urlscan.io logo urlscan.io
SecurityTrails logo

www.normanrecords.com Open in urlscan Pro
2606:4700:3108::ac42:2b64  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.normanrecords.com//help//cookies
Effective URL: https://www.normanrecords.com//help//cookies
Submission: On September 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b64, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.normanrecords.com.
TLS certificate: Issued by WE1 on August 10th 2024. Valid for: 3 months.
This is the only time www.normanrecords.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2606:4700:310... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 23.206.172.76 20940 (AKAMAI-ASN1)
1 2001:4860:480... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
29 8
18    2606:4700:3108::ac42:2b64 (United States)

ASN13335 (CLOUDFLARENET, US)
www.normanrecords.com
1    2607:f8b0:4006:80b::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:5e18 (United States)

ASN13335 (CLOUDFLARENET, US)
register.feefo.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    23.206.172.76 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-172-76.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
18 normanrecords.com
www.normanrecords.com
257 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 801
136 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
73 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
1 feefo.com
register.feefo.com — Cisco Umbrella Rank: 54157
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
104 KB
29 7
Domain Requested by
18 www.normanrecords.com www.normanrecords.com
4 analytics.tiktok.com www.normanrecords.com
analytics.tiktok.com
2 www.facebook.com www.normanrecords.com
2 connect.facebook.net www.normanrecords.com
connect.facebook.net
1 www.google-analytics.com www.googletagmanager.com
1 register.feefo.com www.normanrecords.com
1 www.googletagmanager.com www.normanrecords.com
29 7
Subject Issuer Validity Valid
normanrecords.com
WE1		 2024-08-10 -
2024-11-08		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
feefo.com
E5		 2024-08-28 -
2024-11-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-29 -
2024-09-27		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.normanrecords.com//help//cookies
Frame ID: C7CF6A64C9F50CCBF41E87D96C8EACD3
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Norman Records UK: Cookies Policy

Page URL History Show full URLs

  1. http://www.normanrecords.com//help//cookies HTTP 307
    https://www.normanrecords.com//help//cookies Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

8
IPs

1
Countries

586 kB
Transfer

1662 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.normanrecords.com//help//cookies HTTP 307
    https://www.normanrecords.com//help//cookies Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cookies
www.normanrecords.com//help//
Redirect Chain
  • http://www.normanrecords.com//help//cookies
  • https://www.normanrecords.com//help//cookies
142 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a05b8933a3af6ee26851a8686ad6b3e61107b068a7850d6be43ae14bd51d9ce
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8c5ebe715ec14367-EWR
content-encoding
br
content-location
cookies.php
content-type
text/html; charset=UTF-8
date
Fri, 20 Sep 2024 03:31:40 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
tcn
choice
vary
negotiate,Accept-Encoding
x-frame-options
SAMEORIGIN
x-mod-pagespeed
1.13.35.2-0

Redirect headers

Location
https://www.normanrecords.com//help//cookies
Non-Authoritative-Reason
HttpsUpgrades
raleway-v18-latin-regular.woff2
www.normanrecords.com/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/fonts/raleway-v18-latin-regular.woff2
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.normanrecords.com
Referer
https://www.normanrecords.com//help//cookies

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"5224-5b4f08fdfdcc7-gzip"
age
2384896
cf-ray
8c5ebe727ffb4367-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
21026
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
font/woff2
last-modified
Wed, 25 Nov 2020 16:03:02 GMT
vary
Accept-Encoding
server
cloudflare
raleway-v18-latin-regular.woff
www.normanrecords.com/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/fonts/raleway-v18-latin-regular.woff
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a02462a6c8721b680a2bc724bb2bd7e65a38c4f845269493b8dcdf015b8c47ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.normanrecords.com
Referer
https://www.normanrecords.com//help//cookies

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"64cc-5b4f08fdfdcc7-gzip"
age
2384896
cf-ray
8c5ebe7278014367-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
25590
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
application/x-font-woff
last-modified
Wed, 25 Nov 2020 16:03:02 GMT
vary
Accept-Encoding
server
cloudflare
raleway-v18-latin-800.woff2
www.normanrecords.com/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/fonts/raleway-v18-latin-800.woff2
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c96a94f1e6c9c814b42368fa27b041b836f078c33d91538fb37bfb9d84e329

