urlscan.io logo urlscan.io
SecurityTrails logo

fjbhmat9dl.execute-api.eu-west-1.amazonaws.com Open in urlscan Pro
52.209.109.148  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://digital.nh-hotels.com/sap/public/cuan/link/100/DA373D9F987CDC14023D1320DD3B94FF8D172400?_V_=2&_K11_=8AEF8FAF8F87BBB13B...
Effective URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Submission: On December 29 via api from BE — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 52.209.109.148, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is fjbhmat9dl.execute-api.eu-west-1.amazonaws.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 1st 2023. Valid for: a year.
This is the only time fjbhmat9dl.execute-api.eu-west-1.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 195.76.37.67 3352 (TELEFONIC...)
1 52.209.109.148 16509 (AMAZON-02)
2 2 142.250.185.134 15169 (GOOGLE)
1 142.250.185.230 15169 (GOOGLE)
14 13.32.27.126 16509 (AMAZON-02)
18 5
2    195.76.37.67 (Sant Just Desvern, Spain)

ASN3352 (TELEFONICA_DE_ESPANA, ES)
PTR: 67.red-195-76-37.customer.static.ccgg.telefonica.net
digital.nh-hotels.com
1    52.209.109.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-109-148.eu-west-1.compute.amazonaws.com
fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
2    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
1    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
s0.2mdn.net
14    13.32.27.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-126.fra56.r.cloudfront.net
info.nh-hotels.com
Apex Domain
Subdomains		 Transfer
16 nh-hotels.com
digital.nh-hotels.com — Cisco Umbrella Rank: 511157
info.nh-hotels.com — Cisco Umbrella Rank: 425966
1 MB
2 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 139
891 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
2 KB
1 amazonaws.com
fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
72 KB
18 4
Domain Requested by
14 info.nh-hotels.com fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
2 ad.doubleclick.net 2 redirects
2 digital.nh-hotels.com 1 redirects fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
1 s0.2mdn.net fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
1 fjbhmat9dl.execute-api.eu-west-1.amazonaws.com fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
18 5

This site contains links to these domains. Also see Links.

Domain
digital.nh-hotels.com
Subject Issuer Validity Valid
*.execute-api.eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2023-06-01 -
2024-06-29		 a year crt.sh
digital.nh-hotels.com
GeoTrust TLS RSA CA G1		 2023-05-17 -
2024-06-10		 a year crt.sh
info.nh-hotels.com
Amazon RSA 2048 M01		 2023-05-23 -
2024-06-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Frame ID: F9E1017FFE738D37BFFA838FB6A9E092
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NH Hotel Group

Page URL History Show full URLs

  1. https://digital.nh-hotels.com/sap/public/cuan/link/100/DA373D9F987CDC14023D1320DD3B94FF8D172400?_V_=2&_K11... HTTP 302
    https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Page Statistics

18
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

1430 kB
Transfer

1423 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://digital.nh-hotels.com/sap/public/cuan/link/100/DA373D9F987CDC14023D1320DD3B94FF8D172400?_V_=2&_K11_=8AEF8FAF8F87BBB13B955B672014757AAB989BAD&_L54AD1F204_=c2NlbmFyaW89TUxDUEcmdGFyZ2V0PWh0dHBzOi8vZmpiaG1hdDlkbC5leGVjdXRlLWFwaS5ldS13ZXN0LTEuYW1hem9uYXdzLmNvbS9TSFA/c2FwLW91dGJvdW5kLWlkPURBMzczRDlGOTg3Q0RDMTQwMjNEMTMyMEREM0I5NEZGOEQxNzI0MDA&_K13_=147&_K14_=43c7ca1d747a4c9479832fa059c1da01a087c8eedfca11dadd3873e282093b91 HTTP 302
    https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://ad.doubleclick.net/ddm/ad/N37205.1919063NH-HOTELES.ES1979/B9675034.263929287;sz=1x1;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/ad/N37205.1919063NH-HOTELES.ES1979/B9675034.263929287;dc_pre=CJP43K2etIMDFYHxEQgdrAADZQ;sz=1x1;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://s0.2mdn.net/simgad/10435048293764448604

