cottagesofnorman.com
Open in
urlscan Pro
216.70.123.61
Public Scan
Submitted URL: http://wc4.net/t?r=6016&c=5203&l=340&ctl=83B3:F3C8802ED8AB22E2CB7246FE662B1FE051D4737B47BA9A60&
Effective URL: http://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F...
Submission Tags: phishing malicious Search All
Submission: On February 08 via api from US
Effective URL: http://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F...
Submission Tags: phishing malicious Search All
Submission: On February 08 via api from US
Summary
This website contacted 21 IPs
in 4 countries
across 17 domains to perform 85 HTTP transactions.
The main IP is 216.70.123.61, located in
Culver City, United States and
belongs to MEDIATEMPLE, US.
The main domain is cottagesofnorman.com.
This is the only time cottagesofnorman.com was scanned on urlscan.io!
This is the only time cottagesofnorman.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
52.36.173.12
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-173-12.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-173-12.us-west-2.compute.amazonaws.com
| wc4.net |
2
2606:4700::6812:1734
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| kit.fontawesome.com | |
| ka-p.fontawesome.com |
1
2a00:1450:4001:800::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
35.190.25.25
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com
| api-js.mixpanel.com |
2
142.250.186.166
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
| 6638292.fls.doubleclick.net |
1
142.250.185.194
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
| www.googleadservices.com |
1
34.241.47.148
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-47-148.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-47-148.eu-west-1.compute.amazonaws.com
| resources.xg4ken.com |
1
2a00:1450:4001:812::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
1
2a00:1450:4001:812::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
2a00:1450:4001:813::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
52.17.12.92
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-12-92.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-12-92.eu-west-1.compute.amazonaws.com
| beacon.krxd.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 54 |
cottagesofnorman.com
cottagesofnorman.com |
4 MB |
| 5 |
gstatic.com
fonts.gstatic.com |
47 KB |
| 5 |
krxd.net
cdn.krxd.net consumer.krxd.net beacon.krxd.net |
91 KB |
| 4 |
doubleclick.net
1 redirects
6638292.fls.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net |
2 KB |
| 3 |
entrata.com
commoncdn.entrata.com |
143 KB |
| 2 |
prospectportal.com
cottagesofnormanok.prospectportal.com |
|
| 2 |
google-analytics.com
www.google-analytics.com |
19 KB |
| 2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
8 KB |
| 2 |
fontawesome.com
kit.fontawesome.com ka-p.fontawesome.com |
57 KB |
| 1 |
google.de
www.google.de |
108 B |
| 1 |
google.com
www.google.com |
109 B |
| 1 |
xg4ken.com
resources.xg4ken.com |
5 KB |
| 1 |
googleadservices.com
www.googleadservices.com |
12 KB |
| 1 |
mixpanel.com
api-js.mixpanel.com |
348 B |
| 1 |
mxpnl.com
cdn.mxpnl.com |
26 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com |
36 KB |
| 1 |
wc4.net
1 redirects
wc4.net |
287 B |
| 85 | 17 |
| Domain | Requested by | |
|---|---|---|
| 54 | cottagesofnorman.com |
cottagesofnorman.com
|
| 5 | fonts.gstatic.com |
fonts.googleapis.com
|
| 3 | cdn.krxd.net |
cottagesofnorman.com
cdn.krxd.net |
| 3 | commoncdn.entrata.com |
cottagesofnorman.com
|
| 2 | cottagesofnormanok.prospectportal.com |
commoncdn.entrata.com
|
| 2 | www.google-analytics.com |
cottagesofnorman.com
www.google-analytics.com |
| 2 | 6638292.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
| 1 | beacon.krxd.net |
cdn.krxd.net
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | fonts.googleapis.com |
ajax.googleapis.com
|
| 1 | consumer.krxd.net |
cdn.krxd.net
|
| 1 | www.google.de |
cottagesofnorman.com
|
| 1 | www.google.com |
cottagesofnorman.com
|
| 1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 1 | resources.xg4ken.com |
cottagesofnorman.com
|
| 1 | www.googleadservices.com |
www.googletagmanager.com
|
| 1 | api-js.mixpanel.com |
cdn.mxpnl.com
|
| 1 | ka-p.fontawesome.com |
kit.fontawesome.com
|
| 1 | cdn.mxpnl.com |
cottagesofnorman.com
|
| 1 | www.googletagmanager.com |
cottagesofnorman.com
|
| 1 | ajax.googleapis.com |
cottagesofnorman.com
|
| 1 | kit.fontawesome.com |
cottagesofnorman.com
|
| 1 | wc4.net | 1 redirects |
| 85 | 23 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| cottagesofnormanok.residentportal.com |
| thesciongroup.com |
| www.facebook.com |
| www.instagram.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-13 - 2021-12-14 |
a year | crt.sh |
| cottagesofnorman.com Starfield Secure Certificate Authority - G2 |
2020-03-26 - 2021-03-26 |
a year | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
| *.mixpanel.com GeoTrust RSA CA 2018 |
2020-04-20 - 2022-04-21 |
2 years | crt.sh |
| *.xg4ken.com Go Daddy Secure Certificate Authority - G2 |
2020-09-14 - 2021-10-16 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
| cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2021-02-08 - 2022-02-07 |
a year | crt.sh |
| www.google.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
| www.google.de GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
| consumer.krxd.net DigiCert SHA2 Secure Server CA |
2020-09-14 - 2021-09-14 |
a year | crt.sh |
| beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-13 - 2022-01-07 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
http://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048
Frame ID: 0CBBCBF32971F8F3C578D05468A497DA
Requests: 81 HTTP requests in this frame
Frame:
http://6638292.fls.doubleclick.net/activityi;dc_pre=CM3BudSd2-4CFSyh7QodDGEIlw;src=6638292;type=rt3ds0;cat=cotta00;ord=1;num=7468749397432;gtm=2wg1r0;auiddc=1251923745.1612819721;~oref=http%3A%2F%2Fcottagesofnorman.com%2Fgallery%2F%3Futm_source%3DWhatCounts%26utm_medium%3DEmail%26_wcsid%3DAFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048
Frame ID: 0553524B0FF32FA85E7DA746CB8C557E
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 6D8C7B0A34094344D60602A8F14F8F2A
Requests: 1 HTTP requests in this frame
Frame:
http://cottagesofnormanok.prospectportal.com/?module=contact_button&action=contact_button&origin=cottagesofnorman.com&events_url=http://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048&is_responsive_snippet=1&snippet_type=contact_button&time_zone=Europe/Berlin
Frame ID: E7241C14B198F86FA8CECE103D623A07
Requests: 1 HTTP requests in this frame
Frame:
http://cottagesofnormanok.prospectportal.com/?module=contact_button&action=popup&origin=cottagesofnorman.com&events_url=http://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048&is_responsive_snippet=1&snippet_type=contact_button&time_zone=Europe/Berlin
Frame ID: A71D49505F2CE3A7DA5BD84949807589
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://wc4.net/t?r=6016&c=5203&l=340&ctl=83B3:F3C8802ED8AB22E2CB7246FE662B1FE051D4737B47BA9...
HTTP 302
http://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C... Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL
(Databases)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://cottagesofnormanok.residentportal.com/
Title: residents
Title: residents
Search URL Search Domain Scan URL
URL: https://thesciongroup.com/covid-19/
Title: COVID-19 Update
Title: COVID-19 Update
Search URL Search Domain Scan URL
URL: https://www.facebook.com/cottagesofnorman
Title: Facebook
Title: Facebook
Search URL Search Domain Scan URL
URL: https://www.instagram.com/cottagesnorman/
Title: Instagram
Title: Instagram
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://wc4.net/t?r=6016&c=5203&l=340&ctl=83B3:F3C8802ED8AB22E2CB7246FE662B1FE051D4737B47BA9A60&
HTTP 302
http://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 58- http://6638292.fls.doubleclick.net/activityi;src=6638292;type=rt3ds0;cat=cotta00;ord=1;num=7468749397432;gtm=2wg1r0;auiddc=1251923745.1612819721;~oref=http%3A%2F%2Fcottagesofnorman.com%2Fgallery%2F%3Futm_source%3DWhatCounts%26utm_medium%3DEmail%26_wcsid%3DAFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048 HTTP 302
- http://6638292.fls.doubleclick.net/activityi;dc_pre=CM3BudSd2-4CFSyh7QodDGEIlw;src=6638292;type=rt3ds0;cat=cotta00;ord=1;num=7468749397432;gtm=2wg1r0;auiddc=1251923745.1612819721;~oref=http%3A%2F%2Fcottagesofnorman.com%2Fgallery%2F%3Futm_source%3DWhatCounts%26utm_medium%3DEmail%26_wcsid%3DAFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048
85 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
cottagesofnorman.com/gallery/ Redirect Chain
|
28 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.css
cottagesofnorman.com/wp-content/plugins/contact-form-7/includes/css/ |
2 KB 988 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wpcdt-timecircles.css
cottagesofnorman.com/wp-content/plugins/countdown-timer-ultimate/assets/css/ |
845 B 751 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
cottagesofnorman.com/wp-content/themes/scion/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
blocks.css
cottagesofnorman.com/wp-content/themes/twentytwelve/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flexslider.css
cottagesofnorman.com/wp-content/themes/scion/js/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
colorbox.css
cottagesofnorman.com/wp-content/themes/scion/js/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
cottagesofnorman.com/wp-content/themes/scion/twentytwelve-css/ |
11 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
responsive.css
cottagesofnorman.com/wp-content/themes/scion/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1c25528784.js
kit.fontawesome.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ribbon-spring-2015.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
83 KB 83 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
free-housing.jpg
cottagesofnorman.com/wp-content/themes/scion/images/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon-phone.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon-mail.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.jpg
cottagesofnorman.com/wp-content/themes/scion/images/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
menu.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6F3A7647-v2.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
265 KB 265 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CON_P_Dog-2_RLD.jpg
cottagesofnorman.com/wp-content/uploads/2020/05/ |
89 KB 89 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6F3A7354-Copy.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
246 KB 246 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6F3A7680.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
298 KB 299 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CON_P_Fitness-3_RLD.jpg
cottagesofnorman.com/wp-content/uploads/2020/05/ |
92 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6F3A7455.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
202 KB 202 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CON_P_Exterior-2_RLD.jpg
cottagesofnorman.com/wp-content/uploads/2020/05/ |
170 KB 171 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6F3A7511.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
196 KB 196 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CON_P_Yoga-2_RLD.jpg
cottagesofnorman.com/wp-content/uploads/2020/05/ |
135 KB 136 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6F3A7461.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
193 KB 193 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CON_Pool-1_RLD.jpg
cottagesofnorman.com/wp-content/uploads/2020/05/ |
121 KB 121 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6F3A7495.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
242 KB 243 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6F3A7449.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
200 KB 201 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6F3A7296-Copy.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
174 KB 175 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6F3A7659.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
254 KB 255 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6F3A7500.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
180 KB 181 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6F3A7284.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
156 KB 156 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CON_P_Clubhouse-2_RLD.jpg
cottagesofnorman.com/wp-content/uploads/2020/05/ |
130 KB 131 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OULogo100px.png
cottagesofnorman.com/wp-content/uploads/2019/08/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
cottagesofnorman.com/wp-includes/js/jquery/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
scripts.js
cottagesofnorman.com/wp-content/plugins/contact-form-7/includes/js/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
navigation.js
cottagesofnorman.com/wp-content/themes/twentytwelve/js/ |
2 KB 1007 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-migrate.min.js
cottagesofnorman.com/wp-includes/js/jquery/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
headroom.min.js
cottagesofnorman.com/wp-content/themes/scion/js/headroom/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jQuery.headroom.js
cottagesofnorman.com/wp-content/themes/scion/js/headroom/ |
851 B 709 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.flexslider-min.js
cottagesofnorman.com/wp-content/themes/scion/js/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.colorbox-min.js
cottagesofnorman.com/wp-content/themes/scion/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.jcycle.js
cottagesofnorman.com/wp-content/themes/scion/js/ |
34 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
scripts.js
cottagesofnorman.com/wp-content/themes/scion/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-embed.min.js
cottagesofnorman.com/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ |
16 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
i18n.min.js
commoncdn.entrata.com/javascript/i18n/ |
578 KB 122 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
entrata-ui.min.js
commoncdn.entrata.com/javascript/i18n/ |
61 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-emoji-release.min.js
cottagesofnorman.com/wp-includes/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
149 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ |
75 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pro.min.css
ka-p.fontawesome.com/releases/v5.15.2/css/ |
310 KB 53 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nav-line.jpg
cottagesofnorman.com/wp-content/themes/scion/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bottom-fade.jpg
cottagesofnorman.com/wp-content/themes/scion/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
facebook-f.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
instagram-f.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
scion.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
api-js.mixpanel.com/track/ |
1 B 348 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
activityi;dc_pre=CM3BudSd2-4CFSyh7QodDGEIlw;src=6638292;type=rt3ds0;cat=cotta00;ord=1;num=7468749397432;gtm=2wg1r0;auiddc=1251923745.1612819721;~oref=http%3A%2F%2Fcottagesofnorman.com%2Fgallery%2F%...
6638292.fls.doubleclick.net/ Frame 0553 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
conversion_async.js
www.googleadservices.com/pagead/ |
30 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sdfnp2yem.js
cdn.krxd.net/controltag/ |
23 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ktag.js
resources.xg4ken.com/js/v2/ |
