orlandocomcarlao.com.br Open in urlscan Pro
2606:4700:3032::6815:187a Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://orlandocomcarlao.com.br/bpse/bogota/
Submission: On November 28 via manual (November 28th 2024, 3:21:49 pm UTC) from CO — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3032::6815:187a, located in United States and belongs to CLOUDFLARENET, US. The main domain is orlandocomcarlao.com.br.
TLS certificate: Issued by WE1 on October 24th 2024. Valid for: 3 months.

This is the only time orlandocomcarlao.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco de Bogota (Banking)

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3032::6815:187a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
14	3

12 2606:4700:3032::6815:187a (United States)

ASN13335 (CLOUDFLARENET, US)

orlandocomcarlao.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	orlandocomcarlao.com.br orlandocomcarlao.com.br	53 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415	31 KB
0	ipinfo.io Failed ipinfo.io Failed
14	3

	Domain	Requested by
12	orlandocomcarlao.com.br	orlandocomcarlao.com.br
1	ajax.googleapis.com	orlandocomcarlao.com.br
0	ipinfo.io Failed	orlandocomcarlao.com.br
14	3

This site contains no links.

Subject Issuer	Validity	Valid
orlandocomcarlao.com.br WE1	`2024-10-24` - `2025-01-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://orlandocomcarlao.com.br/bpse/bogota/
Frame ID: 9DCE6322745561DFB5822B0E132E94CA
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bogota

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

93 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

84 kB
Transfer

190 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
orlandocomcarlao.com.br/bpse/bogota/ 10 KB
4 KB 387ms
239ms Document
text/html 2606:4700:3032::6815:187a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlandocomcarlao.com.br/bpse/bogota/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b28a32cfb7e1dd3598236664c8a1836bf73f8b89b321e27d84d6a80422aa87e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e9b5974ef881e55-FRA
content-encoding: zstd
content-type: text/html
date: Thu, 28 Nov 2024 15:21:44 GMT
last-modified: Tue, 11 Jun 2024 20:41:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AvhqUoJ8uG8EhdW4D1Z3Cr%2BpnkT3EmDY16kRwkmr8F9ljWXVhr4E8DH7rD02xt8pfMxl4VRaUWChnc%2B6Z0NW8VaRalTaFamBkNKwnh3nsDKR3KwTmiwQS2Val7jpg4DV1v7uynQrl8y6Fm%2FjmAM%2Baqvr8cLIGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5905&min_rtt=5814&rtt_var=1043&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4012&recv_bytes=2340&delivery_rate=650448&cwnd=253&unsent_bytes=0&cid=b8292bff3f694e9d&ts=251&x=0"
vary: Accept-Encoding

GET
H2 200 lfr_style.css
orlandocomcarlao.com.br/bpse/bogota/bogo/ 47 KB
10 KB 255ms
254ms Stylesheet
text/css 2606:4700:3032::6815:187a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlandocomcarlao.com.br/bpse/bogota/bogo/lfr_style.css
Requested by: Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bogota/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e1ec83f1554b35c912194021aa52d85d2e4e6609113a67ae8b145bfe7acbfcb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://orlandocomcarlao.com.br/bpse/bogota/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yeireaq1wRWpjM10huZ65rp8F9GYsofC4T5nFGyWCpXCEsG780%2B9z%2FcQofnDkJhezJD%2Bg1Fbf8MSp4jEi9fJ2OCVjz%2FXHEGsvtRVASX7Lw4KxpO054M7ojqFZYIzdl1Dow4Oa34fRjNAUIhX0xbj8FyY7x7ltQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9b5976795a1e55-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5968&min_rtt=5814&rtt_var=695&sent=30&recv=17&lost=0&retrans=0&sent_bytes=17826&recv_bytes=2769&delivery_rate=1284539&cwnd=255&unsent_bytes=0&cid=b8292bff3f694e9d&ts=518&x=0"
content-length: 9536
date: Thu, 28 Nov 2024 15:21:44 GMT
content-type: text/css
last-modified: Fri, 05 Apr 2024 18:12:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lfr_ownstyle.css
orlandocomcarlao.com.br/bpse/bogota/bogo/ 4 KB
1 KB 264ms
264ms Stylesheet
text/css 2606:4700:3032::6815:187a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlandocomcarlao.com.br/bpse/bogota/bogo/lfr_ownstyle.css
Requested by: Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bogota/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a6e6af4d3a84a8371a7e8bf0c4e43a66de936774c39d748a0d5827138f4bddd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://orlandocomcarlao.com.br/bpse/bogota/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOXZzC090JQqO7ehbCYMBD4CQjEsosU%2BzVfbTqIhM5147gER29UyiN7ck2QAQm0CgoEav3edVWVaciIbd7LKMBuN88aKggexDtB1fg1X9l%2BpCu4IVTDaYBd0JnLG2X5yPZjYF0Lm5be7l1at2FZ4yMD7eh0s4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9b5976795d1e55-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6093&min_rtt=5814&rtt_var=521&sent=49&recv=20&lost=0&retrans=0&sent_bytes=33028&recv_bytes=2769&delivery_rate=2848002&cwnd=255&unsent_bytes=0&cid=b8292bff3f694e9d&ts=527&x=0"
content-length: 1041
date: Thu, 28 Nov 2024 15:21:44 GMT
content-type: text/css
last-modified: Fri, 05 Apr 2024 18:12:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 logobanco1.png
orlandocomcarlao.com.br/bpse/bogota/bogo/ 9 KB
9 KB 243ms
243ms Image
image/png 2606:4700:3032::6815:187a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlandocomcarlao.com.br/bpse/bogota/bogo/logobanco1.png
Requested by: Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bogota/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d10278f4c73c867d2dd9d793fbe00c7ffbb448d73bea8883cc79487ae999e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://orlandocomcarlao.com.br/bpse/bogota/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5uWlzR9ionFtE%2BklhKzyf%2BXFmdnImgr7XjgiH8S9tKKE65bOEUfTh2S5WfoS39jmO2b%2BxdHZXft39VPK62h9CzSRClshEY8%2FblRkN7CCUSB3wUK%2F%2BNF0or89mz%2BENlFqkAQdYNduPTPGD8m1rZf5iePz%2BQN7HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9b597679631e55-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5968&min_rtt=5814&rtt_var=695&sent=18&recv=17&lost=0&retrans=0&sent_bytes=8244&recv_bytes=2769&delivery_rate=1284539&cwnd=255&unsent_bytes=0&cid=b8292bff3f694e9d&ts=514&x=0"
content-length: 8866
date: Thu, 28 Nov 2024 15:21:44 GMT
content-type: image/png
last-modified: Fri, 05 Apr 2024 18:12:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 icon-pass.png
orlandocomcarlao.com.br/bpse/bogota/bogo/ 4 KB
5 KB 252ms
252ms Image
image/png 2606:4700:3032::6815:187a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlandocomcarlao.com.br/bpse/bogota/bogo/icon-pass.png
Requested by: Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bogota/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4457ac087de5512df3ba43c8fee50e23bc8813836e92181b1fd041ef44330ef5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://orlandocomcarlao.com.br/bpse/bogota/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJstM2tjnoGX%2F1kwLAFK37%2BOJZhzTQkms5hZmdj6PD5jobXlFs9QAQhBvEFKV4pIjH9vDvoOrdBYdZ4j7JrDLtWTKW8hYTp5fsMPp0zPwK%2Bt0p0Ab3BvnphVR05ZBbKmldw2EbOOkfV73BBMyfXINzKbhCFV1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9b597679651e55-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5998&min_rtt=5814&rtt_var=441&sent=42&recv=19&lost=0&retrans=0&sent_bytes=28032&recv_bytes=2769&delivery_rate=2543249&cwnd=255&unsent_bytes=0&cid=b8292bff3f694e9d&ts=523&x=0"
content-length: 4414
date: Thu, 28 Nov 2024 15:21:44 GMT
content-type: image/png
last-modified: Fri, 05 Apr 2024 18:12:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 icon-device.png
orlandocomcarlao.com.br/bpse/bogota/bogo/ 4 KB
4 KB 242ms
241ms Image
image/png 2606:4700:3032::6815:187a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlandocomcarlao.com.br/bpse/bogota/bogo/icon-device.png
Requested by: Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bogota/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98fcf36ef69c165833a1337a6fe46bf9a52d356ab5c142f47a15a0605d1ed826

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://orlandocomcarlao.com.br/bpse/bogota/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gs9sfNfVN%2BtBRqZ6y0q8ZMbdhSxV8hM3SJB3yWvCjTXUlpMtjam2G8PHiZngS%2BYqNEVAL%2BxeJ2nuhzy0GZRgRRD6xH9jlFeqxailoH6KGIGSJUkK5HZJpcCZflrjLYILK7NUlyIYl1YJn974jyJ80ZJu40QAsg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9b5976be22a01c-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6748&min_rtt=6236&rtt_var=1320&sent=18&recv=16&lost=0&retrans=0&sent_bytes=8825&recv_bytes=5946&delivery_rate=564111&cwnd=12000&unsent_bytes=0&cid=291ffaa88b7eaac9&ts=277&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 3880
date: Thu, 28 Nov 2024 15:21:44 GMT
content-type: image/png
last-modified: Fri, 05 Apr 2024 18:12:32 GMT
vary: Accept-Encoding
priority: u=2,i

GET
H3 200 icon-lock.png
orlandocomcarlao.com.br/bpse/bogota/bogo/ 5 KB
5 KB 250ms
250ms Image
image/png 2606:4700:3032::6815:187a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlandocomcarlao.com.br/bpse/bogota/bogo/icon-lock.png
Requested by: Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bogota/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc5986c27953fed1328734ed09a3ba567f7b0b8721e1cab505a5033c5d55446e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://orlandocomcarlao.com.br/bpse/bogota/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8WT8jweqKck8%2BzXscP979i7IfPjb81AnpYSPemBbaSPRyEbspgzbqmK5HSXbX4ae51xtawRLXCSVSOUp%2FcnOziYRAvBdK%2F4wCwK73VG1%2Bk5w5LfbEkA3KOhnG0V93VIrnQf6pQOYvloaTMfnE9rAYBvne5YXyg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9b5976be23a01c-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6720&min_rtt=6236&rtt_var=790&sent=22&recv=18&lost=0&retrans=0&sent_bytes=13479&recv_bytes=6032&delivery_rate=242635&cwnd=12000&unsent_bytes=0&cid=291ffaa88b7eaac9&ts=285&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 4779
date: Thu, 28 Nov 2024 15:21:44 GMT
content-type: image/png
last-modified: Fri, 05 Apr 2024 18:12:32 GMT
vary: Accept-Encoding
priority: u=2,i

GET
H3 200 icon-call.png
orlandocomcarlao.com.br/bpse/bogota/bogo/ 7 KB
8 KB 252ms
252ms Image
image/png 2606:4700:3032::6815:187a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlandocomcarlao.com.br/bpse/bogota/bogo/icon-call.png
Requested by: Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bogota/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a84435a62a2c2e7dde1743105df4ed9760364bfe4eeb48360c223ce70dbb0c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://orlandocomcarlao.com.br/bpse/bogota/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bo%2Fad9wvrc8zlx48tsSL9GCUSZSnJrupMb1wuAoRpoCm1J%2B4576s5eLhY%2BmWKSzAf008f2ae8PZ%2FVTHTx7VUi5eEf3t9slraSJRSty8bXu0ncRoI%2Bt9o7VuB2NK8nC4MPMf3OXdHpY5Q2yfJGfl1lKnwRMznow%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9b5976be24a01c-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6720&min_rtt=6236&rtt_var=790&sent=27&recv=18&lost=0&retrans=0&sent_bytes=19056&recv_bytes=6032&delivery_rate=242635&cwnd=12000&unsent_bytes=0&cid=291ffaa88b7eaac9&ts=287&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 7304
date: Thu, 28 Nov 2024 15:21:45 GMT
content-type: image/png
last-modified: Fri, 05 Apr 2024 18:12:32 GMT
vary: Accept-Encoding
priority: u=2,i

GET
H3 200 rocket-loader.min.js Show response
orlandocomcarlao.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:3032::6815:187a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orlandocomcarlao.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bogota/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:187a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://orlandocomcarlao.com.br/bpse/bogota/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"6740aa56-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5p2ehlVaaIlkyiL68WtlJKKL0SVX%2FzYIY1NptSUR%2BYNWdP0aEpaeAtfUt2gP46lg4i39vj8MOs5nJeZ%2FLRVFBY5H9yv0QXZuGiTDJRNFg1hKYTsofr155uK4n43REcXptpxLa8bip0IBjTWs966qKV4YDpvRLg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e9b5976be25a01c-FRA
expires: Sat, 30 Nov 2024 15:21:44 GMT
date: Thu, 28 Nov 2024 15:21:44 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 15:59:18 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 styles.css
orlandocomcarlao.com.br/bpse/bogota/assets/fonts/icons-bbogota/ 0
719 B 237ms
236ms Stylesheet
text/html 2606:4700:3032::6815:187a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlandocomcarlao.com.br/bpse/bogota/assets/fonts/icons-bbogota/styles.css
Requested by: Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bogota/bogo/lfr_style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://orlandocomcarlao.com.br/bpse/bogota/bogo/lfr_style.css

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sfta6zvxBESEd8UVF63Ik8u4CLAoXxEWDJDssnr4uj0Mc2BJ%2FP%2BIkAq5y7k5H%2BSZRIvQ9Pd9mBc7ZWjadfc%2FxWQ6EokaGJ1RzjWOZocqVj35R%2B6n98zzA5jvWiU4IGRQ8VnA72%2FuPgNA3ZWJmepJQ0n5jItyrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9b59781f6ba01c-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7145&min_rtt=6191&rtt_var=1242&sent=35&recv=25&lost=0&retrans=0&sent_bytes=27231&recv_bytes=6334&delivery_rate=1416987&cwnd=16800&unsent_bytes=0&cid=291ffaa88b7eaac9&ts=493&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 15:21:45 GMT
content-type: text/html; charset=UTF-8
last-modified: Thu, 28 Nov 2024 15:21:45 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 58ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://orlandocomcarlao.com.br/

Response headers

content-encoding: gzip
age: 456015
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 08:41:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 08:41:30 GMT
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31021
x-xss-protection: 0
server: sffe

GET
H3 200 vigilado.jpg
orlandocomcarlao.com.br/bpse/bogota/assets/images/ 0
707 B 1498ms
1498ms Image
text/html 2606:4700:3032::6815:187a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlandocomcarlao.com.br/bpse/bogota/assets/images/vigilado.jpg
Requested by: Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bogota/bogo/lfr_style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://orlandocomcarlao.com.br/bpse/bogota/bogo/lfr_style.css

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQxXfaMWwZT3hpMHXklRtJMvfIPl51KBc5e%2FMbT5vrO3rEI9zrBcllJ3Kud3NoOtJMNnSgWKQXzbQwO1otAZQQDE9CZ7k4fL9Z8sjqj45c8191ztdY1wTrux434vSp0bLkJcKaBRgnQCg2NPLhVW2wLzgn1fpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9b5979a904a01c-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7045&min_rtt=6191&rtt_var=1130&sent=37&recv=26&lost=0&retrans=0&sent_bytes=27997&recv_bytes=6725&delivery_rate=41920&cwnd=16800&unsent_bytes=0&cid=291ffaa88b7eaac9&ts=2001&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 15:21:46 GMT
content-type: text/html; charset=UTF-8
last-modified: Thu, 28 Nov 2024 15:21:46 GMT
vary: Accept-Encoding
priority: u=3,i

GET json
ipinfo.io/ 0
0

GET
H3 200 favicon.ico
orlandocomcarlao.com.br/ 0
709 B 243ms
242ms Other
text/html 2606:4700:3032::6815:187a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlandocomcarlao.com.br/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://orlandocomcarlao.com.br/bpse/bogota/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZCi0uzyqsymm4VbaF0rjjq4BC6NYL9CpdaLLmIeNyXflaDtFnG5ObaRMF24GKcXW8fTS219WSju93dVgLOXrM4%2BP4Z7loQqMgJ3LfhrAr%2BiRvBR98xH%2Feleylu6C0CB8SHS0bXjglq2nNMZDJB8uqcSGl7jzWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9b59831a63a01c-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6954&min_rtt=6191&rtt_var=1029&sent=39&recv=27&lost=0&retrans=0&sent_bytes=28751&recv_bytes=7094&delivery_rate=484&cwnd=16800&unsent_bytes=0&cid=291ffaa88b7eaac9&ts=2247&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 15:21:46 GMT
content-type: text/html; charset=UTF-8
last-modified: Thu, 28 Nov 2024 15:21:46 GMT
vary: Accept-Encoding
priority: u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ipinfo.io
URL: https://ipinfo.io/json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco de Bogota (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ipinfo.io
orlandocomcarlao.com.br
ipinfo.io
2606:4700:3032::6815:187a
2a00:1450:4001:812::200a
2a84435a62a2c2e7dde1743105df4ed9760364bfe4eeb48360c223ce70dbb0c0
3a6e6af4d3a84a8371a7e8bf0c4e43a66de936774c39d748a0d5827138f4bddd
4457ac087de5512df3ba43c8fee50e23bc8813836e92181b1fd041ef44330ef5
4e1ec83f1554b35c912194021aa52d85d2e4e6609113a67ae8b145bfe7acbfcb
7b28a32cfb7e1dd3598236664c8a1836bf73f8b89b321e27d84d6a80422aa87e
98fcf36ef69c165833a1337a6fe46bf9a52d356ab5c142f47a15a0605d1ed826
cc5986c27953fed1328734ed09a3ba567f7b0b8721e1cab505a5033c5d55446e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1d10278f4c73c867d2dd9d793fbe00c7ffbb448d73bea8883cc79487ae999e1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

orlandocomcarlao.com.br Open in urlscan Pro 2606:4700:3032::6815:187a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

84 kBTransfer

190 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

Indicators

orlandocomcarlao.com.br Open in urlscan Pro
2606:4700:3032::6815:187a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

84 kB
Transfer

190 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!