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SHP
fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
Redirect Chain
  • https://digital.nh-hotels.com/sap/public/cuan/link/100/DA373D9F987CDC14023D1320DD3B94FF8D172400?_V_=2&_K11_=8AEF8FAF8F87BBB13B955B672014757AAB989BAD&_L54AD1F204_=c2NlbmFyaW89TUxDUEcmdGFyZ2V0PWh0dHB...
  • https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
72 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.209.109.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-109-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6e629e8d687e9352ee188e15f994978fe237248456576c864a10a3f227d6ddfa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

content-length
73682
content-type
text/html
date
Fri, 29 Dec 2023 08:34:14 GMT
x-amz-apigw-id
QsmjQHwgDoEENYQ=
x-amzn-requestid
1be52813-74ec-4566-80ba-33a1c678a4c1
x-amzn-trace-id
Root=1-658e847a-2caf14de35da233c677bd867;Sampled=0;lineage=4f49c098:0

Redirect headers

cache-control
no-cache,no-store,must-revalidate
content-length
2
content-type
text/html; charset=utf-8
expires
0
location
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
pragma
no-cache
sap-perf-fesrec
22702.000000
sap-server
true
pixel.gif
digital.nh-hotels.com/sap/public/cuan/link/100/DA373D9F987CDC14023D1320DD3B94FF8D172400/ 		38 B
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digital.nh-hotels.com/sap/public/cuan/link/100/DA373D9F987CDC14023D1320DD3B94FF8D172400/pixel.gif
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.76.37.67 Sant Just Desvern, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
67.red-195-76-37.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
cache-control
no-cache,no-store,must-revalidate
sap-perf-fesrec
10922.000000
sap-server
true
content-length
38
expires
0
10435048293764448604
s0.2mdn.net/simgad/
Redirect Chain
  • https://ad.doubleclick.net/ddm/ad/N37205.1919063NH-HOTELES.ES1979/B9675034.263929287;sz=1x1;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://ad.doubleclick.net/ddm/ad/N37205.1919063NH-HOTELES.ES1979/B9675034.263929287;dc_pre=CJP43K2etIMDFYHxEQgdrAADZQ;sz=1x1;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;...
  • https://s0.2mdn.net/simgad/10435048293764448604
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10435048293764448604
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
sffe /
Resource Hash
603d3242a89febbb4c2baf84019fb23b7f575d45410afdd9e360c44d4064890c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 27 Dec 2024 23:33:56 GMT
date
Thu, 28 Dec 2023 23:33:56 GMT
x-content-type-options
nosniff
age
32420
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1093
x-xss-protection
0
last-modified
Thu, 24 Jun 2021 08:52:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true

Redirect headers

pragma
no-cache
date
Fri, 29 Dec 2023 08:34:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s0.2mdn.net/simgad/10435048293764448604
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo-NHD-Gradient-2023.png
info.nh-hotels.com/campaign/logos/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/logos/logo-NHD-Gradient-2023.png
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
716cac8e87d7719df796c664108f31d91a6bf4eb5e5a85140050790e41b2d53d

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
KdLMeDcJbgTwpxKI2uaIp0JgdTpx.WK6
date
Thu, 28 Dec 2023 12:44:04 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Feb 2023 12:58:59 GMT
server
AmazonS3
age
71412
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"215640252b99bc64a7b19b70d9591d7a"
x-cache
Hit from cloudfront
content-type
image/png
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
37455
x-amz-cf-id
Lz2EasI4ff9hvLa_x07mieRCo8pSrvPm4bRo0XlsrwAZrq4S3p-nuw==
SHP
fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/ 		0
0
main.jpg
info.nh-hotels.com/campaign/2023/12triplerewdec/ 		345 KB
346 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/2023/12triplerewdec/main.jpg
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
073f32d35e5057453aa732c7b484091bde66505d13a32d0b5dcf50ecc66e1848

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
yjw9gcdGswboscCGg_r_ZltPIDTOtzge
date
Fri, 29 Dec 2023 01:41:43 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 16:01:14 GMT
server
AmazonS3
age
24765
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"0166238a4b5ed585f751ff90df61f21e"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
353012
x-amz-cf-id
EgGEm2i-1khuKzsLTL6xPwKswnVLeRpVsJx5pvH-2vI1e3gRzMZ4ng==
reg.png
info.nh-hotels.com/campaign/2023/12triplerewdec/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/2023/12triplerewdec/reg.png
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
534c0d114582fb2686738361379db2c0e354d07287b3be76ae9c7b79364a8a23

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
E7D0ob_Kmk0JmhQ.sphKV7S3lX5H23WO
date
Fri, 29 Dec 2023 02:57:17 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 16:47:00 GMT
server
AmazonS3
age
20219
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"2775facddd253123154b75daaec4c71f"
x-cache
Hit from cloudfront
content-type
image/png
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
3179
x-amz-cf-id
1t4786WmW8ryrAsM-tx7jvWeuUn4cSZcIkwJFNQNLMVHnE4yG6-FSQ==
arrow.png
info.nh-hotels.com/campaign/2023/12triplerewdec/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/2023/12triplerewdec/arrow.png
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df68aa21d21c90ccbee6abaa9514db4fe35e9b4d06268dd093cd9ab48f55c574

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Px69j1tJxuzUBVm7xw5ZpEJhFB_5K3K6
date
Fri, 29 Dec 2023 08:19:16 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 16:01:13 GMT
server
AmazonS3
age
901
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"580d1d5957797a387174bc0f5c667501"
x-cache
Hit from cloudfront
content-type
image/png
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
1425
x-amz-cf-id
CCF5h23b10CAZgENc2mH51i-r06642HluuDc377bx2LC7e8pEay2QQ==
cal.png
info.nh-hotels.com/campaign/2023/12triplerewdec/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/2023/12triplerewdec/cal.png
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fbf9b6f14f92e6ba5751a1ad5c191350d2c02a71e166873746c53499eb0e7fd

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GvgPdo4zmnvawBOBlKlezR8NZYlM6GyQ
date
Fri, 29 Dec 2023 05:17:52 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 16:46:59 GMT
server
AmazonS3
age
11791
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"e4af41f460dd90b82b289ed89c8db3d6"
x-cache
Hit from cloudfront
content-type
image/png
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
2688
x-amz-cf-id
dy1w4AwNjkh7K7x0qyeJbgyiuZioyeNFNzKbidiAXIY2IX5rKw79qw==
ds2.png
info.nh-hotels.com/campaign/2023/12triplerewdec/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/2023/12triplerewdec/ds2.png
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efb0b845cc1563a96296997bcb0e6dfbc655cd9b373f8618ef38cdf7492e99fd

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Np85MTh3EyesiEPnnqKpQItSfHu6zG58
date
Fri, 29 Dec 2023 08:19:18 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 16:47:00 GMT
server
AmazonS3
age
901
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"90ed61da0998cc63cb51ea8c2025e876"
x-cache
Hit from cloudfront
content-type
image/png
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
2850
x-amz-cf-id
8XSrjnGz0PZ2UljpkTGdIKIo2I2xfU_I26_hls1qshgDV47YMSUz1Q==
hot_barcelona-autumn.jpg
info.nh-hotels.com/campaign/destination/2022/ 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/destination/2022/hot_barcelona-autumn.jpg
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a09e51442e6f65d23fdaeadbcad092aaa554cc0d7c1d3002bd30963743f5cac

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
.6wxKmpcQSm.R0vyGw_avi_8W5oM8Cjf
date
Fri, 29 Dec 2023 04:44:21 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 08:44:14 GMT
server
AmazonS3
age
13805
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"a5c0c4b168a00cac3082a84be3cab1ff"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
177030
x-amz-cf-id
qiNS-pRbtIViido7Fk2uusE7bfRPLZpaI9ocSCcfbd_2Aea7gNKZXw==
hot_firenze-autumn.jpg
info.nh-hotels.com/campaign/destination/2022/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/destination/2022/hot_firenze-autumn.jpg
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1b47ae42d0536ce2bfe188229209288c1fc12eec3f69aa5f2fab37ce4b25918

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
V81KKcc3QusfXKgZLHAltKqKzSHoZI7x
date
Fri, 29 Dec 2023 07:53:25 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 17:27:27 GMT
server
AmazonS3
age
2450
x-amz-cf-pop
FRA56-C2
etag
"968ef676fcdfba0facfbf2d838fba8b2"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
121494
x-amz-cf-id
FSprAyBUmWD85OwC8GZXNCWk2Fnmf6Drafe7OnvTbRrf3hLVkcZy2g==
hot_algarve-autumn.jpg
info.nh-hotels.com/campaign/destination/2022/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/destination/2022/hot_algarve-autumn.jpg
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
626c282e3ea6bc90b8e2e4671cd520766faaf87e5e57dbd7c366c98cd70361c6

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 10:17:13 GMT
x-amz-version-id
iwbtHD2vaoNLcJxQ_.f0FJzRArtl_zqt
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 17:28:24 GMT
server
AmazonS3
age
80223
x-amz-cf-pop
FRA56-C2
etag
"16ce196cd17140889259cc4000819a94"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
122541
x-amz-cf-id
Rh9q23ad5BEMSnX7yGaJh7i7JKN0wBOyqTB-HDrt4XBPGuD1f7RvFw==
hot_rotterdam-autumn.jpg
info.nh-hotels.com/campaign/destination/2022/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/destination/2022/hot_rotterdam-autumn.jpg
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39a0ccbfd00daca26d3b82475ef025c9c4d1655913660c52a1ac42c832ebad11

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
NZsnzO6nsDB_08Q6cBlza3T3nnLuYKT1
date
Fri, 29 Dec 2023 08:10:10 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 17:26:16 GMT
server
AmazonS3
age
1445
x-amz-cf-pop
FRA56-C2
etag
"4884dafbca9390e28ec163b1f9ed0cfb"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
100166
x-amz-cf-id
lkCoPRokEoWdorzZrwK9Ng-PQU8Xzi6uD9f6b-tuKzYZD_GUP8io1g==
resorts.jpg
info.nh-hotels.com/campaign/2023/12triplerewdec/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/2023/12triplerewdec/resorts.jpg
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b269fcb4e44b57d3e363c86d55f0d2c3c7cff4c28513c230f388be3426005a8e

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
4tZp.XSgg197hyrD36hN6F5RSyXYoxU_
date
Fri, 29 Dec 2023 08:19:41 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Mon, 11 Dec 2023 12:37:08 GMT
server
AmazonS3
age
875
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"75f625a265096be96b78e004fc21eed3"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
273264
x-amz-cf-id
fiZvuPb7Uf_D3e5tK4_bFNRKB-PGB2ZNpUSC5oNlJab7uCnBXqE0yA==
2023-nhd-footer-en.jpg
info.nh-hotels.com/campaign/common/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/common/2023-nhd-footer-en.jpg
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0939fce90e44a64139fbc93a2d289aba72685a4078914ee5d3edcecd58d6645a

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
2aMeXQJ2n8EwSc2KJrTVs8hJzY9kThAc
date
Fri, 29 Dec 2023 02:54:59 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Tue, 25 Apr 2023 11:28:06 GMT
server
AmazonS3
age
20389
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"a3c9b595daabae09a2aaa39872dd7bbe"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
93106
x-amz-cf-id
F3BS7E85Q5QtzCL_nf8xCjqQGJzUBNhLxE9oJulf7Ww-RUlsF3MEkA==
footer-gha-800-en.jpg
info.nh-hotels.com/campaign/logos/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/logos/footer-gha-800-en.jpg
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cecd22273e30446883979c202b2cb33238b348881c73334f363fe1f85205848a

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
HNIUmx.OHI8nLMJftKI0uMHB7YjuEkD_
date
Fri, 29 Dec 2023 02:09:37 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 10:54:27 GMT
server
AmazonS3
age
23079
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"ee91d350c7a2440c6c3ed86d26363c27"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
73462
x-amz-cf-id
GHXnUoegcSUJLmImCbw2tA7k9cRTtZLhn92Vw4NveJ8odwdYnz6-xQ==
NHD-LogoMinorCuadrado.png
info.nh-hotels.com/campaign/logos/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.nh-hotels.com/campaign/logos/NHD-LogoMinorCuadrado.png
Requested by
Host: fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL: https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb6b1dad0428b97820d2fa17829c287edc202a94d0613158b7d93f184f1231ac

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
X_aH8FLjuasDN9UpReVqBt9J_Zlq6BTx
date
Thu, 28 Dec 2023 10:38:43 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
last-modified
Thu, 22 Jun 2023 14:22:15 GMT
server
AmazonS3
age
78933
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"a3d1ed96abc85b8d9711cabab0aa5fcb"
x-cache
Hit from cloudfront
content-type
image/png
x-robots
noindex, nofollow
accept-ranges
bytes
content-length
20190
x-amz-cf-id
wrSxkm5CrR1m8x2e0Kmx9VWZNypcm4eH4pTJUrB9EiGUwYQ40br8vQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
URL
https://fjbhmat9dl.execute-api.eu-west-1.amazonaws.com/SHP?sap-outbound-id=DA373D9F987CDC14023D1320DD3B94FF8D172400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

3 Cookies

Domain/Path Name / Value
digital.nh-hotels.com/ Name: sap-usercontext
Value: sap-client=100
.doubleclick.net/ Name: APC
Value: AfxxVi5X1V4fevGKnsDe7ZAh3vfvmmAs0lmo5zvhLzG2R0Y-fOwa5A
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
digital.nh-hotels.com
fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
info.nh-hotels.com
s0.2mdn.net
fjbhmat9dl.execute-api.eu-west-1.amazonaws.com
13.32.27.126
142.250.185.134
142.250.185.230
195.76.37.67
52.209.109.148
073f32d35e5057453aa732c7b484091bde66505d13a32d0b5dcf50ecc66e1848
0939fce90e44a64139fbc93a2d289aba72685a4078914ee5d3edcecd58d6645a
0fbf9b6f14f92e6ba5751a1ad5c191350d2c02a71e166873746c53499eb0e7fd
1a09e51442e6f65d23fdaeadbcad092aaa554cc0d7c1d3002bd30963743f5cac
39a0ccbfd00daca26d3b82475ef025c9c4d1655913660c52a1ac42c832ebad11
534c0d114582fb2686738361379db2c0e354d07287b3be76ae9c7b79364a8a23
603d3242a89febbb4c2baf84019fb23b7f575d45410afdd9e360c44d4064890c
626c282e3ea6bc90b8e2e4671cd520766faaf87e5e57dbd7c366c98cd70361c6
6e629e8d687e9352ee188e15f994978fe237248456576c864a10a3f227d6ddfa
716cac8e87d7719df796c664108f31d91a6bf4eb5e5a85140050790e41b2d53d
b269fcb4e44b57d3e363c86d55f0d2c3c7cff4c28513c230f388be3426005a8e
bb6b1dad0428b97820d2fa17829c287edc202a94d0613158b7d93f184f1231ac
c1b47ae42d0536ce2bfe188229209288c1fc12eec3f69aa5f2fab37ce4b25918
cecd22273e30446883979c202b2cb33238b348881c73334f363fe1f85205848a
df68aa21d21c90ccbee6abaa9514db4fe35e9b4d06268dd093cd9ab48f55c574
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb0b845cc1563a96296997bcb0e6dfbc655cd9b373f8618ef38cdf7492e99fd