lazodecontrol.com Open in urlscan Pro
157.90.115.221 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ektienen.be/news.html#1
Effective URL:
https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnh...
Submission: On December 04 via api (December 4th 2022, 10:25:12 am UTC) from IE — Scanned from DE

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 157.90.115.221, located in Germany and belongs to HETZNER-AS, DE. The main domain is lazodecontrol.com.
TLS certificate: Issued by R3 on December 1st 2022. Valid for: 3 months.

This is the only time lazodecontrol.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BT (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	2a02:c207:202... 2a02:c207:2025:5826::1002	51167 (CONTABO) (CONTABO)
4 23	157.90.115.221 157.90.115.221	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	5

1 2a02:c207:2025:5826::1002 (Germany)

ASN51167 (CONTABO, DE)

ektienen.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 157.90.115.221 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: server.catesosac.com

lazodecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lazodecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	lazodecontrol.com 4 redirects lazodecontrol.com www.lazodecontrol.com	218 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 242	27 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 361	30 KB
1	ektienen.be ektienen.be	596 B
25	4

	Domain	Requested by
20	lazodecontrol.com	4 redirects ektienen.be lazodecontrol.com
4	cdnjs.cloudflare.com	lazodecontrol.com
3	www.lazodecontrol.com	lazodecontrol.com
1	ajax.googleapis.com	lazodecontrol.com
1	ektienen.be
25	5

This site contains links to these domains. Also see Links.

Domain
www.bt.com

Subject Issuer	Validity	Valid
ektienen.be R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
www.lazodecontrol.com R3	`2022-12-01` - `2023-03-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
Frame ID: 86182C177DB6A5BA4D893A522AFA25C3
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Page

Page URL History Show full URLs

https://ektienen.be/news.html Page URL
https://lazodecontrol.com/wp-admin/js/bt/btcrackas/ HTTP 302
https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsL... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

88 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

316 kB
Transfer

969 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bt.com/about
Title: BT Group

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ektienen.be/news.html Page URL
https://lazodecontrol.com/wp-admin/js/bt/btcrackas/ HTTP 302
https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/identify.js.download HTTP 301
https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/identify.js.download

Request Chain 18

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/images/logintextboxbg.png HTTP 301
https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/logintextboxbg.png

Request Chain 21

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/images/login-back.png HTTP 301
https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/login-back.png

25 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK news.html
ektienen.be/ 458 B
596 B 105ms
16ms Document
text/html 2a02:c207:2025:5826::1002
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://ektienen.be/news.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:c207:2025:5826::1002 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 275
Content-Type: text/html
Date: Sun, 04 Dec 2022 10:25:05 GMT
ETag: "1ca-5eefde6c7ff88-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Sun, 04 Dec 2022 10:19:09 GMT
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

Primary Request login.php Show response
lazodecontrol.com/wp-admin/js/bt/btcrackas/
Redirect Chain

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/
https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VG...

13 KB
5 KB

64ms
58ms

Document
text/html

157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
Requested by: Host: ektienen.be
URL: https://ektienen.be/news.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.catesosac.com
Software: nginx/1.20.1 /
Resource Hash: 30b46add54528d7f729fb40dd683e2706a78e6cf9534edd1f99ea0700b9d42d8

Request headers

Referer: https://ektienen.be/news.html#1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 10:25:05 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=60
Pragma: no-cache
Server: nginx/1.20.1
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 10:25:05 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=60
Pragma: no-cache
Server: nginx/1.20.1
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-Cache: HIT from Backend
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
location: login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf

GET
H/1.1 200
OK override.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 6 KB
3 KB 12ms
11ms Stylesheet
text/css 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/override.css

Requested by

Host: lazodecontrol.com
URL: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

a2ea72aac1d255823b18f4e67a137511ba739e11b3d8267bdfe6ea63c43abb7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: W/"638c73e0-192d"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK common-reset.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 65 KB
35 KB 34ms
27ms Stylesheet
text/css 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/common-reset.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

d4a986c22ae001e743c50f59d647eabba306e35899b7aec56992e37833bd7015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: W/"638c73e0-10413"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK common.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 181 KB
32 KB 40ms
27ms Stylesheet
text/css 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/common.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

