office365toolz.com
Open in
urlscan Pro
45.141.152.18
Malicious Activity!
Public Scan
Submission: On September 20 via manual from PH
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 20th 2020. Valid for: 3 months.
This is the only time office365toolz.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 45.141.152.18 45.141.152.18 | 9009 (M247) (M247) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
2 | 2606:4700::68... 2606:4700::6811:4f6b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 2606:4700::68... 2606:4700::6810:7eaf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2620:0:862:ed... 2620:0:862:ed1a::2:b | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
21 | 6 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
office365toolz.com
office365toolz.com |
426 KB |
2 |
unpkg.com
1 redirects
unpkg.com |
5 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
82 KB |
1 |
wikimedia.org
upload.wikimedia.org |
106 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
23 KB |
21 | 5 |
Domain | Requested by | |
---|---|---|
16 | office365toolz.com |
office365toolz.com
|
2 | unpkg.com |
1 redirects
office365toolz.com
|
2 | cdnjs.cloudflare.com |
office365toolz.com
cdnjs.cloudflare.com |
1 | upload.wikimedia.org |
office365toolz.com
|
1 | maxcdn.bootstrapcdn.com |
office365toolz.com
|
21 | 5 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
office365toolz.com cPanel, Inc. Certification Authority |
2020-07-20 - 2020-10-18 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
cdnjs.cloudflare.com DigiCert ECC Secure Server CA |
2020-08-12 - 2022-08-17 |
2 years | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-02 - 2021-08-02 |
a year | crt.sh |
*.wikipedia.org DigiCert SHA2 High Assurance Server CA |
2019-11-12 - 2020-10-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://office365toolz.com/
Frame ID: 622801F78BB5D5F96057551060CA0B4D
Requests: 28 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Download
Search URL Search Domain Scan URL
Title: Download
Search URL Search Domain Scan URL
Title: Download
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://unpkg.com/react/umd/react.production.min.js HTTP 302
- https://unpkg.com/react@16.13.1/umd/react.production.min.js
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
office365toolz.com/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ |
152 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.b34f3595.chunk.css
office365toolz.com/static/css/ |
75 B 175 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react.production.min.js
unpkg.com/react@16.13.1/umd/ Redirect Chain
|
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.75740b65.chunk.js
office365toolz.com/static/js/ |
191 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.a1392a86.chunk.js
office365toolz.com/static/js/ |
13 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.jpg
office365toolz.com/ |
277 KB 277 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Microsoft-Logo-PNG.png
office365toolz.com/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jabber_protocol.png
office365toolz.com/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1200px-Papirus-64-apps-icq.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/c/cd/Papirus-64-apps-icq.svg/ |
105 KB 106 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
381 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vid1.mp4
office365toolz.com/ |
353 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vid2.mp4
office365toolz.com/ |
64 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vid3.mp4
office365toolz.com/ |
192 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
547 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
178 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
352 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
243 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vid2.mp4
office365toolz.com/ |
52 KB 52 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vid3.mp4
office365toolz.com/ |
64 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vid1.mp4
office365toolz.com/ |
112 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vid2.mp4
office365toolz.com/ |
128 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vid1.mp4
office365toolz.com/ |
128 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vid1.mp4
office365toolz.com/ |
192 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| React object| webpackJsonphellion_website_082920190 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
maxcdn.bootstrapcdn.com
office365toolz.com
unpkg.com
upload.wikimedia.org
2001:4de0:ac19::1:b:1b
2606:4700::6810:7eaf
2606:4700::6811:4f6b
2620:0:862:ed1a::2:b
45.141.152.18
021e63312983558b6ae5e22fbe4d921b8aa1d637b07da99c1c11759b011deab4
195dd8cd42e160963d30d597dfc4edc26b64c68a2222d7bf092a395b1ca42e4c
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
2b60dabd8e8fabc26b5819face0961c9bf86d0ce6c2bdb2930c9eee51eaa32f3
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7de8743fa3c35acb12695e0b74ca600c5a197563d359368a99521fb812311abc
9aa040c422a3076c691d0e831e19ef7a22c6cc0da60b73be5128e414d41bbfce
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
c9486f126615859fc61ac84840a02b2efc920d287a71d99d708c74b2947750fe
cd6e23f8fccf8705ed9cefda2a81a1075a0d3d4a9010098a0b271a33134590c4
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
da098ebf0c2910468a8321324afb8b355d24230196f09581e75c39cb246975f6
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f3dde24eb88aa2a884195af3a344f60e157b0ca5f36e139f97e4ceab1bf77dcb