extranetcloud.marriott.com
Open in
urlscan Pro
23.206.121.198
Public Scan
Effective URL: https://extranetcloud.marriott.com/marrsso/idp/SSO.saml2
Submission: On July 18 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on April 10th 2023. Valid for: a year.
This is the only time extranetcloud.marriott.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 24.249.14.153 24.249.14.153 | 22773 (ASN-CXA-A...) (ASN-CXA-ALL-CCI-22773-RDC) | |
1 4 | 23.206.121.198 23.206.121.198 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2600:1400:900... 2600:1400:9000:2a5::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2600:141b:e80... 2600:141b:e800:108e::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
7 | 4 |
ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US)
PTR: wsip-24-249-14-153.oc.oc.cox.net
sso.birchstreetsystems.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-121-198.deploy.static.akamaitechnologies.com
extranet.marriott.com | |
extranetcloud.marriott.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
marriott.com
1 redirects
extranet.marriott.com — Cisco Umbrella Rank: 132494 extranetcloud.marriott.com — Cisco Umbrella Rank: 131236 |
16 KB |
2 |
go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1293 c.go-mpulse.net — Cisco Umbrella Rank: 579 |
50 KB |
2 |
birchstreetsystems.com
sso.birchstreetsystems.com — Cisco Umbrella Rank: 380668 |
22 KB |
7 | 3 |
Domain | Requested by | |
---|---|---|
3 | extranetcloud.marriott.com |
extranetcloud.marriott.com
|
2 | sso.birchstreetsystems.com | |
1 | c.go-mpulse.net |
s.go-mpulse.net
|
1 | s.go-mpulse.net |
extranetcloud.marriott.com
|
1 | extranet.marriott.com | 1 redirects |
7 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
eidhelp.marriott.com |
mgscloud.marriott.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.birchstreetsystems.com Go Daddy Secure Certificate Authority - G2 |
2022-12-26 - 2024-01-27 |
a year | crt.sh |
cn-san.marriott.com Entrust Certification Authority - L1K |
2023-04-10 - 2024-03-22 |
a year | crt.sh |
akstat.io DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-05 - 2024-04-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://extranetcloud.marriott.com/marrsso/idp/SSO.saml2
Frame ID: FFF91D3924E521D4E99BF8BE9A1AF145
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
Marriott Extranet LoginPage URL History Show full URLs
- https://sso.birchstreetsystems.com/SpringSaml/saml/discovery/alias/478?entityID=urn:prod:marriott&returnIDParam... Page URL
- https://sso.birchstreetsystems.com/SpringSaml/saml/login/alias/478?idp=https%3A%2F%2Fsso.birchstreetsystems.com... Page URL
-
https://extranet.marriott.com/marrsso/idp/SSO.saml2
HTTP 307
https://extranetcloud.marriott.com/marrsso/idp/SSO.saml2 Page URL
Detected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Forgot your EID?
Search URL Search Domain Scan URL
Title: Need Password Help?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://sso.birchstreetsystems.com/SpringSaml/saml/discovery/alias/478?entityID=urn:prod:marriott&returnIDParam=idp Page URL
- https://sso.birchstreetsystems.com/SpringSaml/saml/login/alias/478?idp=https%3A%2F%2Fsso.birchstreetsystems.com%2FSpringSaml%2Fsaml%2FSSO%2Falias%2F478 Page URL
-
https://extranet.marriott.com/marrsso/idp/SSO.saml2
HTTP 307
https://extranetcloud.marriott.com/marrsso/idp/SSO.saml2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
478
sso.birchstreetsystems.com/SpringSaml/saml/discovery/alias/ |
51 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
478
sso.birchstreetsystems.com/SpringSaml/saml/login/alias/ |
6 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
SSO.saml2
extranetcloud.marriott.com/marrsso/idp/ Redirect Chain
|
27 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RXK2J-Q8TNH-HPZKT-H59DE-Y6WPG
s.go-mpulse.net/boomerang/ |
205 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-bg.png
extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/ |
170 B 424 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
c.go-mpulse.net/api/ |
51 B 323 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| BOOMR_mq string| BOOMR_API_key object| BOOMR function| is_touch_device object| today string| temp string| PingURL string| PingbaseURL string| REF function| clear function| mivalidator function| postForgotPassword function| postRecoverUsername function| postAlternateAuthnSystem function| postRegistration function| postOk function| submitForm function| postCancel function| postOnReturn function| setFocus function| setMobile function| IsWebAuthnSupported function| isWebAuthnPlatformAuthenticatorAvailable number| BOOMR_onload function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression number| BOOMR_configt7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sso.birchstreetsystems.com/SpringSaml | Name: JSESSIONID Value: 1AD2076FA5E5C5DCB3EA5E66FF7A7FE1.tc-sso01 |
|
extranetcloud.marriott.com/ | Name: AWSALB Value: ec/MILK+3kVWAhyxMnd50dcisBli/+7OQMIfZWjkf6dXC6RQxiiC8JtrdUpNVnwz6aRB92JQvSXWTn6K3DQCl1masNPtRUk8vZH5F0aa9lN6E1ZHcHbBYIRIbw/+ |
|
extranetcloud.marriott.com/ | Name: AWSALBCORS Value: ec/MILK+3kVWAhyxMnd50dcisBli/+7OQMIfZWjkf6dXC6RQxiiC8JtrdUpNVnwz6aRB92JQvSXWTn6K3DQCl1masNPtRUk8vZH5F0aa9lN6E1ZHcHbBYIRIbw/+ |
|
.marriott.com/ | Name: PF-PROD Value: GpYNPF0Wm2Dk3qgUnCmWet |
|
.marriott.com/ | Name: AKA_A2 Value: A |
|
.marriott.com/ | Name: ak_bmsc Value: 0A42EAE3B38BD710BC8904F0D8D9A366~000000000000000000000000000000~YAAQhnjOF8DkYGeJAQAA5ER0ahTSGLTryo/y3zMCh+1Z7MgE8B0RKqOX/eFwAr4nY0bWB/97b0Nmct3EB/qnB5gekVkTTxxILD1f01hPzk+iPB6AYkgJtC/dB7wj58yqGVCTtDpkimdfVPetuJAdOTmg93iWisCgSHeweu5XrKQ7CGrkckhVVfL8Duci0F935a44rBUqTrXRyYOCJkzGRFTvG1sPzxSCk0eiZZ9ISfOLLnaqzr5kPMyU+PvWuZy3nssTKlTW3WX/2Mkb9HqhamUJbPa2Aw0LClAd2ALxW/jBXoh6gl/UdCht53IYze8rVWyZJBz2ViEAkgRsyAx3wttzkR0PUEWMwuDpdpFr3a7HD1TI4uU4Z88pfidHL9EfuVktyZMcxYqgsQCxng== |
|
.extranetcloud.marriott.com/ | Name: RT Value: "z=1&dm=extranetcloud.marriott.com&si=22af86ae-0380-4153-b8f3-6852e53dabb7&ss=lk8olt8n&sl=1&tt=15k&rl=1&ld=1c3" |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.go-mpulse.net
extranet.marriott.com
extranetcloud.marriott.com
s.go-mpulse.net
sso.birchstreetsystems.com
23.206.121.198
24.249.14.153
2600:1400:9000:2a5::11a6
2600:141b:e800:108e::11a6
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
5101594a53ca599320981c3cd1faead43c220d75f15105e5cd28fcbc62340c04
6c66cb3e0eb903f81b1552a57b5409c84bfa60aca926005c1228cfc41c636542
819cab5c199b98b6957d0b73cb6445332b0ebea7b836924da047404cfa26cafa
8ccb4327251e98bae1486bafd153d13ed49f924f2f6a7a4e8d60dbac23541b83
a17d6bdca480efcc118ae31427862f2647e75d157a26ce64e626682edf282bb6
ca92107206fde214b176dc8a609c0b23d3ddcd08a23442a9317b2cbd62414c8c