urlscan.io logo urlscan.io
SecurityTrails logo

extranetcloud.marriott.com Open in urlscan Pro
2.23.209.191  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mgscloud.marriott.com/mgs/marrdocs/mgs/common/FinanceAccounting/ToolsResources/MBS/mbscontactsheet.xlsx
Effective URL: https://extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2
Submission: On May 30 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2.23.209.191, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is extranetcloud.marriott.com. The Cisco Umbrella rank of the primary domain is 142960.
TLS certificate: Issued by Entrust Certification Authority - L1K on April 10th 2023. Valid for: a year.
This is the only time extranetcloud.marriott.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 52.213.92.167 16509 (AMAZON-02)
1 4 2.23.209.191 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 3
Apex Domain
Subdomains		 Transfer
6 marriott.com
mgscloud.marriott.com — Cisco Umbrella Rank: 162020
extranet.marriott.com — Cisco Umbrella Rank: 141930
extranetcloud.marriott.com — Cisco Umbrella Rank: 142960
18 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1238
c.go-mpulse.net — Cisco Umbrella Rank: 615
50 KB
6 2
Domain Requested by
3 extranetcloud.marriott.com extranetcloud.marriott.com
2 mgscloud.marriott.com 1 redirects
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net extranetcloud.marriott.com
1 extranet.marriott.com 1 redirects
6 5

This site contains links to these domains. Also see Links.

Domain
eidhelp.marriott.com
mgscloud.marriott.com
Subject Issuer Validity Valid
mgscloud.marriott.com
Entrust Certification Authority - L1K		 2023-03-21 -
2024-04-21		 a year crt.sh
cn-san.marriott.com
Entrust Certification Authority - L1K		 2023-04-10 -
2024-03-22		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2
Frame ID: 7A24584B0E75C0B87B6DA5F2E31E022B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Marriott Extranet Login

Page URL History Show full URLs

  1. https://mgscloud.marriott.com/mgs/marrdocs/mgs/common/FinanceAccounting/ToolsResources/MBS/mbscontactsheet... HTTP 303
    https://mgscloud.marriott.com/mellon/login?ReturnTo=https%3A%2F%2Fmgscloud.marriott.com%2Fmgs%2Fmarrdocs%2... Page URL
  2. https://extranet.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2 HTTP 307
    https://extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

6
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

5
Subdomains

3
IPs

2
Countries

67 kB
Transfer

239 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mgscloud.marriott.com/mgs/marrdocs/mgs/common/FinanceAccounting/ToolsResources/MBS/mbscontactsheet.xlsx HTTP 303
    https://mgscloud.marriott.com/mellon/login?ReturnTo=https%3A%2F%2Fmgscloud.marriott.com%2Fmgs%2Fmarrdocs%2Fmgs%2Fcommon%2FFinanceAccounting%2FToolsResources%2FMBS%2Fmbscontactsheet.xlsx&IdP=urn%3Amgscloud.marriott.com Page URL
  2. https://extranet.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2 HTTP 307
    https://extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://mgscloud.marriott.com/mgs/marrdocs/mgs/common/FinanceAccounting/ToolsResources/MBS/mbscontactsheet.xlsx HTTP 303
  • https://mgscloud.marriott.com/mellon/login?ReturnTo=https%3A%2F%2Fmgscloud.marriott.com%2Fmgs%2Fmarrdocs%2Fmgs%2Fcommon%2FFinanceAccounting%2FToolsResources%2FMBS%2Fmbscontactsheet.xlsx&IdP=urn%3Amgscloud.marriott.com

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login
mgscloud.marriott.com/mellon/
Redirect Chain
  • https://mgscloud.marriott.com/mgs/marrdocs/mgs/common/FinanceAccounting/ToolsResources/MBS/mbscontactsheet.xlsx
  • https://mgscloud.marriott.com/mellon/login?ReturnTo=https%3A%2F%2Fmgscloud.marriott.com%2Fmgs%2Fmarrdocs%2Fmgs%2Fcommon%2FFinanceAccounting%2FToolsResources%2FMBS%2Fmbscontactsheet.xlsx&IdP=urn%3Am...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mgscloud.marriott.com/mellon/login?ReturnTo=https%3A%2F%2Fmgscloud.marriott.com%2Fmgs%2Fmarrdocs%2Fmgs%2Fcommon%2FFinanceAccounting%2FToolsResources%2FMBS%2Fmbscontactsheet.xlsx&IdP=urn%3Amgscloud.marriott.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.92.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-92-167.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
154881a064dd9822efceff957c3577cface048b8845d0a6691d62031321c0feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, max-age=0, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1049
Content-Type
text/html
Date
Tue, 30 May 2023 14:01:33 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Cookie,Accept-Encoding

Redirect headers

Cache-Control
private, max-age=0, must-revalidate
Cache-control
no-cache="set-cookie"
Connection
keep-alive
Content-Length
428
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 30 May 2023 14:01:33 GMT
Location
https://mgscloud.marriott.com/mellon/login?ReturnTo=https%3A%2F%2Fmgscloud.marriott.com%2Fmgs%2Fmarrdocs%2Fmgs%2Fcommon%2FFinanceAccounting%2FToolsResources%2FMBS%2Fmbscontactsheet.xlsx&IdP=urn%3Amgscloud.marriott.com
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Primary Request SSO.saml2
extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/
Redirect Chain
  • https://extranet.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2
  • https://extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2
27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.191 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
002264bb6c13b554b17273e5f230cbee9c2a66994b9f137dcb06109777369946
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://mgscloud.marriott.com
Referer
https://mgscloud.marriott.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
8524
content-type
text/html;charset=utf-8
date
Tue, 30 May 2023 14:01:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=201 origin; dur=85 ak_p; desc="468182_35115071_267181170_28615_5796_14_0";dur=1
strict-transport-security
max-age=86400 ; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 23276 0 pmb=mRUM,2
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge

Redirect headers

content-length
0
date
Tue, 30 May 2023 14:01:34 GMT
location
https://extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2
server-timing
cdn-cache; desc=MISS edge; dur=215 origin; dur=21 ak_p; desc="468182_35115071_267181156_23589_6104_11_0";dur=1
strict-transport-security
max-age=86400 ; includeSubDomains
RXK2J-Q8TNH-HPZKT-H59DE-Y6WPG
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/RXK2J-Q8TNH-HPZKT-H59DE-Y6WPG
Requested by
Host: extranetcloud.marriott.com
URL: https://extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:1a0::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://extranetcloud.marriott.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 14:01:34 GMT
content-encoding
br
last-modified
Thu, 20 Apr 2023 08:26:31 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
50393
login-bg.png
extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/ 		170 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/login-bg.png
Requested by
Host: extranetcloud.marriott.com
URL: https://extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.191 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c66cb3e0eb903f81b1552a57b5409c84bfa60aca926005c1228cfc41c636542
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 14:01:34 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Thu, 09 Sep 2021 03:07:51 GMT
etag
W/"4crMZHXe5Hg4crNHL1Ye4o"
content-type
image/png
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468182_35115071_267181199_30_7355_8_0";dur=1
accept-ranges
bytes
content-length
170
logo.png
extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/logo.png
Requested by
Host: extranetcloud.marriott.com
URL: https://extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.191 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ccb4327251e98bae1486bafd153d13ed49f924f2f6a7a4e8d60dbac23541b83
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://extranetcloud.marriott.com/2FAmarrsso/idp/eyJ2c2lkIjoidXJuOm1nc2Nsb3VkLm1hcnJpb3R0LmNvbSJ9/SSO.saml2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 14:01:34 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Thu, 09 Sep 2021 03:07:51 GMT
etag
W/"ZatzQJXOk/oZatyOF1IGA0"
content-type
image/png
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468182_35115071_267181200_90_5934_8_0";dur=1
accept-ranges
bytes
content-length
5295
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=RXK2J-Q8TNH-HPZKT-H59DE-Y6WPG&d=extranetcloud.marriott.com&t=5618184&v=1.720.0&sl=0&si=c3952924-d0d6-4d2c-be87-d32b920a7308-rvh5mm&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=786128
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RXK2J-Q8TNH-HPZKT-H59DE-Y6WPG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:1a0::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5101594a53ca599320981c3cd1faead43c220d75f15105e5cd28fcbc62340c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://extranetcloud.marriott.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 30 May 2023 14:01:35 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| BOOMR_mq string| BOOMR_API_key object| BOOMR function| is_touch_device object| today string| temp string| PingURL string| PingbaseURL string| REF function| clear function| mivalidator function| postForgotPassword function| postRecoverUsername function| postAlternateAuthnSystem function| postRegistration function| postOk function| submitForm function| postCancel function| postOnReturn function| setFocus function| setMobile function| IsWebAuthnSupported function| isWebAuthnPlatformAuthenticatorAvailable number| BOOMR_onload function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression number| BOOMR_configt

10 Cookies

Domain/Path Name / Value
mgscloud.marriott.com/ Name: AWSELB
Value: 0B13575D1A83B304F6282EB919A9781F39F2EE633A63A6514BF30761B040B84805EC1029F4712C685BC792B924A7EB52221A60B9949F26D0ED3DBA5E877E82A887F3985092
mgscloud.marriott.com/ Name: AWSELBCORS
Value: 0B13575D1A83B304F6282EB919A9781F39F2EE633A63A6514BF30761B040B84805EC1029F4712C685BC792B924A7EB52221A60B9949F26D0ED3DBA5E877E82A887F3985092
.marriott.com/ Name: mgscloud_prod_path
Value: %2Fmgs%2Fmarrdocs%2Fmgs%2Fcommon%2FFinanceAccounting%2FToolsResources%2FMBS%2Fmbscontactsheet.xlsx
.mgscloud.marriott.com/ Name: mellon-mellon-cookie-mgs-prod
Value: cookietest
.marriott.com/ Name: AKA_A2
Value: A
extranetcloud.marriott.com/ Name: AWSALB
Value: tNr9ZGL6ZdHqfoJmrtFRzrjdKdRbSQO0UIvQOcBYvuvIQ8bKqlszjh4c17vLMclJ4Fd19HZlHwl1Yob271sYD5jkzqMY4JtBqBbqcKa+1qypC3LijoW8DzzoUDiP
extranetcloud.marriott.com/ Name: AWSALBCORS
Value: tNr9ZGL6ZdHqfoJmrtFRzrjdKdRbSQO0UIvQOcBYvuvIQ8bKqlszjh4c17vLMclJ4Fd19HZlHwl1Yob271sYD5jkzqMY4JtBqBbqcKa+1qypC3LijoW8DzzoUDiP
.marriott.com/ Name: PF-PROD
Value: vKd3394E8BFLzqs0Xv2ioL
.marriott.com/ Name: ak_bmsc
Value: 287A4B3E6DB9C6CB98441789CB857D82~000000000000000000000000000000~YAAQP9AXAhhRGQaIAQAAMNH2bBOSyS+nWZSMdhFYFc7HtbVHk6ZkLvYCSfPG8KC7H5e9Uu9h+IbVp7MsFgYCEj+uPtblXRgCLt5SEsWBN0zwIYIbuaGz829mC5Ym4BTvmX/dzvaPhlxYx7/3UazEhobYslOSDgmYnsVcsPsbvLktKnl/OrAly+y5DH++6Sz04fnnGzezL64inmFIPiZkdgYpQSGEavaQV42YzcEEmKK3SEzldA1/L8X2akpzrL03SxN5cGminwLJfb0I1oMubk3HjPmZvFTi8fJGhoWxICje00cHcZv2mkOATfJaL31AF9Vj3FMU74yue1M2UtDzrv5nsFCT+KBgJfQlVWRp+GwRJB/8SPKLX1wrxRyJWPG+P3ieoHzPYdOBmoIug2A=
.extranetcloud.marriott.com/ Name: RT
Value: "z=1&dm=extranetcloud.marriott.com&si=c3952924-d0d6-4d2c-be87-d32b920a7308&ss=liackc3o&sl=1&tt=mb&rl=1&ld=123"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains