Submission: On February 11 via automatic , source certstream-suspicious
Summary
The main IP is 50.21.190.80, located in Wayne, United States and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is www.enteroffice365productkey.com.
The TLS certificate was issued by enteroffice365productkey.com on February 11th 2019 with a validity of a year.
This is the first time this domain was scanned on urlscan.io!
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 50.21.190.80 50.21.190.80 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:821::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
10 | 3 |
Domain Subdomains |
Transfer | |
---|---|---|
7 |
enteroffice365productkey.com
|
245 KB |
2 |
google-analytics.com
|
17 KB |
1 |
googletagmanager.com
|
32 KB |
10 | 3 |
Domain | Requested by | |
---|---|---|
7 | www.enteroffice365productkey.com |
www.enteroffice365productkey.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.enteroffice365productkey.com |
1 | www.googletagmanager.com |
www.enteroffice365productkey.com
|
10 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
office.com-setups.co |
officecom-myaccount.com |
office.com-setup.support |
norton.com-setup-install.com |
Subject / Issuer | Validity | Valid |
---|---|---|
enteroffice365productkey.com enteroffice365productkey.com |
2019-02-11 - 2020-02-11 |
a year |
*.google-analytics.com Google Internet Authority G3 |
2019-01-23 - 2019-04-17 |
3 months |
Screenshot

Detected technologies

Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Detected patterns
- html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i

Detected patterns
- env /^google_tag_manager$/i
Stats
0
Requests
0
Ad-blocked
0
Malicious
0
%
HTTPS
0
%
IPv6
0
Domains
0
Subdomains
0
IPs
0
Countries
0
kB
Transfer
0
kB
Size
0
Cookies
4 Outgoing links
These are links going to different origins than the main page. For each link, only the first name is shown.
- http://office.com-setups.co/
Title: Get Started - http://officecom-myaccount.com/
Title: office.com/myaccount - http://office.com-setup.support/
Title: office.com/setup - http://norton.com-setup-install.com/
Title: norton.com/setup
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
|
10 KB 10 KB |
Document text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signin_microsoft_account.png
/img |
25 KB 25 KB |
Image image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
enterproductkey.png
/img |
16 KB 16 KB |
Image image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_office_setup_Box_CD.jpg
/img |
14 KB 14 KB |
Image image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
/css |
111 KB 111 KB |
Stylesheet text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.css
/css |
23 KB 23 KB |
Stylesheet text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Adblocked
js?id=UA-104747039-38
www.googletagmanager.com/gtag |
91 KB 32 KB |
Script application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
01.jpg
/img |
45 KB 45 KB |
Image image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Adblocked
analytics.js
www.google-analytics.com |
43 KB 17 KB |
Script text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Adblocked
collect?v=1&_v=j73&a=240317109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.enteroffice365productkey.com%2F&ul=en-us&de=UTF-8&dt=Enter%20Office%20365%20Product%20Key%20-%20office.com%2Fsetup&sd=24-bit&sr=1...
www.google-analytics.com/r |
35 B 111 B |
Image image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Redirect requests
There were HTTP redirects (301, 302) for the following requests:
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.enteroffice365productkey.com/ | Name: _gat_gtag_UA_104747039_38 Value: 1 |
|
.enteroffice365productkey.com/ | Name: _gid Value: GA1.2.1426061472.1549902957 |
|
.enteroffice365productkey.com/ | Name: _ga Value: GA1.2.2340855.1549902957 |
Indicators of compromise (IoCs)
This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.
www.enteroffice365productkey.com www.google-analytics.com www.googletagmanager.com 2a00:1450:4001:81a::2008 2a00:1450:4001:821::200e 50.21.190.80 06597bedcb45e90117beed7d404f2131364a4938ca163a0d22c31deefea78a0a 069996198808eced427d3a9d738541f35f3a9962d755d428858334d6ac5b078e 310adc72ba081250e238f491795189f67f523a8d27ee9c75477cf36913ab3fba 3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22 53e212aa467f175f43914c29130d8db97fce871c71030a5833ecf1eb70b3cffb 5c0bd885132df6690336e5bd0ed89f48bbeb33f4b9085f80a9ce1e0887b90e86 607c86db6770835558928e39c7ecdc07a1bd1f71aed9be3591a8e62d27ce6238 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 bee88213b485765dd5de0d35aece155805f83e7a74c7f152f091aff156a4093e cc641d37f05ac4d9a8bdc3cddcda29b6256dfb550be95c3c9b8e11db50bf980a