norabots.com Open in urlscan Pro
95.216.29.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://norabots.net/
Effective URL:
https://norabots.com/
Submission: On February 26 via api (February 26th 2023, 3:02:16 am UTC) from CH — Scanned from DE

Summary HTTP 24 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 24 HTTP transactions. The main IP is 95.216.29.241, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is norabots.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 13th 2023. Valid for: 3 months.

This is the only time norabots.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	184.154.61.171 184.154.61.171	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 13	95.216.29.241 95.216.29.241	24940 (HETZNER-AS) (HETZNER-AS)
1	44.240.25.46 44.240.25.46	16509 (AMAZON-02) (AMAZON-02)
5	138.201.137.103 138.201.137.103	24940 (HETZNER-AS) (HETZNER-AS)
4	65.9.66.87 65.9.66.87	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:401::1 2a0b:4d07:401::1	44239 (PROINITY ...) (PROINITY PROINITY)
24	6

1 184.154.61.171 (United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: srv05.jvexecutive.com

norabots.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 95.216.29.241 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: server3.netprohost.net

norabots.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.25.46 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-25-46.us-west-2.compute.amazonaws.com

cbtb.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.137.103 (St. Ingbert, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sr1.ebasec.com

gridmarketing.ebasec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-87.fra56.r.cloudfront.net

prod.cbstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

seal-boise.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	norabots.com 1 redirects norabots.com www.norabots.com Failed	213 KB
5	ebasec.com gridmarketing.ebasec.com	93 KB
4	cbstatic.net prod.cbstatic.net — Cisco Umbrella Rank: 94901	66 KB
1	bbb.org seal-boise.bbb.org — Cisco Umbrella Rank: 94151	5 KB
1	clickbank.net cbtb.clickbank.net — Cisco Umbrella Rank: 93474	1 KB
1	norabots.net 1 redirects norabots.net	241 B
24	6

	Domain	Requested by
13	norabots.com	1 redirects norabots.com
5	gridmarketing.ebasec.com	norabots.com gridmarketing.ebasec.com
4	prod.cbstatic.net	cbtb.clickbank.net prod.cbstatic.net norabots.com
1	seal-boise.bbb.org	norabots.com
1	cbtb.clickbank.net	norabots.com
1	norabots.net	1 redirects
0	www.norabots.com Failed	norabots.com
24	7

This site contains links to these domains. Also see Links.

Domain
www.bbb.org
www.norabots.com

Subject Issuer	Validity	Valid
norabots.com cPanel, Inc. Certification Authority	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.clickbank.net Amazon RSA 2048 M01	`2023-02-07` - `2024-03-08`	a year	crt.sh
gridmarketing.ebasec.com cPanel, Inc. Certification Authority	`2023-01-23` - `2023-04-23`	3 months	crt.sh
*.cbstatic.net Amazon	`2022-08-18` - `2023-09-16`	a year	crt.sh
*.bbb.org DigiCert TLS RSA SHA256 2020 CA1	`2022-05-05` - `2023-05-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://norabots.com/
Frame ID: CACDE753923AFA4A26E2A574896F4420
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Norabots & Netprosoft Professional Smart Services For Your Internet Business

Page URL History Show full URLs

https://norabots.net/ HTTP 301
http://norabots.com/ HTTP 301
https://norabots.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

96 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

377 kB
Transfer

510 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bbb.org/snakeriver/business-reviews/internet-shopping/clickbank-in-boise-id-5004291/#bbbonlineclick

Search URL Search Domain Scan URL

URL: http://www.norabots.com/
Title: Home

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://norabots.net/ HTTP 301
http://norabots.com/ HTTP 301
https://norabots.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
norabots.com/
Redirect Chain

https://norabots.net/
http://norabots.com/
https://norabots.com/

69 KB
70 KB

328ms
33ms

Document
text/html

95.216.29.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://norabots.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.216.29.241 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server3.netprohost.net

Software

Apache /

Resource Hash

a9638e9874670f82805aec660bb04ce3ea28ada6495dcc19308f0bcc1b65c661

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 70866
Content-Type: text/html
Date: Sun, 26 Feb 2023 03:02:10 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Tue, 16 Feb 2021 11:00:10 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 229
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 26 Feb 2023 03:02:10 GMT
Keep-Alive: timeout=5, max=100
Location: https://norabots.com/
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains

GET
H2 200 / Show response
cbtb.clickbank.net/ 937 B
1 KB 587ms
204ms Script
text/javascript 44.240.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cbtb.clickbank.net/?vendor=davzo
Requested by: Host: norabots.com
URL: https://norabots.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.25.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-25-46.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 1da8a039927042c95ebeacd909fd930acb03ef41568f91eee60a17c4e5eb5b15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 03:02:10 GMT
cache-control: max-age=900
server: Apache
content-length: 937
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK bg_left.gif
norabots.com/ 817 B
1 KB 93ms
33ms Image
image/gif 95.216.29.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://norabots.com/bg_left.gif

Requested by

Host: norabots.com
URL: https://norabots.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.216.29.241 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server3.netprohost.net

Software

Apache /

Resource Hash

080fcd05817befedc7b3923a6afaa456c3079c4ced7570d538f83fc0aa6a8b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 03:02:10 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 26 Aug 2017 15:23:54 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 817

GET
H/1.1 200
OK nnheader.jpg
norabots.com/images/ 47 KB
48 KB 77ms
33ms Image
image/jpeg 95.216.29.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://norabots.com/images/nnheader.jpg

Requested by

Host: norabots.com
URL: https://norabots.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.216.29.241 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server3.netprohost.net

Software

Apache /

Resource Hash

a000bff61fff6cc4e13d22bf22a083a479fa20de2b9615b1e1b4447b12b1373c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 03:02:10 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Sep 2017 14:45:23 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 48489

GET
H/1.1 200
OK ecourse.jpg
norabots.com/images/ 20 KB
21 KB 98ms
33ms Image
image/jpeg 95.216.29.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://norabots.com/images/ecourse.jpg

Requested by

Host: norabots.com
URL: https://norabots.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.216.29.241 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server3.netprohost.net

Software

Apache /

Resource Hash

a6531e837c6445b2c0a177bb0bce793dc9d6414ba37c224768e9e27c6b43e612

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 03:02:10 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Sep 2017 14:45:18 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20846

GET
H2 200 embed.js Show response
gridmarketing.ebasec.com/usr_default/ar/form/8a6bc158ed/ 3 KB
1 KB 856ms
805ms Script
application/javascript 138.201.137.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gridmarketing.ebasec.com/usr_default/ar/form/8a6bc158ed/embed.js
Requested by: Host: norabots.com
URL: https://norabots.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.137.103 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sr1.ebasec.com
Software: Apache /
Resource Hash: a58240c0b5381fde8f1a4af10b34cd60b0b0387294aa2289e728b87205e225f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://norabots.com
date: Sun, 26 Feb 2023 03:02:10 GMT
cache-control: max-age=0
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK nnbox.jpg
norabots.com/images/ 36 KB
37 KB 98ms
33ms Image
image/jpeg 95.216.29.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://norabots.com/images/nnbox.jpg

Requested by

Host: norabots.com
URL: https://norabots.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.216.29.241 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server3.netprohost.net

Software

Apache /

Resource Hash

6e24e492916f60837fa683295b024fb3c2d1c9ea975ded1cc6b40c04e839a9b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 03:02:10 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 26 Aug 2017 15:12:16 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37087

GET style.css
www.norabots.com/ 0
0

GET
H/1.1 200
OK redbullet.gif
norabots.com/images/ 383 B
722 B 95ms
33ms Image
image/gif 95.216.29.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://norabots.com/images/redbullet.gif

Requested by

Host: norabots.com
URL: https://norabots.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.216.29.241 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server3.netprohost.net

Software

Apache /

Resource Hash

6bb6f9ec4b59283b5cf2fed3d893724f0d0e4db0c74e90a2da591fa4c355f18a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 03:02:10 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 26 Aug 2017 15:19:50 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 383

GET
H/1.1 200
OK webhosting.jpg
norabots.com/images/ 7 KB
8 KB 99ms
33ms Image
image/jpeg 95.216.29.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://norabots.com/images/webhosting.jpg

Requested by

Host: norabots.com
URL: https://norabots.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.216.29.241 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server3.netprohost.net

