urlscan.io logo urlscan.io
SecurityTrails logo

us.hsbc.secureoffice.us Open in urlscan Pro
162.244.92.198  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://us.hsbc.secureoffice.us/
Effective URL: https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
Submission: On December 23 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 21 HTTP transactions. The main IP is 162.244.92.198, located in Cheyenne, United States and belongs to PONYNET - FranTech Solutions, US. The main domain is us.hsbc.secureoffice.us.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 23rd 2019. Valid for: 3 months.
This is the only time us.hsbc.secureoffice.us was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: HSBC (Banking)

Domain & IP information

IP Address AS Autonomous System
2 3 162.244.92.198 53667 (PONYNET)
12 161.113.4.156 26381 (HSBC-COM)
21 3
Apex Domain
Subdomains		 Transfer
12 hsbc.com
www.security.us.hsbc.com
558 KB
3 secureoffice.us
us.hsbc.secureoffice.us
4 KB
21 2
Domain Requested by
12 www.security.us.hsbc.com us.hsbc.secureoffice.us
3 us.hsbc.secureoffice.us 2 redirects
21 2

This site contains no links.

Subject Issuer Validity Valid
us.hsbc.secureoffice.us
Let's Encrypt Authority X3		 2019-12-23 -
2020-03-22		 3 months crt.sh
www.security.us.hsbc.com
DigiCert SHA2 Extended Validation Server CA		 2019-12-11 -
2021-01-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
Frame ID: 2B4AFF236DD9A4FA7B5F05630866F7A2
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://us.hsbc.secureoffice.us/ HTTP 302
    https://us.hsbc.secureoffice.us/2019.php HTTP 302
    https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^"]+lightbox(?:\.min)?\.css/i

Page Statistics

21
Requests

62 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

562 kB
Transfer

738 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://us.hsbc.secureoffice.us/ HTTP 302
    https://us.hsbc.secureoffice.us/2019.php HTTP 302
    https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Account_Security_Review.php
us.hsbc.secureoffice.us/
Redirect Chain
  • https://us.hsbc.secureoffice.us/
  • https://us.hsbc.secureoffice.us/2019.php
  • https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.92.198 Cheyenne, United States, ASN53667 (PONYNET - FranTech Solutions, US),
Reverse DNS
Software
LiteSpeed / PHP/5.6.40
Resource Hash
610006540309a359afaf1cb3b4aa89eb2702ff9f1541b86d5db93de3b8891195

Request headers

:method
GET
:authority
us.hsbc.secureoffice.us
:scheme
https
:path
/Account_Security_Review.php?id=Validate_Your_Account
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
x-powered-by
PHP/5.6.40
content-type
text/html; charset=UTF-8
content-encoding
br
vary
Accept-Encoding
date
Mon, 23 Dec 2019 07:24:20 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000

Redirect headers

status
302
x-powered-by
PHP/5.6.40
location
Account_Security_Review.php?id=Validate_Your_Account
content-type
text/html; charset=UTF-8
content-length
0
date
Mon, 23 Dec 2019 07:24:20 GMT
server
LiteSpeed
cache-control
no-cache, no-store, must-revalidate, max-age=0
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
ursula.css
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/ 		203 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/ursula.css
Requested by
Host: us.hsbc.secureoffice.us
URL: https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.113.4.156 , United States, ASN26381 (HSBC-COM - HSBC Technology & Services (USA) Inc, US),
Reverse DNS
Software
/
Resource Hash
d4e89bcf7befec2035e88004a5111ffa225876fd35ac6e006307d7d2adea8f35
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options sameorigin

Request headers

Referer
https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:24:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Nov 2019 05:42:20 GMT
X-Frame-Options
sameorigin
ETag
"32cfb-59798693d4700"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
S
NL811_SaaSIP
Keep-Alive
timeout=5, max=100
Content-Length
36198
Expires
Mon, 30 Dec 2019 07:24:21 GMT
lightbox.css
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/lightbox.css
Requested by
Host: us.hsbc.secureoffice.us
URL: https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.113.4.156 , United States, ASN26381 (HSBC-COM - HSBC Technology & Services (USA) Inc, US),
Reverse DNS
Software
/
Resource Hash
230cef2686d3b803510563b213981add803c573d83c2be597f80482c8ea468da

Request headers

Referer
https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:24:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Nov 2019 05:42:20 GMT
ETag
"189d-59798693d4700"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
S
VH745_SaaSIP
Keep-Alive
timeout=5, max=100
Content-Length
1549
Expires
Mon, 30 Dec 2019 07:24:21 GMT
hsbc-logo.gif
www.security.us.hsbc.com/ContentService/gsp/saas/Components/default/doc/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.security.us.hsbc.com/ContentService/gsp/saas/Components/default/doc/hsbc-logo.gif
Requested by
Host: us.hsbc.secureoffice.us
URL: https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.113.4.156 , United States, ASN26381 (HSBC-COM - HSBC Technology & Services (USA) Inc, US),
Reverse DNS
Software
/
Resource Hash
3ca4c611122139116732aafee0d6b732e940db7f9af0ec85d2e587b3081cfde4
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options sameorigin

Request headers

Referer
https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:24:21 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/gif
CONTENT_RESOURCE_PATH
gsp/saas/Components/default/doc/hsbc-logo.gif
Connection
Keep-Alive
Content-Length
3160
Keep-Alive
timeout=5, max=99
Last-Modified
Thu, 02 May 2019 06:24:52 GMT
X-Frame-Options
sameorigin
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Language
en-US
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
S
VH744_SaaSIP
Access-Control-Allow-Headers
x-requested-with
Expires
Wed, 22 Jan 2020 07:24:21 GMT
ehl_logo_wht_13x10.png
www.security.us.hsbc.com/ContentService/gsp/saas/Components/default/doc/ 		998 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.security.us.hsbc.com/ContentService/gsp/saas/Components/default/doc/ehl_logo_wht_13x10.png?SAGG=gsp_us
Requested by
Host: us.hsbc.secureoffice.us
URL: https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.113.4.156 , United States, ASN26381 (HSBC-COM - HSBC Technology & Services (USA) Inc, US),
Reverse DNS
Software
/
Resource Hash
21bbdc0fe361be78bc1d1993c6d68b2613005146f41a2f7642639a5d32e19028
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options sameorigin

Request headers

Referer
https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:24:21 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/png
CONTENT_RESOURCE_PATH
gsp_hbus/saas/Components/default/doc/ehl_logo_wht_13x10.png
Connection
Keep-Alive
Content-Length
998
Keep-Alive
timeout=5, max=95
Last-Modified
Mon, 18 Nov 2019 05:40:38 GMT
X-Frame-Options
sameorigin
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Language
en-US
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
S
NL810_SaaSIP
Access-Control-Allow-Headers
x-requested-with
Expires
Wed, 22 Jan 2020 07:24:21 GMT
print.css
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/ 		682 B
906 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/print.css
Requested by
Host: us.hsbc.secureoffice.us
URL: https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.113.4.156 , United States, ASN26381 (HSBC-COM - HSBC Technology & Services (USA) Inc, US),
Reverse DNS
Software
/
Resource Hash
f321f624778a65b7fd3f7f1ff6d05d1491853d43dfd7c7f9368879c96b68923e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options sameorigin

Request headers

Referer
https://us.hsbc.secureoffice.us/Account_Security_Review.php?id=Validate_Your_Account
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:24:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Nov 2019 05:42:20 GMT
X-Frame-Options
sameorigin
ETag
"2aa-59798693d4700"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
S
VH746_SaaSIP
Keep-Alive
timeout=5, max=95
Content-Length
357
Expires
Mon, 30 Dec 2019 07:24:21 GMT
top.gif
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/images/background/ 		54 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/images/background/top.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.113.4.156 , United States, ASN26381 (HSBC-COM - HSBC Technology & Services (USA) Inc, US),
Reverse DNS
Software
/
Resource Hash
bf266f02007642c1b71807c6b399ee1268d8a5a36b8d03162bce1fa222942c98
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options sameorigin

Request headers

Referer
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/ursula.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:24:21 GMT
Last-Modified
Mon, 18 Nov 2019 05:42:28 GMT
X-Frame-Options
sameorigin
ETag
"36-5979869b75900"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
S
NL811_SaaSIP
Keep-Alive
timeout=5, max=99
Content-Length
54
Expires
Wed, 22 Jan 2020 07:24:21 GMT
background.jpg
www.security.us.hsbc.com/gsp/saas/Components/default/resources/images/background/ 		504 KB
504 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/images/background/background.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.113.4.156 , United States, ASN26381 (HSBC-COM - HSBC Technology & Services (USA) Inc, US),
Reverse DNS
Software
/
Resource Hash
de3d97e032670a85e7ca5fb03c15e872dff225b284593db22d79aaa07ccf8116
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options sameorigin

Request headers

Referer
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/ursula.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:24:21 GMT
Last-Modified
Mon, 18 Nov 2019 05:42:18 GMT
X-Frame-Options
sameorigin
ETag
"7e005-59798691ec280"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
S
NL811_SaaSIP
Keep-Alive
timeout=5, max=100
Content-Length
516101
Expires
Wed, 22 Jan 2020 07:24:21 GMT
UniversNextforHSBCW02-Bd.woff
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/ 		0
0
bg_gradient_red.gif
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/images/masthead/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/images/masthead/bg_gradient_red.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.113.4.156 , United States, ASN26381 (HSBC-COM - HSBC Technology & Services (USA) Inc, US),
Reverse DNS
Software
/
Resource Hash
9bcbc0ff19ab678085c819498dbb667ad36a1862b0fa3dd8ae8c19e93f0f5ff7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options sameorigin

Request headers

Referer
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/ursula.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:24:21 GMT
Last-Modified
Mon, 18 Nov 2019 05:42:28 GMT
X-Frame-Options
sameorigin
ETag
"4f5-5979869b75900"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
S
NL811_SaaSIP
Keep-Alive
timeout=5, max=100
Content-Length
1269
Expires
Wed, 22 Jan 2020 07:24:21 GMT
UniversNextforHSBCW02-Rg.woff
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/ 		0
0
UniversNextforHSBCW02-Th.woff
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/ 		0
0
UniversNextforHSBCW02-Lt.woff
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/ 		0
0
icon-important.png
www.security.us.hsbc.com/gsp/saas/Components/default/resources/images/background/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/images/background/icon-important.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.113.4.156 , United States, ASN26381 (HSBC-COM - HSBC Technology & Services (USA) Inc, US),
Reverse DNS
Software
/
Resource Hash
4e873d2e039671b18917d7e43c26cbeb94fea1f0db4affc090990b9a80b01347
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options sameorigin

Request headers

Referer
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/ursula.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:24:21 GMT
Last-Modified
Mon, 18 Nov 2019 05:42:18 GMT
X-Frame-Options
sameorigin
ETag
"4d1-59798691ec280"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
S
NL811_SaaSIP
Keep-Alive
timeout=5, max=98
Content-Length
1233
Expires
Wed, 22 Jan 2020 07:24:21 GMT
contact.png
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/images/footer/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/images/footer/icons/contact.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.113.4.156 , United States, ASN26381 (HSBC-COM - HSBC Technology & Services (USA) Inc, US),
Reverse DNS
Software
/
Resource Hash
6197f7ae191cb4b28ec55b5cf74a92db66a1a8e43f76abe3863ab3c51cb7667b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options sameorigin

Request headers

Referer
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/ursula.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:24:21 GMT
Last-Modified
Mon, 18 Nov 2019 05:42:30 GMT
X-Frame-Options
sameorigin
ETag
"65b-5979869d5dd80"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
S
NL811_SaaSIP
Keep-Alive
timeout=5, max=98
Content-Length
1627
Expires
Wed, 22 Jan 2020 07:24:21 GMT
branch.png
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/images/footer/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/images/footer/icons/branch.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.113.4.156 , United States, ASN26381 (HSBC-COM - HSBC Technology & Services (USA) Inc, US),
Reverse DNS
Software
/
Resource Hash
82fa45a014c9faa9885c4338e07e44de3028b9c6982202490d0ee695e72da691
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options sameorigin

Request headers

Referer
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/ursula.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:24:21 GMT
Last-Modified
Mon, 18 Nov 2019 05:42:30 GMT
X-Frame-Options
sameorigin
ETag
"724-5979869d5dd80"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
S
NL811_SaaSIP
Keep-Alive
timeout=5, max=99
Content-Length
1828
Expires
Wed, 22 Jan 2020 07:24:21 GMT
support.png
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/images/footer/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/images/footer/icons/support.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.113.4.156 , United States, ASN26381 (HSBC-COM - HSBC Technology & Services (USA) Inc, US),
Reverse DNS
Software
/
Resource Hash
e77ae5d5258964f58d0a4370abeed852837a0f274ea6c8948b146f4c0c9fee67
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options sameorigin

Request headers

Referer
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/ursula.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:24:21 GMT
Last-Modified
Mon, 18 Nov 2019 05:42:30 GMT
X-Frame-Options
sameorigin
ETag
"5da-5979869d5dd80"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
S
NL811_SaaSIP
Keep-Alive
timeout=5, max=100
Content-Length
1498
Expires
Wed, 22 Jan 2020 07:24:21 GMT
UniversNextforHSBCW02-Bd.ttf
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/ 		0
0
UniversNextforHSBCW02-Rg.ttf
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/ 		0
0
UniversNextforHSBCW02-Lt.ttf
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/ 		0
0
UniversNextforHSBCW02-Th.ttf
www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.security.us.hsbc.com
URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/UniversNextforHSBCW02-Bd.woff
Domain
www.security.us.hsbc.com
URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/UniversNextforHSBCW02-Rg.woff
Domain
www.security.us.hsbc.com
URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/UniversNextforHSBCW02-Th.woff
Domain
www.security.us.hsbc.com
URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/UniversNextforHSBCW02-Lt.woff
Domain
www.security.us.hsbc.com
URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/UniversNextforHSBCW02-Bd.ttf
Domain
www.security.us.hsbc.com
URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/UniversNextforHSBCW02-Rg.ttf
Domain
www.security.us.hsbc.com
URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/UniversNextforHSBCW02-Lt.ttf
Domain
www.security.us.hsbc.com
URL
https://www.security.us.hsbc.com/gsp/saas/Components/default/resources/script/libraries/hsbc/widget/themes/ursula/fonts/UniversNextforHSBCW02-Th.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: HSBC (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies