cottagesofnorman.com Open in urlscan Pro
216.70.123.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wc4.net/t?r=6016&c=5203&l=340&ctl=83B9:F3C8802ED8AB22E2CB7246FE662B1FE051D4737B47BA9A60&
Effective URL:
https://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F...
Submission Tags: phishing malicious Search All
Submission: On February 08 via api (February 8th 2021, 9:32:45 pm UTC) from US

Summary HTTP 85 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 85 HTTP transactions. The main IP is 216.70.123.61, located in Culver City, United States and belongs to MEDIATEMPLE, US. The main domain is cottagesofnorman.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 26th 2020. Valid for: a year.

This is the only time cottagesofnorman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.210.132.119 34.210.132.119	16509 (AMAZON-02) (AMAZON-02)
54	216.70.123.61 216.70.123.61	31815 (MEDIATEMPLE) (MEDIATEMPLE)
2	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	152.195.39.191 152.195.39.191	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
1	35.186.241.51 35.186.241.51	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1	52.48.111.126 52.48.111.126	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	198.190.14.13 198.190.14.13	16844 (ENTRATA) (ENTRATA)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	52.19.224.33 52.19.224.33	16509 (AMAZON-02) (AMAZON-02)
85	20

1 34.210.132.119 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-132-119.us-west-2.compute.amazonaws.com

wc4.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 216.70.123.61 (Culver City, United States)

ASN31815 (MEDIATEMPLE, US)

cottagesofnorman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.195.39.191 (United States)

ASN15133 (EDGECAST, US)

commoncdn.entrata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.241.51 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

6638292.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.111.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-111-126.eu-west-1.compute.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.190.14.13 (Lehi, United States)

ASN16844 (ENTRATA, US)

cottagesofnormanok.prospectportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.224.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-224-33.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	cottagesofnorman.com cottagesofnorman.com	4 MB
5	gstatic.com fonts.gstatic.com	46 KB
5	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	90 KB
4	doubleclick.net 1 redirects 6638292.fls.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	3 KB
3	entrata.com commoncdn.entrata.com	143 KB
2	prospectportal.com cottagesofnormanok.prospectportal.com
2	google-analytics.com www.google-analytics.com	19 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	8 KB
2	fontawesome.com kit.fontawesome.com ka-p.fontawesome.com	57 KB
1	google.de www.google.de	552 B
1	google.com www.google.com	337 B
1	xg4ken.com resources.xg4ken.com	5 KB
1	googleadservices.com www.googleadservices.com	13 KB
1	mixpanel.com api-js.mixpanel.com	349 B
1	mxpnl.com cdn.mxpnl.com	25 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
1	wc4.net 1 redirects wc4.net	307 B
85	17

	Domain	Requested by
54	cottagesofnorman.com	cottagesofnorman.com
5	fonts.gstatic.com	fonts.googleapis.com
3	cdn.krxd.net	cottagesofnorman.com cdn.krxd.net
3	commoncdn.entrata.com	cottagesofnorman.com
2	cottagesofnormanok.prospectportal.com	commoncdn.entrata.com
2	www.google-analytics.com	cottagesofnorman.com www.google-analytics.com
2	6638292.fls.doubleclick.net	1 redirects www.googletagmanager.com
1	beacon.krxd.net	cdn.krxd.net
1	consumer.krxd.net	cdn.krxd.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.google.de	cottagesofnorman.com
1	www.google.com	cottagesofnorman.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	fonts.googleapis.com	ajax.googleapis.com
1	resources.xg4ken.com	cottagesofnorman.com
1	www.googleadservices.com	www.googletagmanager.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	ka-p.fontawesome.com	kit.fontawesome.com
1	cdn.mxpnl.com	cottagesofnorman.com
1	www.googletagmanager.com	cottagesofnorman.com
1	ajax.googleapis.com	cottagesofnorman.com
1	kit.fontawesome.com	cottagesofnorman.com
1	wc4.net	1 redirects
85	23

This site contains links to these domains. Also see Links.

Domain
cottagesofnormanok.residentportal.com
thesciongroup.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
cottagesofnorman.com Starfield Secure Certificate Authority - G2	`2020-03-26` - `2021-03-26`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.entrata.com DigiCert SHA2 Secure Server CA	`2020-04-29` - `2022-07-15`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2020-09-14` - `2021-10-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.prospectportal.com Go Daddy Secure Certificate Authority - G2	`2019-08-05` - `2021-10-04`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048
Frame ID: 2EB654ACE3D9DBD2DA39AE71A483731A
Requests: 81 HTTP requests in this frame

Frame: https://6638292.fls.doubleclick.net/activityi;dc_pre=CN27q8Ce2-4CFeKB7QodeQsISg;src=6638292;type=rt3ds0;cat=cotta00;ord=1;num=319913174547;gtm=2wg1r0;auiddc=1961098349.1612819947;~oref=https%3A%2F%2Fcottagesofnorman.com%2Fgallery%2F%3Futm_source%3DWhatCounts%26utm_medium%3DEmail%26_wcsid%3DAFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048
Frame ID: 3258142AC052FB287BC77035FA700EC2
Requests: 1 HTTP requests in this frame

Frame: https://cottagesofnormanok.prospectportal.com/?module=contact_button&action=contact_button&origin=cottagesofnorman.com&events_url=https://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048&is_responsive_snippet=1&snippet_type=contact_button&time_zone=Europe/Berlin
Frame ID: 4EF850EC8C792F282B84FA8782BC1B96
Requests: 1 HTTP requests in this frame

Frame: https://cottagesofnormanok.prospectportal.com/?module=contact_button&action=popup&origin=cottagesofnorman.com&events_url=https://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048&is_responsive_snippet=1&snippet_type=contact_button&time_zone=Europe/Berlin
Frame ID: D36464146C0F19D979209193546CB483
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 29AFF87359CE70C28808C5397F71AA1B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://wc4.net/t?r=6016&c=5203&l=340&ctl=83B9:F3C8802ED8AB22E2CB7246FE662B1FE051D4737B47BA9... HTTP 302
https://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C... Page URL