www.grandcentralatkennedy.com
Open in
urlscan Pro
160.153.74.100
Malicious Activity!
Public Scan
Submission: On May 22 via automatic, source openphish
Summary
This is the only time www.grandcentralatkennedy.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Delta (Transportation)Domain & IP information
ASN26496 (,)
PTR: ip-160-153-74-100.ip.secureserver.net
www.grandcentralatkennedy.com |
ASN16625 (,)
PTR: a104-111-216-67.deploy.static.akamaitechnologies.com
www.delta.com | |
content.delta.com |
ASN16509 (,)
PTR: ec2-18-196-132-206.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN16509 (,)
PTR: ec2-52-211-104-45.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (,)
PTR: ec2-35-156-107-167.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN15169 (,)
PTR: zrh04s05-in-f98.1e100.net
www.googleadservices.com |
ASN16509 (,)
PTR: server-13-35-253-75.fra6.r.cloudfront.net
gateway.foresee.com |
ASN16509 (,)
PTR: ec2-18-197-12-13.eu-central-1.compute.amazonaws.com
pulse.delta.com |
ASN14618 (,)
PTR: ec2-52-54-147-248.compute-1.amazonaws.com
fly.delta.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-56.deploy.static.akamaitechnologies.com
fast.delta.demdex.net |
ASN16509 (,)
PTR: ec2-52-212-225-108.eu-west-1.compute.amazonaws.com
resources.xg4ken.com |
ASN14618 (,)
PTR: ec2-35-153-150-151.compute-1.amazonaws.com
events.xg4ken.com |
ASN29990 (,)
PTR: 312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com |
ASN14618 (,)
PTR: ec2-52-1-244-191.compute-1.amazonaws.com
analytics.foresee.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
delta.com
www.delta.com content.delta.com metrics.delta.com pulse.delta.com fly.delta.com |
789 KB |
15 |
ensighten.com
nexus.ensighten.com |
104 KB |
14 |
foresee.com
gateway.foresee.com analytics.foresee.com |
118 KB |
6 |
grandcentralatkennedy.com
www.grandcentralatkennedy.com |
25 KB |
5 |
demdex.net
1 redirects
dpm.demdex.net fast.delta.demdex.net |
3 KB |
2 |
adnxs.com
1 redirects
secure.adnxs.com |
2 KB |
2 |
linkedin.com
1 redirects
dc.ads.linkedin.com |
1 KB |
2 |
xg4ken.com
resources.xg4ken.com events.xg4ken.com |
4 KB |
2 |
criteo.com
2 redirects
gum.criteo.com |
743 B |
1 |
google.de
www.google.de |
109 B |
1 |
google.com
www.google.com |
109 B |
1 |
bing.com
bat.bing.com |
196 B |
1 |
googleapis.com
fonts.googleapis.com |
626 B |
1 |
doubleclick.net
googleads.g.doubleclick.net |
1 KB |
1 |
googleadservices.com
www.googleadservices.com |
9 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
526 B |
70 | 16 |
Domain | Requested by | |
---|---|---|
15 | content.delta.com |
www.grandcentralatkennedy.com
|
15 | nexus.ensighten.com |
www.grandcentralatkennedy.com
nexus.ensighten.com |
10 | gateway.foresee.com |
nexus.ensighten.com
gateway.foresee.com |
6 | www.grandcentralatkennedy.com |
www.grandcentralatkennedy.com
www.delta.com content.delta.com |
4 | analytics.foresee.com |
content.delta.com
|
4 | dpm.demdex.net |
1 redirects
www.grandcentralatkennedy.com
|
3 | www.delta.com |
www.grandcentralatkennedy.com
www.delta.com |
2 | secure.adnxs.com | 1 redirects |
2 | dc.ads.linkedin.com | 1 redirects |
2 | gum.criteo.com | 2 redirects |
1 | events.xg4ken.com | |
1 | resources.xg4ken.com |
nexus.ensighten.com
|
1 | www.google.de |
www.grandcentralatkennedy.com
|
1 | www.google.com |
www.grandcentralatkennedy.com
|
1 | fast.delta.demdex.net |
nexus.ensighten.com
|
1 | bat.bing.com |
www.grandcentralatkennedy.com
|
1 | fonts.googleapis.com |
www.grandcentralatkennedy.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | fly.delta.com |
nexus.ensighten.com
|
1 | pulse.delta.com |
www.grandcentralatkennedy.com
|
1 | www.googleadservices.com |
nexus.ensighten.com
|
1 | cm.everesttech.net | 1 redirects |
1 | metrics.delta.com |
content.delta.com
|
70 | 23 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.delta.com DigiCert SHA2 Secure Server CA |
2019-04-11 - 2020-05-17 |
a year | crt.sh |
pulse.delta.com DigiCert SHA2 Secure Server CA |
2018-08-20 - 2019-08-21 |
a year | crt.sh |
fly.delta.com DigiCert SHA2 Secure Server CA |
2019-01-29 - 2020-01-30 |
a year | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
www.bing.com Microsoft IT TLS CA 5 |
2017-07-20 - 2019-07-10 |
2 years | crt.sh |
www.google.com Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
www.google.de Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
*.xg4ken.com Go Daddy Secure Certificate Authority - G2 |
2017-12-17 - 2020-12-17 |
3 years | crt.sh |
*.foresee.com Go Daddy Secure Certificate Authority - G2 |
2018-09-21 - 2020-09-21 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://www.grandcentralatkennedy.com/zdelt/27a91/index1.php
Frame ID: 3770C93FA4BA2A535BD9B55BB27511EA
Requests: 69 HTTP requests in this frame
Frame:
http://fast.delta.demdex.net/dest5.html?d_nsid=0
Frame ID: 1CCDA19C19578CA55905CE9BEC2DD2F5
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Ruxit (Analytics) Expand
Detected patterns
- script /ruxitagentjs/i
TrackJs (Analytics) Expand
Detected patterns
- script /tracker.js/i
- env /^TrackJs$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
webpack (Miscellaneous) Expand
Detected patterns
- env /^webpackJsonp$/i
Twitter Bootstrap () Expand
Detected patterns
- script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- http://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0E65E09512D2CC50A490D4D%40AdobeOrg&d_nsid=0&ts=1558490824681 HTTP 302
- http://dpm.demdex.net/id/rd?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0E65E09512D2CC50A490D4D%40AdobeOrg&d_nsid=0&ts=1558490824681
- http://cm.everesttech.net/cm/dd?d_uuid=05361459395901698082922423679076642594 HTTP 302
- http://dpm.demdex.net/ibs:dpid=411&dpuuid=XOSuygAAFAOe_RN_
- https://gum.criteo.com/sync?c=327&a=1&r=1&u=https://pulse.delta.com/pc/delta/%3Fcriteoid%3D%40USERID%40 HTTP 302
- https://gum.criteo.com/sync?s=1&c=327&a=1&r=1&u=https://pulse.delta.com/pc/delta/%3Fcriteoid%3D%40USERID%40 HTTP 302
- https://pulse.delta.com/pc/delta/?criteoid=rT8OXyM9sFc7qb-rd3sIDoO0hMrqTFxg
- http://bat.bing.com/action/0?ti=5435442&Ver=2&ec=&ea= HTTP 307
- https://bat.bing.com/action/0?ti=5435442&Ver=2&ec=&ea=
- http://dc.ads.linkedin.com/collect/?pid=591380&fmt=gif HTTP 302
- http://dc.ads.linkedin.com/collect/?pid=591380&fmt=gif&cookiesTest=true
- http://secure.adnxs.com/px?id=893824&seg=10023528&t=2 HTTP 302
- http://secure.adnxs.com/bounce?%2Fpx%3Fid%3D893824%26seg%3D10023528%26t%3D2
70 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index1.php
www.grandcentralatkennedy.com/zdelt/27a91/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_2SVfhjqr_10119170522100716.js
www.delta.com/ |
118 KB 41 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.js
www.delta.com/user-login/js/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap.js
nexus.ensighten.com/delta/mtprod/ |
318 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inline.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
142 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
2 MB 463 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
202 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
delta.utils.logger.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
delta.datalayer.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
34 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracker.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
26 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
picturefill-background.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fresh-air.css
content.delta.com/content/dam/delta-applications/fresh-air-core/5.0.21/css/ |
601 KB 74 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fresh-air-fonts.css
www.grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Delta%20Logo.svg
content.delta.com/content/www/us/en.damAssetRender.20180509T1731290530400.html/content/dam/delta_homepage_redesign/Logo/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Sky%20Team.svg
