urlscan.io logo urlscan.io
SecurityTrails logo

extranetcloud.marriott.com Open in urlscan Pro
54.85.174.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.identityshoppe.marriott.com/securityquestions
Effective URL: https://extranetcloud.marriott.com/2FAmarrsso/idp/SSO.saml2
Submission: On January 18 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 54.85.174.4, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is extranetcloud.marriott.com. The Cisco Umbrella rank of the primary domain is 230776.
TLS certificate: Issued by Entrust Certification Authority - L1K on January 11th 2023. Valid for: a year.
This is the only time extranetcloud.marriott.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.231.127.158 396982 (GOOGLE-CL...)
2 16 3.211.161.183 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 162.130.196.128 6319 (MARRIOT-ASN)
3 54.85.174.4 14618 (AMAZON-AES)
21 4
1    35.231.127.158 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 158.127.231.35.bc.googleusercontent.com
www.identityshoppe.marriott.com
16    3.211.161.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-161-183.compute-1.amazonaws.com
ssm-marriottms.saviyntcloud.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    162.130.196.128 (United States)

ASN6319 (MARRIOT-ASN, US)
extranet.marriott.com
3    54.85.174.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-174-4.compute-1.amazonaws.com
extranetcloud.marriott.com
Apex Domain
Subdomains		 Transfer
16 saviyntcloud.com
ssm-marriottms.saviyntcloud.com — Cisco Umbrella Rank: 852581
7 MB
5 marriott.com
www.identityshoppe.marriott.com
extranet.marriott.com — Cisco Umbrella Rank: 231021
extranetcloud.marriott.com — Cisco Umbrella Rank: 230776
29 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
21 3
Domain Requested by
16 ssm-marriottms.saviyntcloud.com 2 redirects ssm-marriottms.saviyntcloud.com
3 extranetcloud.marriott.com extranetcloud.marriott.com
2 fonts.googleapis.com ssm-marriottms.saviyntcloud.com
1 extranet.marriott.com 1 redirects
1 www.identityshoppe.marriott.com 1 redirects
21 5

This site contains links to these domains. Also see Links.

Domain
eidhelp.marriott.com
ssm-marriottms.saviyntcloud.com
Subject Issuer Validity Valid
*.saviyntcloud.com
Go Daddy Secure Certificate Authority - G2		 2022-01-06 -
2023-02-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
extranetcloud.marriott.com
Entrust Certification Authority - L1K		 2023-01-11 -
2024-01-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://extranetcloud.marriott.com/2FAmarrsso/idp/SSO.saml2
Frame ID: D3FC0A7868C67D32727B28F668B4FD20
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Marriott Extranet Login

Page URL History Show full URLs

  1. http://www.identityshoppe.marriott.com/securityquestions HTTP 301
    https://ssm-marriottms.saviyntcloud.com/ECMv6/login Page URL
  2. https://ssm-marriottms.saviyntcloud.com/ECM/logout/clearSession HTTP 302
    https://ssm-marriottms.saviyntcloud.com/ECM/ HTTP 302
    https://ssm-marriottms.saviyntcloud.com/ECM/login/index?login=true&idp=MI-PROD-SAML2-SAVIYNTECM Page URL
  3. https://extranet.marriott.com/2FAmarrsso/idp/SSO.saml2 HTTP 307
    https://extranetcloud.marriott.com/2FAmarrsso/idp/SSO.saml2 Page URL

Page Statistics

21
Requests

90 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

7340 kB
Transfer

7329 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.identityshoppe.marriott.com/securityquestions HTTP 301
    https://ssm-marriottms.saviyntcloud.com/ECMv6/login Page URL
  2. https://ssm-marriottms.saviyntcloud.com/ECM/logout/clearSession HTTP 302
    https://ssm-marriottms.saviyntcloud.com/ECM/ HTTP 302
    https://ssm-marriottms.saviyntcloud.com/ECM/login/index?login=true&idp=MI-PROD-SAML2-SAVIYNTECM Page URL
  3. https://extranet.marriott.com/2FAmarrsso/idp/SSO.saml2 HTTP 307
    https://extranetcloud.marriott.com/2FAmarrsso/idp/SSO.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.identityshoppe.marriott.com/securityquestions HTTP 301
  • https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Request Chain 15
  • https://ssm-marriottms.saviyntcloud.com/ECM/logout/clearSession HTTP 302
  • https://ssm-marriottms.saviyntcloud.com/ECM/ HTTP 302
  • https://ssm-marriottms.saviyntcloud.com/ECM/login/index?login=true&idp=MI-PROD-SAML2-SAVIYNTECM
Request Chain 17
  • https://ssm-marriottms.saviyntcloud.com/ECM/logout/clearSession HTTP 302
  • https://ssm-marriottms.saviyntcloud.com/ECM/ HTTP 302
  • https://ssm-marriottms.saviyntcloud.com/ECM/login/index?login=true&idp=MI-PROD-SAML2-SAVIYNTECM

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login
ssm-marriottms.saviyntcloud.com/ECMv6/
Redirect Chain
  • http://www.identityshoppe.marriott.com/securityquestions
  • https://ssm-marriottms.saviyntcloud.com/ECMv6/login
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
25a8f580808e368518f2c7bc6f78a6279f5e5683ec9a5b4c163be28214f095aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
6440
content-type
text/html
date
Wed, 18 Jan 2023 08:30:13 GMT
etag
"62eaa0bd-1928"
last-modified
Wed, 03 Aug 2022 16:22:21 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Wed, 18 Jan 2023 08:30:12 GMT
Keep-Alive
timeout=20
Location
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Server
nginx
tailwind.css
ssm-marriottms.saviyntcloud.com/ECMv6/assets/css/ 		2 MB
2 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/assets/css/tailwind.css
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fca4812ba3833470c5dc5870bacb63649694dde200e64a8ff1be6d285f2c44bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 08:30:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 03 Aug 2022 16:22:19 GMT
server
nginx
etag
"62eaa0bb-270ba0"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
2558880
21.ee241de9.chunk.css
ssm-marriottms.saviyntcloud.com/ECMv6/static/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/static/css/21.ee241de9.chunk.css
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
82c2a622e5e615072ac9fc700c24d1eff38df7cc40901acdadb33605f972d4c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 08:30:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 03 Aug 2022 16:22:19 GMT
server
nginx
etag
"62eaa0bb-583"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
1411
main.acd81dfa.chunk.css
ssm-marriottms.saviyntcloud.com/ECMv6/static/css/ 		191 KB
192 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/static/css/main.acd81dfa.chunk.css
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
729635990104dfcdba85443eb264ee71ef173dacd92b63afbe00c132141b770c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 08:30:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 03 Aug 2022 16:22:19 GMT
server
nginx
etag
"62eaa0bb-2fdd6"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
196054
21.66bcbc97.chunk.js
ssm-marriottms.saviyntcloud.com/ECMv6/static/js/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/static/js/21.66bcbc97.chunk.js
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
125695a9858366dc7a395124ab9b24ed1ac5012f9858b6f1a55d08dcaa7f1fec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 08:30:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 03 Aug 2022 16:22:19 GMT
server
nginx
etag
"62eaa0bb-2dfec7"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
3014343
main.611dac7c.chunk.js
ssm-marriottms.saviyntcloud.com/ECMv6/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/static/js/main.611dac7c.chunk.js
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6fac9347f3981e0a7a515fbec34614982557ea3e212df3e3cfb2e462ffdb4206
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 08:30:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 03 Aug 2022 16:22:19 GMT
server
nginx
etag
"62eaa0bb-119ade"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
1153758
css
fonts.googleapis.com/ 		3 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:400,500
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
287834e4111c3e941604a66879bcad3c61636766fb08504b7d2a3aa00da6fdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssm-marriottms.saviyntcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Jan 2023 08:30:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Jan 2023 07:59:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Jan 2023 08:30:13 GMT
line-awesome.min.css
ssm-marriottms.saviyntcloud.com/ECMv6/assets/css/ 		27 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/assets/css/line-awesome.min.css
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1e8638f605575bd335d49efa95e165adf7ef06dda8e367661ac2517a0a3a96b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 08:30:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 03 Aug 2022 16:22:19 GMT
server
nginx
etag
"62eaa0bb-6dc5"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
28101
bootstrap.purged.css
ssm-marriottms.saviyntcloud.com/ECMv6/assets/css/ 		26 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/assets/css/bootstrap.purged.css
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
daafe8915a904934f9bdedbd9acd7610c4758d3d47df0a1c6075d062e5660959
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 08:30:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 03 Aug 2022 16:22:19 GMT
server
nginx
etag
"62eaa0bb-684b"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
26699
style.purged.css
ssm-marriottms.saviyntcloud.com/ECMv6/assets/css/ 		41 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/assets/css/style.purged.css
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b20026cb60cf98b85c7851c23c617978756e815593eb55f66ebbc35a943d4f85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 08:30:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 03 Aug 2022 16:22:19 GMT
server
nginx
etag
"62eaa0bb-a596"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
42390
icon
fonts.googleapis.com/ 		569 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssm-marriottms.saviyntcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Jan 2023 08:30:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Jan 2023 08:30:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Jan 2023 08:30:13 GMT
playbackwithevents.css
ssm-marriottms.saviyntcloud.com/ECMv6/api/rdpgateway/ 		0
0
dualball68px.d79eb937.gif
ssm-marriottms.saviyntcloud.com/ECMv6/static/media/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/static/media/dualball68px.d79eb937.gif
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
118ceec65a796477b7928b4e40dfcc49235ceb5a5b81a88870aee37b6b04e2bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 08:30:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 03 Aug 2022 16:22:19 GMT
server
nginx
etag
"62eaa0bb-9639"
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
content-length
38457
ui-track
ssm-marriottms.saviyntcloud.com/ECMv6/api/config/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/api/config/ui-track?v=0.4093602409097121
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/static/js/21.66bcbc97.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
/
Resource Hash
f22bbd1670ce64f7982bd9955e39a493dd4fc4ef63e02d935a30d3cd747107b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
accept-language
de-DE,de;q=0.9
Authorization
undefined undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 08:30:15 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json
cache-control
max-age=86400
content-length
2377
x-xss-protection
1 ; mode=block
retrieveMessages
ssm-marriottms.saviyntcloud.com/ECMv6/api/idw/messageProperties/ 		389 KB
389 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/api/idw/messageProperties/retrieveMessages?locale=en
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/static/js/21.66bcbc97.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
/
Resource Hash
5fc4231cbfe0e12f377cd9850f80fba5e61dc7be706b1472a7e01b308b36087b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
X-NOLOADER
true
accept-language
de-DE,de;q=0.9
Authorization
undefined undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 18 Jan 2023 08:30:16 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json;charset=UTF-8
cache-control
max-age=3600
x-xss-protection
1 ; mode=block
index
ssm-marriottms.saviyntcloud.com/ECM/login/
Redirect Chain
  • https://ssm-marriottms.saviyntcloud.com/ECM/logout/clearSession
  • https://ssm-marriottms.saviyntcloud.com/ECM/
  • https://ssm-marriottms.saviyntcloud.com/ECM/login/index?login=true&idp=MI-PROD-SAML2-SAVIYNTECM
0
0
ping
ssm-marriottms.saviyntcloud.com/ECM/login/ 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECM/login/ping
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/static/js/21.66bcbc97.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
X-NOLOADER
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 08:30:16 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
referrer-policy
same-origin
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://localhost
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 7 May 1995 12:00:00 GMT
index
ssm-marriottms.saviyntcloud.com/ECM/login/
Redirect Chain
  • https://ssm-marriottms.saviyntcloud.com/ECM/logout/clearSession
  • https://ssm-marriottms.saviyntcloud.com/ECM/
  • https://ssm-marriottms.saviyntcloud.com/ECM/login/index?login=true&idp=MI-PROD-SAML2-SAVIYNTECM
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssm-marriottms.saviyntcloud.com/ECM/login/index?login=true&idp=MI-PROD-SAML2-SAVIYNTECM
Requested by
Host: ssm-marriottms.saviyntcloud.com
URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/static/js/main.611dac7c.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.161.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-161-183.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-type
text/html;charset=UTF-8
date
Wed, 18 Jan 2023 08:30:16 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
x-frame-options
DENY

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
http://localhost
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-length
0
date
Wed, 18 Jan 2023 08:30:16 GMT
expires
Sun, 7 May 1995 12:00:00 GMT
location
/ECM/login/index?login=true&idp=MI-PROD-SAML2-SAVIYNTECM
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
Primary Request SSO.saml2
extranetcloud.marriott.com/2FAmarrsso/idp/
Redirect Chain
  • https://extranet.marriott.com/2FAmarrsso/idp/SSO.saml2
  • https://extranetcloud.marriott.com/2FAmarrsso/idp/SSO.saml2
22 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://extranetcloud.marriott.com/2FAmarrsso/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.174.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-174-4.compute-1.amazonaws.com
Software
/
Resource Hash
e7a8b55022672e3659c84874b9a4023f87d2a83f13dc6573ce19ca4b6186bc19

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ssm-marriottms.saviyntcloud.com
Referer
https://ssm-marriottms.saviyntcloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
22298
content-type
text/html;charset=utf-8
date
Wed, 18 Jan 2023 08:30:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
x-ua-compatible
IE=edge

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://extranetcloud.marriott.com/2FAmarrsso/idp/SSO.saml2
Server
BigIP
login-bg.png
extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/ 		170 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/login-bg.png
Requested by
Host: extranetcloud.marriott.com
URL: https://extranetcloud.marriott.com/2FAmarrsso/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.174.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-174-4.compute-1.amazonaws.com
Software
/
Resource Hash
6c66cb3e0eb903f81b1552a57b5409c84bfa60aca926005c1228cfc41c636542

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://extranetcloud.marriott.com/2FAmarrsso/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 08:30:18 GMT
last-modified
Thu, 09 Sep 2021 03:07:51 GMT
accept-ranges
bytes
etag
W/"4crMZHXe5Hg4crNHL1Ye4o"
content-length
170
content-type
image/png
logo.png
extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/logo.png
Requested by
Host: extranetcloud.marriott.com
URL: https://extranetcloud.marriott.com/2FAmarrsso/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.174.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-174-4.compute-1.amazonaws.com
Software
/
Resource Hash
8ccb4327251e98bae1486bafd153d13ed49f924f2f6a7a4e8d60dbac23541b83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://extranetcloud.marriott.com/2FAmarrsso/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 08:30:18 GMT
last-modified
Thu, 09 Sep 2021 03:07:51 GMT
accept-ranges
bytes
etag
W/"ZatzQJXOk/oZatyOF1IGA0"
content-length
5295
content-type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssm-marriottms.saviyntcloud.com
URL
https://ssm-marriottms.saviyntcloud.com/ECMv6/api/rdpgateway/playbackwithevents.css
Domain
ssm-marriottms.saviyntcloud.com
URL
https://ssm-marriottms.saviyntcloud.com/ECM/login/index?login=true&idp=MI-PROD-SAML2-SAVIYNTECM

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| today string| temp string| PingURL string| PingbaseURL string| REF function| clear function| mivalidator function| postForgotPassword function| postRecoverUsername function| postAlternateAuthnSystem function| postRegistration function| postOk function| submitForm function| postCancel function| postOnReturn function| setFocus function| setMobile function| IsWebAuthnSupported function| isWebAuthnPlatformAuthenticatorAvailable

8 Cookies

Domain/Path Name / Value
ssm-marriottms.saviyntcloud.com/ECM Name: JSESSIONID
Value: 74ADB472770A65BB3257D528F89CA65A
ssm-marriottms.saviyntcloud.com/ Name: MS_REDIRECT_URL
Value: https%3A%2F%2Fssm-marriottms.saviyntcloud.com%2FECMv6%2Flogin
ssm-marriottms.saviyntcloud.com/ Name: MS_SUB_DOMAIN
Value: ssm-marriottms.saviyntcloud.com
ssm-marriottms.saviyntcloud.com/ Name: AWSALB
Value: PP4JOcobSu8kIYbv0HmpaYASUuMZ5LDpc0OPZvntI7cROA7/1RFDfKYmz1G2IOJFRpT8d+ceJc85+icQ34GIsZDBLITWj1s+h6dyn69HDN6FpRI6fqCZZgRuE/VF
ssm-marriottms.saviyntcloud.com/ Name: AWSALBCORS
Value: PP4JOcobSu8kIYbv0HmpaYASUuMZ5LDpc0OPZvntI7cROA7/1RFDfKYmz1G2IOJFRpT8d+ceJc85+icQ34GIsZDBLITWj1s+h6dyn69HDN6FpRI6fqCZZgRuE/VF
.marriott.com/ Name: PF-PROD
Value: VC7kc2weekVQtB44hUd1C2
extranetcloud.marriott.com/ Name: AWSALB
Value: f4wT9OeGB+96eZp16GgJijj1/nzqWo8oWcKDIlXvLR8UwZ/sAz59YSKlwaDvFrzNsfsFQ6H3p9wohuLeHvbR5GBd6G7/o3jhbqwabvsgRZvCgZITvxcWXOkPg0bP
extranetcloud.marriott.com/ Name: AWSALBCORS
Value: f4wT9OeGB+96eZp16GgJijj1/nzqWo8oWcKDIlXvLR8UwZ/sAz59YSKlwaDvFrzNsfsFQ6H3p9wohuLeHvbR5GBd6G7/o3jhbqwabvsgRZvCgZITvxcWXOkPg0bP

2 Console Messages

Source Level URL
Text
security error URL: https://ssm-marriottms.saviyntcloud.com/ECMv6/login
Message:
Refused to apply style from 'https://ssm-marriottms.saviyntcloud.com/ECMv6/api/rdpgateway/playbackwithevents.css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://ssm-marriottms.saviyntcloud.com/ECM/login/ping
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

extranet.marriott.com
extranetcloud.marriott.com
fonts.googleapis.com
ssm-marriottms.saviyntcloud.com
www.identityshoppe.marriott.com
ssm-marriottms.saviyntcloud.com
162.130.196.128
2a00:1450:4001:80e::200a
3.211.161.183
35.231.127.158
54.85.174.4
118ceec65a796477b7928b4e40dfcc49235ceb5a5b81a88870aee37b6b04e2bb
125695a9858366dc7a395124ab9b24ed1ac5012f9858b6f1a55d08dcaa7f1fec
1e8638f605575bd335d49efa95e165adf7ef06dda8e367661ac2517a0a3a96b4
25a8f580808e368518f2c7bc6f78a6279f5e5683ec9a5b4c163be28214f095aa
287834e4111c3e941604a66879bcad3c61636766fb08504b7d2a3aa00da6fdcd
5fc4231cbfe0e12f377cd9850f80fba5e61dc7be706b1472a7e01b308b36087b
6c66cb3e0eb903f81b1552a57b5409c84bfa60aca926005c1228cfc41c636542
6fac9347f3981e0a7a515fbec34614982557ea3e212df3e3cfb2e462ffdb4206
729635990104dfcdba85443eb264ee71ef173dacd92b63afbe00c132141b770c
82c2a622e5e615072ac9fc700c24d1eff38df7cc40901acdadb33605f972d4c5
8ccb4327251e98bae1486bafd153d13ed49f924f2f6a7a4e8d60dbac23541b83
b20026cb60cf98b85c7851c23c617978756e815593eb55f66ebbc35a943d4f85
daafe8915a904934f9bdedbd9acd7610c4758d3d47df0a1c6075d062e5660959
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e7a8b55022672e3659c84874b9a4023f87d2a83f13dc6573ce19ca4b6186bc19
f22bbd1670ce64f7982bd9955e39a493dd4fc4ef63e02d935a30d3cd747107b0
fca4812ba3833470c5dc5870bacb63649694dde200e64a8ff1be6d285f2c44bf