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.normanrecords.com
Referer
https://www.normanrecords.com//help//cookies

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"5360-5b4f08fdfdcc7-gzip"
age
2384896
cf-ray
8c5ebe7278034367-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
21352
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
font/woff2
last-modified
Wed, 25 Nov 2020 16:03:02 GMT
vary
Accept-Encoding
server
cloudflare
raleway-v18-latin-800.woff
www.normanrecords.com/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/fonts/raleway-v18-latin-800.woff
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0cab96898f40329f422a584bbcd591ce197f97db9be5ec061d57524159283b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.normanrecords.com
Referer
https://www.normanrecords.com//help//cookies

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"6580-5b4f08fdfdcc7-gzip"
age
2384896
cf-ray
8c5ebe7278064367-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
25747
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
application/x-font-woff
last-modified
Wed, 25 Nov 2020 16:03:02 GMT
vary
Accept-Encoding
server
cloudflare
karla-v14-latin-regular.woff2
www.normanrecords.com/fonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/fonts/karla-v14-latin-regular.woff2
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d66187fdb7e0e8a45b2064b9cdc003caf8200c2a99ab7b3af543474ea9227057

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.normanrecords.com
Referer
https://www.normanrecords.com//help//cookies

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"277c-5b4f08fdfdcc7-gzip"
age
2384896
cf-ray
8c5ebe72780a4367-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
10131
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
font/woff2
last-modified
Wed, 25 Nov 2020 16:03:02 GMT
vary
Accept-Encoding
server
cloudflare
karla-v14-latin-regular.woff
www.normanrecords.com/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/fonts/karla-v14-latin-regular.woff
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e28da681a6c4867704fff3aef452edd92221541a73f9e86a1fecf40f592be71c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.normanrecords.com
Referer
https://www.normanrecords.com//help//cookies

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"32e4-5b4f08fdfdcc7-gzip"
age
2384896
cf-ray
8c5ebe72780b4367-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
12991
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
application/x-font-woff
last-modified
Wed, 25 Nov 2020 16:03:02 GMT
vary
Accept-Encoding
server
cloudflare
karla-v14-latin-800.woff2
www.normanrecords.com/fonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/fonts/karla-v14-latin-800.woff2
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d251a21d6afdef5335cf8ed77928fe83709b0e4e3c8950bc667042cf480c1add

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.normanrecords.com
Referer
https://www.normanrecords.com//help//cookies

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"2810-5b4f08fdfdcc7-gzip"
age
2384896
cf-ray
8c5ebe72780c4367-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
10279
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
font/woff2
last-modified
Wed, 25 Nov 2020 16:03:02 GMT
vary
Accept-Encoding
server
cloudflare
karla-v14-latin-800.woff
www.normanrecords.com/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/fonts/karla-v14-latin-800.woff
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fed0d7b24e6e332f2043067dd22becf56cdec28c9e86d698e088d07816fa2b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.normanrecords.com
Referer
https://www.normanrecords.com//help//cookies

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"3374-5b4f08fdfdcc7-gzip"
age
2384896
cf-ray
8c5ebe72780d4367-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
13136
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
application/x-font-woff
last-modified
Wed, 25 Nov 2020 16:03:02 GMT
vary
Accept-Encoding
server
cloudflare
lazysizes.min.js.pagespeed.jm.x1IiqDdGLB.js
www.normanrecords.com/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/js/lazysizes.min.js.pagespeed.jm.x1IiqDdGLB.js
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96168f75aafd51751c96aa73e57e77c4e3928f92cba9aa7949452db8478fd84d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com//help//cookies

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"0"
age
2385074
expires
Sat, 23 Aug 2025 12:37:18 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
application/javascript
last-modified
Fri, 23 Aug 2024 12:37:18 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-original-content-length
7889
cf-ray
8c5ebe72a8404367-EWR
accept-ranges
bytes
content-length
3468
server
cloudflare
js
www.googletagmanager.com/gtag/ 		309 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G6ECTV4YVT
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
70a96c09eee54269c9c2a984d4da9446de6c4feebe281dc8a210752f42c2f2fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 20 Sep 2024 03:31:40 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105986
date
Fri, 20 Sep 2024 03:31:40 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
latest.logo.normal.041220.svg
www.normanrecords.com/images/logo/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.normanrecords.com/images/logo/latest.logo.normal.041220.svg
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0363b26acbf789050c1bbe947316fc5fc8fff5e06debc88d01ee95fd355bfe45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com//help//cookies

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"2221-604d5388dc564-gzip"
age
2384896
cf-ray
8c5ebe7278104367-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3261
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
image/svg+xml
last-modified
Fri, 08 Sep 2023 09:01:23 GMT
vary
Accept-Encoding
server
cloudflare
latest.logo.inverted.041220.svg
www.normanrecords.com/images/logo/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.normanrecords.com/images/logo/latest.logo.inverted.041220.svg
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb91ba35266021a6c91ac434c1d143a66579072c017ec48cce8e44632d7b61b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com//help//cookies

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"2221-604d5388e7144-gzip"
age
2384896
cf-ray
8c5ebe72a8414367-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3263
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
image/svg+xml
last-modified
Fri, 08 Sep 2023 09:01:23 GMT
vary
Accept-Encoding
server
cloudflare
8e073a5e15c91cfbd7ee.svg
register.feefo.com//feefo-widget-v2/js/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://register.feefo.com//feefo-widget-v2/js/8e073a5e15c91cfbd7ee.svg
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5e18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cf36c6af5f893182f59e40ea15cd3b49dbaf2675add9b9d255a9d60a3dc46dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6694eb6b-762"
age
6378
expires
Fri, 20 Sep 2024 02:50:57 GMT
x-kong-proxy-latency
0
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
image/svg+xml
last-modified
Mon, 15 Jul 2024 09:27:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cache-control
max-age=7200
via
kong/3.0.2
cf-ray
8c5ebe7308e68cab-EWR
x-kong-upstream-latency
1
server
cloudflare
required.100221.js.pagespeed.jm.RjoxroRJU7.js
www.normanrecords.com/js/ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/js/required.100221.js.pagespeed.jm.RjoxroRJU7.js
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1b1181bd68768832c93773ef1fb38cb92be65ed4d099865bf1fce69a8ab90e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com//help//cookies

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"0"
age
625930
expires
Sat, 23 Aug 2025 12:37:18 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
application/javascript
last-modified
Fri, 23 Aug 2024 12:37:18 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-original-content-length
122040
cf-ray
8c5ebe7278114367-EWR
accept-ranges
bytes
content-length
40118
server
cloudflare
A.required.65dee328c7e8f.css.pagespeed.cf.hy_-03Lw5S.css
www.normanrecords.com/stylesheets/ 		129 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/stylesheets/A.required.65dee328c7e8f.css.pagespeed.cf.hy_-03Lw5S.css
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2ee9fa25855a3719ad31a24f9c1ed0eeae33cbee34a0221ae0b846b3716c1af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com//help//cookies

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"0"
age
2384896
expires
Sat, 23 Aug 2025 12:37:23 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
text/css
last-modified
Fri, 23 Aug 2024 12:37:23 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-original-content-length
133920
cf-ray
8c5ebe72a83f4367-EWR
accept-ranges
bytes
content-length
37178
server
cloudflare
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Fri, 20 Sep 2024 03:31:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=12, mss=1328, tbw=2908, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
BLaDpP2QI27y/KF6XN5x01S5OUok4Yg8EDoRNvBfgU0tE36d4Mw4HHpG/hHidTUbW1TfeL5mXlrdoc9Q7Hfr7Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
58953
x-xss-protection
0
origin-agent-cluster
?0
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR2P703C77UAH29IAM0G&lib=ttq
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.76 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-76.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a6cf82a2e34eeb623f2f8ce39afe5ee3fa62d3f452d38dc2d768c214e4513835

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-48-100-58.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
expires
Fri, 20 Sep 2024 03:31:40 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=7, inner; dur=4
x-cache
TCP_MISS from a23-58-89-57.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
776624b9.1878b517
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae604b2d618331cd2851e846b978add3381826944350deaef57f606be98d97a58162b76d485fdbb389fa8009e1e380a2eb33cac409eb54640926691e49c4d742efbb3dbf8630c8f8a5b11122fb0426dcd1193334e989473580f13c8f8300f42ee3d
x-origin-response-time
7,23.48.100.58
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24092003314035B7334EFFC8276BEF54-74F15D808C2B16D7-00
x-parent-response-time
15,23.58.89.57
x-tt-logid
2024092003314035B7334EFFC8276BEF54
server
nginx
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6c26656577c5c5aa9b51e6feb2183b0a0da9f9779676bed3bbddde6eb667b83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.normanrecords.com
Referer

Response headers

Content-Type
application/font-woff;charset=utf-8
platinum-trusted-service-2023.svg
www.normanrecords.com/images/feefo/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.normanrecords.com/images/feefo/platinum-trusted-service-2023.svg
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e6ecab5eb5f72fc04ba5ca37a3efcebc73384af1106de04acbbfb321bedf113

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com//help//cookies

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"2c07-601f27a0bfbf2-gzip"
age
2384896
cf-ray
8c5ebe7398ee4367-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
4054
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
image/svg+xml
last-modified
Wed, 02 Aug 2023 15:40:01 GMT
vary
Accept-Encoding
server
cloudflare
main.MWI2OTkyZGU1MA.js
analytics.tiktok.com/i18n/pixel/static/ 		335 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWI2OTkyZGU1MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR2P703C77UAH29IAM0G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.76 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-76.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e4522fb3561dd8cc295a70df30bb64b94b0cea9e7076efcbe8749d6932f35e5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com/

Response headers

x-cache
TCP_HIT from a23-58-89-57.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
x-tt-trace-id
00-2409191137021B92CC07E6D189D937B2-3FA9457F747AA691-00
content-length
94875
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202409191137021B92CC07E6D189D937B2
server
nginx
x-akamai-request-id
1878b566
x-tt-trace-host
0148c1b12f624c5a3601e3b22b2f809e2b49e5ebf17c7acf860125abd5b200e8564e7b6bada2d4d0ab01290919b7bef4656d9f95281482259425b977c84534d4e5ed43f7f5a24559f80c1db23396183b72a192a3300e009d284953db40e90acd16
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-G6ECTV4YVT&gtm=45je49j0v881215415za200&_p=1726803100576&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422&cid=947776852.1726803101&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726803100&sct=1&seg=0&dl=https%3A%2F%2Fwww.normanrecords.com%2F%2Fhelp%2F%2Fcookies&dt=Norman%20Records%20UK%3A%20Cookies%20Policy&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=467
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G6ECTV4YVT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.normanrecords.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
text/plain
server
Golfe2
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2OTkyZGU1MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.76 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-76.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com/

Response headers

x-cache
TCP_MEM_HIT from a23-58-89-57.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=9
x-tt-trace-id
00-2408300225272DCF0E49A25075B1263C-578A250FEB8B6FD1-00
content-length
39485
date
Fri, 20 Sep 2024 03:31:40 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202408300225272DCF0E49A25075B1263C
server
nginx
x-akamai-request-id
1878b5b3
x-tt-trace-host
01219296fdbd6215c6ae9d1a5d5202510208699a917ea6bcb6a4a8867b5d0e3a82d275eead75f3ccdd7d419bc9d104e23828796e3478be100caab845546542c62c26bc38f14dbbc3b17887aead0622e6b449c5088362f1c101f4660cd6821aad8b
pixel
analytics.tiktok.com/api/v2/ 		0
718 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2OTkyZGU1MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.76 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-76.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.normanrecords.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Fri, 20 Sep 2024 03:31:40 GMT
server-timing
inner; dur=33, cdn-cache; desc=MISS, edge; dur=12, origin; dur=76
x-cache
TCP_MISS from a23-58-89-57.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Fri, 20 Sep 2024 03:31:40 GMT
x-akamai-request-id
1878b5b8
access-control-allow-headers
Authorization,*
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae6dd0a3a4ae1865514d9005eb6f25bd3ae42a3b6911b3a6067faf65306b9038df656ab4b799be579f714957649a3512d85e053eaa3823694c78bce07f7bfb9396b5d81b709429388e55105ad82c5e05553
x-origin-response-time
77,23.58.89.57
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-240920033140A3F082FE7A6F0732ABC4-07BA16DBBAC0F34C-00
content-length
0
x-tt-logid
20240920033140A3F082FE7A6F0732ABC4
server
nginx
916246653501804
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/916246653501804?v=2.9.167&r=stable&domain=www.normanrecords.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f00c35f061528e9c937677afa660d1e9fc1970b4941bfbb11c9a4a03be0ca8ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Fri, 20 Sep 2024 03:31:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=64, mss=1328, tbw=64573, tp=-1, tpl=-1, uplat=64, ullat=0
pragma
public
x-fb-debug
7HDQ6x2+DpdSw1T2V1VbPorar7pbebDeQpRcuMDQcY1fEHydUQQTanMW4ELkIdsPsiSe5Umd4KfIFCDujufJng==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=916246653501804&ev=PageView&dl=https%3A%2F%2Fwww.normanrecords.com%2F%2Fhelp%2F%2Fcookies&rl=&if=false&ts=1726803101277&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726803101261.124812983980674200&ler=empty&cdl=API_unavailable&it=1726803101166&coo=false&rqm=GET
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1328, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 20 Sep 2024 03:31:41 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=916246653501804&ev=PageView&dl=https%3A%2F%2Fwww.normanrecords.com%2F%2Fhelp%2F%2Fcookies&rl=&if=false&ts=1726803101277&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726803101261.124812983980674200&ler=empty&cdl=API_unavailable&it=1726803101166&coo=false&rqm=FGET
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416562846456870677"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 03:31:41 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Sxtw91xwykJnJi+wAUnHJJiy1mDsiiMWC5Y2zYbV4UU7G49y62vGNYI0QMIx3NTxM1BweDUW24/aLZ7KIQ2Zbg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416562846456870677", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=1, c=12, mss=1328, tbw=3122, tp=-1, tpl=-1, uplat=117, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
mod_pagespeed_beacon
www.normanrecords.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/mod_pagespeed_beacon?url=https%3A%2F%2Fwww.normanrecords.com%2F%2Fhelp%2F%2Fcookies
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.normanrecords.com//help//cookies

Response headers

cf-ray
8c5ebe783e3a4367-EWR
cache-control
max-age=0, no-cache
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
date
Fri, 20 Sep 2024 03:31:41 GMT
server
cloudflare
xfavicon-32x32.png.pagespeed.ic._8AlcgtmWl.webp
www.normanrecords.com/images/favicons/ 		398 B
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/images/favicons/xfavicon-32x32.png.pagespeed.ic._8AlcgtmWl.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c70870b2e18568f9aa238e00daed4045b1393d7ef690d1c7e22c20a17eec052

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.normanrecords.com//help//cookies

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"0-gzip"
age
2384897
expires
Sat, 23 Aug 2025 12:39:07 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 03:31:41 GMT
content-type
image/webp
last-modified
Fri, 23 Aug 2024 12:39:07 GMT
vary
Accept-Encoding
link
<https://www.normanrecords.com/images/favicons/favicon-32x32.png>; rel="canonical"
cache-control
public, max-age=31536000
x-original-content-length
1721
cf-ray
8c5ebe784e4a4367-EWR
accept-ranges
bytes
content-length
421
server
cloudflare
mod_pagespeed_beacon
www.normanrecords.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.normanrecords.com/mod_pagespeed_beacon?url=https%3A%2F%2Fwww.normanrecords.com%2F%2Fhelp%2F%2Fcookies
Requested by
Host: www.normanrecords.com
URL: https://www.normanrecords.com//help//cookies
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.normanrecords.com//help//cookies

Response headers

cf-ray
8c5ebe786e704367-EWR
cache-control
max-age=0, no-cache
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
date
Fri, 20 Sep 2024 03:31:41 GMT
server
cloudflare

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| q function| $ function| gtag object| dataLayer function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq object| pagespeed function| jQuery object| jQuery191000408527751329868 object| Cookies object| lazySizes object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

8 Cookies

Domain/Path Name / Value
www.normanrecords.com/ Name: PHPSESSID
Value: dpmn60jha3peve3ubi48j0plop
www.normanrecords.com/ Name: cartID
Value: 486db0183eccc3d3f1426c44996febf1
www.normanrecords.com/ Name: preference
Value: d5fed24b2fc97e78a66e4b14f5b4f35f
.normanrecords.com/ Name: __cf_bm
Value: NZ6Rob_0L3ZgG9PP1sYMLW2rweEW14EUVZO8me7_YQo-1726803100-1.0.1.1-KvpmkcuYcu70GgXOrQUl_OOeegBUSBEGgid9kZWxRNJqZDS1zhuZjV4SW7LTVf5BDqiC5ki8JFBrr3OuqR3TkQ
.tiktok.com/ Name: _ttp
Value: 2mJmYXXIctVXDKavk0Pxj6sjfJg
.normanrecords.com/ Name: _ga_G6ECTV4YVT
Value: GS1.1.1726803100.1.0.1726803100.0.0.0
.normanrecords.com/ Name: _ga
Value: GA1.1.947776852.1726803101
.normanrecords.com/ Name: _fbp
Value: fb.1.1726803101261.124812983980674200

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
connect.facebook.net
register.feefo.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.normanrecords.com
2001:4860:4802:34::178
23.206.172.76
2606:4700:3108::ac42:2b64
2606:4700::6812:5e18
2607:f8b0:4006:80b::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
0363b26acbf789050c1bbe947316fc5fc8fff5e06debc88d01ee95fd355bfe45
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
22c96a94f1e6c9c814b42368fa27b041b836f078c33d91538fb37bfb9d84e329
2cf36c6af5f893182f59e40ea15cd3b49dbaf2675add9b9d255a9d60a3dc46dd
3c1b1181bd68768832c93773ef1fb38cb92be65ed4d099865bf1fce69a8ab90e
6c70870b2e18568f9aa238e00daed4045b1393d7ef690d1c7e22c20a17eec052
70a96c09eee54269c9c2a984d4da9446de6c4feebe281dc8a210752f42c2f2fd
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
8a05b8933a3af6ee26851a8686ad6b3e61107b068a7850d6be43ae14bd51d9ce
8fed0d7b24e6e332f2043067dd22becf56cdec28c9e86d698e088d07816fa2b0
96168f75aafd51751c96aa73e57e77c4e3928f92cba9aa7949452db8478fd84d
9e6ecab5eb5f72fc04ba5ca37a3efcebc73384af1106de04acbbfb321bedf113
a02462a6c8721b680a2bc724bb2bd7e65a38c4f845269493b8dcdf015b8c47ba
a0cab96898f40329f422a584bbcd591ce197f97db9be5ec061d57524159283b3
a6cf82a2e34eeb623f2f8ce39afe5ee3fa62d3f452d38dc2d768c214e4513835
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b6c26656577c5c5aa9b51e6feb2183b0a0da9f9779676bed3bbddde6eb667b83
d251a21d6afdef5335cf8ed77928fe83709b0e4e3c8950bc667042cf480c1add
d2ee9fa25855a3719ad31a24f9c1ed0eeae33cbee34a0221ae0b846b3716c1af
d66187fdb7e0e8a45b2064b9cdc003caf8200c2a99ab7b3af543474ea9227057
e28da681a6c4867704fff3aef452edd92221541a73f9e86a1fecf40f592be71c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4522fb3561dd8cc295a70df30bb64b94b0cea9e7076efcbe8749d6932f35e5e
eb91ba35266021a6c91ac434c1d143a66579072c017ec48cce8e44632d7b61b3
f00c35f061528e9c937677afa660d1e9fc1970b4941bfbb11c9a4a03be0ca8ec