Software

Apache /

Resource Hash

074be33098181943b7b4a3e69407ed4dfe7fbdacdfdbaebb9045ea55a034792d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 03:02:10 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 26 Aug 2017 15:12:18 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7539

GET
H/1.1 200
OK guarantee.png
norabots.com/images/ 22 KB
22 KB 35ms
34ms Image
image/png 95.216.29.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://norabots.com/images/guarantee.png

Requested by

Host: norabots.com
URL: https://norabots.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.216.29.241 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server3.netprohost.net

Software

Apache /

Resource Hash

e6e7d9d8fe9e92005419751f1914afd95f72c9d2369e94f03ca7d433c32826f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 03:02:10 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 26 Aug 2017 15:12:18 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22526

GET
H/1.1 200
OK order.gif
norabots.com/images/ 4 KB
4 KB 33ms
33ms Image
image/gif 95.216.29.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://norabots.com/images/order.gif

Requested by

Host: norabots.com
URL: https://norabots.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.216.29.241 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server3.netprohost.net

Software

Apache /

Resource Hash

7b0e1f5bfaa7d96f9e7058a9f4058f169bf6e284780c46533068690b5d8bbfba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 03:02:10 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 26 Aug 2017 15:19:50 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4204

GET
H/1.1 200
OK bg_right.gif
norabots.com/ 817 B
1 KB 34ms
34ms Image
image/gif 95.216.29.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://norabots.com/bg_right.gif

Requested by

Host: norabots.com
URL: https://norabots.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.216.29.241 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server3.netprohost.net

Software

Apache /

Resource Hash

fa8a7fee85483e96b13922a10779914700fb4732ef9d4faef1279bf48ece3155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 03:02:10 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 26 Aug 2017 15:23:54 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 817

GET
H2 200 injectable.js Show response
prod.cbstatic.net/dist/ 187 KB
57 KB 250ms
219ms Script
application/javascript 65.9.66.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.cbstatic.net/dist/injectable.js
Requested by: Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=davzo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9936d53d701c520ceb962d1c521e96d952e58850f2d35fc410b5a9bfc3fe7c00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 03:02:12 GMT
x-amz-version-id: RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 21:57:37 GMT
server: AmazonS3
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
etag: W/"af651c30e1a69f6f2124e9c1d094a300"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: t2vwA_9W0Q2zFNnFWZiEdquUD1yQnUIxl-1f8ioCF2vH0736TOgIVQ==

GET
H/1.1 200
OK bg.gif
norabots.com/ 93 B
430 B 34ms
34ms Image
image/gif 95.216.29.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://norabots.com/bg.gif

Requested by

Host: norabots.com
URL: https://norabots.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.216.29.241 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server3.netprohost.net

Software

Apache /

Resource Hash

3e0a0f8ccf831abf80cdf3d05165f242e6f79a9da07fb3e175bc4be301846dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 03:02:11 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 26 Aug 2017 15:23:55 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 93

GET
H/1.1 200
OK bg_3.gif
norabots.com/ 51 B
388 B 34ms
34ms Image
image/gif 95.216.29.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://norabots.com/bg_3.gif

Requested by

Host: norabots.com
URL: https://norabots.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.216.29.241 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server3.netprohost.net

Software

Apache /

Resource Hash

c06ef18e1ee29a9b946ba4c6b629368ad837afd73a190b7d3086553e62cb5208

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 03:02:11 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Sep 2017 14:45:41 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 51

GET
H2 200 init Show response
gridmarketing.ebasec.com/formprot/91af47f2a58ebf2b2ed4692bd/8a6bc158ed/ 9 KB
2 KB 434ms
434ms Script
application/javascript 138.201.137.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gridmarketing.ebasec.com/formprot/91af47f2a58ebf2b2ed4692bd/8a6bc158ed/init
Requested by: Host: gridmarketing.ebasec.com
URL: https://gridmarketing.ebasec.com/usr_default/ar/form/8a6bc158ed/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.137.103 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sr1.ebasec.com
Software: Apache /
Resource Hash: 3dabfd80db33189038b925811697c27c0dfadd09c152b24b544d34b079d7a45c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://norabots.com
date: Sun, 26 Feb 2023 03:02:11 GMT
cache-control: max-age=0
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 FormCss.css
gridmarketing.ebasec.com/usr_default/ar/form/8a6bc158ed/ 2 KB
577 B 520ms
520ms Stylesheet
text/css 138.201.137.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gridmarketing.ebasec.com/usr_default/ar/form/8a6bc158ed/FormCss.css?
Requested by: Host: gridmarketing.ebasec.com
URL: https://gridmarketing.ebasec.com/usr_default/ar/form/8a6bc158ed/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.137.103 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sr1.ebasec.com
Software: Apache /
Resource Hash: 9836f54caf6d74c196e8176b2da5f7f2b16b86476e771ae02d960c8c0396c3a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://norabots.com
date: Sun, 26 Feb 2023 03:02:11 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/css; charset: UTF-8;charset=UTF-8

GET
H2 200 app-strings-en.json Show response
prod.cbstatic.net/dist/i18n/ 9 B
434 B 162ms
141ms XHR
application/json 65.9.66.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by: Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

Request headers

Accept: application/json
Referer: https://norabots.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 03:02:12 GMT
x-amz-version-id: ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "cdfca8b09e61ae7324e48f01984c9b34"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Origin
content-length: 9
x-amz-cf-id: To0kvSVAA7pt1Ya8SyvyKa-F17oicbsi2_ySvf1M0UC69FSHV9bFAA==

GET
H2 200 logo-header-two-tone-en.png
prod.cbstatic.net/dist/assets/ 3 KB
4 KB 145ms
144ms Image
image/png 65.9.66.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
Requested by: Host: norabots.com
URL: https://norabots.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 03:02:12 GMT
x-amz-version-id: rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 21:57:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "47cdefc96f75be3d978d4b444737b00e"
x-cache: Miss from cloudfront
content-type: image/png
content-length: 3472
x-amz-cf-id: jfPMqf9Lk-qAmC1VXm7Q1YTbzHQ08p6nvALOOa5a5r_xR2lkRB6Wuw==

GET
H2 200 logo-tab-two-tone-en.png
prod.cbstatic.net/dist/assets/ 4 KB
5 KB 139ms
138ms Image
image/png 65.9.66.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
Requested by: Host: norabots.com
URL: https://norabots.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 03:02:12 GMT
x-amz-version-id: 65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "c06ae1ecaaf7e0610c68af117658a7e0"
x-cache: Miss from cloudfront
content-type: image/png
content-length: 4341
x-amz-cf-id: e-N3JapM5Lwx6ocqljAHZXi7usLnce79cNWFb3CbH7iRE6sulDP4oA==

GET
H2 200 blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/ 4 KB
5 KB 78ms
17ms Image
image/png 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Requested by: Host: norabots.com
URL: https://norabots.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine / ASP.NET
Resource Hash: 2d0adc2351b8041aa86da84e2a2965e75e65a4f90d9b1c50bfd215a0e1bbb6aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 03:02:11 GMT
last-modified: Tue, 21 Feb 2023 04:07:43 GMT
server: keycdn-engine
x-aspnet-version: 4.0.30319
x-edge-location: atvi
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-shield: active
content-length: 4390
expires: Sun, 26 Feb 2023 07:02:11 GMT

GET
H2 200 jquery-latest.min.js Show response
gridmarketing.ebasec.com/js_files/ 88 KB
88 KB 25ms
23ms Script
application/javascript 138.201.137.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gridmarketing.ebasec.com/js_files/jquery-latest.min.js
Requested by: Host: gridmarketing.ebasec.com
URL: https://gridmarketing.ebasec.com/formprot/91af47f2a58ebf2b2ed4692bd/8a6bc158ed/init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.137.103 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sr1.ebasec.com
Software: Apache /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 03:02:11 GMT
last-modified: Thu, 15 Dec 2022 23:35:19 GMT
server: Apache
accept-ranges: bytes
content-length: 89664
content-type: application/javascript

GET
H2 200 form-prot.css
gridmarketing.ebasec.com/css_files/ 891 B
951 B 12ms
12ms Stylesheet
text/css 138.201.137.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gridmarketing.ebasec.com/css_files/form-prot.css
Requested by: Host: gridmarketing.ebasec.com
URL: https://gridmarketing.ebasec.com/js_files/jquery-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.137.103 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sr1.ebasec.com
Software: Apache /
Resource Hash: 6d44a32c120d53ed2364dd25876518d8f26ddecccf7e62f730979857c28470b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norabots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 03:02:11 GMT
last-modified: Mon, 28 Feb 2022 23:35:10 GMT
server: Apache
accept-ranges: bytes
content-length: 891
content-type: text/css

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.norabots.com
URL: http://www.norabots.com/style.css

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cbtb.clickbank.net/	1970-01-20 10:06:25	Name: AWSALBCORS Value: 1nd1n/F+FFWgux8vBsoTSgNyfScSmBazEwLpMHzovRYezY86l0BQeLQ7QROVQ+sv7CAuNS+ZZadUcUw+z5YTEgMPGYHnPzfXG9g5Gcqh4VANVekcND7x/JCiwNSy
			gridmarketing.ebasec.com/	1970-01-20 19:32:20	Name: choco Value: b738117f9bbef4d65f990756f805f13b

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://norabots.com/(Line 5) Message: Mixed Content: The page at 'https://norabots.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.norabots.com/style.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://norabots.com/ Message: Mixed Content: The page at 'https://norabots.com/' was loaded over HTTPS, but requested an insecure plugin resource 'http://davzo.kkworld.hop.clickbank.net/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://norabots.com/(Line 254) Message: Mixed Content: The page at 'https://norabots.com/' was loaded over HTTPS, but requested an insecure plugin resource 'http://davzo.kkworld.hop.clickbank.net/'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cbtb.clickbank.net
gridmarketing.ebasec.com
norabots.com
norabots.net
prod.cbstatic.net
seal-boise.bbb.org
www.norabots.com
www.norabots.com
138.201.137.103
184.154.61.171
2a0b:4d07:401::1
44.240.25.46
65.9.66.87
95.216.29.241
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
074be33098181943b7b4a3e69407ed4dfe7fbdacdfdbaebb9045ea55a034792d
080fcd05817befedc7b3923a6afaa456c3079c4ced7570d538f83fc0aa6a8b95
1da8a039927042c95ebeacd909fd930acb03ef41568f91eee60a17c4e5eb5b15
2d0adc2351b8041aa86da84e2a2965e75e65a4f90d9b1c50bfd215a0e1bbb6aa
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb
3dabfd80db33189038b925811697c27c0dfadd09c152b24b544d34b079d7a45c
3e0a0f8ccf831abf80cdf3d05165f242e6f79a9da07fb3e175bc4be301846dd0
6bb6f9ec4b59283b5cf2fed3d893724f0d0e4db0c74e90a2da591fa4c355f18a
6d44a32c120d53ed2364dd25876518d8f26ddecccf7e62f730979857c28470b9
6e24e492916f60837fa683295b024fb3c2d1c9ea975ded1cc6b40c04e839a9b0
7b0e1f5bfaa7d96f9e7058a9f4058f169bf6e284780c46533068690b5d8bbfba
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308
9836f54caf6d74c196e8176b2da5f7f2b16b86476e771ae02d960c8c0396c3a8
9936d53d701c520ceb962d1c521e96d952e58850f2d35fc410b5a9bfc3fe7c00
a000bff61fff6cc4e13d22bf22a083a479fa20de2b9615b1e1b4447b12b1373c
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a58240c0b5381fde8f1a4af10b34cd60b0b0387294aa2289e728b87205e225f4
a6531e837c6445b2c0a177bb0bce793dc9d6414ba37c224768e9e27c6b43e612
a9638e9874670f82805aec660bb04ce3ea28ada6495dcc19308f0bcc1b65c661
c06ef18e1ee29a9b946ba4c6b629368ad837afd73a190b7d3086553e62cb5208
e6e7d9d8fe9e92005419751f1914afd95f72c9d2369e94f03ca7d433c32826f6
fa8a7fee85483e96b13922a10779914700fb4732ef9d4faef1279bf48ece3155

norabots.com Open in urlscan Pro 95.216.29.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

17 %IPv6

6 Domains

7 Subdomains

6 IPs

4 Countries

377 kBTransfer

510 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

2 Cookies

3 Console Messages

Security Headers

Indicators

norabots.com Open in urlscan Pro
95.216.29.241 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

377 kB
Transfer

510 kB
Size

2
Cookies

24 HTTP transactions
0 data transactions