content.delta.com/content/www/us/en.damAssetRender.20180509T1731290540400.html/content/dam/delta_homepage_redesign/Logo/ |
9 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
supergraphic-delta.png
content.delta.com/content/dam/delta-www/responsive/apps/login/ |
1000 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs__10161190306152812.js
www.delta.com/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getClosestDeltaAirportCode
www.grandcentralatkennedy.com/pref/geoLocationService/ |
29 KB 8 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bcdata.action
www.grandcentralatkennedy.com/databroker/ |
29 KB 7 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.gif
nexus.ensighten.com/error/ |
0 193 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ |
364 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/delta/mtprod/ |
679 B 916 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
96bd36c6228c5d59865924056cd551cf.js
nexus.ensighten.com/delta/mtprod/code/ |
1 KB 926 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8ede7e51062372b109a67efed215946b.js
nexus.ensighten.com/delta/mtprod/code/ |
22 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
462f7cfd29740477acc5137e0c331c8d.js
nexus.ensighten.com/delta/mtprod/code/ |
2 KB 932 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
762bd80644e487518a7acf26aad48e38.js
nexus.ensighten.com/delta/mtprod/code/ |
1 KB 693 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
metrics.delta.com/ |
49 B 671 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=XOSuygAAFAOe_RN_
dpm.demdex.net/ Redirect Chain
|
42 B 769 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conversion_async.js
www.googleadservices.com/pagead/ |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gateway.min.js
gateway.foresee.com/sites/delta/production/ |
154 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.gif
nexus.ensighten.com/error/ |
0 193 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.gif
nexus.ensighten.com/error/ |
0 193 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.gif
nexus.ensighten.com/error/ |
0 193 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
pulse.delta.com/pc/delta/ Redirect Chain
|
42 B 486 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.gif
nexus.ensighten.com/error/ |
0 193 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
datacollectcode
fly.delta.com/ |
0 121 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.gif
nexus.ensighten.com/error/ |
0 193 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/805826975/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 626 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fresh-air-fonts.css
www.grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
backgroundImage.jpg
content.delta.com/content/dam/delta-www/responsive/apps/login/ |
60 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ Redirect Chain
|
0 196 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
fast.delta.demdex.net/ Frame 1CCD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/805826975/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/805826975/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
supergraphic-delta-mark_1600.svg
content.delta.com/content/dam/delta-applications/fresh-air-core/5.0.21/images/ |
1 KB 932 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spriteImage.svg
content.delta.com/content/dam/delta-www/responsive/apps/login/ |
13 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.gif
nexus.ensighten.com/error/ |
0 193 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fs.feedback.js
gateway.foresee.com/code/19.7.5/ |
37 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fs.survey.js
gateway.foresee.com/code/19.7.5/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fs.utils.js
gateway.foresee.com/code/19.7.5/ |
94 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fs.trigger.js
gateway.foresee.com/code/19.7.5/ |
