:XrC2Of14nnPrt9YLtGpBTncirPlIVhYaHpZ-HsKZv0OyzmgXjPad2Y5ohYWaigSJ x-api-id s3-compatible ETag "90df99b27063ccf5ea91ae359c3c93c5" Access-Control-Allow-Methods POST,PUT,GET,HEAD,DELETE,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id Access-Control-Allow-Credentials true Accept-Ranges bytes x-amz-meta-mtime 1621876948
GET H/1.1	200 OK	00110689.jpg cdn.nor1upgrades.com/room-images/h-073/008015/small/	13 KB 14 KB	527ms 527ms	Image image/jpeg	104.126.37.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.nor1upgrades.com/room-images/h-073/008015/small/00110689.jpg?version=0747 Requested by Host: ui.nor1upgrades.com URL: https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.126.37.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-138.deploy.static.akamaitechnologies.com Software / Resource Hash a10f1d68330cba05a9cfb5be89ebe3a5dbd87582f698d58571382752460a7c28 Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 884769db-ecaa-4856-8322-445409499428 Date Wed, 20 Dec 2023 07:07:48 GMT Content-MD5 NBbgGodD0tfgquZ6pJVhWA== x-amz-request-id iad-1:h-9LmANZEhKCY44Trr716uJ4StrPAB2th3sbFAZz5xIDohPwJ4Xd3WY31uJS6i9L Connection keep-alive Content-Length 13222 Last-Modified Mon, 27 Mar 2023 06:14:18 GMT opc-request-id iad-1:h-9LmANZEhKCY44Trr716uJ4StrPAB2th3sbFAZz5xIDohPwJ4Xd3WY31uJS6i9L x-api-id s3-compatible ETag "3416e01a8743d2d7e0aae67aa4956158" Access-Control-Allow-Methods POST,PUT,GET,HEAD,DELETE,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id Access-Control-Allow-Credentials true Accept-Ranges bytes x-amz-meta-mtime 1621876948
GET H2	200	modules.f8398e1fcf749800c3fc.js Show response script.hotjar.com/	220 KB 55 KB	28ms 8ms	Script application/javascript	13.32.27.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-341114.js?sv=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-21.fra56.r.cloudfront.net Software / Resource Hash fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 12:03:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 500681 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55732 last-modified Thu, 14 Dec 2023 12:02:27 GMT etag "ce5f5f2327c7562166cfcaad455b7a17" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id fEAjnIo8ONDf6g38_VWGfCT6eluTgXGrR4r77z5Eg6KnAOWzoZ2h2Q==
GET H2	204	341114 Show response vc.hotjar.io/sessions/	0 258 B	62ms 31ms	XHR text/plain	18.66.112.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vc.hotjar.io/sessions/341114?s=0.25&r=0.04869522447267838 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.15 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-15.fra56.r.cloudfront.net Software Python/3.8 aiohttp/3.8.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ui.nor1upgrades.com/?a582cd728f0235b51169cd2453fd54f2f4a28f73b281e52047c9bb473a110a16t130993068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:07:47 GMT via 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront) server Python/3.8 aiohttp/3.8.4 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store x-amz-cf-id KZBnMsMf14aKotJcCCtoJHXrwN5B515Xf_QFnDOJb1juUIRNnENHbg==

