lagunamusic.com.br
Open in
urlscan Pro
162.144.238.140
Malicious Activity!
Public Scan
Submission: On June 04 via manual from RS — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 8th 2022. Valid for: 3 months.
This is the only time lagunamusic.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 162.144.238.140 162.144.238.140 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 20.190.159.2 20.190.159.2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 2620:1ec:46::45 2620:1ec:46::45 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
18 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-5399167.homeofficecompany.com.br
lagunamusic.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
lagunamusic.com.br
lagunamusic.com.br |
229 KB |
7 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1169 |
101 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 76 |
|
18 | 3 |
Domain | Requested by | |
---|---|---|
10 | lagunamusic.com.br |
lagunamusic.com.br
aadcdn.msauth.net |
7 | aadcdn.msauth.net |
lagunamusic.com.br
|
1 | login.live.com |
lagunamusic.com.br
|
18 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
account.live.com |
login.live.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
lagunamusic.com.br cPanel, Inc. Certification Authority |
2022-05-08 - 2022-08-06 |
3 months | crt.sh |
graph.windows.net DigiCert SHA2 Secure Server CA |
2022-04-27 - 2023-04-27 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://lagunamusic.com.br/login.microsoftonline.com/login.microsoftonline.com/common/oauth2/surf2.php
Frame ID: 156484F9B5A3B2F05990F69800112542
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Sign in to OutlookDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Forgot password?
Search URL Search Domain Scan URL
Title: Sign in with a different Microsoft account
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
surf2.php
lagunamusic.com.br/login.microsoftonline.com/login.microsoftonline.com/common/oauth2/ |
218 KB 220 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_h2mGQgRxkorkS80huK3mig2.js.download
lagunamusic.com.br/login.microsoftonline.com/login.microsoftonline.com/common/oauth2/Sign%20in%20to%20Outlook_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_501ee7428186890a660b.js.download
lagunamusic.com.br/login.microsoftonline.com/login.microsoftonline.com/common/oauth2/Sign%20in%20to%20Outlook_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53_8b36337037cff88c3df203bb73d58e41.png
lagunamusic.com.br/login.microsoftonline.com/login.microsoftonline.com/common/oauth2/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
lagunamusic.com.br/login.microsoftonline.com/login.microsoftonline.com/common/oauth2/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_h2mGQgRxkorkS80huK3mig2.js.download
lagunamusic.com.br/login.microsoftonline.com/login.microsoftonline.com/common/oauth2/Sign%20in%20to%20Outlook_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
117 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en.min_kfwj5kxuavgki2cn5dynna2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 13 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
aadcdn.msauth.net/shared/1.0/content/images/appbackgrounds/ |
987 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
49_7916a894ebde7d29c2cc29b267f1299f.jpg
aadcdn.msauth.net/shared/1.0/content/images/appbackgrounds/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_h2mGQgRxkorkS80huK3mig2.js.download
lagunamusic.com.br/login.microsoftonline.com/login.microsoftonline.com/common/oauth2/Sign%20in%20to%20Outlook_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frameworksupport.min_oadrnc13magb009k4d20lg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watson.min_ybdb1ixzkv-fkor2mu6q6w2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
watson
lagunamusic.com.br/common/handlers/ |
315 B 343 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
watson
lagunamusic.com.br/common/handlers/ |
315 B 343 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
watson
lagunamusic.com.br/common/handlers/ |
315 B 343 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| StringRepository object| PROOF boolean| __ function| $ function| jQuery object| $Api2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.login.live.com/ | Name: uaid Value: 471cb197cc804402826073f69f5e50f9 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1654350561&co=1 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
lagunamusic.com.br
login.live.com
162.144.238.140
20.190.159.2
2620:1ec:46::45
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
58eacd6958675b2640b9efb0344cace3298b5d60a4b2b6bb5654b7ebf15891a2
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
e66e59a6275519b982049503ee55941af5edad1c7c2a522c62f08975ba4831f9