help.hilton.com Open in urlscan Pro
161.71.18.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde...
Submission: On November 20 via manual (November 20th 2019, 2:09:52 pm UTC) from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 161.71.18.5, located in London, United Kingdom and belongs to SALESFORCE - Salesforce.com, Inc., US. The main domain is help.hilton.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 8th 2019. Valid for: a year.

This is the only time help.hilton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 15	161.71.18.5 161.71.18.5		14340 (SALESFORCE) (SALESFORCE - Salesforce.com)
14	1

15 161.71.18.5 (London, United Kingdom) 1 redirects

ASN14340 (SALESFORCE - Salesforce.com, Inc., US)
PTR: lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

help.hilton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	hilton.com 1 redirects help.hilton.com	849 KB
14	1

	Domain	Requested by
15	help.hilton.com	1 redirects help.hilton.com
14	1

This site contains no links.

Subject Issuer	Validity	Valid
help.hilton.com DigiCert SHA2 Secure Server CA	`2019-01-08` - `2020-01-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza
Frame ID: 5C54C0FF6DBCF578D94581399C5269E3
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

848 kB
Transfer

3398 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://help.hilton.com/file-asset-public/X0Lw2M000000blUpSAIb4488603_cca3_483?oid=00D41000000XOXt HTTP 302
https://help.hilton.com/file-asset-public/X0Lw2M000000blUpSAIb4488603_cca3_483?oid=00D41000000XOXt&isOptimized=false

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set runtimeApp.app Show response
help.hilton.com/survey/ 82 KB
24 KB 511ms
202ms Document
text/html 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

c7317db3d22ae3043c363efabbea9101533de438de2b877ce8f41d972608c1c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-51c00e42-b26b-202b-cfb8-948f395aeccb' chrome-extension: 'unsafe-inline' 'unsafe-eval' .canary.lwc.dev .na96.visual.force.com https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' .na96.visual.force.com; img-src 'self' http: https: data: blob: .na96.visual.force.com; media-src 'self' .na96.visual.force.com; frame-ancestors 'self'; frame-src https: mailto: .na96.visual.force.com blob:; font-src 'self' https: data: .na96.visual.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com .na96.visual.force.com
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: help.hilton.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Date: Wed, 20 Nov 2019 14:09:36 GMT
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Strict-Transport-Security: max-age=31536004; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-51c00e42-b26b-202b-cfb8-948f395aeccb' chrome-extension: 'unsafe-inline' 'unsafe-eval' *.canary.lwc.dev *.na96.visual.force.com https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' *.na96.visual.force.com; img-src 'self' http: https: data: blob: *.na96.visual.force.com; media-src 'self' *.na96.visual.force.com; frame-ancestors 'self'; frame-src https: mailto: *.na96.visual.force.com blob:; font-src 'self' https: data: *.na96.visual.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com *.na96.visual.force.com
Content-Type: text/html;charset=UTF-8
Expires: Sun, 06 Oct 2019 14:09:36 GMT
Last-Modified: Sun, 06 Oct 2019 14:09:36 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Set-Cookie: sfdc-stream=!gLjj0gC54+7XbOuA/lZ+tGDFCw+W12JuBxCiYxhRaBuEmNTX0IzgbbCzjVD/ZCkzwDvcI1UaRGYBOg==; path=/;Expires=Wed, 20-Nov-2019 17:09:36 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1 200
OK app.css
help.hilton.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22jJkahrzwa4qcBvICtbI9gA%22%7D%2C%... 657 KB
90 KB 47ms
34ms Stylesheet
text/css 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://help.hilton.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22jJkahrzwa4qcBvICtbI9gA%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fforce%3Abase%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsurvey%3AsurveyNamespace%22%5D%2C%22tuid%22%3A%22RCDgt1vrnwkTm8LtRTxTig%22%2C%22cuid%22%3A893615803%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css

Requested by

Host: help.hilton.com
URL: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

d3c3ec6acf7aa62bc920ba81e2e12bb3c141f3c04d74a39ce3f02a596eb9cec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 13:49:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Nov 2019 13:49:36 GMT
Age: 1201
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=3888000,public,immutable
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Length: 91348
X-XSS-Protection: 1; mode=block
Expires: Sat, 04 Jan 2020 13:49:36 GMT

GET
H/1.1 200
OK aura_prod.js Show response
help.hilton.com/auraFW/javascript/3uHUkqaEy5o9m3W8DAEYIw/ 640 KB
204 KB 112ms
42ms Script
text/javascript 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://help.hilton.com/auraFW/javascript/3uHUkqaEy5o9m3W8DAEYIw/aura_prod.js

