office365toolz.com Open in urlscan Pro
45.141.152.18 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://office365toolz.com/
Submission: On September 20 via manual (September 20th 2020, 11:51:18 pm UTC) from PH

Summary HTTP 21 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 45.141.152.18, located in Romania and belongs to M247, GB. The main domain is office365toolz.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 20th 2020. Valid for: 3 months.

This is the only time office365toolz.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
16	45.141.152.18 45.141.152.18	9009 (M247) (M247)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
21	6

16 45.141.152.18 (Romania)

ASN9009 (M247, GB)

office365toolz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	office365toolz.com office365toolz.com	426 KB
2	unpkg.com 1 redirects unpkg.com	5 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
1	wikimedia.org upload.wikimedia.org	106 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	23 KB
21	5

	Domain	Requested by
16	office365toolz.com	office365toolz.com
2	unpkg.com	1 redirects office365toolz.com
2	cdnjs.cloudflare.com	office365toolz.com cdnjs.cloudflare.com
1	upload.wikimedia.org	office365toolz.com
1	maxcdn.bootstrapcdn.com	office365toolz.com
21	5

This site contains links to these domains. Also see Links.

Domain
t.me
icq.im
mega.nz

Subject Issuer	Validity	Valid
office365toolz.com cPanel, Inc. Certification Authority	`2020-07-20` - `2020-10-18`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-10-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://office365toolz.com/
Frame ID: 622801F78BB5D5F96057551060CA0B4D
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

21
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

641 kB
Transfer

2183 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/lightangels007

Search URL Search Domain Scan URL

URL: https://icq.im/726587079

Search URL Search Domain Scan URL

URL: https://mega.nz/file/9KJUxa7D#5MHQmQ7sZORVL3rRCYg5G_p5U-GOycXMNz70yLrBSsw
Title: Download

Search URL Search Domain Scan URL

URL: https://mega.nz/file/NGhXyI4S#uxxlif54sx7TQPWIkLBnW2yDKAUnlvnw3Nl99Q-BBKA
Title: Download

Search URL Search Domain Scan URL

URL: https://mega.nz/file/gSoxGCAL#iGfTKsfMM645aivhbKhk0zcEFFGNkETivJDN3hJp01o
Title: Download

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://unpkg.com/react/umd/react.production.min.js HTTP 302
https://unpkg.com/react@16.13.1/umd/react.production.min.js

21 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
office365toolz.com/ 4 KB
2 KB 126ms
37ms Document
text/html 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7de8743fa3c35acb12695e0b74ca600c5a197563d359368a99521fb812311abc

Request headers

:method: GET
:authority: office365toolz.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html
last-modified: Wed, 13 Nov 2019 21:12:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1582
date: Sun, 20 Sep 2020 23:51:00 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
23 KB 27ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: office365toolz.com
URL: https://office365toolz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://office365toolz.com
Referer: https://office365toolz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 23:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:40:50 GMT
status: 200
etag: "1550076050"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23237

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 16ms
13ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: office365toolz.com
URL: https://office365toolz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://office365toolz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 23:51:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 347873
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 054f86a4870000c3037b3af200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5d5f73b408e6c303-FRA
expires: Fri, 10 Sep 2021 23:51:00 GMT

GET
H2 200 main.b34f3595.chunk.css
office365toolz.com/static/css/ 75 B
175 B 340ms
36ms Stylesheet
text/css 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/static/css/main.b34f3595.chunk.css
Requested by: Host: office365toolz.com
URL: https://office365toolz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f3dde24eb88aa2a884195af3a344f60e157b0ca5f36e139f97e4ceab1bf77dcb

Request headers

Referer: https://office365toolz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 23:51:00 GMT
last-modified: Wed, 13 Nov 2019 20:08:22 GMT
server: LiteSpeed
content-type: text/css
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 75
expires: Sun, 27 Sep 2020 23:51:00 GMT

GET
H2

200

react.production.min.js Show response
unpkg.com/react@16.13.1/umd/
Redirect Chain

https://unpkg.com/react/umd/react.production.min.js
https://unpkg.com/react@16.13.1/umd/react.production.min.js

12 KB
5 KB

16ms
16ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@16.13.1/umd/react.production.min.js

Requested by

Host: office365toolz.com
URL: https://office365toolz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9486f126615859fc61ac84840a02b2efc920d287a71d99d708c74b2947750fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://office365toolz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 23:51:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7017392
status: 200
vary: Accept-Encoding
cf-request-id: 054f86a4a200002b2915119200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"30af-MctM6gBk7YDBsMX11Y4ZVqfiKT8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 04ccd3603ac6bdbdc7346789ddc32675
cache-control: public, max-age=31536000
cf-ray: 5d5f73b43cef2b29-FRA

Redirect headers

date: Sun, 20 Sep 2020 23:51:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 259
status: 302
vary: Accept, Accept-Encoding
content-length: 64
cf-request-id: 054f86a49600002b2915118200000001
access-control-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
location: /react@16.13.1/umd/react.production.min.js
x-cloud-trace-context: 4ffd75f607e3407fe4552d6e31d44346
cache-control: public, s-maxage=600, max-age=60
cf-ray: 5d5f73b42ccd2b29-FRA

GET
H2 200 2.75740b65.chunk.js Show response
office365toolz.com/static/js/ 191 KB
56 KB 341ms
38ms Script
application/javascript 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/static/js/2.75740b65.chunk.js
Requested by: Host: office365toolz.com
URL: https://office365toolz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 021e63312983558b6ae5e22fbe4d921b8aa1d637b07da99c1c11759b011deab4

Request headers

Referer: https://office365toolz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 23:51:00 GMT
content-encoding: br
last-modified: Wed, 13 Nov 2019 20:08:22 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 57584
expires: Sun, 27 Sep 2020 23:51:00 GMT

GET
H2 200 main.a1392a86.chunk.js Show response
office365toolz.com/static/js/ 13 KB
3 KB 393ms
90ms Script
application/javascript 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/static/js/main.a1392a86.chunk.js
Requested by: Host: office365toolz.com
URL: https://office365toolz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 195dd8cd42e160963d30d597dfc4edc26b64c68a2222d7bf092a395b1ca42e4c

Request headers

Referer: https://office365toolz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 23:51:00 GMT
content-encoding: br
last-modified: Tue, 19 May 2020 08:39:09 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3488
expires: Sun, 27 Sep 2020 23:51:00 GMT

GET
H2 200 background.jpg
office365toolz.com/ 277 KB
277 KB 339ms
37ms Image
image/jpeg 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office365toolz.com/background.jpg
Requested by: Host: office365toolz.com
URL: https://office365toolz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb

Request headers

Referer: https://office365toolz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 23:51:01 GMT
last-modified: Fri, 20 Sep 2019 02:37:33 GMT
server: LiteSpeed
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 283351
expires: Sun, 27 Sep 2020 23:51:01 GMT

GET
H2 200 Microsoft-Logo-PNG.png
office365toolz.com/ 24 KB
24 KB 339ms
37ms Image
image/png 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office365toolz.com/Microsoft-Logo-PNG.png
Requested by: Host: office365toolz.com
URL: https://office365toolz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cd6e23f8fccf8705ed9cefda2a81a1075a0d3d4a9010098a0b271a33134590c4

Request headers

Referer: https://office365toolz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 23:51:01 GMT
last-modified: Fri, 20 Sep 2019 02:37:30 GMT
server: LiteSpeed
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 24368
expires: Sun, 27 Sep 2020 23:51:01 GMT

GET
H2 200 jabber_protocol.png
office365toolz.com/ 11 KB
11 KB 348ms
46ms Image
image/png 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office365toolz.com/jabber_protocol.png
Requested by: Host: office365toolz.com
URL: https://office365toolz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 2b60dabd8e8fabc26b5819face0961c9bf86d0ce6c2bdb2930c9eee51eaa32f3

Request headers

Referer: https://office365toolz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 23:51:01 GMT
last-modified: Fri, 20 Sep 2019 02:37:31 GMT
server: LiteSpeed
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11050
expires: Sun, 27 Sep 2020 23:51:01 GMT

GET
H2 200 1200px-Papirus-64-apps-icq.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/c/cd/Papirus-64-apps-icq.svg/ 105 KB
106 KB 43ms
15ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/c/cd/Papirus-64-apps-icq.svg/1200px-Papirus-64-apps-icq.svg.png

Requested by

Host: office365toolz.com
URL: https://office365toolz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

9aa040c422a3076c691d0e831e19ef7a22c6cc0da60b73be5128e414d41bbfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://office365toolz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 09:45:10 GMT
age: 50750
x-cache-status: hit-front
x-cache: cp3063 hit, cp3061 hit/17
status: 200
server-timing: cache;desc="hit-front"
content-length: 108029
x-client-ip: 2a01:4f8:192:5414::2
last-modified: Wed, 27 Feb 2019 14:42:21 GMT
server: ATS/8.0.8
etag: 2fa768f365536d8cd460eff6e61f67a4
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1551278540.54482
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 27ms
14ms Font
application/octet-stream 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Origin: https://office365toolz.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 23:51:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 955655
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 054f86a6450000d6edd228c200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5d5f73b6dd40d6ed-FRA
expires: Fri, 10 Sep 2021 23:51:00 GMT

GET
H2 206 vid1.mp4
office365toolz.com/ 353 KB
0 337ms
36ms Media
video/mp4 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/vid1.mp4
Requested by: Host: office365toolz.com
URL: https://office365toolz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://office365toolz.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

status: 206
date: Sun, 20 Sep 2020 23:51:01 GMT
Content-Range: bytes 0-16124566/16124567
last-modified: Sun, 01 Sep 2019 19:07:50 GMT
server: LiteSpeed
Content-Length: 16124567
content-type: video/mp4

GET
H2 206 vid2.mp4
office365toolz.com/ 64 KB
0 360ms
59ms Media
video/mp4 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/vid2.mp4
Requested by: Host: office365toolz.com
URL: https://office365toolz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://office365toolz.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

status: 206
date: Sun, 20 Sep 2020 23:51:01 GMT
Content-Range: bytes 0-2248712/2248713
last-modified: Sun, 01 Sep 2019 19:07:15 GMT
server: LiteSpeed
Content-Length: 2248713
content-type: video/mp4

GET
H2 206 vid3.mp4
office365toolz.com/ 192 KB
0 360ms
59ms Media
video/mp4 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/vid3.mp4
Requested by: Host: office365toolz.com
URL: https://office365toolz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://office365toolz.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

status: 206
date: Sun, 20 Sep 2020 23:51:01 GMT
Content-Range: bytes 0-8293131/8293132
last-modified: Sat, 14 Sep 2019 21:34:24 GMT
server: LiteSpeed
Content-Length: 8293132
content-type: video/mp4

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 vid2.mp4
office365toolz.com/ 52 KB
52 KB 721ms
418ms Media
video/mp4 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/vid2.mp4
Requested by: Host: office365toolz.com
URL: https://office365toolz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash: da098ebf0c2910468a8321324afb8b355d24230196f09581e75c39cb246975f6

Request headers

Referer: https://office365toolz.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=2195456-

Response headers

status: 206
date: Sun, 20 Sep 2020 23:51:01 GMT
Content-Range: bytes 2195456-2248712/2248713
last-modified: Sun, 01 Sep 2019 19:07:15 GMT
server: LiteSpeed
Content-Length: 53257
content-type: video/mp4

GET
H2 206 vid3.mp4
office365toolz.com/ 64 KB
0 673ms
370ms Media
video/mp4 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/vid3.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://office365toolz.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=196608-

Response headers

status: 206
date: Sun, 20 Sep 2020 23:51:01 GMT
Content-Range: bytes 196608-8293131/8293132
last-modified: Sat, 14 Sep 2019 21:34:24 GMT
server: LiteSpeed
Content-Length: 8096524
content-type: video/mp4

GET
H2 206 vid1.mp4
office365toolz.com/ 112 KB
0 670ms
369ms Media
video/mp4 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/vid1.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://office365toolz.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=360448-

Response headers

status: 206
date: Sun, 20 Sep 2020 23:51:01 GMT
Content-Range: bytes 360448-16124566/16124567
last-modified: Sun, 01 Sep 2019 19:07:50 GMT
server: LiteSpeed
Content-Length: 15764119
content-type: video/mp4

GET
H2 206 vid2.mp4
office365toolz.com/ 128 KB
0 338ms
37ms Media
video/mp4 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/vid2.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://office365toolz.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=65536-

Response headers

status: 206
date: Sun, 20 Sep 2020 23:51:02 GMT
Content-Range: bytes 65536-2248712/2248713
last-modified: Sun, 01 Sep 2019 19:07:15 GMT
server: LiteSpeed
Content-Length: 2183177
content-type: video/mp4

GET
H2 206 vid1.mp4
office365toolz.com/ 128 KB
0 426ms
125ms Media
video/mp4 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/vid1.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://office365toolz.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=458752-

Response headers

status: 206
date: Sun, 20 Sep 2020 23:51:02 GMT
Content-Range: bytes 458752-16124566/16124567
last-modified: Sun, 01 Sep 2019 19:07:50 GMT
server: LiteSpeed
Content-Length: 15665815
content-type: video/mp4

GET
H2 206 vid1.mp4
office365toolz.com/ 192 KB
0 337ms
36ms Media
video/mp4 45.141.152.18
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://office365toolz.com/vid1.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.152.18 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://office365toolz.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=589824-

Response headers

status: 206
date: Sun, 20 Sep 2020 23:51:02 GMT
Content-Range: bytes 589824-16124566/16124567
last-modified: Sun, 01 Sep 2019 19:07:50 GMT
server: LiteSpeed
Content-Length: 15534743
content-type: video/mp4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| React object| webpackJsonphellion_website_08292019

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
maxcdn.bootstrapcdn.com
office365toolz.com
unpkg.com
upload.wikimedia.org
2001:4de0:ac19::1:b:1b
2606:4700::6810:7eaf
2606:4700::6811:4f6b
2620:0:862:ed1a::2:b
45.141.152.18
021e63312983558b6ae5e22fbe4d921b8aa1d637b07da99c1c11759b011deab4
195dd8cd42e160963d30d597dfc4edc26b64c68a2222d7bf092a395b1ca42e4c
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
2b60dabd8e8fabc26b5819face0961c9bf86d0ce6c2bdb2930c9eee51eaa32f3
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7de8743fa3c35acb12695e0b74ca600c5a197563d359368a99521fb812311abc
9aa040c422a3076c691d0e831e19ef7a22c6cc0da60b73be5128e414d41bbfce
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
c9486f126615859fc61ac84840a02b2efc920d287a71d99d708c74b2947750fe
cd6e23f8fccf8705ed9cefda2a81a1075a0d3d4a9010098a0b271a33134590c4
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
da098ebf0c2910468a8321324afb8b355d24230196f09581e75c39cb246975f6
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f3dde24eb88aa2a884195af3a344f60e157b0ca5f36e139f97e4ceab1bf77dcb

office365toolz.com Open in urlscan Pro 45.141.152.18 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

641 kBTransfer

2183 kBSize

0 Cookies

5 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

office365toolz.com Open in urlscan Pro
45.141.152.18 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

641 kB
Transfer

2183 kB
Size

0
Cookies

21 HTTP transactions
7 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!