urlscan.io logo urlscan.io
SecurityTrails logo

l.h4.hilton.com Open in urlscan Pro
173.213.4.175  Public Scan

Go To Rescan Add Verdict Report
URL: http://l.h4.hilton.com/rts/go2.aspx?h=263262&tp=i-1NHD-Ak-4MK-A63qZn-24-jqH6q-1c-usK3-9wVYcD-l7ElU7JLuc-cRoMI&x=16760
Submission: On March 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 173.213.4.175, located in United States and belongs to ASN-CHEETA-MAIL, US. The main domain is l.h4.hilton.com. The Cisco Umbrella rank of the primary domain is 73544.
This is the only time l.h4.hilton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 173.213.4.175 53316 (ASN-CHEET...)
2 2 104.111.252.214 ()
1 160.8.6.246 ()
5 3
Apex Domain
Subdomains		 Transfer
5 hilton.com
l.h4.hilton.com — Cisco Umbrella Rank: 73544
s.h1.hilton.com — Cisco Umbrella Rank: 38477
hiltonhonors3.hilton.com
help.hilton.com
5 KB
5 1
Domain Requested by
2 hiltonhonors3.hilton.com 2 redirects
1 help.hilton.com l.h4.hilton.com
1 s.h1.hilton.com l.h4.hilton.com
1 l.h4.hilton.com
5 4

This site contains no links.

Subject Issuer Validity Valid
h1.hilton.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-14 -
2023-01-14		 a year crt.sh
help.hilton.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-17 -
2022-12-17		 a year crt.sh

This page contains 1 frames:

Frame: https://help.hilton.com/s/?WT.mc_id=zHHEM0WW1MB2OLE3DCI4MO1530_DCI_Control_Control_Jul5TermsConditions_CustomerSupport_MO15306MULTIBR7EN8i1&om_mid=16760
Frame ID: A4B4E8D2F5F444BA55FFB1A6A5500825
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

5
Requests

40 %
HTTPS

0 %
IPv6

1
Domains

4
Subdomains

3
IPs

1
Countries

3 kB
Transfer

2 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://hiltonhonors3.hilton.com/en/support/index.html?WT.mc_id=zHHEM0WW1MB2OLE3DCI4MO1530_DCI_Control_Control_Jul5TermsConditions_CustomerSupport_MO15306MULTIBR7EN8i1&om_mid=16760 HTTP 301
  • https://hiltonhonors3.hilton.com/en/support/index.html?WT.mc_id=zHHEM0WW1MB2OLE3DCI4MO1530_DCI_Control_Control_Jul5TermsConditions_CustomerSupport_MO15306MULTIBR7EN8i1&om_mid=16760 HTTP 301
  • https://help.hilton.com/s/?WT.mc_id=zHHEM0WW1MB2OLE3DCI4MO1530_DCI_Control_Control_Jul5TermsConditions_CustomerSupport_MO15306MULTIBR7EN8i1&om_mid=16760

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request go2.aspx
l.h4.hilton.com/rts/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://l.h4.hilton.com/rts/go2.aspx?h=263262&tp=i-1NHD-Ak-4MK-A63qZn-24-jqH6q-1c-usK3-9wVYcD-l7ElU7JLuc-cRoMI&x=16760
Protocol
HTTP/1.1
Server
173.213.4.175 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
/
Resource Hash
6fc27ba7e1542c7f5e74c85d7f460c8bd799dd3029d7528dfd82b4e4412dbdf7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Server
X-Powered-By
Date
Tue, 08 Mar 2022 16:46:43 GMT
SetCookie.gif
s.h1.hilton.com/wts/WebEvent/ 		807 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.h1.hilton.com/wts/WebEvent/SetCookie.gif?tp=i-1NHD-Ak-4MK-A63qZn-24-jqH6q-1c-usK3-9wVYcD-l7ElU7JLuc-cRoMI
Requested by
Host: l.h4.hilton.com
URL: http://l.h4.hilton.com/rts/go2.aspx?h=263262&tp=i-1NHD-Ak-4MK-A63qZn-24-jqH6q-1c-usK3-9wVYcD-l7ElU7JLuc-cRoMI&x=16760
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.213.4.175 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
/
Resource Hash
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://l.h4.hilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Mar 2022 16:46:43 GMT
X-AspNetMvc-Version
3.0
Server
X-Powered-By
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, max-age=0
Content-Length
807
Expires
0
/
help.hilton.com/s/
Redirect Chain
  • http://hiltonhonors3.hilton.com/en/support/index.html?WT.mc_id=zHHEM0WW1MB2OLE3DCI4MO1530_DCI_Control_Control_Jul5TermsConditions_CustomerSupport_MO15306MULTIBR7EN8i1&om_mid=16760
  • https://hiltonhonors3.hilton.com/en/support/index.html?WT.mc_id=zHHEM0WW1MB2OLE3DCI4MO1530_DCI_Control_Control_Jul5TermsConditions_CustomerSupport_MO15306MULTIBR7EN8i1&om_mid=16760
  • https://help.hilton.com/s/?WT.mc_id=zHHEM0WW1MB2OLE3DCI4MO1530_DCI_Control_Control_Jul5TermsConditions_CustomerSupport_MO15306MULTIBR7EN8i1&om_mid=16760
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://help.hilton.com/s/?WT.mc_id=zHHEM0WW1MB2OLE3DCI4MO1530_DCI_Control_Control_Jul5TermsConditions_CustomerSupport_MO15306MULTIBR7EN8i1&om_mid=16760
Requested by
Host: l.h4.hilton.com
URL: http://l.h4.hilton.com/rts/go2.aspx?h=263262&tp=i-1NHD-Ak-4MK-A63qZn-24-jqH6q-1c-usK3-9wVYcD-l7ElU7JLuc-cRoMI&x=16760
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.6.246 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072004; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://l.h4.hilton.com/rts/go2.aspx?h=263262&tp=i-1NHD-Ak-4MK-A63qZn-24-jqH6q-1c-usK3-9wVYcD-l7ElU7JLuc-cRoMI&x=16760

