urlscan.io logo urlscan.io
SecurityTrails logo

norm.org Open in urlscan Pro
173.248.187.16  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.norm.org/
Effective URL: https://norm.org/
Submission: On October 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 173.248.187.16, located in United States and belongs to WEHOSTWEBSITES-COM, US. The main domain is norm.org.
TLS certificate: Issued by R11 on September 11th 2024. Valid for: 3 months.
This is the only time norm.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 15 173.248.187.16 30475 (WEHOSTWEB...)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.19.230.21 13335 (CLOUDFLAR...)
1 2400:52e0:1e0... 60068 (CDN77 _)
1 2001:4860:480... 15169 (GOOGLE)
1 3.12.169.186 16509 (AMAZON-02)
1 104.19.229.21 13335 (CLOUDFLAR...)
22 8
15    173.248.187.16 (United States)

ASN30475 (WEHOSTWEBSITES-COM, US)
PTR: s2.supportedns.com
www.norm.org
norm.org
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    104.19.230.21 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
1    2400:52e0:1e00::1081:1 (Germany)

ASN60068 (CDN77 _, GB)
stats.wpmucdn.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    3.12.169.186 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-169-186.us-east-2.compute.amazonaws.com
stats1.wpmudev.com
1    104.19.229.21 (None, )

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
Apex Domain
Subdomains		 Transfer
15 norm.org
www.norm.org
norm.org
406 KB
4 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 4550
newassets.hcaptcha.com — Cisco Umbrella Rank: 5887
52 KB
1 wpmudev.com
stats1.wpmudev.com — Cisco Umbrella Rank: 30322
126 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
1 wpmucdn.com
stats.wpmucdn.com — Cisco Umbrella Rank: 32113
24 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
22 6
Domain Requested by
13 norm.org norm.org
3 newassets.hcaptcha.com hcaptcha.com
2 www.norm.org 2 redirects
1 stats1.wpmudev.com stats.wpmucdn.com
1 region1.google-analytics.com www.googletagmanager.com
1 stats.wpmucdn.com norm.org
1 hcaptcha.com norm.org
1 www.googletagmanager.com norm.org
22 8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
apps.irs.gov
Subject Issuer Validity Valid
*.wpsite.norm.org
R11		 2024-09-11 -
2024-12-10		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
hcaptcha.com
WE1		 2024-09-07 -
2024-12-06		 3 months crt.sh
stats.wpmucdn.com
R11		 2024-10-22 -
2025-01-20		 3 months crt.sh
stats1.wpmudev.com
Amazon RSA 2048 M03		 2024-02-15 -
2025-03-15		 a year crt.sh

This page contains 3 frames:

Primary Page: https://norm.org/
Frame ID: DAD60CFBC592CAEE1B42858789657F58
Requests: 28 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/05c78a4/static/hcaptcha.html
Frame ID: A709EB512FA06E1CF31F8A9890C9FEC5
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/05c78a4/static/hcaptcha.html
Frame ID: 67CA8D6EB70C3DAEF7EF10365663B0B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home Page - National Organization of Restoring Men

Page URL History Show full URLs

  1. http://www.norm.org/ HTTP 307
    https://www.norm.org/ HTTP 301
    https://norm.org/ HTTP 307
    http://www.norm.org/ HTTP 301
    https://norm.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

95 %
HTTPS

43 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

591 kB
Transfer

1517 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.norm.org/ HTTP 307
    https://www.norm.org/ HTTP 301
    https://norm.org/ HTTP 307
    http://www.norm.org/ HTTP 301
    https://norm.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
norm.org/
Redirect Chain
  • http://www.norm.org/
  • https://www.norm.org/
  • https://norm.org/
  • http://www.norm.org/
  • https://norm.org/
150 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://norm.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed / PHP/8.2.24
Resource Hash
0eed7f9453639014fc441b1c7c5865fbd4913cca4bad036b2fc66c2ec6c49b2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 29 Oct 2024 22:00:51 GMT
etag
"4405-1730171423;br"
link
<https://norm.org/wp-json/>; rel="https://api.w.org/" <https://norm.org/wp-json/wp/v2/pages/683>; rel="alternate"; title="JSON"; type="application/json" <https://norm.org/>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
x-powered-by
PHP/8.2.24

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
cache-control
max-age=3600
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 29 Oct 2024 22:00:51 GMT
expires
Tue, 29 Oct 2024 23:00:51 GMT
location
https://norm.org/
server
LiteSpeed
x-litespeed-cache
miss
x-powered-by
PHP/8.2.24
x-redirect-by
WordPress
31a93b268c448cdcb78d7249004eee59.css
norm.org/wp-content/litespeed/css/ 		286 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://norm.org/wp-content/litespeed/css/31a93b268c448cdcb78d7249004eee59.css?ver=91f27
Requested by
Host: norm.org
URL: https://norm.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed /
Resource Hash
6f60d4503c2d2d9b5b9603970d85a502ba8f4ae2f62135044c9638f5c1e194d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"4772e-67203738-78f7e13f9320df46;br"
expires
Tue, 05 Nov 2024 22:00:52 GMT
accept-ranges
bytes
content-length
38515
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 01:15:36 GMT
vary
Accept-Encoding
server
LiteSpeed
js
www.googletagmanager.com/gtag/ 		322 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R614BMMWQ5
Requested by
Host: norm.org
URL: https://norm.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0566efab118ac8c9eeed9d6a53ffc4d2f3ba0a34ac51cdbaf5795a25b11dde20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 29 Oct 2024 22:00:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110293
x-xss-protection
0
server
Google Tag Manager
truncated
/ 		132 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d6cbea33522d2e4d6d1cab8d0e365a025c204b37c03ccb524bca3c97f169d29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0332c158b0a32293b0cbfa3e75f66cc1e95b85c17d7c01f5e4b3f55172420a24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/ 		69 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7624daf1fe59ba43a0d4a92a1f1652cf4918ffa5b8043747a8d3ced2e65df278

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
jquery.min.js
norm.org/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norm.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: norm.org
URL: https://norm.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

content-encoding
br
etag
"15601-654b0609-53ee2ecf2566e2a4;br"
accept-ranges
bytes
content-length
29744
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
text/javascript
last-modified
Wed, 08 Nov 2023 03:52:41 GMT
vary
Accept-Encoding
server
LiteSpeed
NORM-Logo-320.png
norm.org/wp-content/uploads/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://norm.org/wp-content/uploads/NORM-Logo-320.png
Requested by
Host: norm.org
URL: https://norm.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed /
Resource Hash
2da303ff2b500cdcc0e6046af919598ef2a7e29223de6b63463f283b345fa00d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

cache-control
public, max-age=604800
etag
"3a51-63326cf0-7d8db857beaf34b9;;;"
expires
Tue, 05 Nov 2024 22:00:52 GMT
accept-ranges
bytes
content-length
14929
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
image/png
last-modified
Tue, 27 Sep 2022 03:24:32 GMT
server
LiteSpeed
ManStandingSunrise-1024x427.jpg
norm.org/wp-content/uploads/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://norm.org/wp-content/uploads/ManStandingSunrise-1024x427.jpg
Requested by
Host: norm.org
URL: https://norm.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed /
Resource Hash
3772081bc98e6d5206c99cb0e14057638d7e6ba921a52a63dc3ca8d316ca9aac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

cache-control
public, max-age=604800
etag
"6339-5ea91dfe-31d1bcdc3494904b;;;"
expires
Tue, 05 Nov 2024 22:00:52 GMT
accept-ranges
bytes
content-length
25401
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
image/jpeg
last-modified
Wed, 29 Apr 2020 06:26:06 GMT
server
LiteSpeed
JoyBookCoversvgonly.png
norm.org/wp-content/uploads/2016/05/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://norm.org/wp-content/uploads/2016/05/JoyBookCoversvgonly.png
Requested by
Host: norm.org
URL: https://norm.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed /
Resource Hash
356a19ff02fa4e23dcb143def0c4ac233f3808e837ec6eafd6476ec552255ba5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

cache-control
public, max-age=604800
etag
"2b39-5a1b70df-ab94120b1c3e48aa;;;"
expires
Tue, 05 Nov 2024 22:00:52 GMT
accept-ranges
bytes
content-length
11065
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
image/png
last-modified
Mon, 27 Nov 2017 01:56:47 GMT
server
LiteSpeed
api.js
hcaptcha.com/1/ 		147 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js?onload=wpformsRecaptchaLoad&render=explicit
Requested by
Host: norm.org
URL: https://norm.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219b467e10fa76afadeafcbfdd061aba7856418c3c6d64cf12086c3c51b857b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private, max-age=300
content-encoding
br
cf-cache-status
HIT
etag
W/"2b5a35fbd77d40bce698500285e9b2a5"
age
0
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
cf-ray
8da670dfddbca02e-FRA
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
application/javascript
vary
Origin, Accept-Encoding
server
cloudflare
5062baade54a905575180c41fe806e76.js
norm.org/wp-content/litespeed/js/ 		166 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norm.org/wp-content/litespeed/js/5062baade54a905575180c41fe806e76.js?ver=91f27
Requested by
Host: norm.org
URL: https://norm.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed /
Resource Hash
d204c86d851dd98f905762fbdd8347c0bb4646ef3e6b035bb221fd7f4b7b2b2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

content-encoding
br
etag
"298b5-67203358-3b7e8a847e43c80d;br"
accept-ranges
bytes
content-length
46883
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 00:59:04 GMT
vary
Accept-Encoding
server
LiteSpeed
truncated
/ 		378 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cc0e9c6ea6f660fb60230837e53cd011ee82d26e631869835807d09f12677e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/ 		157 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a884e86a38c3744d84cc78bfb14c62706b32a39611f50a614df86733eaa4b0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/ 		853 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bad599f5f1bf85fd0fb59af77913a317a61d6dabe6ee6b9440fd697eb142e73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/ 		55 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
195aea3133133e33b4369aa8bd7129a42c83f1441688d5c8c7d1398ace3d1cd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/ 		805 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80f6c328fff88edeb2a72730a04bcee58256eecb723d58ec856d7c19a3cb5125

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/ 		324 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae9de52233685161ea61d4d2125cfdc5173e6b1a7fbeec4acd0a6f593c1e2458

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
effc8ad7-7a56-4724-946f-cf752a5a61fa
https://norm.org/ Frame 		0
0
analytics.js
stats.wpmucdn.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wpmucdn.com/analytics.js
Requested by
Host: norm.org
URL: https://norm.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
230facbc81b146c0992a734f6b1a47df5e051302a2c5b0412020a411a49f3a14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

cdn-status
200
content-encoding
br
etag
"65e9b379-1131c"
date
Tue, 29 Oct 2024 22:00:52 GMT
last-modified
Thu, 07 Mar 2024 12:30:49 GMT
cdn-cachedat
09/24/2024 07:53:43
vary
Accept-Encoding
content-type
application/javascript
cdn-requestpullcode
200
cdn-cache
HIT
cache-control
public, max-age=86400
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
d70bb0aba3b08bbdff6adf1541117b95
cdn-pullzone
1121147
cdn-proxyver
1.04
cdn-edgestorageid
756
server
BunnyCDN-DE1-1081
cdn-requestcountrycode
DE
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
norm.org/wp-content/astra-local-fonts/open-sans/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://norm.org/wp-content/astra-local-fonts/open-sans/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: norm.org
URL: https://norm.org/wp-content/litespeed/css/31a93b268c448cdcb78d7249004eee59.css?ver=91f27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://norm.org
Referer
https://norm.org/wp-content/litespeed/css/31a93b268c448cdcb78d7249004eee59.css?ver=91f27

Response headers

accept-ranges
bytes
content-length
18668
etag
"48ec-662f51d2-dcd3ea7d64e953f9;;;"
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
font/woff2
last-modified
Mon, 29 Apr 2024 07:52:50 GMT
server
LiteSpeed
astra.woff
norm.org/wp-content/themes/astra/assets/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://norm.org/wp-content/themes/astra/assets/fonts/astra.woff
Requested by
Host: norm.org
URL: https://norm.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed /
Resource Hash
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://norm.org
Referer
https://norm.org/

Response headers

accept-ranges
bytes
content-length
3304
etag
"ce8-6704bddf-1aa9084c6bbf1dc7;;;"
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
font/woff
last-modified
Tue, 08 Oct 2024 05:06:39 GMT
server
LiteSpeed
feature-background.woff
norm.org/wp-content/plugins/so-widgets-bundle/widgets/features/css/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://norm.org/wp-content/plugins/so-widgets-bundle/widgets/features/css/fonts/feature-background.woff
Requested by
Host: norm.org
URL: https://norm.org/wp-content/litespeed/css/31a93b268c448cdcb78d7249004eee59.css?ver=91f27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed /
Resource Hash
6da4eb4ec7dabde8020eae4ba29c145b6e40abf22a29ccc2eb23200efdb7bef6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://norm.org
Referer
https://norm.org/wp-content/litespeed/css/31a93b268c448cdcb78d7249004eee59.css?ver=91f27

Response headers

accept-ranges
bytes
content-length
1808
etag
"710-6719bd32-8e23a73c05be6f8a;;;"
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
font/woff
last-modified
Thu, 24 Oct 2024 03:21:22 GMT
server
LiteSpeed
ionicons.ttf
norm.org/wp-content/plugins/so-widgets-bundle/icons/ionicons/font/ 		184 KB
184 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://norm.org/wp-content/plugins/so-widgets-bundle/icons/ionicons/font/ionicons.ttf
Requested by
Host: norm.org
URL: https://norm.org/wp-content/litespeed/css/31a93b268c448cdcb78d7249004eee59.css?ver=91f27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed /
Resource Hash
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://norm.org
Referer
https://norm.org/wp-content/litespeed/css/31a93b268c448cdcb78d7249004eee59.css?ver=91f27

Response headers

accept-ranges
bytes
content-length
188508
etag
"2e05c-6719bd32-a210753e89f2680f;;;"
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
font/ttf
last-modified
Thu, 24 Oct 2024 03:21:22 GMT
server
LiteSpeed
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-R614BMMWQ5&gtm=45je4as0v893465924za200&_p=1730239252405&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878898~101878942~101925629&cid=335902965.1730239252&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730239252&sct=1&seg=0&dl=https%3A%2F%2Fnorm.org%2F&dt=Home%20Page%20-%20National%20Organization%20of%20Restoring%20Men&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4304
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R614BMMWQ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://norm.org
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
text/plain
server
Golfe2
/
stats1.wpmudev.com/track/ 		0
126 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats1.wpmudev.com/track/?action_name=Home%20Page%20-%20National%20Organization%20of%20Restoring%20Men&idsite=154611&rec=1&r=076246&h=23&m=0&s=52&url=https%3A%2F%2Fnorm.org%2F&_id=77fa8b1a43b5f3f7&_idts=1730239253&_idvc=1&_idn=1&_refts=0&_viewts=1730239253&send_image=0&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=312&pv_id=0UqRrZ
Requested by
Host: stats.wpmucdn.com
URL: https://stats.wpmucdn.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.169.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-169-186.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://norm.org/

Response headers

access-control-allow-origin
https://norm.org
content-encoding
none
date
Tue, 29 Oct 2024 22:00:52 GMT
server
nginx
access-control-allow-credentials
true
wp-emoji-release.min.js
norm.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norm.org/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by
Host: norm.org
URL: https://norm.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

content-encoding
br
etag
"4926-660ceddb-db95cbd492567d71;br"
accept-ranges
bytes
content-length
4676
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
text/javascript
last-modified
Wed, 03 Apr 2024 05:49:15 GMT
vary
Accept-Encoding
server
LiteSpeed
de.json
newassets.hcaptcha.com/captcha/v1/05c78a4/static/i18n/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/05c78a4/static/i18n/de.json
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=wpformsRecaptchaLoad&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba3a977008603f433bc237c1eb537ca79e6c933ba237be5bc4f8ebbca5ebd81e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
HIT
etag
"81bc667a9b9768acc5fcaaf2d3836541"
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 23:00:52 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
cf-ray
8da670e12c52d298-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3597
server
cloudflare
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/05c78a4/static/ Frame A709 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/05c78a4/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=wpformsRecaptchaLoad&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://norm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8da670e13dcb9b52-FRA
content-encoding
br
content-security-policy
report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type
text/html
date
Tue, 29 Oct 2024 22:00:52 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Origin
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/05c78a4/static/ Frame 67CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/05c78a4/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=wpformsRecaptchaLoad&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
X-Content-Type-Options nosniff

Request headers

Referer
https://norm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8da670e13dcb9b52-FRA
content-encoding
br
content-security-policy
report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type
text/html
date
Tue, 29 Oct 2024 22:00:52 GMT
server
cloudflare
vary
Accept-Encoding Origin
x-content-type-options
nosniff
cropped-favicon-32x32.png
norm.org/wp-content/uploads/2016/04/ 		858 B
917 B 		Other
General
Check archive.org
Download Go to
Full URL
https://norm.org/wp-content/uploads/2016/04/cropped-favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.248.187.16 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
s2.supportedns.com
Software
LiteSpeed /
Resource Hash
ec94823263702aff6073210aed064f5b66529567d42c5b31d9917a34547f64b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://norm.org/

Response headers

cache-control
public, max-age=604800
etag
"35a-5a1b70df-278cfcb0feead62c;;;"
expires
Tue, 05 Nov 2024 22:00:52 GMT
accept-ranges
bytes
content-length
858
date
Tue, 29 Oct 2024 22:00:52 GMT
content-type
image/png
last-modified
Mon, 27 Nov 2017 01:56:47 GMT
server
LiteSpeed

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
norm.org
URL
blob:https://norm.org/effc8ad7-7a56-4724-946f-cf752a5a61fa

