urlscan.io logo urlscan.io
SecurityTrails logo

grandcentralatkennedy.com Open in urlscan Pro
160.153.74.100  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Submission: On June 15 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 34 HTTP transactions. The main IP is 160.153.74.100, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is grandcentralatkennedy.com.
This is the only time grandcentralatkennedy.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Delta (Transportation)

Domain & IP information

IP Address AS Autonomous System
2 6 160.153.74.100 26496 (AS-26496-...)
17 104.111.216.67 16625 (AKAMAI-AS)
3 18.196.132.206 16509 (AMAZON-02)
1 3 34.241.198.89 16509 (AMAZON-02)
1 66.117.29.227 15224 (OMNITURE)
1 1 66.117.28.86 15224 (OMNITURE)
1 2a00:1450:400... 15169 (GOOGLE)
34 7
6    160.153.74.100 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-160-153-74-100.ip.secureserver.net
grandcentralatkennedy.com
www.grandcentralatkennedy.com
17    104.111.216.67 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-216-67.deploy.static.akamaitechnologies.com
www.delta.com
content.delta.com
3    18.196.132.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-132-206.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
3    34.241.198.89 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-241-198-89.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    66.117.29.227 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
metrics.delta.com
1    66.117.28.86 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
Domain Requested by
15 content.delta.com grandcentralatkennedy.com
4 grandcentralatkennedy.com 2 redirects www.delta.com
grandcentralatkennedy.com
3 dpm.demdex.net 1 redirects nexus.ensighten.com
grandcentralatkennedy.com
3 nexus.ensighten.com grandcentralatkennedy.com
nexus.ensighten.com
2 www.grandcentralatkennedy.com grandcentralatkennedy.com
www.delta.com
2 www.delta.com grandcentralatkennedy.com
1 fonts.googleapis.com grandcentralatkennedy.com
1 cm.everesttech.net 1 redirects
1 metrics.delta.com nexus.ensighten.com
0 fast.delta.demdex.net Failed nexus.ensighten.com
34 10

This site contains no links.

Subject Issuer Validity Valid
www.delta.com
DigiCert SHA2 Secure Server CA		 2019-04-11 -
2020-05-17		 a year crt.sh

1970-01-01 -
1970-01-01		 a few seconds crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-05-21 -
2019-08-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Frame ID: B2F8CA08CC8BDEEE5637110973B82103
Requests: 33 HTTP requests in this frame

Frame: http://fast.delta.demdex.net/dest5.html?d_nsid=0
Frame ID: B6AC19FAB89CAD43FA2C898563787F9A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+ ng-version="([\d.]+)"/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i
Overall confidence: 100%
Detected patterns
  • script /ruxitagentjs/i
Overall confidence: 100%
Detected patterns
  • script /tracker\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

34
Requests

9 %
HTTPS

14 %
IPv6

6
Domains

10
Subdomains

7
IPs

4
Countries

835 kB
Transfer

3827 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/fresh-air-fonts.css HTTP 301
  • http://www.grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/fresh-air-fonts.css
Request Chain 17
  • http://grandcentralatkennedy.com/pref/geoLocationService/getClosestDeltaAirportCode HTTP 301
  • http://www.grandcentralatkennedy.com/pref/geoLocationService/getClosestDeltaAirportCode
Request Chain 22
  • http://cm.everesttech.net/cm/dd?d_uuid=82476163950712772802902635533058410934 HTTP 302
  • http://dpm.demdex.net/ibs:dpid=411&dpuuid=XQVtQQAAE6mOjRKk HTTP 302
  • http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XQVtQQAAE6mOjRKk

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index1.php
grandcentralatkennedy.com/zdelt/27a91/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Server
160.153.74.100 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-160-153-74-100.ip.secureserver.net
Software
Apache / PHP/7.1.28
Resource Hash
67b9c4ed5ee7ab8cfe6abe01be8dd0fff0aa805b0d53145c112317c49f339e8c