32 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
gateway.foresee.com/code/19.7.5/templates/feedback/default/ |
60 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
badge___html.js
gateway.foresee.com/code/19.7.5/templates/feedback/default/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serviceunavailable___html.js
gateway.foresee.com/code/19.7.5/templates/feedback/default/ |
797 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
epilogue___html.js
gateway.foresee.com/code/19.7.5/templates/feedback/default/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
surveycontents___html.js
gateway.foresee.com/code/19.7.5/templates/feedback/default/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ktag.js
resources.xg4ken.com/js/v2/ |
10 KB 4 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.gif
nexus.ensighten.com/error/ |
0 193 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.gif
nexus.ensighten.com/error/ |
0 193 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v2
events.xg4ken.com/pixel/ |
0 161 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
dynaTraceMonitor
www.grandcentralatkennedy.com/zdelt/27a91/ |
29 KB 7 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
dc.ads.linkedin.com/collect/ Redirect Chain
|
43 B 348 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
43 B 979 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
events
analytics.foresee.com/ingest/ |
0 426 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
analytics.foresee.com/ingest/ |
44 B 532 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
events
analytics.foresee.com/ingest/ |
0 426 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
analytics.foresee.com/ingest/ |
44 B 532 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Delta (Transportation)104 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| dT_ object| dtrum function| $ function| jQuery object| ensBootstraps object| Bootstrapper object| val boolean| ensPrivacy object| ensClientConfig object| ensLogger boolean| ensBrowserSupported object| cookieManager function| setVisitorIDService function| Visitor object| s_c_il number| s_c_in object| visitor function| $data number| _delay object| targetGlobalSettings object| targetDataElement function| targetPageParamsAll object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate string| k function| webpackJsonp object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader function| fsReady function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| __zone_symbol__ON_PROPERTYmessage object| __zone_symbol__messagefalse function| setImmediate function| clearImmediate object| delta boolean| isHomePage object| CookieUtils object| PATH_VALIDATION_REGEX function| jsocrud undefined| trackJs function| escapeRegExp object| picturefillBackgroundOptions function| picturefillBackground function| initPictureFillBackground object| __zone_symbol__loadfalse object| __zone_symbol__resizefalse object| __zone_symbol__DOMContentLoadedfalse object| ng function| _acsDefine function| _fsDefine function| _acsRequire function| _fsRequire object| FSR object| FSFB function| _acsNormalizeUrl function| _fsNormalizeUrl function| _fsNormalizeAssetUrl function| acsReady object| __zone_symbol__beforeunloadtrue object| __zone_symbol__pagehidetrue object| __zone_symbol__popstatefalse object| __fsJSONPCBr function| __fsJSONPCB function| SurveyQuestion function| __acsReady__ function| __fsReady__ function| ktag object| Kenshoo_Constants object| Kenshoo_Toggles object| Kenshoo_Amp_Helpers object| Kenshoo_Helpers object| Ktag_Functions function| setup function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.grandcentralatkennedy.com/ | Name: dtPC Value: -3$290824547_803h2vXTZKXEMOVWUIBKQLAZHMMXFYIJTSFJIP |
|
www.grandcentralatkennedy.com/ | Name: rxvt Value: 1558492629020|1558490829020 |
|
www.grandcentralatkennedy.com/ | Name: dtCookie Value: -9$TTRJQUD6QGRA8CMF8SVD4MTV9HJU01DN |
13 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.foresee.com
bat.bing.com
cm.everesttech.net
content.delta.com
dc.ads.linkedin.com
dpm.demdex.net
events.xg4ken.com
fast.delta.demdex.net
fly.delta.com
fonts.googleapis.com
gateway.foresee.com
googleads.g.doubleclick.net
gum.criteo.com
metrics.delta.com
nexus.ensighten.com
pulse.delta.com
resources.xg4ken.com
secure.adnxs.com
www.delta.com
www.google.com
www.google.de
www.googleadservices.com
www.grandcentralatkennedy.com
104.111.216.67
13.35.253.75
160.153.74.100
172.217.18.98
18.196.132.206
18.197.12.13
185.33.223.216
2.16.186.56
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:819::2004
2a00:1450:4001:824::2002
2a00:1450:4001:824::200a
2a02:2638::1c
2a05:f500:11:101::b93f:9005
35.153.150.151
35.156.107.167
52.1.244.191
52.211.104.45
52.212.225.108
52.54.147.248
66.117.28.86
66.117.29.227
01fb8b48a8abf9d05ee712174977a8a3ea3a2919f44c2344f087b043624e9368
0335a388804cf45db37240dc505a63dddc63d04e8038e810c0d8ca7c121d5d5b
07c0feacb0f40ccca25d3253a6eacde0c0c4f43b68b856a23c447596f1dae9c3
09f7231f3ecac50877da366c88a300768b51c1b920fff111d8636d1d92887ce5
0b38de92be9fe29c1f428e75636b54f081ce5d9fa84edaebdc760afe3673cd4f
0c5783f42f67094584f01717bf79afbb7899c6d0511209346d9f35191e711dd6
0edc14b5cbfe2e1d53faf0f87773dc11210dfb355372e6219e79f123286a8d0c
0fc24a88d16eb8765ec35e8959fb79b7b82e8ea2c9bc0fb483d6729c2de62702
1af944bf115f2d9db965423ac62dab32e622f4913d6f510d84d0c5647334ab41
20715e0f860741b4dcf0a44d1019a5e168f0edb73a6b181976e63c33a467b875
3de399b7d85028365f3b015469b714e4d1d6db59a62a375c1b074f1a7dafc2d9
3e67c093ce2508d50a842bba9a9a72dc1ef5119fc059bb389c0bc27ab9007228
482867eea58dbb35507889f6a7e639c2fb71df492fc704bf6b841ac13fe5862a
49530465d817008bc283a6520ba88c8a0e778011ea5354ac226aab4f51f2b0f9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e495ab62e8d3ca4f631e9fbe42f1066d7c335a799b2290cbca903043fb06e6b
4fb96c2d81a511582bdd94b32bb125bcfc2da606812a7b85a60937faa89de094
523c71f88fb63b6a123eb40b7548b35c02ae2cde7062e295dcc38db12267c24b
546a34d9f648cf7b8a651fa2ce06d8447b3a1fbd5df40bf787b922f42a1f3718
5b0bd6db5dc4714868a5e5a0c844bc9fb9222d9e43a0a843850f56f808950360
67b9c4ed5ee7ab8cfe6abe01be8dd0fff0aa805b0d53145c112317c49f339e8c
6af5216566b2c091c725ab64682c698c838ebef05c6f1d5ecd01208bf34d24b2
6b9fb3e542aabfd59772577133c56547327ad074063b7f14badddb535e219611
6d859459bfe08d68bdc07812da6f6b277181619a5c3fb6fafbcafc00b9308da5
6e7e1306a95d2868eeadcfba71a86d7c4000a1d8d31dcb3b21e6c813fb0bf44b
72865fc1ce34a9db5ae5f984097ac9d831f2d5b65f17d351a8a7dabc2c9fe7bd
72df822860bfe11efb1e460950b2917c39464acc5a3ecbd1175d20d79a64dcff
7e67cd0569f9ea6f8e2bccd01cbe231e3339b0faab2600ba575f41a28713d33c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9b76fc83225c96f71c2345fc59ed51f8c64ea91d89e7cef4026ba9e85f7da35e
a28df98b2cdf32b892cf253b5182c403a73687f8e82f2ded00d201a812ff80e9
add4d2c6c18ee83b2ce97243ce89f555e06b0bc5b883dc36a5b70d6ee6d79e52
add7a374703609ee86fe5223b8c53aa132c9e59aee2621d93e221c7623368358
b462a58af59576260be046da32e7f368f158372609502ea1cdd1226e192af083
bb7986ee71f468d8efe982e7261e2fef3999c00b63d7bb45d6e8757c40f82574
bb90cced43c1f548a2d771c42a21caf852ccc44d28985638f49cfde914aed874
bf499aab017e9d9b880e289732cccea6fb24a25e1bb85787451b9d7da07d9d37
c5cf23f3074399c8e0e9d1f641b6d89b6e1c386e68d5bf3e8c9aaa451c85f136
c89c442e0387b49190a0d4990efe8a142a89b619c93c85edb2e40511b929cfa6
ca8ebecaab799226d366aa5605a1dc71c9579376cbd82642ca09c2d11e3827ca
cafd75607db6f2bc28d46800537807b272e41e95240b3049a171bf2b8bd247a5
d1014dd86ebf5e5b98a0fdee2ff1a8cb6c30c2a4c2bfd3bc15b0aaa3a8dd93c2
d12fd3a52924d892de2e26993e63ce44f6b4c62bfd968706753d420399dabcb0
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
ddc99dc52691ca0a5da1bd3d1af290ceacb789f62783ada5b6a27d83bb0b60aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5042a6d6eeabee7cc685a9ebccb6dbf8b6292d0c4803f52f893c052bbd9574b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f166c15bfc6d1ed2b8e9812b9569772ee5a954f699a92ccf559266fc1a8f02ff