hsbcuk.visaoffers.eu

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 52.209.51.66, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is hsbcuk.visaoffers.eu.
TLS certificate: Issued by Symantec Class 3 EV SSL CA - G3 on March 13th 2017. Valid for: 6 months.

This is the only time hsbcuk.visaoffers.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.209.51.66 52.209.51.66	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	54.192.37.241 54.192.37.241	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
5	3

1 52.209.51.66 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-209-51-66.eu-west-1.compute.amazonaws.com

hsbcuk.visaoffers.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.37.241 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-37-241.jfk1.r.cloudfront.net

d2n8p8eh14pae1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	google-analytics.com www.google-analytics.com	13 KB
2	cloudfront.net d2n8p8eh14pae1.cloudfront.net	12 KB
1	visaoffers.eu hsbcuk.visaoffers.eu	4 KB
5	3

	Domain	Requested by
2	www.google-analytics.com	hsbcuk.visaoffers.eu
2	d2n8p8eh14pae1.cloudfront.net	hsbcuk.visaoffers.eu
1	hsbcuk.visaoffers.eu
5	3

This site contains links to these domains. Also see Links.

Domain
www.hsbc.co.uk

Subject Issuer	Validity	Valid
www.visaoffers.eu Symantec Class 3 EV SSL CA - G3	`2017-03-13` - `2017-09-24`	6 months	crt.sh
*.cloudfront.net Symantec Class 3 Secure Server CA - G4	`2016-10-26` - `2017-12-17`	a year	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-08-15` - `2017-11-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hsbcuk.visaoffers.eu/view_email/?email_id=0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde
Frame ID: 32422.1
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i

Page Statistics

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

29 kB
Transfer

60 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hsbc.co.uk/
Title: HSBC

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
hsbcuk.visaoffers.eu/view_email/
Redirect Chain

http://gis1.mjt.lu/lnk/AEAAPWEo9uMAAAAAAAEAAAAANGgAAAAAAAEAAAAAAAj2_ABZqu3G7Use1IqtSZGZqE-KOAPHvwAG8Os/1/JyvbeTd6fQo-uk01BKl0BA/aHR0cHM6Ly9oc2JjdWsudmlzYW9mZmVycy5ldS92aWV3X2VtYWlsLz9lbWFpbF9pZD0wZ...
https://hsbcuk.visaoffers.eu/view_email/?email_id=0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde

16 KB
4 KB

480ms
60ms

Document
text/html

52.209.51.66
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://hsbcuk.visaoffers.eu/view_email/?email_id=0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.51.66 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-209-51-66.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

fc75b10f7ddae8b753ce1a35d49b5bd45268df790e886a3c0aaae95b7972cf2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2017 02:41:08 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 3881
Expires: -1

Redirect headers

Date: Tue, 05 Sep 2017 02:41:08 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Location: https://hsbcuk.visaoffers.eu/view_email/?email_id=0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK hsbc-uk-member-logo.png
d2n8p8eh14pae1.cloudfront.net/static/ 5 KB
5 KB 572ms
128ms Image
image/png 54.192.37.241
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n8p8eh14pae1.cloudfront.net/static/hsbc-uk-member-logo.png?r=206e72f0
Requested by: Host: hsbcuk.visaoffers.eu
URL: https://hsbcuk.visaoffers.eu/view_email/?email_id=0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.37.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-37-241.jfk1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c53eaa01898fb96004accd25c772123d4422efe107f26db5ce40027e9c0b5007

Request headers

Referer: https://hsbcuk.visaoffers.eu/view_email/?email_id=0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Thu, 31 Aug 2017 16:58:50 GMT
Via: 1.1 8ed48260ebc584eec98d6931248a313e.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jul 2017 10:24:26 GMT
Server: AmazonS3
ETag: "3c9244c805a8720b9ccfa295f7688bd3"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5504
X-Amz-Cf-Id: wgIuCxGMsAWvb4_zdp86aCqrTcgeycedfZFEQQK9dWNT_Q04A8lrww==

GET
H/1.1 200
OK vcrunch-visa-logo.png
d2n8p8eh14pae1.cloudfront.net/static/ 7 KB
7 KB 686ms
245ms Image
image/png 54.192.37.241
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n8p8eh14pae1.cloudfront.net/static/vcrunch-visa-logo.png?r=d4ceb08a
Requested by: Host: hsbcuk.visaoffers.eu
URL: https://hsbcuk.visaoffers.eu/view_email/?email_id=0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.37.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-37-241.jfk1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc8849367821ea259aa0acd6cbd5c9bb3c07a6bbbda55c96cc82835d2d3c048c

Request headers

Referer: https://hsbcuk.visaoffers.eu/view_email/?email_id=0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Wed, 16 Aug 2017 07:43:15 GMT
Via: 1.1 a223062e33743b5c4ba88d0314bb704c.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Sep 2016 07:40:31 GMT
Server: AmazonS3
ETag: "b41a1721905165f37c7dd0511b17e634"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6759
X-Amz-Cf-Id: y86iLVgGiiI4oGQBAKgHT8zTBaFoi9QV9dtNxBnCxYxinH-mr0IpMw==

GET
S 200 analytics.js Show response
www.google-analytics.com/ 32 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hsbcuk.visaoffers.eu
URL: https://hsbcuk.visaoffers.eu/view_email/?email_id=0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

522cc831f77209aa434abd05e5a9a114ec3aab233232394877ea5446130584de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsbcuk.visaoffers.eu/view_email/?email_id=0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2017 01:11:09 GMT
server: Golfe2
age: 5070
date: Tue, 05 Sep 2017 01:16:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 13472
expires: Tue, 05 Sep 2017 03:16:38 GMT

GET
S 200 collect
www.google-analytics.com/r/ 35 B
53 B 13ms
13ms Image
image/gif 2a00:1450:4001:80b::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j60&a=1709174007&t=pageview&_s=1&dl=https%3A%2F%2Fhsbcuk.visaoffers.eu%2Fview_email%2F%3Femail_id%3D0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde&ul=en-us&de=UTF-8&dt=View%20email&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABI~&jid=966645771&gjid=581129306&cid=1223026321.1504579269&tid=UA-83359853-1&_gid=1043308660.1504579269&_r=1&z=1182636666

Requested by

Host: hsbcuk.visaoffers.eu
URL: https://hsbcuk.visaoffers.eu/view_email/?email_id=0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsbcuk.visaoffers.eu/view_email/?email_id=0d8d59212a4ae0992d4f676552702bc0467eccf68254c1901dd8a5090ddb6dde
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2017 02:41:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.visaoffers.eu/	2017-09-05 02:42:08	Name: _gat Value: 1
.visaoffers.eu/	2017-09-06 02:41:08	Name: _gid Value: GA1.2.1043308660.1504579269
.visaoffers.eu/	2019-09-05 02:41:08	Name: _ga Value: GA1.2.1223026321.1504579269
.hsbcuk.visaoffers.eu/	1970-01-01 00:00:00	Name: ssid_secure Value: ijtirvm41qn5i1ctd5sr4q1a85f948bc07d405df

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2n8p8eh14pae1.cloudfront.net
hsbcuk.visaoffers.eu
www.google-analytics.com
2a00:1450:4001:80b::200e
52.209.51.66
54.192.37.241
522cc831f77209aa434abd05e5a9a114ec3aab233232394877ea5446130584de
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
c53eaa01898fb96004accd25c772123d4422efe107f26db5ce40027e9c0b5007
dc8849367821ea259aa0acd6cbd5c9bb3c07a6bbbda55c96cc82835d2d3c048c
fc75b10f7ddae8b753ce1a35d49b5bd45268df790e886a3c0aaae95b7972cf2d

hsbcuk.visaoffers.eu Open in urlscan Pro 52.209.51.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

29 kBTransfer

60 kBSize

4 Cookies

1 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

hsbcuk.visaoffers.eu Open in urlscan Pro
52.209.51.66 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

29 kB
Transfer

60 kB
Size

4
Cookies

5 HTTP transactions
0 data transactions