# microsoftoffice2021licensed.pages.dev — SUSPICIOUS > PhishDestroy flags microsoftoffice2021licensed.pages.dev as a Microsoft Office license scam. 3/95 VirusTotal detections confirm crypto-drainer risk. ## Summary PhishDestroy identifies microsoftoffice2021licensed.pages.dev as an active brand-impersonation scam purporting to sell legitimate Microsoft Office 2021 licenses. The domain uses Cloudflare Pages hosting to mimic Microsoft’s corporate branding and lure victims into purchasing counterfeit software keys that may trigger crypto-drainer malware upon “activation.” The scam page is a direct impersonation of Microsoft’s software licensing portal, crafted to exploit user trust in the Microsoft brand. This domain was flagged by 3 of 95 VirusTotal security vendors on first submission. It resolves to IP 172.66.47.98 and is served via a Google Trust Services SSL certificate. Registered through Cloudflare, Inc., the domain remains unblocked by Google Safe Browsing as of the latest scan. No drainer kit artifacts or malicious JavaScript payloads have been extracted yet, but the combination of brand impersonation and suspicious IP reputation elevates the risk of credential theft or crypto theft upon interaction. As of today, the site remains active and accessible. PhishDestroy has issued an immediate block recommendation and notified Cloudflare’s abuse team. Users should treat this domain as malicious; avoid any interaction and verify unknown domains via PhishDestroy before entering personal or financial information. The risk level remains elevated due to active hosting and the absence of global takedown action. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Microsoft ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.98 ## Detection Status - VirusTotal: 3 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/6500fa46-8d0d-40ae-89c1-be7d86060f67 - PhishDestroy: https://phishdestroy.io/domain/microsoftoffice2021licensed.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/microsoftoffice2021licensed.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/microsoftoffice2021licensed.pages.dev/ Last updated: 2026-03-22