Response headers

Date
Tue, 08 Mar 2022 16:46:54 GMT
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Strict-Transport-Security
max-age=63072004; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
Referrer-Policy
origin-when-cross-origin
Expires
Mon, 08 Mar 2021 16:46:54 GMT
Content-Type
text/html;charset=UTF-8
Vary
Origin, Accept-Encoding
Last-Modified
Mon, 08 Mar 2021 16:46:54 GMT
Link
</s/sfsites/auraFW/javascript/GLwpaE1i74371O4RpOURgA/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.1-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22KbCmDBVbE10iCy1inwbbzA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/app.js>;rel=preload;as=script;nopush
Server-Timing
Total;dur=181
Timing-Allow-Origin
*
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

server
AkamaiGHost
content-length
0
location
https://help.hilton.com/s/?WT.mc_id=zHHEM0WW1MB2OLE3DCI4MO1530_DCI_Control_Control_Jul5TermsConditions_CustomerSupport_MO15306MULTIBR7EN8i1&om_mid=16760
date
Tue, 08 Mar 2022 16:46:53 GMT
vary
Accept-Encoding,User-Agent
server-timing
cdn-cache; desc=HIT edge; dur=1
link
<https://fast.fonts.net>;rel="preconnect",<https://assets.adobedtm.com>;rel="preconnect",<https://www.googleadservices.com>;rel="preconnect",<https://tag.rmp.rakuten.com>;rel="preconnect",<https://4dc2aa82bc5e.cdn4.forter.com>;rel="preconnect",<https://prvsz4pe.micpn.com>;rel="preconnect",<https://hilton.demdex.net>;rel="preconnect",<https://sc-static.net>;rel="preconnect"
strict-transport-security
max-age=0
aura_prod.js
help.hilton.com/s/sfsites/auraFW/javascript/GLwpaE1i74371O4RpOURgA/ 		0
0
app.js
help.hilton.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.1-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7... 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
help.hilton.com
URL
https://help.hilton.com/s/sfsites/auraFW/javascript/GLwpaE1i74371O4RpOURgA/aura_prod.js
Domain
help.hilton.com
URL
https://help.hilton.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.1-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22KbCmDBVbE10iCy1inwbbzA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/app.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

5 Cookies

Domain/Path Name / Value
l.h4.hilton.com/ Name: ASP.NET_SessionId
Value: kbvqjv0tmkipbnkywrcld55u
.hilton.com/ Name: xyz_cr_666_et_128
Value: ak_guid=c79b80b0-2f12-4541-8139-a242132b2b5d&tp=i-1NHD-Ak-4MK-A63qZn-24-jqH6q-1c-usK3-9wVYcD-l7ElU7JLuc-cRoMI
l.h4.hilton.com/ Name: BIGipServercnv_ats_pool
Value: !jGETxWQZhcEeIaioFVQbWBKi/4Lz4hNI08t1mzPvIHr93mFjRCnBr1dynnwe4Sde4ZKh1mmHe/Wccbc=
.hilton.com/ Name: xyz_trk_cr_666
Value: tp=i-1NHD-Ak-4MK-A63qZn-24-jqH6q-1c-usK3-9wVYcD-l7ElU7JLuc-cRoMI
.hilton.com/ Name: xyz_trk_we_grp_group_hilton_hotels
Value: tp=i-1NHD-Ak-4MK-A63qZn-24-jqH6q-1c-usK3-9wVYcD-l7ElU7JLuc-cRoMI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

help.hilton.com
hiltonhonors3.hilton.com
l.h4.hilton.com
s.h1.hilton.com
help.hilton.com
104.111.252.214
160.8.6.246
173.213.4.175
6fc27ba7e1542c7f5e74c85d7f460c8bd799dd3029d7528dfd82b4e4412dbdf7
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b