12 KB 5 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
controltag.js.0631b7d64dbbd3656a8b7368ad227a04
cdn.krxd.net/ctjs/ |
259 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/966793568/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 6D8C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/966793568/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/966793568/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7b3785dc-e5e8-4465-88e8-0bb2db048533
consumer.krxd.net/consent/get/ |
234 B 426 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
contact_btn_controller.min.js
commoncdn.entrata.com/website_templates/_assets/_common/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loading.gif
cottagesofnorman.com/wp-content/themes/scion/js/images/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
controls.png
cottagesofnorman.com/wp-content/themes/scion/js/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bg_direction_nav.png
cottagesofnorman.com/wp-content/themes/scion/js/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v18/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
/
cottagesofnormanok.prospectportal.com/ Frame E724 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
/
cottagesofnormanok.prospectportal.com/ Frame A71D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
4 B 392 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 87 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
optout_check
beacon.krxd.net/ |
79 B 237 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
58 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| dataLayer function| getQueryParam function| campaignParams object| mixpanel object| FontAwesomeKitConfig string| distinct_id string| utm_source string| utm_medium undefined| utm_term undefined| utm_campaign string| utm_source_last_touch string| utm_medium_last_touch undefined| utm_term_last_touch undefined| utm_campaign_last_touch object| google_tag_manager object| google_tag_data function| Krux function| ktag function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO undefined| $ function| jQuery object| wpcf7 function| Headroom object| Ktag_Constants object| Ktag_Toggles object| Ktag_Amp_Helpers object| Ktag_Helpers object| Ktag_Functions function| setup object| jQuery112409117765842780761 function| handleLogo function| onAfter function| evenFloorplans object| wp object| WebFont string| GoogleAnalyticsObject function| ga object| i18nUtils function| __ object| entrataUI object| ppcb object| ppcbConfig object| gaplugins object| gaGlobal object| gaData object| twemoji7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .google.com/ | Name: NID Value: 208=CsjWPB_w182UDKTtSOIC3i3vNXA-PA5Tsr_KBU2AfdhwcWu_QV4eufXVgV2h7l3Ac7YXN5-ykoEfGQjXsqY_BejsjLJMiDceh9q0J20xGQkHi_MY6HrVfjER6eBzLIuLrhWfzw5Sf7QZlQfeHCm3ihTVIcDB18MrOHHsufIWjaY |
|
| .cottagesofnorman.com/ | Name: _gcl_au Value: 1.1.1251923745.1612819721 |
|
| .krxd.net/ | Name: _kuid_ Value: N7xSLfyK |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUmpRxXwXhWcLLOsaMUR_JurNsHed4l5iJoJEbnQF0pDgShErDs07a2TbTAx2fA |
|
| .cottagesofnorman.com/ | Name: _gat Value: 1 |
|
| .cottagesofnorman.com/ | Name: _ga Value: GA1.2.1762384768.1612819722 |
|
| .cottagesofnorman.com/ | Name: _gid Value: GA1.2.1571748359.1612819722 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
6638292.fls.doubleclick.net
ajax.googleapis.com
api-js.mixpanel.com
beacon.krxd.net
cdn.krxd.net
cdn.mxpnl.com
commoncdn.entrata.com
consumer.krxd.net
cottagesofnorman.com
cottagesofnormanok.prospectportal.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ka-p.fontawesome.com
kit.fontawesome.com
resources.xg4ken.com
stats.g.doubleclick.net
wc4.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.185.194
142.250.186.166
151.101.14.133
152.195.39.191
198.190.14.13
216.70.123.61
2600:1901:0:498c::
2606:4700::6812:1734
2a00:1450:4001:800::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:400c:c00::9d
34.241.47.148
35.190.25.25
52.17.12.92
52.36.173.12
00275f374a17757c907c5299e9f15354aeacbc2a87a5062a2e78960d682ec889
015c9298268386e0aba6c3ac3dbaed6f01d8b375588ebef2058e623ba1c73531
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8
0e12cb18a3f32509139578670ce5428a5ce9e0849a0b3295dadccac47a3f6547
1024757886c2dd8b8dab4bb1fda3d7b6bded1eb47b189f685d024c05d6f14a1a
108ccc547b09df030cf7b0e0774c5bfe213f4f09cc6ae4e0d0397e6913abc4cb
12641a80c6eb875f6bf42aff0ae21e5af1419551e6329c71cb640c1492eaa4c8
12fc49ea3a83617a89f5a9a5f6110e6bfd7464f1286928f260c0d38b94cb7257
1833dd8b12e343fabdaa88ccdc017af44753571fb6dcfbd6fb5a50c893b75fae
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
22a00f658e42eab611e164e48f6393d9ee5c3b0a982d6caff48f0fc6724d65ca
2a1f151fcf02070ea313b9edc74b6728d4ef6511319d3fe3ca3048752b3112cc
2e1d85bf22bc04334a3939eb7099ced7c1e3de7698bd390a680bf22193f506d0
2f8e70ac0ede15bfb75a5fb3dc583eeb9d9137a052cf3c9b9456272237b45ebc
31252a7225526011e54c7fafc60612b8dcee5291d5ba8ae6ddf6196572d101f7
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3b6c8e619e7efef74e8422ad1f59c3f6ebddf7a323aada04f4926a9abcd44a4c
409716bb0a0d62b55f4884fbd7e9c0414293acb03971118ccfeadc797095ff7c
4210448ac68ac97c853295dabad6579337d1af3a06751dcf5f8721031804bb84
47f8c669cd3c7333fe0d69f178d490f40bfa501d639e5169267b08580d2a88ee
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e79e2d7d09f0fd94767097e80b35401614a89a0c5e641f893c15c1f36d2bb34
4ec8a024ce75c8eaa600c8ed5703d6d8deb5d7a02bd8e90f54e01f7eeee2e220
4f547eab736e8f0310719f0c306c31255c71a829018c631ebe49d50002cc5320
534dc5275ae15deb2dbbc697416d477e3d82e148d6ec3be7b88081883fe9d8d4
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54f9cccca77a4383be7a61eefe7cf4b1dfba38ce0bd1eba38948922276425572
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
65a9d544a996e30913adc58de40917ef05263cf3de9b3dc6e86938693f8a2d82
68da1f260e79b15d2d5ca9aee0b05e2243ee47cca9d732b3625f4bbb1b77b8bf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d086e37699b4481f3695c53b4557e1dbf3f111fd64be0c9ea78ddcaadc672fd
6deaecd74231eebeae3b8daa0e6ba6df8dc37f292d25eb4d3e9717c49b80f11f
71e29dc805be947621e422dbfce59ea80eb8b00641874275b6393c441f0e44d1
760e495072764e45cf53e5a087eda70bd30bbc77d7ac37bac0836a11028b98be
77e72719f405230a510215b93e04516cf92230efaac50e7c82276e9fd7c76593
79f98a46adfecdfd23cbd4cd6ad3938edf85b30cb401b2baa195ed314d713dda
85f3d42d6286df4aca41d035edaac63ebad9fc37498404af862f8ee8ac116536
93dd4cb76e2ec8cb5879b6bd29ba69d57568bdeda57d9d1f7acc4d6ed0f743ae
943160d444616d5a729c4fa3181db1b848a82e0860004da6db04dacddbf95bd5
979f687d2d1e378e6938181e022855ae58510029a056b91f170052444fee42f7
9f0a2dde76bd38b93f7ad312bb60ade49386554fd767ffd1667fb665eb284e48
a36616dc61a9c5d4f034e1758a86a34d630f9a63cfd91c1ac49c01f121e323a5
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a74f8231760b80cd51dedb5c168f9be3d305d8930835add80566e788b6300892
a7d0ffb7e0c631536e2e4da54c6b799a224c3de7dc6a9ab6ee4b9e5fb312ea19
a889f4118453700ca68780deb344d81d3becadb8871891fd0dea8d0e66b7fb72
a9c2b9d168167e4c4b13aac7250b28333931538ccca620ca414f586f34968b93
abc2c1079d845dc40d6bb7b71a22f1f5d1773152e23cb971ff2df9806968b3d4
ac8aa9c2c001e6646f7ed896a62d7dd75159116e9b24675164030750c0d0e4de
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1ce6ee9230efeb04a3e32ac6d6e564ea192399e6b1e815c516a895e27a3817f
b28a63ce0d5aac0825fb659b556e1afd9d68661baffbb3345dfc9467cd07354c
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
be6e134a085af272e6c9b03832cf2d1b1134fff524693456a3a361cc64df4c32
bfa3bad2e334b71ef7cbcc6aca7ece08cb241f9c89b296e5bc49c1d676947eb6
c1d5b678634dce9bf313886b979aef512c5aaef8f430320649ab77d3e624700e
c29fa679666d55d2c04ebfb4d78bb1b7fdea2baa93a38feb29ba92077e44c963
c4eb51f22f568120cf9ab08fbeae1a5369ec10fd7dba0ceba07038b07a9a9975
c73dc77c8eb4228618d5b975c54eab771357255fc0c206e284d9635f10cfe73a
cc9578035e6277967d568b6762243591eed64da7da3faebffbf3fc589aad9b49
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
ce53f790d81c2cac4a8cb13d1aa8043b47a4a04a2723c6661487b0c05836a263
cf132c672451d61de1432e3cfb6246edcaa242edf83ed478b32d2754069668bb
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d011935735af1ba5071059eb9b06556025c9b69bb0dd23639ee18429556eb523
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
da44b393542d5606675d82b93c82c01c12ca31791add8ac0830d1aea26967f1c
dd030e973a26c5f41da9b2a1cf5eb958e78d1a7ac52bddcd24c8d34afbacd2a6
e0708ae6f7bd26335c3c0d70de95dba0870e3d1bd5625dd4febfd652f693b09b
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e56b08590b93eda20511daa2bfa928102159e396f10f55f4ae7e9298f6e5a9d5
e745a003a7adbf157db6fa239bac8765f3bb6136f6c4757b8b8c4bb4183ffefb
ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4954799f5b5faf8832bf362358d9cdbb3e212c3134f49afbdfaa1957aa2d988
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305