grandbeargetaway.com Open in urlscan Pro
198.57.181.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sender16.zohoinsights.com/ck/2d6f.327230a/362846d0-311b-11ec-8373-525400fcd3f1/155d369634e9d278bbad64208f02c43e371a09e5/2?...
Effective URL:
https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com
Submission: On October 20 via manual (October 20th 2021, 3:39:59 pm UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 198.57.181.178, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is grandbeargetaway.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 18th 2021. Valid for: 3 months.

This is the only time grandbeargetaway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	204.141.42.89 204.141.42.89	2639 (ZOHO-AS) (ZOHO-AS)
4	198.57.181.178 198.57.181.178	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	143.204.91.56 143.204.91.56	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	4

1 204.141.42.89 (United States) 1 redirects

ASN2639 (ZOHO-AS, US)

sender16.zohoinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.57.181.178 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 198-57-181-178.unifiedlayer.com

grandbeargetaway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.91.56 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-91-56.fra50.r.cloudfront.net

static.adobelogin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba0a (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	grandbeargetaway.com grandbeargetaway.com	867 KB
2	typekit.net use.typekit.net	59 KB
1	adobelogin.com static.adobelogin.com	4 KB
1	zohoinsights.com 1 redirects sender16.zohoinsights.com	607 B
8	4

	Domain	Requested by
4	grandbeargetaway.com	grandbeargetaway.com
2	use.typekit.net	grandbeargetaway.com
1	static.adobelogin.com	grandbeargetaway.com
1	sender16.zohoinsights.com	1 redirects
8	4

This site contains no links.

Subject Issuer	Validity	Valid
grandbeargetaway.com cPanel, Inc. Certification Authority	`2021-08-18` - `2021-11-16`	3 months	crt.sh
static.adobelogin.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-18`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com
Frame ID: 3E3F9DF40B656CB9C150F47BBAD8B1ED
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ad0be

Page URL History Show full URLs

https://sender16.zohoinsights.com/ck/2d6f.327230a/362846d0-311b-11ec-8373-525400fcd3f1/155d369634e9d278bbad642... HTTP 302
https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

8
Requests

88 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

930 kB
Transfer

928 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sender16.zohoinsights.com/ck/2d6f.327230a/362846d0-311b-11ec-8373-525400fcd3f1/155d369634e9d278bbad64208f02c43e371a09e5/2?e=vgOXWLMtTJ%2BOW7pqxzcrxPMB8mkHR60rycIb8bvtDkF1OE223QXx2QAhBmAM2TY3qsHlqC79%2BbBXG0K1wp5jIDjZ5CVFE10vSG1Ja7lFYMU%3D HTTP 302
https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response grandbeargetaway.com/wp-includes/assets/newadobe/ Redirect Chain https://sender16.zohoinsights.com/ck/2d6f.327230a/362846d0-311b-11ec-8373-525400fcd3f1/155d369634e9d278bbad64208f02c43e371a09e5/2?e=vgOXWLMtTJ%2BOW7pqxzcrxPMB8mkHR60rycIb8bvtDkF1OE223QXx2QAhBmAM2TY... https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com	22 KB 22 KB	1239ms 380ms	Document text/html	198.57.181.178 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 198.57.181.178 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 198-57-181-178.unifiedlayer.com Software nginx/1.21.3 / Resource Hash `32ac18249d80424a2f8c21eff52b55f22c74d8e7abc1f6b1213ff563392b4ff7` Request headers Host grandbeargetaway.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx/1.21.3 Date Wed, 20 Oct 2021 15:39:52 GMT Content-Type text/html Content-Length 22424 Connection keep-alive Last-Modified Thu, 07 Oct 2021 16:04:16 GMT Accept-Ranges bytes Vary Accept-Encoding,User-Agent Redirect headers Server ZGS Date Wed, 20 Oct 2021 15:39:51 GMT Content-Length 0 Connection keep-alive Set-Cookie 8a231755c9=8481cd0b924db1200113965fdf9f0839; Path=/ tm_csrf_cookie=c310ab5a-3008-44a6-bb1b-75f2f7a27139;path=/;SameSite=None;Secure;priority=high _zcsr_tmp=c310ab5a-3008-44a6-bb1b-75f2f7a27139;path=/;SameSite=Strict;Secure;priority=high X-Content-Type-Options nosniff X-XSS-Protection 1 X-Frame-Options SAMEORIGIN Location https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com Strict-Transport-Security max-age=63072000
GET H/1.1	200 OK	style.css grandbeargetaway.com/wp-includes/assets/newadobe/	556 KB 556 KB	199ms 198ms	Stylesheet text/css	198.57.181.178 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://grandbeargetaway.com/wp-includes/assets/newadobe/style.css Requested by Host: grandbeargetaway.com URL: https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 198.57.181.178 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 198-57-181-178.unifiedlayer.com Software nginx/1.21.3 / Resource Hash `3bf78cc966320384d6aa22aa73fd5676eba760a1bbdcb72f07d91f9d2a14aac0` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host grandbeargetaway.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 20 Oct 2021 15:39:52 GMT Last-Modified Fri, 17 Sep 2021 04:16:24 GMT Server nginx/1.21.3 Vary Accept-Encoding,User-Agent Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 569468
GET H2	200	4x_dadff291353fcc70cae932954e12aa73.png static.adobelogin.com/clients/document-cloud-2020/	3 KB 4 KB	82ms 10ms	Image image/png	143.204.91.56 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adobelogin.com/clients/document-cloud-2020/4x_dadff291353fcc70cae932954e12aa73.png Requested by Host: grandbeargetaway.com URL: https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.91.56 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-91-56.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash `678b56c3f124a9cea355f38dd15b89e54a03e80ad0c484a60e3360bf187d6e73` Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandbeargetaway.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id null via 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront) last-modified Thu, 10 Jun 2021 12:31:10 GMT server AmazonS3 age 32964 etag "897d4a272d908e2be4f0175d26247591" x-cache Hit from cloudfront content-type image/png date Wed, 20 Oct 2021 06:30:29 GMT x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 3403 x-amz-cf-id QeJFwTEpY-7khQ20eJwmC2ajrxDKl3aQIELcPflJqP_h0CN6yglQgA==
GET H/1.1	200 OK	ad.png grandbeargetaway.com/wp-includes/assets/newadobe/	59 KB 60 KB	640ms 326ms	Image image/png	198.57.181.178 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://grandbeargetaway.com/wp-includes/assets/newadobe/ad.png Requested by Host: grandbeargetaway.com URL: https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 198.57.181.178 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 198-57-181-178.unifiedlayer.com Software nginx/1.21.3 / Resource Hash `c5b7efef82b421aa586d784e127e8b7c77edfe06d2754afc27c6f0df04743c8d` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host grandbeargetaway.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Cache-Control* no-cache Sec-Fetch-Dest image Referer https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 20 Oct 2021 15:39:52 GMT Last-Modified Mon, 20 Sep 2021 13:34:26 GMT Server nginx/1.21.3 Connection keep-alive Accept-Ranges bytes Content-Length 60889 Content-Type image/png
GET		adobe_logo_black.svg grandbeargetaway.com/wp-includes/assets/newadobe/	0 0

GET H/1.1	200 OK	Fotolia_251340105_XL.jpg grandbeargetaway.com/wp-includes/assets/newadobe/	228 KB 229 KB	196ms 196ms	Image image/jpeg	198.57.181.178 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://grandbeargetaway.com/wp-includes/assets/newadobe/Fotolia_251340105_XL.jpg Requested by Host: grandbeargetaway.com URL: https://grandbeargetaway.com/wp-includes/assets/newadobe/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 198.57.181.178 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 198-57-181-178.unifiedlayer.com Software nginx/1.21.3 / Resource Hash `62453fa508493682f1e76a026b6555e4895f3d91f00a612047543dfda05c8050` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host grandbeargetaway.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Cache-Control* no-cache Sec-Fetch-Dest image Referer https://grandbeargetaway.com/wp-includes/assets/newadobe/style.css Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://grandbeargetaway.com/wp-includes/assets/newadobe/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 20 Oct 2021 15:39:54 GMT Last-Modified Fri, 17 Sep 2021 04:03:12 GMT Server nginx/1.21.3 Connection keep-alive Accept-Ranges bytes Content-Length 233936 Content-Type image/jpeg
GET H2	200	l use.typekit.net/af/cb695f/000000000000000000017701/27/	29 KB 29 KB	52ms 12ms	Font application/font-woff2	2a02:26f0:6c00::210:ba0a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/cb695f/000000000000000000017701/27/l?subset_id=2&fvd=n4&v=3 Requested by Host: grandbeargetaway.com URL: https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `8b7eb699aedbbf4d04907b45f4348e6b54119a6567b4b9f1be4943ba80c5af19` Request headers Referer https://grandbeargetaway.com/ Origin https://grandbeargetaway.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 15:39:54 GMT server nginx etag "fae41ba404dda76663c7e537ab5cab2de69de329" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 29924
GET H2	200	l use.typekit.net/af/eaf09c/000000000000000000017703/27/	29 KB 30 KB	62ms 22ms	Font application/font-woff2	2a02:26f0:6c00::210:ba0a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/eaf09c/000000000000000000017703/27/l?subset_id=2&fvd=n7&v=3 Requested by Host: grandbeargetaway.com URL: https://grandbeargetaway.com/wp-includes/assets/newadobe/?email=gcohen%40ftci.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `b97b6df8ca413ee1df0b9cc4dcccbf40bd8539ec54ede0bf9efd06cd94175e04` Request headers Referer https://grandbeargetaway.com/ Origin https://grandbeargetaway.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 15:39:54 GMT server nginx etag "43c835b2f5dd7a9e7fea805e0e9631e337d18a90" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 29988

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: grandbeargetaway.com
URL: https://grandbeargetaway.com/wp-includes/assets/newadobe/adobe_logo_black.svg

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sender16.zohoinsights.com/	1969-12-31 23:59:59	Name: 8a231755c9 Value: 8481cd0b924db1200113965fdf9f0839
sender16.zohoinsights.com/	1969-12-31 23:59:59	Name: tm_csrf_cookie Value: c310ab5a-3008-44a6-bb1b-75f2f7a27139
sender16.zohoinsights.com/	1969-12-31 23:59:59	Name: _zcsr_tmp Value: c310ab5a-3008-44a6-bb1b-75f2f7a27139

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

grandbeargetaway.com
sender16.zohoinsights.com
static.adobelogin.com
use.typekit.net
grandbeargetaway.com
143.204.91.56
198.57.181.178
204.141.42.89
2a02:26f0:6c00::210:ba0a
32ac18249d80424a2f8c21eff52b55f22c74d8e7abc1f6b1213ff563392b4ff7
3bf78cc966320384d6aa22aa73fd5676eba760a1bbdcb72f07d91f9d2a14aac0
62453fa508493682f1e76a026b6555e4895f3d91f00a612047543dfda05c8050
678b56c3f124a9cea355f38dd15b89e54a03e80ad0c484a60e3360bf187d6e73
8b7eb699aedbbf4d04907b45f4348e6b54119a6567b4b9f1be4943ba80c5af19
b97b6df8ca413ee1df0b9cc4dcccbf40bd8539ec54ede0bf9efd06cd94175e04
c5b7efef82b421aa586d784e127e8b7c77edfe06d2754afc27c6f0df04743c8d

grandbeargetaway.com Open in urlscan Pro 198.57.181.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

930 kBTransfer

928 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

Indicators

grandbeargetaway.com Open in urlscan Pro
198.57.181.178 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

930 kB
Transfer

928 kB
Size

3
Cookies

8 HTTP transactions
0 data transactions