employees.stregisaspen.com

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 70.32.81.68, located in Ashburn, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is employees.stregisaspen.com.
TLS certificate: Issued by R11 on July 28th 2024. Valid for: 3 months.

This is the only time employees.stregisaspen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	70.32.81.68 70.32.81.68	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
1	2606:4700:303... 2606:4700:3033::6815:538a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2

3 70.32.81.68 (Ashburn, United States) 1 redirects

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: marriottnetwork.com

employees.stregisaspen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:538a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.marriottnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	stregisaspen.com 1 redirects employees.stregisaspen.com	47 KB
1	marriottnetwork.com cdn.marriottnetwork.com	2 KB
3	2

	Domain	Requested by
3	employees.stregisaspen.com	1 redirects
1	cdn.marriottnetwork.com
3	2

This site contains no links.

Subject Issuer	Validity	Valid
employees.stregisaspen.com R11	`2024-07-28` - `2024-10-26`	3 months	crt.sh
marriottnetwork.com WE1	`2024-06-18` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://employees.stregisaspen.com/?password-protected=login&redirect_to=https%3A%2F%2Femployees.stregisaspen.com%2F
Frame ID: E3AC82EBE55EAD4CD3703B737CAD00F9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The St. Regis Aspen Resort - Employees

Page URL History Show full URLs

https://employees.stregisaspen.com/ HTTP 302
https://employees.stregisaspen.com/?password-protected=login&redirect_to=https%3A%2F%2Femployees.stregisaspen.c... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Page Statistics

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

48 kB
Transfer

102 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://employees.stregisaspen.com/ HTTP 302
https://employees.stregisaspen.com/?password-protected=login&redirect_to=https%3A%2F%2Femployees.stregisaspen.com%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
employees.stregisaspen.com/
Redirect Chain

https://employees.stregisaspen.com/
https://employees.stregisaspen.com/?password-protected=login&redirect_to=https%3A%2F%2Femployees.stregisaspen.com%2F

2 KB
1 KB

269ms
268ms

Document
text/html

70.32.81.68
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://employees.stregisaspen.com/?password-protected=login&redirect_to=https%3A%2F%2Femployees.stregisaspen.com%2F

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

70.32.81.68 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

marriottnetwork.com

Software

nginx / W3 Total Cache/2.3.3 PleskLin

Resource Hash

b40deb55fc21596a0a15773b4edaefdd1073a226a82544ace86599ff6816ebf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 1043
content-type: text/html; charset=UTF-8
date: Sun, 28 Jul 2024 09:32:06 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: </wp-content/cache/minify/14/41e53.css?x17334>; rel=preload; as=style
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: W3 Total Cache/2.3.3 PleskLin
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
date: Sun, 28 Jul 2024 09:32:06 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://employees.stregisaspen.com/?password-protected=login&redirect_to=https%3A%2F%2Femployees.stregisaspen.com%2F
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: W3 Total Cache/2.3.3 PleskLin
x-redirect-by: WordPress
x-xss-protection: 1; mode=block

GET
H2 200 41e53.css
employees.stregisaspen.com/wp-content/cache/minify/14/ 98 KB
45 KB 274ms
274ms Stylesheet
text/css 70.32.81.68
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://employees.stregisaspen.com/wp-content/cache/minify/14/41e53.css?x17334

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

70.32.81.68 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

marriottnetwork.com

Software

nginx / W3 Total Cache/2.3.3, PleskLin

Resource Hash

d8a87637e3aabfeac8903a615482f053f15c923ee04c5b6c6b1edf2ae83a4f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://employees.stregisaspen.com/?password-protected=login&redirect_to=https%3A%2F%2Femployees.stregisaspen.com%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 09:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: W3 Total Cache/2.3.3, PleskLin
content-length: 45280
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Jun 2023 20:18:21 GMT
server: nginx
etag: "pub1687465101;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
expires: Mon, 28 Jul 2025 09:32:06 GMT

GET
H2 200 cropped-St-Regis-Aspen-Executive-Employees-32x32.png
cdn.marriottnetwork.com/uploads/sites/14/2017/10/ 2 KB
2 KB 321ms
249ms Other
image/png 2606:4700:3033::6815:538a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.marriottnetwork.com/uploads/sites/14/2017/10/cropped-St-Regis-Aspen-Executive-Employees-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:538a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 677a6b42d9777c8ea59e92a62ebfaf5ba6bb4bf7a0df794f5c50947337b91b92

Request headers

Referer: https://employees.stregisaspen.com/?password-protected=login&redirect_to=https%3A%2F%2Femployees.stregisaspen.com%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 09:32:07 GMT
x-amz-version-id: q3Tb6IUbSomVTBu.7kFXheeWGRXjhOYV
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2FMSH988VWD0K1KA
alt-svc: h3=":443"; ma=86400
content-length: 1646
x-amz-id-2: tn6J/q+e6SYKGWdnkE+NkowqAPgu0wQv8VaP+Mf15YIAlceNwu3lZ1iDF0w5wMkl3VbUXiGJfTkhornYG+FUJcULMmLnmMIIjO5ayb4rxw8=
last-modified: Mon, 25 Jan 2021 23:12:04 GMT
server: cloudflare
etag: "21b3f25e7c194b1c321177d3d3545119"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NtZOY%2FdjTE3dyEa3EhBb0si2SeMVAhjg5f9%2F6%2BdLqyT%2Fg46XPML10NFqgbTyK4KFUFFcA1YJvhKwapscfIxN48jQ3QMpXjmTR5XkInWZ4ToREaaEueicXFjdnVDFZkMQu7D4RyomA4TAwlWPeBXrUlgYzZZkVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8aa3dc309d8a65c1-FRA

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			employees.stregisaspen.com/	1969-12-31 23:59:59	Name: wordpress_test_cookie Value: WP%20Cookie%20check

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://employees.stregisaspen.com/?password-protected=login&redirect_to=https%3A%2F%2Femployees.stregisaspen.com%2F Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.marriottnetwork.com
employees.stregisaspen.com
2606:4700:3033::6815:538a
70.32.81.68
677a6b42d9777c8ea59e92a62ebfaf5ba6bb4bf7a0df794f5c50947337b91b92
b40deb55fc21596a0a15773b4edaefdd1073a226a82544ace86599ff6816ebf4
d8a87637e3aabfeac8903a615482f053f15c923ee04c5b6c6b1edf2ae83a4f57

employees.stregisaspen.com Open in urlscan Pro 70.32.81.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

48 kBTransfer

102 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

employees.stregisaspen.com Open in urlscan Pro
70.32.81.68 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

48 kB
Transfer

102 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions