www.hsbc5599.com Open in urlscan Pro
34.96.192.182 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hsbc5599.com/
Submission Tags: @phishunt_io
Submission: On March 07 via api (March 7th 2023, 6:00:23 pm UTC) from DE — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 22 HTTP transactions. The main IP is 34.96.192.182, located in Central, Hong Kong and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.hsbc5599.com.
TLS certificate: Issued by R3 on March 7th 2023. Valid for: 3 months.

This is the only time www.hsbc5599.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	34.96.192.182 34.96.192.182	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	79.133.177.252 79.133.177.252	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
6	18.162.244.131 18.162.244.131	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
22	5

9 34.96.192.182 (Central, Hong Kong)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 182.192.96.34.bc.googleusercontent.com

www.hsbc5599.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.133.177.252 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

at.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.162.244.131 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-162-244-131.ap-east-1.compute.amazonaws.com

www-api.hsbc5797.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	hsbc5599.com www.hsbc5599.com	1 MB
6	hsbc5797.com www-api.hsbc5797.com	12 KB
2	gstatic.com fonts.gstatic.com	51 KB
1	alicdn.com at.alicdn.com — Cisco Umbrella Rank: 12163	18 KB
22	4

	Domain	Requested by
9	www.hsbc5599.com	www.hsbc5599.com
6	www-api.hsbc5797.com	www.hsbc5599.com
2	fonts.gstatic.com	www.hsbc5599.com
1	at.alicdn.com	www.hsbc5599.com
22	4

This site contains no links.

Subject Issuer	Validity	Valid
m.hsbc1613.com R3	`2023-03-07` - `2023-06-05`	3 months	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G2	`2022-07-22` - `2023-08-06`	a year	crt.sh
www-api.hsbc5797.com R3	`2023-03-07` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.hsbc5599.com/
Frame ID: CE3863C8D21E646E3759183C37A7EDB1
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

瑞祥

Page Statistics

22
Requests

82 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

1606 kB
Transfer

4199 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.hsbc5599.com/ 1 KB
955 B 854ms
253ms Document
text/html 34.96.192.182
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hsbc5599.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.192.182 Central, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 182.192.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f488d39a7f0ccf64d723d51632fc21bbba0c05a28111718432bb807f40702172

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 07 Mar 2023 18:00:15 GMT
ETag: W/"6406f81c-4bf"
Last-Modified: Tue, 07 Mar 2023 08:38:52 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Encoding

GET
H/1.1 200
OK setting.js Show response
www.hsbc5599.com/static/ 135 B
393 B 263ms
255ms Script
application/javascript 34.96.192.182
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hsbc5599.com/static/setting.js?key=1678178173480
Requested by: Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.192.182 Central, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 182.192.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8a2750ad3b90e27093d3d3245b7f2c9fd439e1ccbc8cad714a78afee3b404247

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hsbc5599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:00:15 GMT
Last-Modified: Tue, 07 Mar 2023 08:38:52 GMT
Server: nginx
ETag: "6406f81c-87"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 135

GET
H/1.1 200
OK app.6256164110c55367ac1bb77f4a439f97.css
www.hsbc5599.com/static/css/ 1 MB
358 KB 571ms
563ms Stylesheet
text/css 34.96.192.182
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hsbc5599.com/static/css/app.6256164110c55367ac1bb77f4a439f97.css
Requested by: Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.192.182 Central, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 182.192.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 877e70e297044024f268b567e09b3d60719f6daaff7ded07c027ebde0285aa20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hsbc5599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:00:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2023 08:38:52 GMT
Server: nginx
ETag: W/"6406f81c-127748"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK agent.js Show response
www.hsbc5599.com/static/ 8 KB
1 KB 543ms
274ms Script
application/javascript 34.96.192.182
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hsbc5599.com/static/agent.js
Requested by: Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.192.182 Central, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 182.192.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 72decddb9211b90ce34c3717f123a0dfb51d7e64844bb380a19773d27d72caea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hsbc5599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:00:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2023 08:38:52 GMT
Server: nginx
ETag: W/"6406f81c-21f5"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK manifest.3623fb19671908cce988.js Show response
www.hsbc5599.com/static/js/ 2 KB
2 KB 761ms
260ms Script
application/javascript 34.96.192.182
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hsbc5599.com/static/js/manifest.3623fb19671908cce988.js
Requested by: Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.192.182 Central, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 182.192.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6f58f3fe50823ae66ca85b735d2dc4ac945d47e3398684561d78bff9de8aeac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hsbc5599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:00:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2023 08:38:52 GMT
Server: nginx
ETag: W/"6406f81c-91a"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK vendor.11adaf647359e2b8d140.js Show response
www.hsbc5599.com/static/js/ 2 MB
436 KB 1062ms
561ms Script
application/javascript 34.96.192.182
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hsbc5599.com/static/js/vendor.11adaf647359e2b8d140.js
Requested by: Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.192.182 Central, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 182.192.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1ec8d66d7d9baa0218464d9bc8cda3b64931a2009f24a397e5986e66c7dd921b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hsbc5599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:00:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2023 08:38:52 GMT
Server: nginx
ETag: W/"6406f81c-185288"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK app.08da628c680e27e69c4e.js Show response
www.hsbc5599.com/static/js/ 885 KB
475 KB 1058ms
557ms Script
application/javascript 34.96.192.182
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hsbc5599.com/static/js/app.08da628c680e27e69c4e.js
Requested by: Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.192.182 Central, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 182.192.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2b7e0408d6ba1d325e1b86c42c4aadf59010bdb5186ca011cbb0226960cb3344

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hsbc5599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:00:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2023 08:38:52 GMT
Server: nginx
ETag: W/"6406f81c-dd459"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H2 200 font_2274506_2w9tk00yjuq.css
at.alicdn.com/t/ 27 KB
18 KB 62ms
10ms Stylesheet
text/css 79.133.177.252
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://at.alicdn.com/t/font_2274506_2w9tk00yjuq.css
Requested by: Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/static/css/app.6256164110c55367ac1bb77f4a439f97.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.133.177.252 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 05b783b93ea88c28cc7ed2c8280723b28d04a41d142528451d4fbec1617c629f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hsbc5599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 03:29:30 GMT
via: cache15.l2us1[0,0,200-0,H], cache12.l2us1[0,0], cache2.de3[0,0,200-0,H], cache3.de3[2,0]
content-encoding: gzip
x-oss-request-id: 630C329A9A18D632334CCF56
content-md5: 9DhbkZbULj3J4xP4QHunUw==
age: 16468247
x-swift-cachetime: 49265793
x-cache: HIT TCP_HIT dirn:13:489242631
x-swift-savetime: Sat, 04 Feb 2023 22:32:57 GMT
x-oss-object-type: Normal
last-modified: Fri, 24 Dec 2021 21:09:51 GMT
server: Tengine
etag: W/"F4385B9196D42E3DC9E313F8407BA753"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Origin
ali-swift-global-savetime: 1661743770
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=63072000
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 8375330039042961324
eagleid: 4f85b19716782120172044703e
x-oss-server-time: 55

OPTIONS
H/1.1 200
OK config
www-api.hsbc5797.com/v2/start/ 0
0 682ms
227ms Preflight
text/html 18.162.244.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-api.hsbc5797.com/v2/start/config
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.162.244.131 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-162-244-131.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: av,code,lang,mm,pl,sv,uuid
Access-Control-Request-Method: GET
Origin: https://www.hsbc5599.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Requested-With, X-Request-Uri, Content-Type, Accept, Origin, Authorization, lang, pl, mm, av, sv, uuid, channelName, applicationID, code
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Mar 2023 18:00:18 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Encoding

OPTIONS
H/1.1 200
OK config
www-api.hsbc5797.com/v2/start/ 0
0 679ms
244ms Preflight
text/html 18.162.244.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-api.hsbc5797.com/v2/start/config
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.162.244.131 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-162-244-131.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: av,code,lang,mm,pl,sv,uuid
Access-Control-Request-Method: GET
Origin: https://www.hsbc5599.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Requested-With, X-Request-Uri, Content-Type, Accept, Origin, Authorization, lang, pl, mm, av, sv, uuid, channelName, applicationID, code
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Mar 2023 18:00:18 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Encoding

GET
H/1.1 200
OK config Show response
www-api.hsbc5797.com/v2/start/ 11 KB
4 KB 3076ms
3075ms Fetch
application/json 18.162.244.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-api.hsbc5797.com/v2/start/config
Requested by: Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/static/js/app.08da628c680e27e69c4e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.162.244.131 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-162-244-131.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b43ab09b02a8d33ce1084eb2a8bb1f7918d973527534b2cac2bcc32915f52e6f

Request headers

code
sv
av
mm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
pl: pc
lang: null
Referer: https://www.hsbc5599.com/
uuid

Response headers

Date: Tue, 07 Mar 2023 18:00:21 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, X-Request-Uri, Content-Type, Accept, Origin, Authorization, lang, pl, mm, av, sv, uuid, channelName, applicationID, code

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.119.woff2
fonts.gstatic.com/s/notosanssc/v26/ 50 KB
51 KB 171ms
49ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v26/k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.119.woff2

Requested by

Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/static/css/app.6256164110c55367ac1bb77f4a439f97.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c2ad54cada10eb0bb005b3b03372e1db84417f694bddaf5303bdae885a60b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hsbc5599.com/
Origin: https://www.hsbc5599.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 09:17:05 GMT
x-content-type-options: nosniff
age: 549793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51172
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:43:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 09:17:05 GMT

GET
H/1.1 200
OK 26.c3c4891f4a34e22b5dde.js Show response
www.hsbc5599.com/static/js/ 2 KB
1 KB 260ms
260ms Script
application/javascript 34.96.192.182
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hsbc5599.com/static/js/26.c3c4891f4a34e22b5dde.js
Requested by: Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/static/js/manifest.3623fb19671908cce988.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.192.182 Central, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 182.192.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 61b263b0eab6a64d37e2a06f4a6ebec49ecc36dadceaa573687ae0288325c119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hsbc5599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:00:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2023 08:38:52 GMT
Server: nginx
ETag: W/"6406f81c-635"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK 16.50ae891b52aefc1784ec.js Show response
www.hsbc5599.com/static/js/ 417 KB
250 KB 297ms
296ms Script
application/javascript 34.96.192.182
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hsbc5599.com/static/js/16.50ae891b52aefc1784ec.js
Requested by: Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/static/js/manifest.3623fb19671908cce988.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.192.182 Central, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 182.192.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a22d703ab21d945a813a80cb232e3a55e0e18aa2862ee9d4e6dc59a95c0f0f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hsbc5599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:00:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2023 08:38:52 GMT
Server: nginx
ETag: W/"6406f81c-68557"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK config Show response
www-api.hsbc5797.com/v2/start/ 11 KB
4 KB 3085ms
3084ms Fetch
application/json 18.162.244.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-api.hsbc5797.com/v2/start/config
Requested by: Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/static/js/app.08da628c680e27e69c4e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.162.244.131 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-162-244-131.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b43ab09b02a8d33ce1084eb2a8bb1f7918d973527534b2cac2bcc32915f52e6f

Request headers

code
sv
av
mm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
pl: pc
lang: null
Referer: https://www.hsbc5599.com/
uuid

Response headers

Date: Tue, 07 Mar 2023 18:00:21 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, X-Request-Uri, Content-Type, Accept, Origin, Authorization, lang, pl, mm, av, sv, uuid, channelName, applicationID, code

GET
H/1.1 200
OK config
www-api.hsbc5797.com/v2/start/ 11 KB
4 KB 485ms
474ms Fetch
application/json 18.162.244.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-api.hsbc5797.com/v2/start/config
Requested by: Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/static/js/app.08da628c680e27e69c4e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.162.244.131 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-162-244-131.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

code
sv
av
mm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
pl: pc
lang: null
Referer: https://www.hsbc5599.com/
uuid

Response headers

Date: Tue, 07 Mar 2023 18:00:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, X-Request-Uri, Content-Type, Accept, Origin, Authorization, lang, pl, mm, av, sv, uuid, channelName, applicationID, code

OPTIONS
H/1.1 200
OK config
www-api.hsbc5797.com/v2/start/ 0
0 240ms
240ms Preflight
text/html 18.162.244.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-api.hsbc5797.com/v2/start/config
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.162.244.131 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-162-244-131.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: av,code,lang,mm,pl,sv,uuid
Access-Control-Request-Method: GET
Origin: https://www.hsbc5599.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Requested-With, X-Request-Uri, Content-Type, Accept, Origin, Authorization, lang, pl, mm, av, sv, uuid, channelName, applicationID, code
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Mar 2023 18:00:22 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Encoding

GET config
www-api.hsbc5797.com/v2/start/ 0
0

GET 30.dc9be928dad7c1d8d7cd.js
www.hsbc5599.com/static/js/ 0
0

GET guide
www-api.hsbc5797.com/v2/user/ 0
0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.118.woff2
fonts.gstatic.com/s/notosanssc/v26/ 23 KB
0 48ms
47ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanssc/v26/k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.118.woff2

Requested by

Host: www.hsbc5599.com
URL: https://www.hsbc5599.com/static/css/app.6256164110c55367ac1bb77f4a439f97.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hsbc5599.com/
Origin: https://www.hsbc5599.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:49:16 GMT
x-content-type-options: nosniff
age: 425466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30540
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:42:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 19:49:16 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS config
www-api.hsbc5797.com/v2/start/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www-api.hsbc5797.com
URL: https://www-api.hsbc5797.com/v2/start/config

Domain: www.hsbc5599.com
URL: https://www.hsbc5599.com/static/js/30.dc9be928dad7c1d8d7cd.js

Domain: www-api.hsbc5797.com
URL: https://www-api.hsbc5797.com/v2/user/guide

Domain: www-api.hsbc5797.com
URL: https://www-api.hsbc5797.com/v2/start/config

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.alicdn.com
fonts.gstatic.com
www-api.hsbc5797.com
www.hsbc5599.com
www-api.hsbc5797.com
www.hsbc5599.com
18.162.244.131
2a00:1450:400d:807::2003
34.96.192.182
79.133.177.252
05b783b93ea88c28cc7ed2c8280723b28d04a41d142528451d4fbec1617c629f
1ec8d66d7d9baa0218464d9bc8cda3b64931a2009f24a397e5986e66c7dd921b
2b7e0408d6ba1d325e1b86c42c4aadf59010bdb5186ca011cbb0226960cb3344
61b263b0eab6a64d37e2a06f4a6ebec49ecc36dadceaa573687ae0288325c119
6f58f3fe50823ae66ca85b735d2dc4ac945d47e3398684561d78bff9de8aeac2
72decddb9211b90ce34c3717f123a0dfb51d7e64844bb380a19773d27d72caea
7c2ad54cada10eb0bb005b3b03372e1db84417f694bddaf5303bdae885a60b90
877e70e297044024f268b567e09b3d60719f6daaff7ded07c027ebde0285aa20
8a2750ad3b90e27093d3d3245b7f2c9fd439e1ccbc8cad714a78afee3b404247
a22d703ab21d945a813a80cb232e3a55e0e18aa2862ee9d4e6dc59a95c0f0f6c
b43ab09b02a8d33ce1084eb2a8bb1f7918d973527534b2cac2bcc32915f52e6f
f488d39a7f0ccf64d723d51632fc21bbba0c05a28111718432bb807f40702172

www.hsbc5599.com Open in urlscan Pro 34.96.192.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

22 Requests

82 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

5 IPs

3 Countries

1606 kBTransfer

4199 kBSize

0 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Indicators

www.hsbc5599.com Open in urlscan Pro
34.96.192.182 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

82 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

1606 kB
Transfer

4199 kB
Size

0
Cookies

22 HTTP transactions
4 data transactions