Requested by

Host: help.hilton.com
URL: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

e21e04ea1a4a8bdfaf30d971a812b681cac1d047e6173175520dcb7304f3187d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 11:12:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Nov 2019 11:12:56 GMT
Age: 10600
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=3888000,public,immutable
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Length: 208062
X-XSS-Protection: 1; mode=block
Expires: Sat, 04 Jan 2020 11:12:56 GMT

GET
H/1.1 200
OK app.js Show response
help.hilton.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-1.0.2-222.24-b%22%2C%22split%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION... 1 MB
292 KB 112ms
42ms Script
text/javascript 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://help.hilton.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-1.0.2-222.24-b%22%2C%22split%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22jJkahrzwa4qcBvICtbI9gA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/app.js

Requested by

Host: help.hilton.com
URL: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

e02f2a60c98b993dad03f8d22f5c3d725219435940b4df5afa09b4b1ef928dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 10:24:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Nov 2019 10:24:23 GMT
Age: 13514
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=3888000,public,immutable
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Length: 298282
X-XSS-Protection: 1; mode=block
Expires: Sat, 04 Jan 2020 10:24:23 GMT

GET
H/1.1 200
OK appcore.js Show response
help.hilton.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-1.0.2-222.24-b%22%2C%22split%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION... 312 KB
52 KB 114ms
38ms Script
text/javascript 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: help.hilton.com
URL: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

20e2b6fc5e4c7632f600d3a8697c19d7f88b0019912f4f2403456340b4a39771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 10:19:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Nov 2019 10:19:25 GMT
Age: 13811
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=3888000,public,immutable
Server-Timing: Total;dur=27
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Length: 52763
X-XSS-Protection: 1; mode=block
Expires: Sat, 04 Jan 2020 10:19:25 GMT

GET
H/1.1 200
OK resources.js Show response
help.hilton.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%223uHUkqaEy5o9m3W8DAEYIw%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3Aruntim... 7 KB
3 KB 222ms
159ms Script
text/javascript 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://help.hilton.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%223uHUkqaEy5o9m3W8DAEYIw%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22jJkahrzwa4qcBvICtbI9gA%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22DOq-d_FGg3yI2kQ6qMXD0Q%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/resources.js?version=1572401071000

Requested by

Host: help.hilton.com
URL: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

d44033c7d2be8d9bc50bd73b761e3588cddf4351dedcc331125de61b7293e4e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 14:09:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Nov 2019 14:09:36 GMT
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=3888000,private,immutable
Transfer-Encoding: chunked
Server-Timing: Total;dur=42
Strict-Transport-Security: max-age=31536004; includeSubDomains
X-XSS-Protection: 1; mode=block
Expires: Sat, 04 Jan 2020 14:09:36 GMT

GET
H/1.1 200
OK SalesforceSans-Bold.woff2
help.hilton.com/_slds/fonts/v2.3.0/ 27 KB
27 KB 35ms
34ms Font
font/woff2 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://help.hilton.com/_slds/fonts/v2.3.0/SalesforceSans-Bold.woff2

Requested by

Host: help.hilton.com
URL: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

679b1591f627cf81abb4a3d1528bdbb6562b5c0cc3a954873222f95ddedffa74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://help.hilton.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22jJkahrzwa4qcBvICtbI9gA%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fforce%3Abase%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsurvey%3AsurveyNamespace%22%5D%2C%22tuid%22%3A%22RCDgt1vrnwkTm8LtRTxTig%22%2C%22cuid%22%3A893615803%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css
Origin: https://help.hilton.com

Response headers

Date: Wed, 20 Nov 2019 09:37:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jul 2019 18:17:12 GMT
Age: 16305
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: font/woff2
Cache-Control: public,max-age=10368000
Accept-Ranges: bytes
Content-Length: 27224
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Mar 2020 09:37:51 GMT

GET
H/1.1 200
OK SalesforceSans-Regular.woff2
help.hilton.com/_slds/fonts/v2.3.0/ 26 KB
27 KB 35ms
34ms Font
font/woff2 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://help.hilton.com/_slds/fonts/v2.3.0/SalesforceSans-Regular.woff2

Requested by

Host: help.hilton.com
URL: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

5526e3602654c677f1a994ecc344d315f9f6cb68cca23a06ee852bc7db1e3a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://help.hilton.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22jJkahrzwa4qcBvICtbI9gA%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fforce%3Abase%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsurvey%3AsurveyNamespace%22%5D%2C%22tuid%22%3A%22RCDgt1vrnwkTm8LtRTxTig%22%2C%22cuid%22%3A893615803%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css
Origin: https://help.hilton.com

Response headers

Date: Tue, 19 Nov 2019 12:02:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jul 2019 18:17:12 GMT
Age: 94035
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: font/woff2
Cache-Control: public,max-age=10368000
Accept-Ranges: bytes
Content-Length: 27132
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Mar 2020 12:02:21 GMT

POST
H/1.1 200
OK aura Show response
help.hilton.com/ 9 KB
4 KB 212ms
212ms XHR
application/json 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://help.hilton.com/aura?r=0&ui-survey-components-controller.SurveyRuntime.getFlowParameters=1

Requested by

Host: help.hilton.com
URL: https://help.hilton.com/auraFW/javascript/3uHUkqaEy5o9m3W8DAEYIw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

7742970891e35c460d9ed426dc27a221301399cede7a49726ef1d81cd0b2e1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza
Origin: https://help.hilton.com
X-SFDC-Request-Id: 91411000081862bc76
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 20 Nov 2019 14:09:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Oct 2019 14:09:36 GMT
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
Server-Timing: Total;dur=94
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sun, 06 Oct 2019 14:09:36 GMT

POST
H/1.1 200
OK aura Show response
help.hilton.com/ 11 KB
5 KB 188ms
187ms XHR
application/json 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://help.hilton.com/aura?r=1&ui-interaction-runtime-components-controllers.FlowRuntime.runInterview=1

Requested by

Host: help.hilton.com
URL: https://help.hilton.com/auraFW/javascript/3uHUkqaEy5o9m3W8DAEYIw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

bff11dfbc95e489493a97d16d734a29eeb3b2caac3dd6908b82d0c71fa8ae57e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza
Origin: https://help.hilton.com
X-SFDC-Request-Id: 114522000066f73b6b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 20 Nov 2019 14:09:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Oct 2019 14:09:37 GMT
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
Server-Timing: Total;dur=70
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sun, 06 Oct 2019 14:09:37 GMT

GET
H/1.1

200
OK

X0Lw2M000000blUpSAIb4488603_cca3_483
help.hilton.com/file-asset-public/
Redirect Chain

https://help.hilton.com/file-asset-public/X0Lw2M000000blUpSAIb4488603_cca3_483?oid=00D41000000XOXt
https://help.hilton.com/file-asset-public/X0Lw2M000000blUpSAIb4488603_cca3_483?oid=00D41000000XOXt&isOptimized=false

33 KB
34 KB

141ms
141ms

Image
image/jpeg

161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://help.hilton.com/file-asset-public/X0Lw2M000000blUpSAIb4488603_cca3_483?oid=00D41000000XOXt&isOptimized=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

c53bbbe2609b33ebb9293ea82bda73ee5cea20a9f9bd4ff47762b34736d6de3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 14:09:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Mar 2019 16:35:34 GMT
Strict-Transport-Security: max-age=31536004; includeSubDomains
P3P: CP="CUR OTR STA"
Cache-Control: private,max-age=86400
Content-Disposition: attachment; filename="X0Lw2M000000blUpSAIb4488603_cca3_483.jpeg"; filename*=utf-8''X0Lw2M000000blUpSAIb4488603_cca3_483.jpeg
Content-Type: image/jpeg
Vary: User-Agent
Content-Length: 33790
X-XSS-Protection: 1; mode=block
Expires: Thu, 21 Nov 2019 14:09:37 GMT

Redirect headers

Date: Wed, 20 Nov 2019 14:09:37 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: text/html; charset=UTF-8
Location: https://help.hilton.com/file-asset-public/X0Lw2M000000blUpSAIb4488603_cca3_483?oid=00D41000000XOXt&isOptimized=false
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
Content-Security-Policy: upgrade-insecure-requests
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK symbols.svg
help.hilton.com/_slds/icons/utility-sprite/svg/ 207 KB
58 KB 147ms
146ms Other
image/svg+xml 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://help.hilton.com/_slds/icons/utility-sprite/svg/symbols.svg?cache=9.28.0

Requested by

Host: help.hilton.com
URL: https://help.hilton.com/auraFW/javascript/3uHUkqaEy5o9m3W8DAEYIw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

dfa8ce5a5d9bcaa2e3d72bdaedb472179710d59df4d1c43352fb3444d75fa811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 14:09:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jul 2019 21:21:54 GMT
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: public,max-age=10368000
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Mar 2020 14:09:37 GMT

GET
H/1.1 200
OK SalesforceSans-Light.woff2
help.hilton.com/_slds/fonts/v2.3.0/ 27 KB
27 KB 133ms
133ms Font
font/woff2 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://help.hilton.com/_slds/fonts/v2.3.0/SalesforceSans-Light.woff2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

75d3579b5d82259d157b335a704a3a061530d682bb7f59391d4f7e25e569a431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://help.hilton.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22jJkahrzwa4qcBvICtbI9gA%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fforce%3Abase%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsurvey%3AsurveyNamespace%22%5D%2C%22tuid%22%3A%22RCDgt1vrnwkTm8LtRTxTig%22%2C%22cuid%22%3A893615803%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css
Origin: https://help.hilton.com

Response headers

Date: Wed, 20 Nov 2019 14:09:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jul 2019 18:17:12 GMT
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: font/woff2
Cache-Control: public,max-age=10368000
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Mar 2020 14:09:37 GMT

POST
H/1.1 200
OK aura Show response
help.hilton.com/ 8 KB
3 KB 242ms
242ms XHR
application/json 161.71.18.5
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://help.hilton.com/aura?r=2&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1

Requested by

Host: help.hilton.com
URL: https://help.hilton.com/auraFW/javascript/3uHUkqaEy5o9m3W8DAEYIw/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.18.5 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

lo2.4.0p12m000004iglmsas.00d41000000xoxteao.gslb.siteforce.com

Software

Resource Hash

64af3b59d0f738e2c26f5d52758eee07e4c43c8a7977cd455d76ab833e8a8707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.hilton.com/survey/runtimeApp.app?invitationId=0Ki2M0000022zEf&surveyName=customer_survey&UUID=6926dcf5-fdde-46ad-baf5-5467e8bdcda1&firstname=Noveliza
Origin: https://help.hilton.com
X-SFDC-Request-Id: 138873000076593d2f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 20 Nov 2019 14:09:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Oct 2019 14:09:37 GMT
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
Server-Timing: Total;dur=111
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sun, 06 Oct 2019 14:09:37 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			help.hilton.com/	1970-01-19 05:17:49	Name: sfdc-stream Value: !gLjj0gC54+7XbOuA/lZ+tGDFCw+W12JuBxCiYxhRaBuEmNTX0IzgbbCzjVD/ZCkzwDvcI1UaRGYBOg==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://help.hilton.com/libraries/instrumentation/beaconLib/BeaconLibrary.js(Line 35) Message: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-51c00e42-b26b-202b-cfb8-948f395aeccb' chrome-extension: 'unsafe-inline' 'unsafe-eval' .canary.lwc.dev .na96.visual.force.com https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' .na96.visual.force.com; img-src 'self' http: https: data: blob: .na96.visual.force.com; media-src 'self' .na96.visual.force.com; frame-ancestors 'self'; frame-src https: mailto: .na96.visual.force.com blob:; font-src 'self' https: data: .na96.visual.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com .na96.visual.force.com
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

help.hilton.com
161.71.18.5
20e2b6fc5e4c7632f600d3a8697c19d7f88b0019912f4f2403456340b4a39771
5526e3602654c677f1a994ecc344d315f9f6cb68cca23a06ee852bc7db1e3a81
64af3b59d0f738e2c26f5d52758eee07e4c43c8a7977cd455d76ab833e8a8707
679b1591f627cf81abb4a3d1528bdbb6562b5c0cc3a954873222f95ddedffa74
75d3579b5d82259d157b335a704a3a061530d682bb7f59391d4f7e25e569a431
7742970891e35c460d9ed426dc27a221301399cede7a49726ef1d81cd0b2e1a4
bff11dfbc95e489493a97d16d734a29eeb3b2caac3dd6908b82d0c71fa8ae57e
c53bbbe2609b33ebb9293ea82bda73ee5cea20a9f9bd4ff47762b34736d6de3d
c7317db3d22ae3043c363efabbea9101533de438de2b877ce8f41d972608c1c3
d3c3ec6acf7aa62bc920ba81e2e12bb3c141f3c04d74a39ce3f02a596eb9cec5
d44033c7d2be8d9bc50bd73b761e3588cddf4351dedcc331125de61b7293e4e4
dfa8ce5a5d9bcaa2e3d72bdaedb472179710d59df4d1c43352fb3444d75fa811
e02f2a60c98b993dad03f8d22f5c3d725219435940b4df5afa09b4b1ef928dc2
e21e04ea1a4a8bdfaf30d971a812b681cac1d047e6173175520dcb7304f3187d

help.hilton.com Open in urlscan Pro 161.71.18.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

848 kBTransfer

3398 kBSize

1 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

help.hilton.com Open in urlscan Pro
161.71.18.5 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

848 kB
Transfer

3398 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions