lazodecontrol.com
Open in
urlscan Pro
157.90.115.221
Malicious Activity!
Public Scan
Effective URL: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnh...
Submission: On December 04 via api from IE — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 1st 2022. Valid for: 3 months.
This is the only time lazodecontrol.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BT (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a02:c207:202... 2a02:c207:2025:5826::1002 | 51167 (CONTABO) (CONTABO) | |
4 23 | 157.90.115.221 157.90.115.221 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
4 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
25 | 5 |
ASN24940 (HETZNER-AS, DE)
PTR: server.catesosac.com
lazodecontrol.com | |
www.lazodecontrol.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
lazodecontrol.com
4 redirects
lazodecontrol.com www.lazodecontrol.com |
218 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 242 |
27 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 361 |
30 KB |
1 |
ektienen.be
ektienen.be |
596 B |
25 | 4 |
Domain | Requested by | |
---|---|---|
20 | lazodecontrol.com |
4 redirects
ektienen.be
lazodecontrol.com |
4 | cdnjs.cloudflare.com |
lazodecontrol.com
|
3 | www.lazodecontrol.com |
lazodecontrol.com
|
1 | ajax.googleapis.com |
lazodecontrol.com
|
1 | ektienen.be | |
25 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bt.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ektienen.be R3 |
2022-10-22 - 2023-01-20 |
3 months | crt.sh |
www.lazodecontrol.com R3 |
2022-12-01 - 2023-03-01 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
Frame ID: 86182C177DB6A5BA4D893A522AFA25C3
Requests: 26 HTTP requests in this frame
Screenshot
Page Title
Login PagePage URL History Show full URLs
- https://ektienen.be/news.html Page URL
-
https://lazodecontrol.com/wp-admin/js/bt/btcrackas/
HTTP 302
https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsL... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: BT Group
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ektienen.be/news.html Page URL
-
https://lazodecontrol.com/wp-admin/js/bt/btcrackas/
HTTP 302
https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/identify.js.download HTTP 301
- https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/identify.js.download
- https://lazodecontrol.com/wp-admin/js/bt/btcrackas/images/logintextboxbg.png HTTP 301
- https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/logintextboxbg.png
- https://lazodecontrol.com/wp-admin/js/bt/btcrackas/images/login-back.png HTTP 301
- https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/login-back.png
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
news.html
ektienen.be/ |
458 B 596 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login.php
lazodecontrol.com/wp-admin/js/bt/btcrackas/ Redirect Chain
|
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
override.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common-reset.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
65 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
181 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
125 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bts-common.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
88 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-index.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
76 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive-footer.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
identify.js.download
www.lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rebrand-bt-logo-login-page-136440342141502601-211006161335.png
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-footer2018.svg
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/ |
45 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
additional-methods.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/ |
38 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.maskedinput.js
cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.payment.js
cdnjs.cloudflare.com/ajax/libs/jquery.payment/1.3.2/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
device.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
76 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bts-device.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logintextboxbg.png
www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons-sprite-8bit.png
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoginButtonBg.png
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
211 B 684 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-back.png
www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 KB 42 KB |
Font
font/truetype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTFont_Rg.woff
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
58 KB 58 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bttvicons.woff
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ |
8 KB 9 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BT (Telecommunication)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
lazodecontrol.com/ | Name: PHPSESSID Value: 16d52i42h30hqbafljs91t3ut4 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
ektienen.be
lazodecontrol.com
www.lazodecontrol.com
157.90.115.221
2606:4700::6811:180e
2a00:1450:4001:80b::200a
2a02:c207:2025:5826::1002
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1
1d3818a3898d20a154d82018bff422d86c8a384ac578cfccf6035fd14e39e2c3
1d95e0e21c160558eb3d2bacd76779048cb600cc04e15264e0835f4f86b4b375
29b47f2aa3e1f0c4a6451bbe123d61eaa8e1006701b67c4c71c326a8003d06dd
2aecc3e7494318d2398eafe2a6de21c03a52264ddf86c7934758ddbda06864bb
2c2dc60e4d5a359eb31c232ae7640481e0d3b82e2f5b534399b9801a7a5c7471
30b46add54528d7f729fb40dd683e2706a78e6cf9534edd1f99ea0700b9d42d8
3b08992554ee957c4fa7e6f2a2a743bf222c14e3b641dbd36cb7a8998741a55d
60499c4335239d51fa6ef40bd909ba8e62a2a468b16b74f0fd9fadac1eee4bbf
670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42
6c15da6e07c5e0c79941d5f3e5e5839e1b1d87d3f03badceb337e88bbe78609f
7583bdd341399e600785dab65ac725a95dced3b0054ed8ca9b8d69fbde04def8
7deb5405a84486905b040b40d17438fbdfe40db3e1fff910992758e27dc59d43
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
8b22a2ba88ff937fe81fccafbb80871660d0adafff39acccf6bd203ea87b0d92
a2ea72aac1d255823b18f4e67a137511ba739e11b3d8267bdfe6ea63c43abb7d
badb652b4cba9676aa78c6af2ec4ba5fb231dc20105f2eeddd44da5670bee3f0
c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168
cd4367645d6a37b59f5c0ba769a963e81ab9d4b9801a05309c451e657bbe45a2
d4a986c22ae001e743c50f59d647eabba306e35899b7aec56992e37833bd7015
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4