accounts.hgv.it
Open in
urlscan Pro
199.36.158.100
Public Scan
Effective URL: https://accounts.hgv.it/error?id=ba848957-14ae-477a-a7b1-27a23708baa1
Submission: On September 12 via automatic, source certstream-suspicious — Scanned from IT
Summary
TLS certificate: Issued by GTS CA 1D4 on August 10th 2023. Valid for: 3 months.
This is the only time accounts.hgv.it was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 142.250.185.179 142.250.185.179 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 104.18.13.126 104.18.13.126 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 199.36.158.100 199.36.158.100 | 54113 (FASTLY) (FASTLY) | |
10 | 4 |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f19.1e100.net
beta.serviceportal.hgv.it |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
hgv.it
1 redirects
beta.serviceportal.hgv.it api.accounts.hgv.it Failed accounts.hgv.it |
405 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
5 | accounts.hgv.it |
beta.serviceportal.hgv.it
accounts.hgv.it |
3 | beta.serviceportal.hgv.it |
beta.serviceportal.hgv.it
|
2 | api.accounts.hgv.it |
beta.serviceportal.hgv.it
accounts.hgv.it |
10 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
beta.serviceportal.hgv.it GTS CA 1D4 |
2023-09-12 - 2023-12-11 |
3 months | crt.sh |
accounts.hgv.it GTS CA 1D4 |
2023-08-10 - 2023-11-08 |
3 months | crt.sh |
api.accounts.hgv.it GTS CA 1P5 |
2023-08-09 - 2023-11-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://accounts.hgv.it/error?id=ba848957-14ae-477a-a7b1-27a23708baa1
Frame ID: 7838D2EEEF90980815D478C8E4D35915
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
HGV KontoPage URL History Show full URLs
- https://beta.serviceportal.hgv.it/ Page URL
-
https://api.accounts.hgv.it/self-service/login/browser?return_to=https://beta.serviceportal.hgv.it/
HTTP 303
https://accounts.hgv.it/error?id=ba848957-14ae-477a-a7b1-27a23708baa1 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://beta.serviceportal.hgv.it/ Page URL
-
https://api.accounts.hgv.it/self-service/login/browser?return_to=https://beta.serviceportal.hgv.it/
HTTP 303
https://accounts.hgv.it/error?id=ba848957-14ae-477a-a7b1-27a23708baa1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
beta.serviceportal.hgv.it/ |
547 B 751 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-00eb7ae8.js
beta.serviceportal.hgv.it/assets/ |
939 KB 266 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-379f8aea.css
beta.serviceportal.hgv.it/assets/ |
45 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
whoami
api.accounts.hgv.it/sessions/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
error
accounts.hgv.it/ Redirect Chain
|
452 B 772 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-7ed20127.js
accounts.hgv.it/assets/ |
499 KB 100 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-09180975.css
accounts.hgv.it/assets/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
warning-6c4bcd10.svg
accounts.hgv.it/assets/ |
9 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
open-sans-latin-400-normal-441e2360.woff2
accounts.hgv.it/assets/ |
18 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
whoami
api.accounts.hgv.it/sessions/ |
206 B 575 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.accounts.hgv.it
- URL
- https://api.accounts.hgv.it/sessions/whoami
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| __REACT_INTL_CONTEXT__4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
api.accounts.hgv.it/ | Name: __cflb Value: 04dTofjtHwhfCny3TimBZbgWZXE933GctJW5dT2ysZ |
|
.api.accounts.hgv.it/ | Name: __cf_bm Value: lQfcxHAnskAkbkKOyd.KDLIKcXysdqL_nW7lr4tnB10-1694532207-0-AQKXKJ9xiTqKTYXLmV/RSHdjVBa6/t6SAk4xBB1d3ZcvY0WG6EC0Hj9v0tA2q5ksEgZg2nL67bO53j9Cj6M3iOo= |
|
.api.accounts.hgv.it/ | Name: _cfuvid Value: Fjq7357ZiEvI.q9vcKOgOpvDnWK5KsZMqLTT4XC3Usc-1694532207594-0-604800000 |
|
.hgv.it/ | Name: csrf_token_08c109866b1aa722ec57d2d3fde7e268e49d5609fdb3e79c4308a4a40d40aaad Value: Y0SkYv96oe6amVIX4Is1N9is5wjrHAYnDQB+o1RX6ck= |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'none';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self';connect-src 'self' https://api.accounts.hgv.it;frame-src 'none';font-src 'self';frame-ancestors 'self' |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.hgv.it
api.accounts.hgv.it
beta.serviceportal.hgv.it
api.accounts.hgv.it
104.18.13.126
142.250.185.179
199.36.158.100
0918097574a5fde70ad085b6b9989e3af29dd3f125ec3ca3cf63e55f1c7da619
29faffa68a7d495560e95ac800ef0fe98c67fa7dc3e32c8bd4f429911bf94818
379f8aea42597a3aefaf0a9977184c4e7e69b7578187a4a389144e8e77dec65d
3b6b888451a2caa8d5981f7cd37caed25b0876c8acbbb9050528729835021255
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
53f87fbc9a202125d0b0cab2c78bd06e75b370651c00b64706c9935a3cfb5002
6c4bcd10c9f9592dfd2690d25d6509c4c3b6eb5a303a24857395b3423c1a5e97
8b7434ef383b631a72413bb2d94fefd124848a6efbe9bf3b377b6b7fdbc3ddea
fec565b500705a9d5d3b41d0c1e59a0bd2036ffaf277a5c983cd427f44268314