2c2dc60e4d5a359eb31c232ae7640481e0d3b82e2f5b534399b9801a7a5c7471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: W/"638c73e0-2d47c"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK index.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 125 KB
19 KB 47ms
23ms Stylesheet
text/css 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/index.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

29b47f2aa3e1f0c4a6451bbe123d61eaa8e1006701b67c4c71c326a8003d06dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: W/"638c73e0-1f252"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bts-common.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 88 KB
12 KB 41ms
17ms Stylesheet
text/css 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/bts-common.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

7deb5405a84486905b040b40d17438fbdfe40db3e1fff910992758e27dc59d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: W/"638c73e0-161cb"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK login-index.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 76 KB
13 KB 44ms
20ms Stylesheet
text/css 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/login-index.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

cd4367645d6a37b59f5c0ba769a963e81ab9d4b9801a05309c451e657bbe45a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: W/"638c73e0-12fd0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK responsive-footer.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 7 KB
2 KB 43ms
21ms Stylesheet
text/css 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/responsive-footer.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

badb652b4cba9676aa78c6af2ec4ba5fb231dc20105f2eeddd44da5670bee3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: W/"638c73e0-1d03"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

404
Not Found

identify.js.download
www.lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/
Redirect Chain

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/identify.js.download
https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/identify.js.download

0
0

1199ms
1132ms

Script
text/html

157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/identify.js.download
Requested by: Host: lazodecontrol.com
URL: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
Protocol: HTTP/1.1
Server: 157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.catesosac.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Redirect headers

Date: Sun, 04 Dec 2022 10:25:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: nginx/1.20.1
X-Redirect-By: WordPress
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Content-Type: text/html; charset=UTF-8
Location: https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/identify.js.download
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Keep-Alive: timeout=60
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK rebrand-bt-logo-login-page-136440342141502601-211006161335.png
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 2 KB
2 KB 16ms
16ms Image
image/png 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/rebrand-bt-logo-login-page-136440342141502601-211006161335.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: W/"638c73e0-6b8"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo-footer2018.svg
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 1 KB
1 KB 10ms
10ms Image
image/svg+xml 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/logo-footer2018.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: W/"638c73e0-419"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=315360000
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 225ms
39ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 10:16:02 GMT

GET
H2 200 jquery.validate.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/ 45 KB
11 KB 64ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/jquery.validate.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aecc3e7494318d2398eafe2a6de21c03a52264ddf86c7934758ddbda06864bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8839515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10622
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-b4b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50mruiKgLvZgumBqoaBHSNjj%2BysRsX27itY%2BuPm52LIOArICV6tWvV6ZGX5QP9HE4e56ZD6GsQEoMDy8m9e35gb6RxwIGfjf9mzxn1Sg%2BxAsSUu9sTgTKORwzGKM1J2uKNGDKFSgQxH8tIHzXJJAKkq1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7743d60a59e8922c-FRA
expires: Fri, 24 Nov 2023 10:25:05 GMT

GET
H2 200 additional-methods.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/ 38 KB
9 KB 25ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/additional-methods.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d95e0e21c160558eb3d2bacd76779048cb600cc04e15264e0835f4f86b4b375

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 27045745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9078
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-985d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OB2JoKC5WAuT9eNV8n%2F48hS7rEXmyauNsK75vn9kiES6feSetkU5TDXhlrHzYVL0sdWIigu1Eyeo9TalPOwl5B2mp%2BicjB2p3AWn4NsezDQK36CyDqU%2B%2B%2BWLffML2Selt5483FHytSfdbZ31ghNipZD8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7743d60a8a58922c-FRA
expires: Fri, 24 Nov 2023 10:25:05 GMT

GET
H3 200 jquery.maskedinput.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/ 10 KB
3 KB 24ms
24ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2735135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2306
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-284d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHWieH%2BK7EkthWNBMNB%2BYWLuXxSEAyaQfuFwkY0oF0BchwJ7BhZHVOrEXmExNWo8ae0SY%2FJQk3lQnmlJz3%2FLtwQcfV%2BG6rqvUC1kUcLzEJKROe5DWZQCpIsOB8xdxusAPqNCpNECJz7s%2BVxFnNlF9Mm4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7743d60ab8e99ba1-FRA
expires: Fri, 24 Nov 2023 10:25:05 GMT

GET
H3 200 jquery.payment.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.payment/1.3.2/ 17 KB
4 KB 21ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.payment/1.3.2/jquery.payment.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60499c4335239d51fa6ef40bd909ba8e62a2a468b16b74f0fd9fadac1eee4bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 198210
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3067
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-421b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IKiVcUlmsuxAu6%2BrFIrMIu%2Fw7xb8HFdxh1KtjgNOL4SFFSpDKAXzBhko581m1OirKjeb6452pKN%2B70nUtIOFDIDsvOy2Cjr9aTpfz4whyAdvouiEyqY5Lr0Kp45sDb9uvwtNJnhGqx%2FlXcGpUeAsYjd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7743d60ae9449ba1-FRA
expires: Fri, 24 Nov 2023 10:25:05 GMT

GET
H/1.1 200
OK device.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 76 KB
16 KB 24ms
24ms Stylesheet
text/css 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/device.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

8b22a2ba88ff937fe81fccafbb80871660d0adafff39acccf6bd203ea87b0d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: W/"638c73e0-1304a"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bts-device.css
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 21 KB
4 KB 16ms
16ms Stylesheet
text/css 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/bts-device.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

1d3818a3898d20a154d82018bff422d86c8a384ac578cfccf6035fd14e39e2c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/login.php?ssl=true&session=jZCNU2p9FppIAFPrtd56SOsLxeHUlStmmwrLFq6XHcnhnmhOPFlbnllAjXZBgq0aYo1KRDgU9gz5hOKyHx4hJ2YeBs0qBynGnziXxj05dNNbIZ6kgVSn9VGuSvOYxTH8Pf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: W/"638c73e0-55d0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

404
Not Found

logintextboxbg.png
www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/
Redirect Chain

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/images/logintextboxbg.png
https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/logintextboxbg.png

0
0

2068ms
2039ms

Image
text/html

157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/logintextboxbg.png
Requested by: Host: lazodecontrol.com
URL: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/login-index.css
Protocol: HTTP/1.1
Server: 157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.catesosac.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Redirect headers

Date: Sun, 04 Dec 2022 10:25:09 GMT
Server: nginx/1.20.1
X-Redirect-By: WordPress
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/logintextboxbg.png
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK icons-sprite-8bit.png
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 5 KB
5 KB 18ms
18ms Image
image/png 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/icons-sprite-8bit.png

Requested by

Host: lazodecontrol.com
URL: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/common.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

6c15da6e07c5e0c79941d5f3e5e5839e1b1d87d3f03badceb337e88bbe78609f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT from Backend
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: W/"638c73e0-13ec"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK LoginButtonBg.png
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 211 B
684 B 19ms
18ms Image
image/png 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/LoginButtonBg.png

Requested by

Host: lazodecontrol.com
URL: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/common.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

7583bdd341399e600785dab65ac725a95dced3b0054ed8ca9b8d69fbde04def8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: "638c73e0-d3"
X-Cache: HIT from Backend
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 211
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

404
Not Found

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/images/login-back.png
https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/login-back.png

0
0

1834ms
1809ms

Image
text/html

157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/login-back.png
Requested by: Host: lazodecontrol.com
URL: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/common.css
Protocol: HTTP/1.1
Server: 157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.catesosac.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lazodecontrol.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Redirect headers

Date: Sun, 04 Dec 2022 10:25:09 GMT
Server: nginx/1.20.1
X-Redirect-By: WordPress
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/login-back.png
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 42 KB
42 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b08992554ee957c4fa7e6f2a2a743bf222c14e3b641dbd36cb7a8998741a55d

Request headers

Referer
Origin: https://lazodecontrol.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
H/1.1 200
OK BTFont_Rg.woff
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 58 KB
58 KB 26ms
25ms Font
font/woff 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/BTFont_Rg.woff

Requested by

Host: lazodecontrol.com
URL: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/responsive-footer.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/responsive-footer.css
Origin: https://lazodecontrol.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: "638c73e0-e6d4"
X-Cache: HIT from Backend
Content-Type: font/woff
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 59092
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bttvicons.woff
lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/ 8 KB
9 KB 17ms
16ms Font
font/woff 157.90.115.221
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/bttvicons.woff

Requested by

Host: lazodecontrol.com
URL: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/responsive-footer.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.90.115.221 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.catesosac.com

Software

nginx/1.20.1 /

Resource Hash

c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/responsive-footer.css
Origin: https://lazodecontrol.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 10:25:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Sun, 04 Dec 2022 10:18:08 GMT
Server: nginx/1.20.1
ETag: "638c73e0-20a4"
X-Cache: HIT from Backend
Content-Type: font/woff
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 8356
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BT (Telecommunication)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lazodecontrol.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 16d52i42h30hqbafljs91t3ut4

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/bt/identify.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/login-back.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.lazodecontrol.com/wp-admin/js/bt/btcrackas/images/logintextboxbg.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
ektienen.be
lazodecontrol.com
www.lazodecontrol.com
157.90.115.221
2606:4700::6811:180e
2a00:1450:4001:80b::200a
2a02:c207:2025:5826::1002
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1
1d3818a3898d20a154d82018bff422d86c8a384ac578cfccf6035fd14e39e2c3
1d95e0e21c160558eb3d2bacd76779048cb600cc04e15264e0835f4f86b4b375
29b47f2aa3e1f0c4a6451bbe123d61eaa8e1006701b67c4c71c326a8003d06dd
2aecc3e7494318d2398eafe2a6de21c03a52264ddf86c7934758ddbda06864bb
2c2dc60e4d5a359eb31c232ae7640481e0d3b82e2f5b534399b9801a7a5c7471
30b46add54528d7f729fb40dd683e2706a78e6cf9534edd1f99ea0700b9d42d8
3b08992554ee957c4fa7e6f2a2a743bf222c14e3b641dbd36cb7a8998741a55d
60499c4335239d51fa6ef40bd909ba8e62a2a468b16b74f0fd9fadac1eee4bbf
670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42
6c15da6e07c5e0c79941d5f3e5e5839e1b1d87d3f03badceb337e88bbe78609f
7583bdd341399e600785dab65ac725a95dced3b0054ed8ca9b8d69fbde04def8
7deb5405a84486905b040b40d17438fbdfe40db3e1fff910992758e27dc59d43
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
8b22a2ba88ff937fe81fccafbb80871660d0adafff39acccf6bd203ea87b0d92
a2ea72aac1d255823b18f4e67a137511ba739e11b3d8267bdfe6ea63c43abb7d
badb652b4cba9676aa78c6af2ec4ba5fb231dc20105f2eeddd44da5670bee3f0
c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168
cd4367645d6a37b59f5c0ba769a963e81ab9d4b9801a05309c451e657bbe45a2
d4a986c22ae001e743c50f59d647eabba306e35899b7aec56992e37833bd7015
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4

lazodecontrol.com Open in urlscan Pro 157.90.115.221 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

88 %HTTPS

75 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

316 kBTransfer

969 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

lazodecontrol.com Open in urlscan Pro
157.90.115.221 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

88 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

316 kB
Transfer

969 kB
Size

1
Cookies

25 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!