ScamLens analyzed office365-login.com using 90+ threat intelligence sources and assigned a trust score of 10/100, classifying it as dangerous.
Trust Score: 10/100
Risk Level: Dangerous
This domain behaves more like an impersonation or spoofing entry point. Do not log in, pay, or call any number shown on the site before you preserve the spoofing and communication evidence.
Quick Answer
This domain behaves more like an impersonation or spoofing entry point. Do not log in, pay, or call any number shown on the site before you preserve the spoofing and communication evidence.
Positive Signals
- + Google Safe Browsing: Safe
- + HTTPS encryption supported
Concerns
- - Domain registered only 5 month ago
- - 2 security sources flagged as suspicious
Score Breakdown
Was this assessment accurate?
office365-login.com is confirmed malicious
Multiple threat-intelligence feeds agree this domain is dangerous. Treat any data you entered as compromised.
- Close the tab immediatelyContinued browsing increases the chance of drive-by downloads, exploit kits, or session hijacking.
- Run a full antivirus / malware scanIf the site loaded scripts, scan your device. Update your OS and browser to the latest version first.
- Change passwords for any account you enteredRotate the password and enable two-factor authentication on the real site. Watch for unauthorised charges over the next 30 days.
- Report the incidentReporting helps blocklists update faster and protects other potential victims.
Trust but verify — open this domain on unrelated security services and compare the verdict.
Threat-intelligence sources
Checked across 28 sources — 2 flagged this domain
Show source breakdown
Threat-intelligence sources
Checked across 28 sources — 2 flagged this domain
- safe_browsing clean
- urlhaus clean
- cloudflare_radar clean
- cert_transparency clean
- alienvault_otx info
- phishstats clean
- virustotal clean
- ipqs clean
- abuseipdb clean
- securitytrails clean
- phishdestroy clean
- threatfox clean
- shodan_internetdb flagged
- phishtank clean
- urlscan clean
- rdap clean
- maltiverse clean
- dnsbl clean
- dns_security flagged
- wanted_domains clean
- darkweb clean
- openphish clean
- scam_blocklist clean
- maltrail clean
- crypto_scam_feed clean
- phishing_army clean
- hagezi_tif clean
- red_flag_domains clean
ScamLens aggregates real-time signals from 90+ commercial and open-source threat-intelligence providers including Google Safe Browsing, VirusTotal, PhishTank, URLhaus, ThreatFox, Cloudflare Radar, OTX, IPQS, GoPlus, Honeypot.is, and more. A flagged signal is evidence; the absence of flags is not proof of safety. Use the signals below alongside community reports to decide.
Advanced Scan
Comprehensive data lookup across premium sources
- Website history verification
- Detailed WHOIS information
- Reverse WHOIS association
- Traffic rank analysis
- Company registration check
AI Deep Investigation
Cross-check the story, claims, and supporting evidence before you decide
- Everything in Advanced Scan
- AI website content analysis
- AI cross-reference verification
- Claim authenticity validation
- Detailed report with evidence
Comprehensive Investigation
Full-spectrum investigation with company deep search & social intelligence
- Everything in Deep Investigation
- AI company background search
- Social media intelligence
- Detailed suspicious point analysis
- Event timeline & entity connections
This analysis is for informational purposes only and does not constitute a legal determination.
Security Sources
Domain Information
- Registrar
- Mesh Digital Limited
- Created
- January 5, 2026
- Expires
- January 5, 2027
- Domain Age
- 5 months
- DNSSEC
- Disabled
- Nameservers
- AMOS.NS.CLOUDFLARE.COM, IMANI.NS.CLOUDFLARE.COM
- Domain Status
- client delete prohibited client transfer prohibited client update prohibited
SSL/TLS Certificate
No data available
Server Information
- IP Address
- 172.67.172.224
- Hosting Provider
- Cloudflare, Inc.
- ASN
- AS13335 Cloudflare, Inc.
- Server Location
- Toronto, Canada
- Organization
- Cloudflare, Inc.
Related Intelligence
Technical Details (DNS / Headers / Subdomains)
DNS Records
Email Security
SPF Configured DMARC Configured| Type | Value |
|---|---|
| A | 172.67.172.224 |
| A | 104.21.30.115 |
| AAAA | 2606:4700:3033::ac43:ace0 |
| AAAA | 2606:4700:3036::6815:1e73 |
| MX | 0 smtp.secureserver.net |
| MX | 10 mailstore1.secureserver.net |
| NS | amos.ns.cloudflare.com |
| NS | imani.ns.cloudflare.com |
| TXT | v=spf1 include:secureserver.net -all |
HTTP Security Headers
Channels / Subdomains
No data available
Community Reports
Log in to report and share your experience
Report & Take Down This Website
Impersonation / Spoofing Risk
This domain behaves more like an impersonation entry point. Preserve the spoofing and communication evidence first
If the domain is impersonating a brand, support flow, or official login, the key is to keep the domain, landing page, email, chat, and payment path inside one case package.
Recommended First
Move into the website-reporting flow
Use the reporting path first to preserve the domain, screenshots, chat trail, and payment-page evidence.
If you were affected, move into the action plan
If you already logged in, paid, installed software, or shared data, use the victim action plan to prioritize the response.
Verify the impersonated brand or entity
Confirm exactly which platform, merchant, or support identity is being spoofed.
Add the email and chat evidence
Preserve the email, support conversation, and any callback instructions together.
The results are based on multiple third-party data sources and AI models. False positives or negatives may occur. This report should not be used as the sole basis for any decision. Please verify with additional sources.
Preserve the account and payment evidence first
If you already logged in, paid, or shared data, move into the victim action plan first and then complete the formal report.
For impersonation sites, the priority is not more browsing. It is evidence preservation and loss containment.
Related Security Guides
Learn more about how to protect yourself from this type of threat.
FAQ
Is office365-login.com safe to visit?
office365-login.com received a trust score of 10/100 from ScamLens, indicating high risk. 1 threat intelligence sources flagged this domain as potentially dangerous. We strongly advise against visiting or sharing personal information.
Was office365-login.com flagged by any threat databases?
office365-login.com was flagged by 1 out of 30+ threat intelligence sources. Specifically flagged by: dns_security. The detected threat categories include: general threat.
How old is office365-login.com?
office365-login.com was first registered on January 5, 2026, making it approximately 5 months old. While relatively new, the domain has been active for several months.
Does office365-login.com use HTTPS and have a valid SSL certificate?
ScamLens could not verify the SSL certificate details for office365-login.com during this scan. Treat this as unavailable evidence, not as proof that the site is safe or unsafe.
What security headers does office365-login.com implement?
No security header information was available for office365-login.com.
What does the ScamLens community think about office365-login.com?
No community votes or reports have been submitted for office365-login.com yet. You can be the first to share your experience.
Where is office365-login.com hosted?
office365-login.com is hosted by Cloudflare, Inc. in Toronto, Canada (ASN: ASAS13335 Cloudflare, Inc.).
Is this report useful?
Use this report to warn others to stop logging in, paying, or contacting the listed support before they verify it.
Forward to your parents — they deserve to browse safely too.
About this analysis
This report is generated from real-time data across 90+ threat intelligence sources, combined with AI analysis and community feedback.
Learn about our scoring methodology | Last analyzed: April 23, 2026
All Mesh Digital Limited domains All Cloudflare, Inc. domains