Request headers

Host
grandcentralatkennedy.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:12 GMT
Server
Apache
X-Powered-By
PHP/7.1.28
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
2428
Keep-Alive
timeout=5
Content-Type
text/html; charset=UTF-8
ruxitagentjs_2SVfhjqr_10119170522100716.js
www.delta.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.delta.com/ruxitagentjs_2SVfhjqr_10119170522100716.js
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer / Delta Airlines, Inc
Resource Hash
4e22b453910cb92d913453ae802d0a86718bfbee4e7cb3319fcb5fb40e95893e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 15 Jun 2019 22:12:06 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Sat, 15 Jun 2019 01:32:34 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
http://author.delta.com
x-powered-by
Delta Airlines, Inc
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=604800
access-control-allow-credentials
true
content-length
11346
expires
Sat, 22 Jun 2019 22:12:06 GMT
jquery-3.2.1.js
www.delta.com/user-login/js/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.delta.com/user-login/js/jquery-3.2.1.js
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer / Delta Airlines, Inc
Resource Hash
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 15 Jun 2019 22:12:06 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
Delta Airlines, Inc
status
200
content-length
27271
last-modified
Sat, 01 Jun 2019 19:11:56 GMT
server
Akamai Resource Optimizer
etag
W/"15285-7438674ba0"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://author.delta.com
cache-control
public, max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 22 Jun 2019 22:12:06 GMT
Bootstrap.js
nexus.ensighten.com/delta/mtprod/ 		318 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nexus.ensighten.com/delta/mtprod/Bootstrap.js
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
18.196.132.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-132-206.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fa679d895d9636553843810a2399b47dc5ab48e92a43a3c461823dcde362b15d

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jun 2019 16:01:20 GMT
Server
nginx
ETag
W/"5d027350-4f737"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=300
transfer-encoding
chunked
Connection
keep-alive
inline.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/inline.js
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer / Delta Airlines, Inc
Resource Hash
bf499aab017e9d9b880e289732cccea6fb24a25e1bb85787451b9d7da07d9d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 08 Jun 2019 05:29:34 GMT
Server
Akamai Resource Optimizer
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
842
ETag
"624-58ab69d43d40f"
Expires
Sat, 22 Jun 2019 22:12:14 GMT
polyfills.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ 		142 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/polyfills.js
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer / Delta Airlines, Inc
Resource Hash
ddc99dc52691ca0a5da1bd3d1af290ceacb789f62783ada5b6a27d83bb0b60aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 08 Jun 2019 10:34:16 GMT
Server
Akamai Resource Optimizer
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
32422
ETag
"23697-589d91dba58e2"
Expires
Sat, 22 Jun 2019 22:12:14 GMT
vendor.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ 		2 MB
462 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/vendor.js
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer / Delta Airlines, Inc
Resource Hash
bb90cced43c1f548a2d771c42a21caf852ccc44d28985638f49cfde914aed874
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 May 2019 04:42:27 GMT
Server
Akamai Resource Optimizer
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
473005
ETag
"2316db-589f3cfeeee44"
Expires
Sat, 22 Jun 2019 22:12:14 GMT
main.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ 		202 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/main.js
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer / Delta Airlines, Inc
Resource Hash
01fb8b48a8abf9d05ee712174977a8a3ea3a2919f44c2344f087b043624e9368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 22:02:35 GMT
Server
Akamai Resource Optimizer
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
25436
ETag
"32928-58a992b0c8adc"
Expires
Sat, 22 Jun 2019 22:12:14 GMT
delta.utils.logger.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/delta.utils.logger.js
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer / Delta Airlines, Inc
Resource Hash
9b76fc83225c96f71c2345fc59ed51f8c64ea91d89e7cef4026ba9e85f7da35e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 May 2019 04:42:15 GMT
Server
Akamai Resource Optimizer
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
2134
ETag
W/"226e-58a1385a35a6b"
Expires
Sat, 22 Jun 2019 22:12:14 GMT
delta.datalayer.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ 		34 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/delta.datalayer.js
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer / Delta Airlines, Inc
Resource Hash
20715e0f860741b4dcf0a44d1019a5e168f0edb73a6b181976e63c33a467b875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07 Jun 2019 05:24:21 GMT
Server
Akamai Resource Optimizer
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
6561
ETag
"890b-589e216409848"
Expires
Sat, 22 Jun 2019 22:12:14 GMT
tracker.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/tracker.js
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer / Delta Airlines, Inc
Resource Hash
09f7231f3ecac50877da366c88a300768b51c1b920fff111d8636d1d92887ce5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Jun 2019 13:39:00 GMT
Server
Akamai Resource Optimizer
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
8307
ETag
W/"6941-58a92c1ca93e3"
Expires
Sat, 22 Jun 2019 22:12:14 GMT
picturefill-background.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/picturefill-background.js
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer / Delta Airlines, Inc
Resource Hash
0b38de92be9fe29c1f428e75636b54f081ce5d9fa84edaebdc760afe3673cd4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07 Jun 2019 10:19:55 GMT
Server
Akamai Resource Optimizer
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
806
ETag
W/"8af-58ab925df61ea"
Expires
Sat, 22 Jun 2019 22:12:14 GMT
fresh-air.css
content.delta.com/content/dam/delta-applications/fresh-air-core/5.0.21/css/ 		601 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://content.delta.com/content/dam/delta-applications/fresh-air-core/5.0.21/css/fresh-air.css
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer / Delta Airlines, Inc
Resource Hash
add4d2c6c18ee83b2ce97243ce89f555e06b0bc5b883dc36a5b70d6ee6d79e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 May 2019 04:42:25 GMT
Server
Akamai Resource Optimizer
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
74811
ETag
W/"962c8-58a1385f33bb6"
Expires
Sat, 22 Jun 2019 22:12:13 GMT
fresh-air-fonts.css
www.grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/
Redirect Chain
  • http://grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/fresh-air-fonts.css
  • http://www.grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/fresh-air-fonts.css
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/fresh-air-fonts.css
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
160.153.74.100 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-160-153-74-100.ip.secureserver.net
Software
Apache / PHP/7.1.28
Resource Hash

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:15 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.1.28
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Upgrade, Keep-Alive
Content-Type
text/html; charset=UTF-8
Link
<http://www.grandcentralatkennedy.com/wp-json/>; rel="https://api.w.org/"
Content-Length
7210
Keep-Alive
timeout=5
Expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date
Sat, 15 Jun 2019 22:12:13 GMT
Server
Apache
X-Powered-By
PHP/7.1.28
Vary
User-Agent
Content-Type
text/html; charset=UTF-8
Location
http://www.grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/fresh-air-fonts.css
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
0
X-Redirect-By
WordPress
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Delta%20Logo.svg
content.delta.com/content/www/us/en.damAssetRender.20180509T1731290530400.html/content/dam/delta_homepage_redesign/Logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://content.delta.com/content/www/us/en.damAssetRender.20180509T1731290530400.html/content/dam/delta_homepage_redesign/Logo/Delta%20Logo.svg
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
/ Delta Airlines, Inc
Resource Hash
c5cf23f3074399c8e0e9d1f641b6d89b6e1c386e68d5bf3e8c9aaa451c85f136
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Jun 2019 07:20:16 GMT
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
728
ETag
"8a3-58a8e6de056df"
Expires
Thu, 12 Dec 2019 22:12:14 GMT
Sky%20Team.svg
content.delta.com/content/www/us/en.damAssetRender.20180509T1731290540400.html/content/dam/delta_homepage_redesign/Logo/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://content.delta.com/content/www/us/en.damAssetRender.20180509T1731290540400.html/content/dam/delta_homepage_redesign/Logo/Sky%20Team.svg
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
/ Delta Airlines, Inc
Resource Hash
6d859459bfe08d68bdc07812da6f6b277181619a5c3fb6fafbcafc00b9308da5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Jun 2019 21:35:00 GMT
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
3908
ETag
"24b6-58a9a5e9b91ca"
Expires
Thu, 12 Dec 2019 22:12:14 GMT
supergraphic-delta.png
content.delta.com/content/dam/delta-www/responsive/apps/login/ 		1000 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://content.delta.com/content/dam/delta-www/responsive/apps/login/supergraphic-delta.png
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0fc24a88d16eb8765ec35e8959fb79b7b82e8ea2c9bc0fb483d6729c2de62702

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:14 GMT
X-Check-Cacheable
YES
X-Serial
1922
ETag
W/"68d-5894a3fe85b9c"
Content-Type
image/png
Cache-Control
private, no-transform, max-age=282120
Last-Modified
Mon, 20 May 2019 04:34:37 GMT
Connection
keep-alive
Content-Length
1000
X-Akamai-SSL-Client-Sid
FhgBzXWV7idYIXhnesa04g==
Server
Akamai Image Manager
Expires
Wed, 19 Jun 2019 04:34:14 GMT
id
dpm.demdex.net/ 		364 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0E65E09512D2CC50A490D4D%40AdobeOrg&d_nsid=0&ts=1560636726977
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/delta/mtprod/Bootstrap.js
Protocol
HTTP/1.1
Security
, ,
Server
34.241.198.89 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-241-198-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d6f2c0725828fddd1b1186f06374a6bcab05872b0d8d0a281158f3e8702a2999

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Origin
http://grandcentralatkennedy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v034-0248ef8a3.edge-irl1.demdex.com 5.54.0.20190610134454 3ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
7jv4fpRnTVk=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://grandcentralatkennedy.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
300
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getClosestDeltaAirportCode
www.grandcentralatkennedy.com/pref/geoLocationService/
Redirect Chain
  • http://grandcentralatkennedy.com/pref/geoLocationService/getClosestDeltaAirportCode
  • http://www.grandcentralatkennedy.com/pref/geoLocationService/getClosestDeltaAirportCode
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.grandcentralatkennedy.com/pref/geoLocationService/getClosestDeltaAirportCode
Requested by
Host: www.delta.com
URL: https://www.delta.com/user-login/js/jquery-3.2.1.js
Protocol
HTTP/1.1
Security
, ,
Server
160.153.74.100 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-160-153-74-100.ip.secureserver.net
Software
Apache / PHP/7.1.28
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:13 GMT
Server
Apache
X-Powered-By
PHP/7.1.28
Vary
User-Agent
Upgrade
h2,h2c
Location
http://www.grandcentralatkennedy.com/pref/geoLocationService/getClosestDeltaAirportCode
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Upgrade, Keep-Alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=5
Content-Length
0
X-Redirect-By
WordPress
Expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date
Sat, 15 Jun 2019 22:12:13 GMT
Server
Apache
X-Powered-By
PHP/7.1.28
Vary
User-Agent
Upgrade
h2,h2c
Location
http://www.grandcentralatkennedy.com/pref/geoLocationService/getClosestDeltaAirportCode
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Upgrade, Keep-Alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=5
Content-Length
0
X-Redirect-By
WordPress
Expires
Wed, 11 Jan 1984 05:00:00 GMT
getClosestDeltaAirportCode
www.grandcentralatkennedy.com/pref/geoLocationService/ 		29 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.grandcentralatkennedy.com/pref/geoLocationService/getClosestDeltaAirportCode
Requested by
Host: www.delta.com
URL: https://www.delta.com/user-login/js/jquery-3.2.1.js
Protocol
HTTP/1.1
Security
, ,
Server
160.153.74.100 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-160-153-74-100.ip.secureserver.net
Software
Apache / PHP/7.1.28
Resource Hash
108d480af9bdea5d733d6ce8da8852b0dbee7fb40d9eb4cce29cd229b8589de5

Request headers

Access-Control-Request-Method
GET
Origin
http://grandcentralatkennedy.com
Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
x-requested-with

Response headers

Date
Sat, 15 Jun 2019 22:12:13 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.1.28
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Upgrade, Keep-Alive
Content-Type
text/html; charset=UTF-8
Link
<http://www.grandcentralatkennedy.com/wp-json/>; rel="https://api.w.org/"
Content-Length
7205
Keep-Alive
timeout=5
Expires
Wed, 11 Jan 1984 05:00:00 GMT
e.gif
nexus.ensighten.com/error/ 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nexus.ensighten.com/error/e.gif?msg=Cannot%20read%20property%20%27getItem%27%20of%20null&lnn=-1&fn=&cid=912&client=delta&publishPath=mtprod&rid=2820676&did=538588&errorName=TypeError
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
18.196.132.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-132-206.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:17 GMT
Cache-Control
no-cache, no-store
Server
nginx
Connection
keep-alive
Expires
Sat, 15 Jun 2019 22:12:16 GMT
serverComponent.php
nexus.ensighten.com/delta/mtprod/ 		692 B
929 B 		Script
General
Check archive.org
Download Go to
Full URL
http://nexus.ensighten.com/delta/mtprod/serverComponent.php?r=877.2928140427346&ClientID=912&PageID=http%3A%2F%2Fgrandcentralatkennedy.com%2Fzdelt%2F27a91%2Findex1.php%3Flanguage%3D%26mobile%3D
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/delta/mtprod/Bootstrap.js
Protocol
HTTP/1.1
Security
, ,
Server
18.196.132.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-132-206.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
87b221bad9643deab2bade65400088d25f35ebab138eab6fa65681c279b33208

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:17 GMT
Cache-Control
no-cache, no-store
Server
nginx
Connection
keep-alive
Content-Type
text/javascript
Content-Length
692
Expires
Sat, 15 Jun 2019 22:12:16 GMT
id
metrics.delta.com/ 		49 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://metrics.delta.com/id?d_visid_ver=2.3.0&d_fieldgroup=A&mcorgid=F0E65E09512D2CC50A490D4D%40AdobeOrg&mid=88864388660390261192409331080840474769&ts=1560636730097
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/delta/mtprod/Bootstrap.js
Protocol
HTTP/1.1
Security
, ,
Server
66.117.29.227 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software
Omniture DC/2.0.0 /
Resource Hash
d46aa813273a1d5e3c1c911bc96930eb7a891b3a4d5fb542cf0d69516ff327a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Origin
http://grandcentralatkennedy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sat, 15 Jun 2019 22:12:13 GMT
X-Content-Type-Options
nosniff
Server
Omniture DC/2.0.0
xserver
www28
Vary
Origin
X-C
ms-6.7.4
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
http://grandcentralatkennedy.com
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
49
X-XSS-Protection
1; mode=block
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • http://cm.everesttech.net/cm/dd?d_uuid=82476163950712772802902635533058410934
  • http://dpm.demdex.net/ibs:dpid=411&dpuuid=XQVtQQAAE6mOjRKk
  • http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XQVtQQAAE6mOjRKk
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XQVtQQAAE6mOjRKk
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
34.241.198.89 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-241-198-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v034-0ea545878.edge-irl1.demdex.com 5.54.0.20190610134454 3ms
Pragma
no-cache
X-TID
S1WNf83FRDQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
X-TID
fMb+V7zVRes=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XQVtQQAAE6mOjRKk
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/ 		4 KB
626 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d12fd3a52924d892de2e26993e63ce44f6b4c62bfd968706753d420399dabcb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 15 Jun 2019 22:12:14 GMT
server
ESF
access-control-allow-origin
*
date
Sat, 15 Jun 2019 22:12:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sat, 15 Jun 2019 22:12:14 GMT
fresh-air-fonts.css
grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/ 		0
0
backgroundImage.jpg
content.delta.com/content/dam/delta-www/responsive/apps/login/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://content.delta.com/content/dam/delta-www/responsive/apps/login/backgroundImage.jpg
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0edc14b5cbfe2e1d53faf0f87773dc11210dfb355372e6219e79f123286a8d0c

Request headers

Referer
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:21 GMT
Last-Modified
Mon, 20 May 2019 06:26:55 GMT
Server
Akamai Image Manager
ETag
W/"efc5-5894bd198f65f"
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=288832
Connection
keep-alive
Content-Length
61381
Expires
Wed, 19 Jun 2019 06:26:13 GMT
dest5.html
fast.delta.demdex.net/ Frame B6AC 		0
0
00e22612eb73e5bdc2f4c1bbc7809813.js
nexus.ensighten.com/delta/mtprod/code/ 		0
0
462f7cfd29740477acc5137e0c331c8d.js
nexus.ensighten.com/delta/mtprod/code/ 		0
0
762bd80644e487518a7acf26aad48e38.js
nexus.ensighten.com/delta/mtprod/code/ 		0
0
96bd36c6228c5d59865924056cd551cf.js
nexus.ensighten.com/delta/mtprod/code/ 		0
0
supergraphic-delta-mark_1600.svg
content.delta.com/content/dam/delta-applications/fresh-air-core/5.0.21/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://content.delta.com/content/dam/delta-applications/fresh-air-core/5.0.21/images/supergraphic-delta-mark_1600.svg
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
/ Delta Airlines, Inc
Resource Hash
546a34d9f648cf7b8a651fa2ce06d8447b3a1fbd5df40bf787b922f42a1f3718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://content.delta.com/content/dam/delta-applications/fresh-air-core/5.0.21/css/fresh-air.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 May 2019 11:19:50 GMT
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
490
ETag
"52f-5898c42ac3f72"
Expires
Thu, 12 Dec 2019 22:12:21 GMT
spriteImage.svg
content.delta.com/content/dam/delta-www/responsive/apps/login/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://content.delta.com/content/dam/delta-www/responsive/apps/login/spriteImage.svg
Requested by
Host: grandcentralatkennedy.com
URL: http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Protocol
HTTP/1.1
Security
, ,
Server
104.111.216.67 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-216-67.deploy.static.akamaitechnologies.com
Software
/ Delta Airlines, Inc
Resource Hash
49530465d817008bc283a6520ba88c8a0e778011ea5354ac226aab4f51f2b0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://content.delta.com/content/dam/delta-applications/fresh-air-core/5.0.21/css/fresh-air.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 15 Jun 2019 22:12:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 15 Jun 2019 16:22:46 GMT
X-Powered-By
Delta Airlines, Inc
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
4250
ETag
"3373-58b5f2c6097b4"
Expires
Thu, 12 Dec 2019 22:12:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
grandcentralatkennedy.com
URL
http://grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/fresh-air-fonts.css
Domain
fast.delta.demdex.net
URL
http://fast.delta.demdex.net/dest5.html?d_nsid=0
Domain
nexus.ensighten.com
URL
http://nexus.ensighten.com/delta/mtprod/code/00e22612eb73e5bdc2f4c1bbc7809813.js?conditionId0=421954
Domain
nexus.ensighten.com
URL
http://nexus.ensighten.com/delta/mtprod/code/462f7cfd29740477acc5137e0c331c8d.js?conditionId0=2120615
Domain
nexus.ensighten.com
URL
http://nexus.ensighten.com/delta/mtprod/code/762bd80644e487518a7acf26aad48e38.js?conditionId0=2167172&conditionId1=723027
Domain
nexus.ensighten.com
URL
http://nexus.ensighten.com/delta/mtprod/code/96bd36c6228c5d59865924056cd551cf.js?conditionId0=2633592

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Delta (Transportation)

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| ensBootstraps object| Bootstrapper object| val string| ensPrivacy object| ensClientConfig object| ensLogger boolean| ensBrowserSupported object| cookieManager function| setVisitorIDService function| Visitor object| s_c_il number| s_c_in object| visitor function| $data number| _delay object| targetGlobalSettings object| targetDataElement function| targetPageParamsAll object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate string| k function| webpackJsonp object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| __zone_symbol__ON_PROPERTYmessage object| __zone_symbol__messagefalse function| setImmediate function| clearImmediate object| delta boolean| isHomePage object| CookieUtils object| PATH_VALIDATION_REGEX function| jsocrud undefined| trackJs function| escapeRegExp object| picturefillBackgroundOptions function| picturefillBackground function| initPictureFillBackground object| __zone_symbol__loadfalse object| __zone_symbol__resizefalse object| __zone_symbol__DOMContentLoadedfalse object| ng function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

0 Cookies

5 Console Messages

Source Level URL
Text
console-api log URL: http://nexus.ensighten.com/delta/mtprod/Bootstrap.js(Line 497)
Message:
No Login Data
console-api log URL: http://nexus.ensighten.com/delta/mtprod/Bootstrap.js(Line 499)
Message:
Geolocation Ajax Error:error,NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://grandcentralatkennedy.com/pref/geoLocationService/getClosestDeltaAirportCode'.
console-api warning URL: http://nexus.ensighten.com/delta/mtprod/Bootstrap.js(Line 576)
Message:
AT: Adobe Target content delivery is disabled. Update your DOCTYPE to support Standards mode.
console-api warning URL: http://content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/tracker.js(Line 49)
Message:
TrackJS could not find a token
console-api error URL: http://content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/polyfills.js(Line 1)
Message:
Unhandled Promise rejection:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.everesttech.net
content.delta.com
dpm.demdex.net
fast.delta.demdex.net
fonts.googleapis.com
grandcentralatkennedy.com
metrics.delta.com
nexus.ensighten.com
www.delta.com
www.grandcentralatkennedy.com
fast.delta.demdex.net
grandcentralatkennedy.com
nexus.ensighten.com
104.111.216.67
160.153.74.100
18.196.132.206
2a00:1450:4001:819::200a
34.241.198.89
66.117.28.86
66.117.29.227
01fb8b48a8abf9d05ee712174977a8a3ea3a2919f44c2344f087b043624e9368
09f7231f3ecac50877da366c88a300768b51c1b920fff111d8636d1d92887ce5
0b38de92be9fe29c1f428e75636b54f081ce5d9fa84edaebdc760afe3673cd4f
0edc14b5cbfe2e1d53faf0f87773dc11210dfb355372e6219e79f123286a8d0c
0fc24a88d16eb8765ec35e8959fb79b7b82e8ea2c9bc0fb483d6729c2de62702
108d480af9bdea5d733d6ce8da8852b0dbee7fb40d9eb4cce29cd229b8589de5
20715e0f860741b4dcf0a44d1019a5e168f0edb73a6b181976e63c33a467b875
49530465d817008bc283a6520ba88c8a0e778011ea5354ac226aab4f51f2b0f9
4e22b453910cb92d913453ae802d0a86718bfbee4e7cb3319fcb5fb40e95893e
546a34d9f648cf7b8a651fa2ce06d8447b3a1fbd5df40bf787b922f42a1f3718
67b9c4ed5ee7ab8cfe6abe01be8dd0fff0aa805b0d53145c112317c49f339e8c
6d859459bfe08d68bdc07812da6f6b277181619a5c3fb6fafbcafc00b9308da5
87b221bad9643deab2bade65400088d25f35ebab138eab6fa65681c279b33208
9b76fc83225c96f71c2345fc59ed51f8c64ea91d89e7cef4026ba9e85f7da35e
add4d2c6c18ee83b2ce97243ce89f555e06b0bc5b883dc36a5b70d6ee6d79e52
bb90cced43c1f548a2d771c42a21caf852ccc44d28985638f49cfde914aed874
bf499aab017e9d9b880e289732cccea6fb24a25e1bb85787451b9d7da07d9d37
c5cf23f3074399c8e0e9d1f641b6d89b6e1c386e68d5bf3e8c9aaa451c85f136
d12fd3a52924d892de2e26993e63ce44f6b4c62bfd968706753d420399dabcb0
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
d46aa813273a1d5e3c1c911bc96930eb7a891b3a4d5fb542cf0d69516ff327a8
d6f2c0725828fddd1b1186f06374a6bcab05872b0d8d0a281158f3e8702a2999
ddc99dc52691ca0a5da1bd3d1af290ceacb789f62783ada5b6a27d83bb0b60aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa679d895d9636553843810a2399b47dc5ab48e92a43a3c461823dcde362b15d