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture number| currentScrollOffset object| data object| page_data function| hj object| _hjSettings object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| __mobxInstanceCount object| __mobxGlobals string| __react_router_build__ object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nor1upgrades.com/	1970-01-20 17:04:23	Name: ak_bmsc Value: 2E334DEA26EBAD9D30BCD0B423DE152E~000000000000000000000000000000~YAAQhiV+aIPAkYSMAQAApEoNhha3ik7yms78Cnag4uwTR8wB7bTuFM17SAhliCfbqwFgwErJHpWUjycDQMC7TQIvaeyq5MolY+A1kV5dW3nArhL7rXsG6tJr3D0h0Y+P7hWWyVQXaBhPEx46OKQLWFJ5vHXu1LMDpmlv9+MNZ4DawP8aW8LgVV3aXKP4RhlhiyFhM8tIHhRFhJ+zm+JhNJ1Lc6FQ8zsA2LjJ6tq72MhugAca93znSG7ualI10o/se0oSVEvSQ7RS192KoSHqw2xZCUTfDDoNN7Oq/qmMm+wlrpLUeLt5w0c7OGtjou+8OX6+0SAdgnPMwk0e0l4J23aheDcokCrrIuzuvxW7BrJiLLlRG+/SMBPfJ47ZF7o199t1VPKJ
			.nor1upgrades.com/	1970-01-21 01:49:52	Name: _hjSessionUser_341114 Value: eyJpZCI6IjA4YmNkOWRlLWZkOGUtNTY0Yy1iZjUzLTRlZDVmNTliOGUwYyIsImNyZWF0ZWQiOjE3MDMwNTYwNjc5MjIsImV4aXN0aW5nIjpmYWxzZX0=
			.nor1upgrades.com/	1970-01-20 17:04:17	Name: _hjFirstSeen Value: 1
			.nor1upgrades.com/	1970-01-20 17:04:17	Name: _hjIncludedInSessionSample_341114 Value: 0
			.nor1upgrades.com/	1970-01-20 17:04:17	Name: _hjSession_341114 Value: eyJpZCI6ImZlNzQ0ZmMzLTVlNjEtNDYzNy1hMTQ5LWIwZWQ0Yjg1Y2NhYiIsImMiOjE3MDMwNTYwNjc5MjMsInMiOjAsInIiOjAsInNiIjowfQ==
			.nor1upgrades.com/	1970-01-20 17:04:17	Name: _hjAbsoluteSessionInProgress Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *.orbitz.com *.duncllc.com:* *.dev.orbitz.net:7443 *.dev.orbitz.net *.dev.orbitz.net:* dev.orbitz.net *.orbztest.com *.ctixtest.com *.cheaptickets.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.nor1upgrades.com
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
stackpath.bootstrapcdn.com
static.hotjar.com
ui.nor1upgrades.com
vc.hotjar.io
104.126.37.138
13.32.110.26
13.32.27.21
18.66.112.15
2606:4700::6812:bcf
2a00:1450:4001:808::200a
2a00:1450:4001:813::2003
1cec4cf418ef87c1760f1c09fc6b2db2b9dd0a0564ab63653ee47d9c181a9e03
35f7e9729365a6e49d4a89b4a7f411e317fc6ad45f000f26a560dec23fd01270
3fb32c341d6235fae0e7ab5c79ed370259cdbdcd7c235c39161b1dd64d8cc83f
55109df374e122a78876d8c6efc5c39c4ece12e26b53a215af7f7ffe649df0c0
73ba3063c4d64e81aa8562bf8d4ac33d416eff35dcaaddeb671079701e6d4621
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
8ccbad416e2fc25800096614ac135d2d06bfaae2177577a719bf0e1e5a26b721
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a10f1d68330cba05a9cfb5be89ebe3a5dbd87582f698d58571382752460a7c28
adca5b6484f558d7adc4d55bce185ce5d419b8aa31c07c2d80401512a0c6fa6b
b77d3ab1ec41d65cbffb1f909ede3ef3f79b41711ce2f059569fe1e3e24f479a
c687fe25303cbe34dbb19206f7cdde29f78fd3fc95fb3659a45d43fdf89a875a
c751dd9ac46ca6784ab5ae5e5cae26949cd102057a2e12b9b8fe0a772da696e0
c7a1b7958377abe4abfc1d0416754cd63bb384a9dfcc3f4a6dc6fdb762631df8
d48dbb72637706736d2011d30fe4a439ba0eb77bd5bc337a00931d2bb4ab3737
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
ee82fc3d4101a3d0c20a1b867c5ccae5ad9400dfd2875b283c203adf5e20b47b
fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361