hsbchelp.com
Open in
urlscan Pro
91.215.85.79
Malicious Activity!
Public Scan
Submission: On May 20 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.
This is the only time hsbchelp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: HSBC (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 91.215.85.79 91.215.85.79 | 200593 (PROSPERO-AS) (PROSPERO-AS) | |
17 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
hsbchelp.com
hsbchelp.com |
2 MB |
17 | 1 |
Domain | Requested by | |
---|---|---|
17 | hsbchelp.com |
hsbchelp.com
|
17 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.hsbcnet.com |
www.secure.hsbcnet.com |
www.business.hsbc.ca |
www.gbm.hsbc.com |
www.hsbc.com |
beian.miit.gov.cn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hsbchelp.com R3 |
2024-05-14 - 2024-08-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://hsbchelp.com/
Frame ID: 921D8FF0A6807056E98C4E17EBAC1CE0
Requests: 17 HTTP requests in this frame
19 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Log on to HSBCnet
Search URL Search Domain Scan URL
Title: About HSBCnet
Search URL Search Domain Scan URL
Title: Online security
Search URL Search Domain Scan URL
Title: Customer support
Search URL Search Domain Scan URL
Title: Getting started
Search URL Search Domain Scan URL
Title: Troubleshooting
Search URL Search Domain Scan URL
Title: 从中国登录
Search URL Search Domain Scan URL
Title: How can we help?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Online Security
Search URL Search Domain Scan URL
Title: HSBC Group
Search URL Search Domain Scan URL
Title: Terms and Conditions of Use
Search URL Search Domain Scan URL
Title: Privacy and Data Protection Statement
Search URL Search Domain Scan URL
Title: Cookie Notice
Search URL Search Domain Scan URL
Title: 沪ICP备15029387号 - 1
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
hsbchelp.com/ |
45 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
hsbchelp.com/css/ |
196 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsbc-logo.svg
hsbchelp.com/img/ |
2 KB 824 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smarter-banking-with-hsbcnet.jpg
hsbchelp.com/img/ |
552 KB 553 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
awards-banner.jpg
hsbchelp.com/img/ |
382 KB 382 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
staying-ahead-of-online-fraud.jpg
hsbchelp.com/img/ |
463 KB 463 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iso-20022-the-new-language-of-payments.jpg
hsbchelp.com/img/ |
147 KB 147 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsbcnet-mobile-hero-banner-promo.jpg
hsbchelp.com/img/ |
542 KB 542 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.7.0.min.js
hsbchelp.com/scripts/ |
85 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
hsbchelp.com/scripts/ |
812 B 322 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chevron-right-red.svg
hsbchelp.com/assets/img/svg/ |
708 B 708 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
UniversNextforHSBCW02-Th.woff
hsbchelp.com/fonts/ |
26 KB 26 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
UniversNextforHSBCW02-Lt.woff
hsbchelp.com/fonts/ |
26 KB 26 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
UniversNextforHSBCW02-Bd.woff
hsbchelp.com/fonts/ |
26 KB 26 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
UniversNextforHSBCW02-Rg.woff
hsbchelp.com/fonts/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
UniversNextforHSBCW02-LtIt.woff
hsbchelp.com/fonts/ |
24 KB 24 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
hsbchelp.com/img/ |
318 B 172 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: HSBC (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery string| OSName0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hsbchelp.com
91.215.85.79
0025d06c14264da241ef6b818d0c437b332d21d2733f11c175bf950ba635c9f0
139874f19e64dbdbd420b524653c5447c63e9186b24c161ff50f2047b1fe4002
1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695
190c1c5d443872f7ee23494c42cfd80c30e97311da2ae748bbf6ab036d80b53c
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e
27492376dcddcc94714ff3defc879724e313b29d6369a04672f4fc6b1c35e8f0
276bee29589443fb2caabd54475d676a9beb9c0b156810a29f53130492ef4820
316a15cd35bc1c66be119df44a560c70e66580da4612ef73b90b9d2043b5bcfd
32b42f9bc813dd6bad1b45129eade1df8dd1463908f79505209fbfa1aa71018a
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
3b68ba378d090c8e1dee2e794554627afdd2260380a83c9a8e36a66154c43d46
4ba6978d0263b47a47acb38043485f767013031b9a6d98541be396512ad80ed5
76951f74e86f0a98d264203ac84b84f72b970d226db80f2e601eda24a55d35b1
78486a4c0d7074873ba8323cb56fa0678cd7aeb3c64c798047e0b0456ee10589
8a895efb96d07328007e1404345e370d6ac34e0732af3e7872ab194daa4ced0f
c736d15fc8104340a0fcbdad3dea714abc1a358ec4e108952c223a24460006e3
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13