urlscan.io logo urlscan.io
SecurityTrails logo

skype.live-honghong.com Open in urlscan Pro
47.238.7.162  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://skype.live-honghong.com/
Submission: On November 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 47.238.7.162, located in Hong Kong, Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is skype.live-honghong.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 16th 2024. Valid for: 3 months.
This is the only time skype.live-honghong.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 47.238.7.162 45102 (ALIBABA-C...)
1 2a02:ec80:300... 14907 (WIKIMEDIA)
1 2606:2800:233... 15133 (EDGECAST)
1 2 199.232.196.193 54113 (FASTLY)
4 4
Apex Domain
Subdomains		 Transfer
2 imgur.com
imgur.com — Cisco Umbrella Rank: 8339
i.imgur.com — Cisco Umbrella Rank: 8961
9 KB
1 msftauth.net
logincdn.msftauth.net — Cisco Umbrella Rank: 4552
2 KB
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 3382
2 KB
1 live-honghong.com
skype.live-honghong.com
6 KB
4 4
Domain Requested by
1 i.imgur.com
1 imgur.com 1 redirects
1 logincdn.msftauth.net skype.live-honghong.com
1 upload.wikimedia.org skype.live-honghong.com
1 skype.live-honghong.com
4 5

This site contains links to these domains. Also see Links.

Domain
signup.live.com
Subject Issuer Validity Valid
skype.htfx.live
ZeroSSL RSA Domain Secure Site CA		 2024-11-16 -
2025-02-14		 3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2024-09-26 -
2025-10-17		 a year crt.sh
identitycdn.msauth.net
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-07 -
2025-06-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://skype.live-honghong.com/
Frame ID: 9DE0675475EB3F3FFC5844050DD5FF8D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft 加入私密会话

Page Statistics

4
Requests

50 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

20 kB
Transfer

23 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://imgur.com/X7tjOJN.png HTTP 302
  • https://i.imgur.com/X7tjOJN.png

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
skype.live-honghong.com/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://skype.live-honghong.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
47.238.7.162 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/ Express
Resource Hash
e5db2040e29c7d1b7d755ba5719fcfa319f6abeac85a39634271bd1e893803f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=0
Connection
keep-alive
Content-Length
6317
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Nov 2024 11:34:44 GMT
ETag
W/"18ad-1933cf4e952"
Keep-Alive
timeout=5
Last-Modified
Mon, 18 Nov 2024 01:48:23 GMT
X-Powered-By
Express
Skype_logo_%282019%E2%80%93present%29.svg
upload.wikimedia.org/wikipedia/commons/6/60/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/6/60/Skype_logo_%282019%E2%80%93present%29.svg
Requested by
Host: skype.live-honghong.com
URL: https://skype.live-honghong.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
envoy /
Resource Hash
f3fdb927fdcea88c27f72e529287c3ec8a0793da9d37475fc4ef29f16234fb9e
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://skype.live-honghong.com/

Response headers

access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
content-encoding
gzip
etag
W/e5f17a88e04dc6f73115f15f52e08f93
age
3386
x-object-meta-sha1base36
4xvp4co2x2xd4aezoco9tdkl275xu2f
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
x-content-type-options
nosniff
server-timing
cache;desc="hit-front", host;desc="cp3080"
x-cache
cp3080 hit, cp3080 hit/1
date
Thu, 21 Nov 2024 10:38:18 GMT
content-type
image/svg+xml
last-modified
Tue, 21 Apr 2020 17:08:52 GMT
vary
Accept-Encoding
x-client-ip
2a01:4a0:1338:92::10
x-cache-status
hit-front
strict-transport-security
max-age=106384710; includeSubDomains; preload
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
1452
server
envoy
microsoft_logo_ee5c8d9fb6248c938fd0.svg
logincdn.msftauth.net/shared/5/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
Requested by
Host: skype.live-honghong.com
URL: https://skype.live-honghong.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF5) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://skype.live-honghong.com/

Response headers

content-md5
nzaLxFgP7ZB3dfMcaybWzw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DB77257FFE6B4E
age
20937703
x-ms-version
2009-09-19
x-cache
HIT
date
Thu, 21 Nov 2024 11:34:44 GMT
content-type
image/svg+xml
last-modified
Tue, 27 Jun 2023 15:45:14 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
1270f0ec-501e-00fe-349b-7d5d6e000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
1435
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CF5)
X7tjOJN.png
i.imgur.com/
Redirect Chain
  • https://imgur.com/X7tjOJN.png
  • https://i.imgur.com/X7tjOJN.png
9 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://i.imgur.com/X7tjOJN.png
Protocol
H2
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
cff5aca3bc0078c183bb9e2ca5b26c190e8f090c9c76517f88792becba56ea1c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://skype.live-honghong.com/

Response headers

etag
"880ec7b4a14d30e1548282c7877c98de"
age
299304
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
YZJxc7QVUg5fC8T8QlMfT7wDUZyhHay2VREVLkqjM2G7gslWTLvNJw==
date
Thu, 21 Nov 2024 11:34:45 GMT
content-type
image/jpeg
last-modified
Mon, 18 Nov 2024 00:26:21 GMT
x-cache-hits
3, 0
x-served-by
cache-iad-kjyo7100119-IAD, cache-fra-etou8220133-FRA
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1732188885.054028,VS0,VE89
accept-ranges
bytes
access-control-allow-origin
*
content-length
8900
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256

Redirect headers

strict-transport-security
max-age=300
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
retry-after
0
location
https://i.imgur.com/X7tjOJN.png
x-timer
S1732188885.005262,VS0,VE0
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
https://imgur.com
x-cache
HIT
content-length
0
date
Thu, 21 Nov 2024 11:34:45 GMT
x-served-by
cache-fra-etou8220133-FRA
x-cache-hits
0
server
cat factory 1.0
x-frame-options
DENY

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies