marriott-dark.stratus-business.amex.originhosting.io
Open in
urlscan Pro
18.238.4.59
Public Scan
Submission: On March 02 via api from US — Scanned from US
Summary
TLS certificate: Issued by Amazon RSA 2048 M03 on September 11th 2023. Valid for: a year.
This is the only time marriott-dark.stratus-business.amex.originhosting.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 18.238.4.59 18.238.4.59 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c09::61 | 15169 (GOOGLE) (GOOGLE) | |
3 | 18.238.4.54 18.238.4.54 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 52.86.42.213 52.86.42.213 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 54.82.8.140 54.82.8.140 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 52.0.192.114 52.0.192.114 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 2 | 172.253.122.149 172.253.122.149 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c1d::9c | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
26 | 10 |
ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-59.phl51.r.cloudfront.net
marriott-dark.stratus-business.amex.originhosting.io |
ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-54.phl51.r.cloudfront.net
cdn.cohesionapps.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-42-213.compute-1.amazonaws.com
ingest.make.rvapps.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-8-140.compute-1.amazonaws.com
server.fuse.analytics-engine.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-192-114.compute-1.amazonaws.com
taggy.cohesionapps.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: bh-in-f149.1e100.net
ad.doubleclick.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
originhosting.io
marriott-dark.stratus-business.amex.originhosting.io |
5 KB |
6 |
rvapps.io
ingest.make.rvapps.io — Cisco Umbrella Rank: 32793 |
813 B |
5 |
cohesionapps.com
cdn.cohesionapps.com — Cisco Umbrella Rank: 23429 taggy.cohesionapps.com — Cisco Umbrella Rank: 29532 |
34 KB |
2 |
doubleclick.net
2 redirects
ad.doubleclick.net — Cisco Umbrella Rank: 158 |
2 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
76 KB |
2 |
analytics-engine.com
server.fuse.analytics-engine.com — Cisco Umbrella Rank: 94317 |
683 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 100 |
185 B |
1 |
google.com
adservice.google.com — Cisco Umbrella Rank: 92 |
401 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
96 KB |
0 |
aexp-static.com
Failed
www.aexp-static.com Failed |
|
26 | 10 |
Domain | Requested by | |
---|---|---|
7 | marriott-dark.stratus-business.amex.originhosting.io |
marriott-dark.stratus-business.amex.originhosting.io
|
6 | ingest.make.rvapps.io |
cdn.cohesionapps.com
|
3 | cdn.cohesionapps.com |
marriott-dark.stratus-business.amex.originhosting.io
cdn.cohesionapps.com |
2 | ad.doubleclick.net | 2 redirects |
2 | connect.facebook.net |
marriott-dark.stratus-business.amex.originhosting.io
connect.facebook.net |
2 | taggy.cohesionapps.com |
cdn.cohesionapps.com
|
2 | server.fuse.analytics-engine.com |
cdn.cohesionapps.com
|
1 | www.facebook.com |
marriott-dark.stratus-business.amex.originhosting.io
|
1 | adservice.google.com |
marriott-dark.stratus-business.amex.originhosting.io
|
1 | www.googletagmanager.com |
marriott-dark.stratus-business.amex.originhosting.io
|
0 | www.aexp-static.com Failed |
marriott-dark.stratus-business.amex.originhosting.io
|
26 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
stratus-business.amex.originhosting.io Amazon RSA 2048 M03 |
2023-09-11 - 2024-10-09 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
cdn.cohesionapps.com Amazon RSA 2048 M02 |
2023-10-16 - 2024-11-11 |
a year | crt.sh |
ingest.make.rvapps.io Amazon RSA 2048 M02 |
2023-07-26 - 2024-08-22 |
a year | crt.sh |
*.fuse.analytics-engine.com Amazon RSA 2048 M02 |
2023-09-12 - 2024-10-09 |
a year | crt.sh |
*.taggy.cohesionapps.com Amazon RSA 2048 M03 |
2023-11-29 - 2024-12-27 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-12-10 - 2024-03-09 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://marriott-dark.stratus-business.amex.originhosting.io/
Frame ID: 4E09E743B8951EB1922DFE2AC0B1C06B
Requests: 20 HTTP requests in this frame
Frame:
https://cdn.cohesionapps.com/cohesion/xs2.html
Frame ID: 1549C3AD7FC046B1780F49D078B558A6
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
American Express Business CardsDetected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://ad.doubleclick.net/ddm/activity/src=8538740;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6027993585439 HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=8538740;dc_pre=CPLG1ujZ1YQDFefEwgQdCKoC7A;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6027993585439 HTTP 302
- https://adservice.google.com/ddm/fls/z/src=8538740;dc_pre=CPLG1ujZ1YQDFefEwgQdCKoC7A;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6027993585439
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
marriott-dark.stratus-business.amex.originhosting.io/ |
24 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
project.css
marriott-dark.stratus-business.amex.originhosting.io/assets/desktop/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ensurePznId.js
marriott-dark.stratus-business.amex.originhosting.io/assets/default/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.js
marriott-dark.stratus-business.amex.originhosting.io/assets/default/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attribute.js
marriott-dark.stratus-business.amex.originhosting.io/assets/default/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.js
marriott-dark.stratus-business.amex.originhosting.io/assets/desktop/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
project.js
marriott-dark.stratus-business.amex.originhosting.io/assets/desktop/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
script-supplier.js
www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
276 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cohesion-latest.min.js
cdn.cohesionapps.com/cohesion/ |
120 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
t
ingest.make.rvapps.io/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
ingest.make.rvapps.io/v2/ |
138 B 271 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lease
server.fuse.analytics-engine.com/public/ |
126 B 438 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xs1.html
cdn.cohesionapps.com/cohesion/ Frame 1549 |
906 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public
taggy.cohesionapps.com/implementations/ |
2 B 156 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
public
taggy.cohesionapps.com/implementations/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xs2.html
cdn.cohesionapps.com/cohesion/ Frame 1549 |
346 B 708 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
215 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
src=8538740;dc_pre=CPLG1ujZ1YQDFefEwgQdCKoC7A;type=searc0;cat=brand;u3=marriott-dark.stratus-business.amex.originhosting.io%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6027...
adservice.google.com/ddm/fls/z/ Redirect Chain
|
42 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
t
ingest.make.rvapps.io/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
ingest.make.rvapps.io/v2/ |
138 B 271 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
confirm
server.fuse.analytics-engine.com/public/ |
0 245 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1852373738331209
connect.facebook.net/signals/config/ |
97 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
ingest.make.rvapps.io/v2/ |
138 B 271 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
t
ingest.make.rvapps.io/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.aexp-static.com
- URL
- https://www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/script-supplier.js
Verdicts & Comments Add Verdict or Comment
33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| dataLayer object| cohesionConfig object| _Cohesion object| _Preamp object| _Fuse object| _Tagular function| cohesion function| preamp function| fuse function| tagular object| aff string| bodyClasses object| phoneEls object| closedEls object| hours object| today undefined| callCenterOpen undefined| hideHelper undefined| blockHelper function| isOpen string| scriptSupplierPageLocale object| scriptSupplierPreset function| monarch object| __Cohesion function| OptanonWrapper object| _Taggy function| taggy object| _Monarch object| google_tag_manager object| google_tag_data function| fbq function| _fbq7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.marriott-dark.stratus-business.amex.originhosting.io/ | Name: chsn_cnsnt Value: marriott-dark.stratus-business.amex.originhosting.io%3AC0001%2CC0002%2CC0003%2CC0004%2CC0005 |
|
.cohesionapps.com/ | Name: cohsn_xs_id Value: 04d7940d-f161-4110-a16e-66e63261f351 |
|
.originhosting.io/ | Name: _gcl_au Value: 1.1.747178837.1709386734 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.doubleclick.net/ | Name: ar_debug Value: 1 |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
.originhosting.io/ | Name: _fbp Value: fb.1.1709386734578.67499434 |
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
adservice.google.com
cdn.cohesionapps.com
connect.facebook.net
ingest.make.rvapps.io
marriott-dark.stratus-business.amex.originhosting.io
server.fuse.analytics-engine.com
taggy.cohesionapps.com
www.aexp-static.com
www.facebook.com
www.googletagmanager.com
www.aexp-static.com
172.253.122.149
18.238.4.54
18.238.4.59
2607:f8b0:4004:c09::61
2607:f8b0:4004:c1d::9c
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
52.0.192.114
52.86.42.213
54.82.8.140
0da6815eef687ab702e7fb4574aee1f039d808ef56fd15c1fb1c317682a6c41c
15123c88ac74f0b19b3714ae2ebdb2a3f5ca74982a916d2d9b851f6bdeae27e3
3fb9e18f174b558d6bb640cb7f3b4421461cdd4ba76265d25cd3115e60a40199
41c72d71d199f40247067ed2e145cc48a7ca42ef3a1cee6ff4b1c851be1cd34a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5d309dbc7ea0aed278c3d797319948b3d6e0d58c1156e13dd5a4db1af1bacbcf
5f9b9cd941599f94b34b2a8124d6c65b775cd4f91f1230c73da65e5f9ce34374
9ae13ddab63acb296700ae3579ebf12ca93759bcf6285822acc5f831fc6f62f0
cdd44dd919056252b70ec530942b6ba656fc4e47dff1e7d87a935ac19ecc2ef5
d7133edfe7f122beb408802a50a78d26c0377c213cd05adf18c83401b1be3c4d
dfa7050c1923ad239587c30d6b6f5382c6164a0b25ff4eb48eb4b2057f93c6e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629