urlscan.io logo urlscan.io
SecurityTrails logo

marriott-dark.stratus-business.amex.originhosting.io Open in urlscan Pro
18.238.4.59  Public Scan

Go To Rescan Add Verdict Report
URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Submission: On March 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 10 domains to perform 26 HTTP transactions. The main IP is 18.238.4.59, located in United States and belongs to AMAZON-02, US. The main domain is marriott-dark.stratus-business.amex.originhosting.io.
TLS certificate: Issued by Amazon RSA 2048 M03 on September 11th 2023. Valid for: a year.
This is the only time marriott-dark.stratus-business.amex.originhosting.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 18.238.4.59 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 18.238.4.54 16509 (AMAZON-02)
6 52.86.42.213 14618 (AMAZON-AES)
2 54.82.8.140 14618 (AMAZON-AES)
2 52.0.192.114 14618 (AMAZON-AES)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 2 172.253.122.149 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f10... 32934 (FACEBOOK)
26 10
7    18.238.4.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-59.phl51.r.cloudfront.net
marriott-dark.stratus-business.amex.originhosting.io
1    2607:f8b0:4004:c09::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    18.238.4.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-54.phl51.r.cloudfront.net
cdn.cohesionapps.com
6    52.86.42.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-42-213.compute-1.amazonaws.com
ingest.make.rvapps.io
2    54.82.8.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-8-140.compute-1.amazonaws.com
server.fuse.analytics-engine.com
2    52.0.192.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-192-114.compute-1.amazonaws.com
taggy.cohesionapps.com
2    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    172.253.122.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f149.1e100.net
ad.doubleclick.net
1    2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
7 originhosting.io
marriott-dark.stratus-business.amex.originhosting.io
5 KB
6 rvapps.io
ingest.make.rvapps.io — Cisco Umbrella Rank: 32793
813 B
5 cohesionapps.com
cdn.cohesionapps.com — Cisco Umbrella Rank: 23429
taggy.cohesionapps.com — Cisco Umbrella Rank: 29532
34 KB
2 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 158
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
76 KB
2 analytics-engine.com
server.fuse.analytics-engine.com — Cisco Umbrella Rank: 94317
683 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
185 B
1 google.com
adservice.google.com — Cisco Umbrella Rank: 92
401 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
96 KB
0 aexp-static.com Failed
www.aexp-static.com Failed
26 10
Domain Requested by
7 marriott-dark.stratus-business.amex.originhosting.io marriott-dark.stratus-business.amex.originhosting.io
6 ingest.make.rvapps.io cdn.cohesionapps.com
3 cdn.cohesionapps.com marriott-dark.stratus-business.amex.originhosting.io
cdn.cohesionapps.com
2 ad.doubleclick.net 2 redirects
2 connect.facebook.net marriott-dark.stratus-business.amex.originhosting.io
connect.facebook.net
2 taggy.cohesionapps.com cdn.cohesionapps.com
2 server.fuse.analytics-engine.com cdn.cohesionapps.com
1 www.facebook.com marriott-dark.stratus-business.amex.originhosting.io
1 adservice.google.com marriott-dark.stratus-business.amex.originhosting.io
1 www.googletagmanager.com marriott-dark.stratus-business.amex.originhosting.io
0 www.aexp-static.com Failed marriott-dark.stratus-business.amex.originhosting.io
26 11

This site contains no links.

Subject Issuer Validity Valid
stratus-business.amex.originhosting.io
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
cdn.cohesionapps.com
Amazon RSA 2048 M02		 2023-10-16 -
2024-11-11		 a year crt.sh
ingest.make.rvapps.io
Amazon RSA 2048 M02		 2023-07-26 -
2024-08-22		 a year crt.sh
*.fuse.analytics-engine.com
Amazon RSA 2048 M02		 2023-09-12 -
2024-10-09		 a year crt.sh
*.taggy.cohesionapps.com
Amazon RSA 2048 M03		 2023-11-29 -
2024-12-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-10 -
2024-03-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://marriott-dark.stratus-business.amex.originhosting.io/
Frame ID: 4E09E743B8951EB1922DFE2AC0B1C06B
Requests: 20 HTTP requests in this frame

Frame: https://cdn.cohesionapps.com/cohesion/xs2.html
Frame ID: 1549C3AD7FC046B1780F49D078B558A6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

American Express Business Cards

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

26
Requests

92 %
HTTPS

40 %
IPv6

10
Domains

11
Subdomains

10
IPs

1
Countries

214 kB
Transfer

734 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://ad.doubleclick.net/ddm/activity/src=8538740;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6027993585439 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=8538740;dc_pre=CPLG1ujZ1YQDFefEwgQdCKoC7A;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6027993585439 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=8538740;dc_pre=CPLG1ujZ1YQDFefEwgQdCKoC7A;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6027993585439

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
marriott-dark.stratus-business.amex.originhosting.io/ 		24 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://marriott-dark.stratus-business.amex.originhosting.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-59.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f9b9cd941599f94b34b2a8124d6c65b775cd4f91f1230c73da65e5f9ce34374

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 02 Mar 2024 13:38:54 GMT
etag
W/"dbfda21f7cb4268353f822517c9eeaa7"
last-modified
Thu, 03 Aug 2023 18:08:45 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
x-amz-cf-id
me4zPM4Z0FbQIrIElsXy4H3zj2BFCPPcvmthyQAUmSwzrkDWf8C7gw==
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Error from cloudfront
project.css
marriott-dark.stratus-business.amex.originhosting.io/assets/desktop/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://marriott-dark.stratus-business.amex.originhosting.io/assets/desktop/css/project.css?v=1691086062673
Requested by
Host: marriott-dark.stratus-business.amex.originhosting.io
URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-59.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
date
Sat, 02 Mar 2024 13:38:54 GMT
last-modified
Thu, 03 Aug 2023 18:08:45 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
etag
W/"dbfda21f7cb4268353f822517c9eeaa7"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
x-amz-cf-id
_qgnXSc18hqa4egag_2X4pO3bC7EdZrN2_O0jckGnM8opTmYQQMhnA==
ensurePznId.js
marriott-dark.stratus-business.amex.originhosting.io/assets/default/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://marriott-dark.stratus-business.amex.originhosting.io/assets/default/js/ensurePznId.js?v=1691086062673
Requested by
Host: marriott-dark.stratus-business.amex.originhosting.io
URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-59.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:38:54 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 03 Aug 2023 18:08:45 GMT
server
AmazonS3
via
1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
etag
W/"dbfda21f7cb4268353f822517c9eeaa7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
x-amz-cf-id
-Dbp_r5slLmLrBDLM7h-u9f1XxbVpj4ATfLlfQyrdUQby3J3apdRnA==
vendor.js
marriott-dark.stratus-business.amex.originhosting.io/assets/default/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://marriott-dark.stratus-business.amex.originhosting.io/assets/default/js/vendor.js?v=1691086062673
Requested by
Host: marriott-dark.stratus-business.amex.originhosting.io
URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-59.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
date
Sat, 02 Mar 2024 13:38:54 GMT
last-modified
Thu, 03 Aug 2023 18:08:45 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
etag
W/"dbfda21f7cb4268353f822517c9eeaa7"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
x-amz-cf-id
rYpayeQj0EyGPxU2XA8oNlHnATmg-t0znv_zhVK8BHIQpKh5s6dNsg==
attribute.js
marriott-dark.stratus-business.amex.originhosting.io/assets/default/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://marriott-dark.stratus-business.amex.originhosting.io/assets/default/js/attribute.js?v=1691086062673
Requested by
Host: marriott-dark.stratus-business.amex.originhosting.io
URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-59.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
date
Sat, 02 Mar 2024 13:38:54 GMT
last-modified
Thu, 03 Aug 2023 18:08:45 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
etag
W/"dbfda21f7cb4268353f822517c9eeaa7"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
x-amz-cf-id
clv7rPaquZTej7C6sjnXnV8iTXpEoPB14a7YgUCNeg3Z5MNL5s8pFg==
vendor.js
marriott-dark.stratus-business.amex.originhosting.io/assets/desktop/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://marriott-dark.stratus-business.amex.originhosting.io/assets/desktop/js/vendor.js
Requested by
Host: marriott-dark.stratus-business.amex.originhosting.io
URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-59.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
date
Sat, 02 Mar 2024 13:38:54 GMT
last-modified
Thu, 03 Aug 2023 18:08:45 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
etag
W/"dbfda21f7cb4268353f822517c9eeaa7"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
x-amz-cf-id
DDFfS109L6dfSlCUhQAu60Of-EAngafyIpTT_KXT-X6CoFX2OEnA2w==
project.js
marriott-dark.stratus-business.amex.originhosting.io/assets/desktop/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://marriott-dark.stratus-business.amex.originhosting.io/assets/desktop/js/project.js
Requested by
Host: marriott-dark.stratus-business.amex.originhosting.io
URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-59.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
date
Sat, 02 Mar 2024 13:38:54 GMT
last-modified
Thu, 03 Aug 2023 18:08:45 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
etag
W/"dbfda21f7cb4268353f822517c9eeaa7"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
x-amz-cf-id
HOELDkLFt554SjwqfUviLIg71rNZxmIVdeFxhBY1EDxRTGM1yOGbWA==
script-supplier.js
www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/ 		0
0
gtm.js
www.googletagmanager.com/ 		276 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M97552S
Requested by
Host: marriott-dark.stratus-business.amex.originhosting.io
URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
15123c88ac74f0b19b3714ae2ebdb2a3f5ca74982a916d2d9b851f6bdeae27e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:38:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98237
x-xss-protection
0
last-modified
Sat, 02 Mar 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Mar 2024 13:38:54 GMT
cohesion-latest.min.js
cdn.cohesionapps.com/cohesion/ 		120 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Requested by
Host: marriott-dark.stratus-business.amex.originhosting.io
URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-54.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41c72d71d199f40247067ed2e145cc48a7ca42ef3a1cee6ff4b1c851be1cd34a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 09271a32d559aa027d52f6c914ebff78.cloudfront.net (CloudFront)
date
Fri, 01 Mar 2024 13:57:07 GMT
last-modified
Tue, 06 Feb 2024 13:55:19 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
85308
x-amz-server-side-encryption
AES256
etag
W/"e99a7601773db36089337b21aa2e875f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
U8r1K8xImfjhNrTHzC2QuN26pQMVfmrE_Mf15VZV67GdU5qfoEdaMw==
t
ingest.make.rvapps.io/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ingest.make.rvapps.io/v2/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.42.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-42-213.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://marriott-dark.stratus-business.amex.originhosting.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Sat, 02 Mar 2024 13:38:54 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
t
ingest.make.rvapps.io/v2/ 		138 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ingest.make.rvapps.io/v2/t
Requested by
Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.42.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-42-213.compute-1.amazonaws.com
Software
/
Resource Hash
5d309dbc7ea0aed278c3d797319948b3d6e0d58c1156e13dd5a4db1af1bacbcf

Request headers

Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
accept-language
en-US,en;q=0.9
Authorization
Basic d2tfMU5UMjhsd0VrMURJS0czSnlORkFXcDdmNlJMOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 02 Mar 2024 13:38:54 GMT
access-control-allow-credentials
true
content-length
138
vary
Origin
content-type
application/json
lease
server.fuse.analytics-engine.com/public/ 		126 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.fuse.analytics-engine.com/public/lease?m=%7B%22leases%22%3A%5B%7B%22pool%22%3A%22jfMHJrYC76yGQgBHG9PiUL%22%7D%5D%2C%22firstRequestUrl%22%3A%22https%3A%2F%2Fmarriott-dark.stratus-business.amex.originhosting.io%2F%22%2C%22lastRequestUrl%22%3A%22https%3A%2F%2Fmarriott-dark.stratus-business.amex.originhosting.io%2F%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36%22%2C%22firstReferrerUrl%22%3A%22%22%2C%22lastReferrerUrl%22%3A%22%22%2C%22requestId%22%3A%22bb7f0b51-b676-4eb3-99a7-91a3dc83dd7e%22%2C%22metadata%22%3A%7B%7D%2C%22clientVersion%22%3A%222.1.0%22%2C%22deviceId%22%3A%224f520c7a-0b73-4298-9c1f-8be16977a7b4%22%2C%22anonymousId%22%3A%2266e038fa-1b1c-4177-945c-86ab81e7cb97%22%2C%22sessionId%22%3A%225cbcb98e-fb6d-4911-ada9-545a4eb3c6a0%22%2C%22instanceId%22%3A%22dccf2b88-384f-4dbf-a61b-5f93b9b26701%22%2C%22tenantId%22%3A%2286ce0ab9-5128-47e1-a19b-fa6bc8799966%22%2C%22writeKey%22%3A%22wk_1NT28lwEk1DIKG3JyNFAWp7f6RL%22%2C%22sourceKey%22%3A%22src_1NT28mi1Qzm60P2957RYC1uk5BU%22%2C%22webContext%22%3A%7B%22page%22%3A%7B%22referrer%22%3A%22%22%2C%22title%22%3A%22American%20Express%20Business%20Cards%22%2C%22url%22%3A%22https%3A%2F%2Fmarriott-dark.stratus-business.amex.originhosting.io%2F%22%7D%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36%22%2C%22instanceId%22%3A%22dccf2b88-384f-4dbf-a61b-5f93b9b26701%22%2C%22anonymousId%22%3A%2266e038fa-1b1c-4177-945c-86ab81e7cb97%22%2C%22fromManual%22%3Afalse%2C%22cookieConsent%22%3A%7B%22essential%22%3Atrue%2C%22performance%22%3Atrue%2C%22preference%22%3Atrue%2C%22targeting%22%3Atrue%2C%22social%22%3Atrue%7D%2C%22cohesionConsent%22%3Atrue%2C%22sessionId%22%3A%225cbcb98e-fb6d-4911-ada9-545a4eb3c6a0%22%7D%7D
Requested by
Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.8.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-8-140.compute-1.amazonaws.com
Software
/
Resource Hash
3fb9e18f174b558d6bb640cb7f3b4421461cdd4ba76265d25cd3115e60a40199

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time
19.529112ms
date
Sat, 02 Mar 2024 13:38:54 GMT
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, Authorization
content-length
126
xs1.html
cdn.cohesionapps.com/cohesion/ Frame 1549 		906 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cohesionapps.com/cohesion/xs1.html
Requested by
Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-54.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdd44dd919056252b70ec530942b6ba656fc4e47dff1e7d87a935ac19ecc2ef5

Request headers

Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
85365
content-length
906
content-type
text/html
date
Fri, 01 Mar 2024 13:56:10 GMT
etag
"5cbe3d7df3c3ca6d8e47d2bd44687396"
last-modified
Tue, 06 Feb 2024 13:55:19 GMT
server
AmazonS3
via
1.1 09271a32d559aa027d52f6c914ebff78.cloudfront.net (CloudFront)
x-amz-cf-id
yXGBD82HThpAhmbtCw2CKdt9rkn5Xmgwvvb7uHgi2uUaXnQc933rRA==
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
public
taggy.cohesionapps.com/implementations/ 		2 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taggy.cohesionapps.com/implementations/public
Requested by
Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.192.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-192-114.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Source-Key
src_1NT28mi1Qzm60P2957RYC1uk5BU
Page-URL
https://marriott-dark.stratus-business.amex.originhosting.io/
Cache-Control
no-cache
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 02 Mar 2024 13:38:54 GMT
x-powered-by
Express
content-length
2
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
content-type
application/json; charset=utf-8
public
taggy.cohesionapps.com/implementations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://taggy.cohesionapps.com/implementations/public
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.192.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-192-114.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,page-url,source-key
Access-Control-Request-Method
GET
Origin
https://marriott-dark.stratus-business.amex.originhosting.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
cache-control,content-type,page-url,source-key
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Sat, 02 Mar 2024 13:38:54 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
xs2.html
cdn.cohesionapps.com/cohesion/ Frame 1549 		346 B
708 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cohesionapps.com/cohesion/xs2.html
Requested by
Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-54.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ae13ddab63acb296700ae3579ebf12ca93759bcf6285822acc5f831fc6f62f0

Request headers

Referer
https://cdn.cohesionapps.com/cohesion/xs1.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
85358
content-length
346
content-type
text/html
date
Fri, 01 Mar 2024 13:56:17 GMT
etag
"4b5f9eae0703e5970dae0efc366d7c1b"
last-modified
Tue, 06 Feb 2024 13:55:19 GMT
server
AmazonS3
via
1.1 09271a32d559aa027d52f6c914ebff78.cloudfront.net (CloudFront)
x-amz-cf-id
laDfM08Ekla7gGUH0vx3lscNRsTZYiWQKdXBpXjlRCf23k0vPNza3g==
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
fbevents.js
connect.facebook.net/en_US/ 		215 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: marriott-dark.stratus-business.amex.originhosting.io
URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 02 Mar 2024 13:38:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
RLPXZkFhi5T0hLmfDZI375CITfBVqxoAhQDF+uvaeRgBFlUVZPYDnYCA92Os4O7f5QEZjQ+e/0X4KUzM7FkapQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
src=8538740;dc_pre=CPLG1ujZ1YQDFefEwgQdCKoC7A;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6027...
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=8538740;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;or...
  • https://ad.doubleclick.net/ddm/activity/src=8538740;dc_pre=CPLG1ujZ1YQDFefEwgQdCKoC7A;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child...
  • https://adservice.google.com/ddm/fls/z/src=8538740;dc_pre=CPLG1ujZ1YQDFefEwgQdCKoC7A;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child_...
42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=8538740;dc_pre=CPLG1ujZ1YQDFefEwgQdCKoC7A;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6027993585439
Requested by
Host: marriott-dark.stratus-business.amex.originhosting.io
URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Protocol
H2
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 13:38:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 02 Mar 2024 13:38:54 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"14445345167748068623"}],"aggregatable_trigger_data":[{"filters":{"14":["7694718"]},"key_piece":"0xef8691fe62456886","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x26e79b83ffedb487","not_filters":{"14":["7694718"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["7694718"]},"key_piece":"0xe517325316a041c1","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x2633d50418b346a1","not_filters":{"14":["7694718"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"15229834248881589289","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"14445345167748068623","filters":{"14":["7694718"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"14445345167748068623","filters":{"14":["7694718"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"14445345167748068623","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"14445345167748068623","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8538740"]}}
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
image/png
location
https://adservice.google.com/ddm/fls/z/src=8538740;dc_pre=CPLG1ujZ1YQDFefEwgQdCKoC7A;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6027993585439
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
ingest.make.rvapps.io/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ingest.make.rvapps.io/v2/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.42.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-42-213.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://marriott-dark.stratus-business.amex.originhosting.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Sat, 02 Mar 2024 13:38:54 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
t
ingest.make.rvapps.io/v2/ 		138 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ingest.make.rvapps.io/v2/t
Requested by
Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.42.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-42-213.compute-1.amazonaws.com
Software
/
Resource Hash
dfa7050c1923ad239587c30d6b6f5382c6164a0b25ff4eb48eb4b2057f93c6e5

Request headers

Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
accept-language
en-US,en;q=0.9
Authorization
Basic d2tfMU5UMjhsd0VrMURJS0czSnlORkFXcDdmNlJMOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 02 Mar 2024 13:38:54 GMT
access-control-allow-credentials
true
content-length
138
vary
Origin
content-type
application/json
confirm
server.fuse.analytics-engine.com/public/ 		0
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.fuse.analytics-engine.com/public/confirm?m=%7B%220%22%3A%7B%22pool%22%3A%22jfMHJrYC76yGQgBHG9PiUL%22%2C%22routingGroup%22%3Anull%2C%22name%22%3Anull%2C%22leaseId%22%3A666715346%2C%22dnis%22%3A%228775515261%22%2C%22leaseDuration%22%3A48%7D%2C%22requestId%22%3A%22bb7f0b51-b676-4eb3-99a7-91a3dc83dd7e%22%2C%22leaseIdsProcessed%22%3A%5B%5D%2C%22clientVersion%22%3A%222.1.0%22%2C%22deviceId%22%3A%224f520c7a-0b73-4298-9c1f-8be16977a7b4%22%2C%22anonymousId%22%3A%2266e038fa-1b1c-4177-945c-86ab81e7cb97%22%2C%22sessionId%22%3A%225cbcb98e-fb6d-4911-ada9-545a4eb3c6a0%22%2C%22instanceId%22%3A%22dccf2b88-384f-4dbf-a61b-5f93b9b26701%22%2C%22tenantId%22%3A%2286ce0ab9-5128-47e1-a19b-fa6bc8799966%22%2C%22writeKey%22%3A%22wk_1NT28lwEk1DIKG3JyNFAWp7f6RL%22%2C%22sourceKey%22%3A%22src_1NT28mi1Qzm60P2957RYC1uk5BU%22%2C%22webContext%22%3A%7B%22page%22%3A%7B%22referrer%22%3A%22%22%2C%22title%22%3A%22American%20Express%20Business%20Cards%22%2C%22url%22%3A%22https%3A%2F%2Fmarriott-dark.stratus-business.amex.originhosting.io%2F%22%7D%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36%22%2C%22instanceId%22%3A%22dccf2b88-384f-4dbf-a61b-5f93b9b26701%22%2C%22anonymousId%22%3A%2266e038fa-1b1c-4177-945c-86ab81e7cb97%22%2C%22fromManual%22%3Afalse%2C%22cookieConsent%22%3A%7B%22essential%22%3Atrue%2C%22performance%22%3Atrue%2C%22preference%22%3Atrue%2C%22targeting%22%3Atrue%2C%22social%22%3Atrue%7D%2C%22cohesionConsent%22%3Atrue%2C%22sessionId%22%3A%225cbcb98e-fb6d-4911-ada9-545a4eb3c6a0%22%2C%22crossSiteId%22%3A%2204d7940d-f161-4110-a16e-66e63261f351%22%7D%7D
Requested by
Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.8.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-8-140.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Mar 2024 13:38:54 GMT
access-control-expose-headers
Content-Length
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, Authorization
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
1852373738331209
connect.facebook.net/signals/config/ 		97 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1852373738331209?v=2.9.148&r=stable&domain=marriott-dark.stratus-business.amex.originhosting.io&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7133edfe7f122beb408802a50a78d26c0377c213cd05adf18c83401b1be3c4d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 02 Mar 2024 13:38:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
yTATAG+8WEHXljlBl2THc2I4geqdfqNGZ9EZGn22ohNABaCEHQfDLkUB646XejJ4MRYpNoISwaFnO//rjaFsCg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1852373738331209&ev=PageView&dl=https%3A%2F%2Fmarriott-dark.stratus-business.amex.originhosting.io&rl=&if=false&ts=1709386734582&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4124&fbp=fb.1.1709386734578.67499434&pm=1&hrl=26ffae&ler=empty&cdl=API_unavailable&it=1709386734394&coo=false&cs_cc=1&cas=6382808808431917%2C5234029226665474%2C1666843843334410%2C1356010241180918%2C1649414905082103%2C1430828233700079%2C1230115597098511&rqm=GET
Requested by
Host: marriott-dark.stratus-business.amex.originhosting.io
URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 02 Mar 2024 13:38:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
t
ingest.make.rvapps.io/v2/ 		138 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ingest.make.rvapps.io/v2/t
Requested by
Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.42.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-42-213.compute-1.amazonaws.com
Software
/
Resource Hash
0da6815eef687ab702e7fb4574aee1f039d808ef56fd15c1fb1c317682a6c41c

Request headers

Referer
https://marriott-dark.stratus-business.amex.originhosting.io/
accept-language
en-US,en;q=0.9
Authorization
Basic d2tfMU5UMjhsd0VrMURJS0czSnlORkFXcDdmNlJMOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 02 Mar 2024 13:38:54 GMT
access-control-allow-credentials
true
content-length
138
vary
Origin
content-type
application/json
t
ingest.make.rvapps.io/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ingest.make.rvapps.io/v2/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.42.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-42-213.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://marriott-dark.stratus-business.amex.originhosting.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Sat, 02 Mar 2024 13:38:54 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.aexp-static.com
URL
https://www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/script-supplier.js

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| cohesionConfig object| _Cohesion object| _Preamp object| _Fuse object| _Tagular function| cohesion function| preamp function| fuse function| tagular object| aff string| bodyClasses object| phoneEls object| closedEls object| hours object| today undefined| callCenterOpen undefined| hideHelper undefined| blockHelper function| isOpen string| scriptSupplierPageLocale object| scriptSupplierPreset function| monarch object| __Cohesion function| OptanonWrapper object| _Taggy function| taggy object| _Monarch object| google_tag_manager object| google_tag_data function| fbq function| _fbq

7 Cookies

Domain/Path Name / Value
.marriott-dark.stratus-business.amex.originhosting.io/ Name: chsn_cnsnt
Value: marriott-dark.stratus-business.amex.originhosting.io%3AC0001%2CC0002%2CC0003%2CC0004%2CC0005
.cohesionapps.com/ Name: cohsn_xs_id
Value: 04d7940d-f161-4110-a16e-66e63261f351
.originhosting.io/ Name: _gcl_au
Value: 1.1.747178837.1709386734
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.originhosting.io/ Name: _fbp
Value: fb.1.1709386734578.67499434

14 Console Messages

Source Level URL
Text
network error URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://marriott-dark.stratus-business.amex.originhosting.io/assets/default/js/ensurePznId.js?v=1691086062673
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://marriott-dark.stratus-business.amex.originhosting.io/assets/default/js/attribute.js?v=1691086062673
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://marriott-dark.stratus-business.amex.originhosting.io/assets/desktop/js/vendor.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://marriott-dark.stratus-business.amex.originhosting.io/assets/desktop/css/project.css?v=1691086062673
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://marriott-dark.stratus-business.amex.originhosting.io/assets/default/js/vendor.js?v=1691086062673
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Message:
Access to script at 'https://www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/script-supplier.js' from origin 'https://marriott-dark.stratus-business.amex.originhosting.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/script-supplier.js
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://marriott-dark.stratus-business.amex.originhosting.io/assets/desktop/js/project.js
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1852373738331209?v=2.9.148&r=stable&domain=marriott-dark.stratus-business.amex.originhosting.io&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 80)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://marriott-dark.stratus-business.amex.originhosting.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
cdn.cohesionapps.com
connect.facebook.net
ingest.make.rvapps.io
marriott-dark.stratus-business.amex.originhosting.io
server.fuse.analytics-engine.com
taggy.cohesionapps.com
www.aexp-static.com
www.facebook.com
www.googletagmanager.com
www.aexp-static.com
172.253.122.149
18.238.4.54
18.238.4.59
2607:f8b0:4004:c09::61
2607:f8b0:4004:c1d::9c
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
52.0.192.114
52.86.42.213
54.82.8.140
0da6815eef687ab702e7fb4574aee1f039d808ef56fd15c1fb1c317682a6c41c
15123c88ac74f0b19b3714ae2ebdb2a3f5ca74982a916d2d9b851f6bdeae27e3
3fb9e18f174b558d6bb640cb7f3b4421461cdd4ba76265d25cd3115e60a40199
41c72d71d199f40247067ed2e145cc48a7ca42ef3a1cee6ff4b1c851be1cd34a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5d309dbc7ea0aed278c3d797319948b3d6e0d58c1156e13dd5a4db1af1bacbcf
5f9b9cd941599f94b34b2a8124d6c65b775cd4f91f1230c73da65e5f9ce34374
9ae13ddab63acb296700ae3579ebf12ca93759bcf6285822acc5f831fc6f62f0
cdd44dd919056252b70ec530942b6ba656fc4e47dff1e7d87a935ac19ecc2ef5
d7133edfe7f122beb408802a50a78d26c0377c213cd05adf18c83401b1be3c4d
dfa7050c1923ad239587c30d6b6f5382c6164a0b25ff4eb48eb4b2057f93c6e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629