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| jQuery object| wpforms_settings object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| _wpemojiSettings object| wpgmza_google_api_status object| _paq object| astra object| astraAddon object| wpforms_user_journey object| gaGlobal object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| Raven object| hcaptcha function| wpformsDispatchEvent function| wpformsRecaptchaCallback function| wpformsRecaptchaLoad function| __wpgmzaMapEngineLoadedCallback function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent object| WPFormsUserJourney object| Mailcheck object| punycode object| wpforms function| astraSmoothScroll function| astScrollToTopHandler function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle function| astraToggleSetupPro function| astraNavMenuTogglePro string| sticky_header_on_devices string| site_layout_box_width string| sticky_footer_on_devices function| DOMPurify object| grecaptcha number| stick_upto_scroll number| max_width object| twemoji object| wp number| link number| len

7 Cookies

Domain/Path Name / Value
.norm.org/ Name: _ga_R614BMMWQ5
Value: GS1.1.1730239252.1.0.1730239252.0.0.0
.norm.org/ Name: _ga
Value: GA1.1.335902965.1730239252
norm.org/ Name: _pk_id.154611.9aa6
Value: 77fa8b1a43b5f3f7.1730239253.1.1730239253.1730239253.
norm.org/ Name: _pk_ses.154611.9aa6
Value: 1
norm.org/ Name: _wpfuj
Value: {"1730239253":"https%3A%2F%2Fnorm.org%2F%7C%23%7CHome%20Page%20-%20National%20Organization%20of%20Restoring%20Men%7C%23%7C683"}
norm.org/ Name: _wpfuuid
Value: bc3ffcc3-5041-4e4e-9ade-6b504779cf12
api2.hcaptcha.com/ Name: __cflb
Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRCp9TEea3wVAd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hcaptcha.com
newassets.hcaptcha.com
norm.org
region1.google-analytics.com
stats.wpmucdn.com
stats1.wpmudev.com
www.googletagmanager.com
www.norm.org
norm.org
104.19.229.21
104.19.230.21
173.248.187.16
2001:4860:4802:34::36
2400:52e0:1e00::1081:1
2a00:1450:4001:827::2008
3.12.169.186
0332c158b0a32293b0cbfa3e75f66cc1e95b85c17d7c01f5e4b3f55172420a24
0566efab118ac8c9eeed9d6a53ffc4d2f3ba0a34ac51cdbaf5795a25b11dde20
0a884e86a38c3744d84cc78bfb14c62706b32a39611f50a614df86733eaa4b0f
0eed7f9453639014fc441b1c7c5865fbd4913cca4bad036b2fc66c2ec6c49b2f
195aea3133133e33b4369aa8bd7129a42c83f1441688d5c8c7d1398ace3d1cd8
219b467e10fa76afadeafcbfdd061aba7856418c3c6d64cf12086c3c51b857b7
230facbc81b146c0992a734f6b1a47df5e051302a2c5b0412020a411a49f3a14
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2cc0e9c6ea6f660fb60230837e53cd011ee82d26e631869835807d09f12677e0
2da303ff2b500cdcc0e6046af919598ef2a7e29223de6b63463f283b345fa00d
356a19ff02fa4e23dcb143def0c4ac233f3808e837ec6eafd6476ec552255ba5
3772081bc98e6d5206c99cb0e14057638d7e6ba921a52a63dc3ca8d316ca9aac
3d6cbea33522d2e4d6d1cab8d0e365a025c204b37c03ccb524bca3c97f169d29
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5bad599f5f1bf85fd0fb59af77913a317a61d6dabe6ee6b9440fd697eb142e73
6da4eb4ec7dabde8020eae4ba29c145b6e40abf22a29ccc2eb23200efdb7bef6
6f60d4503c2d2d9b5b9603970d85a502ba8f4ae2f62135044c9638f5c1e194d4
7624daf1fe59ba43a0d4a92a1f1652cf4918ffa5b8043747a8d3ced2e65df278
80f6c328fff88edeb2a72730a04bcee58256eecb723d58ec856d7c19a3cb5125
ae9de52233685161ea61d4d2125cfdc5173e6b1a7fbeec4acd0a6f593c1e2458
ba3a977008603f433bc237c1eb537ca79e6c933ba237be5bc4f8ebbca5ebd81e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d204c86d851dd98f905762fbdd8347c0bb4646ef3e6b035bb221fd7f4b7b2b2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
ec94823263702aff6073210aed064f5b66529567d42c5b31d9917a34547f64b3