orodonti.co Open in urlscan Pro
2606:4700:3030::ac43:d1f0 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://das.elroiss.com/dist/css/vb3jk.php
Effective URL:
https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_securi...
Submission: On February 11 via manual (February 11th 2023, 2:18:29 pm UTC) from RS — Scanned from DE

Summary HTTP 18 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3030::ac43:d1f0, located in United States and belongs to CLOUDFLARENET, US. The main domain is orodonti.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time orodonti.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BDO Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3033::6815:42e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 18	2606:4700:303... 2606:4700:3030::ac43:d1f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2

1 2606:4700:3033::6815:42e9 (United States)

ASN13335 (CLOUDFLARENET, US)

das.elroiss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3030::ac43:d1f0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

orodonti.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	orodonti.co 1 redirects orodonti.co	337 KB
1	elroiss.com das.elroiss.com	763 B
18	2

	Domain	Requested by
18	orodonti.co	1 redirects das.elroiss.com orodonti.co
1	das.elroiss.com
18	2

This site contains links to these domains. Also see Links.

Domain
www.bdo.com.ph
online.bdo.com.ph
www.mybdo.com.ph
mycashcard.com.ph
tbg.bdo.com.ph
business.bdo.com.ph

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
Frame ID: 4F5507B674E0A1210A43B86E1B89D3D8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banco De Oro

Page URL History Show full URLs

http://das.elroiss.com/dist/css/vb3jk.php Page URL
https://orodonti.co/wp-content/uploads/online/ HTTP 302
https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

18
Requests

94 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

337 kB
Transfer

431 kB
Size

0
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bdo.com.ph/properties-for-sale
Title: Properties for Sale

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/support-topics
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/promo-list
Title: Promos

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/personal/remittance-services/bdo-remit-status-inquiry
Title: Remit Status Inquiry

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/subsidiaries
Title: Subsidiaries

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/branches-atms-locator
Title: Branches / ATMs

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/international-desks
Title: International Desks

Search URL Search Domain Scan URL

URL: https://online.bdo.com.ph/sso/login?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
Title: Personal

Search URL Search Domain Scan URL

URL: https://online.bdo.com.ph/sso/login
Title: BDO Online Banking

Search URL Search Domain Scan URL

URL: https://www.mybdo.com.ph/fo/ribtermsandconditions
Title: Not yet enrolled? Enroll Now!

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/faqs/otp-faqs
Title: What is a One-time Password (OTP)

Search URL Search Domain Scan URL

URL: https://mycashcard.com.ph/cashcard/login
Title: Cash Card

Search URL Search Domain Scan URL

URL: https://tbg.bdo.com.ph/ids/
Title: Integrated Disbursement Solutions

Search URL Search Domain Scan URL

URL: https://business.bdo.com.ph/fo/login
Title: Business Online Banking

Search URL Search Domain Scan URL

URL: http://www.bdo.com.ph/
Title: Banco De Oro

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/personal
Title: PERSONAL

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/business
Title: BUSINESS

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/personal/ebanking
Title: eBanking

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/personal/accounts
Title: Accounts

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/trust-and-investments
Title: Trust and Investments

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/personal/loans
Title: Loans

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/personal/credit-debit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/personal/remittance-services
Title: Remittance Services

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/personal/insurance
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/personal/rewards
Title: Rewards

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/private-bank-home
Title: Private Bank

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/about-bdo/business-operation
Title: About BDO

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/corporate-governance
Title: Corporate Governance

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/investor-relations/investment-credit-ratings-information
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/company-disclosures
Title: Company Disclosures

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/news-and-articles
Title: Press Room

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/site-map
Title: Site Map

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.bdo.com.ph/terms-and-conditions
Title: Terms and Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://das.elroiss.com/dist/css/vb3jk.php Page URL
https://orodonti.co/wp-content/uploads/online/ HTTP 302
https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK vb3jk.php
das.elroiss.com/dist/css/ 82 B
763 B 365ms
335ms Document
text/html 2606:4700:3033::6815:42e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://das.elroiss.com/dist/css/vb3jk.php
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:42e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 797db6aa8c0e3835-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Feb 2023 14:18:24 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrR9N%2Byy0tdYyFkEK6IFIMOxznpQBmHzKZU0KCXtM2H%2F4ie2vIjnvNXdeefjPtBV5X384hKq%2B7wr3avNVl4OTt7uZr0%2FaLCZ0lmfKz7%2BtT6%2FuBRsVuYvyABW138ov4D4PLvbtlqSf9OQ9nlHCnk%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

Primary Request login.php Show response
orodonti.co/wp-content/uploads/online/sso/
Redirect Chain

https://orodonti.co/wp-content/uploads/online/
https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check

26 KB
6 KB

30ms
30ms

Document
text/html

2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
Requested by: Host: das.elroiss.com
URL: http://das.elroiss.com/dist/css/vb3jk.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f893852736e22480091f46f560f8f2d84d970c7b135f70e4ef064d79b08e76f

Request headers

Referer: http://das.elroiss.com/dist/css/vb3jk.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 797db6aefe1ebb7a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 11 Feb 2023 14:18:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ck8q8LDlZcgGttinxw%2F0IpH1ZnS41SnQNdcw7Y%2FvHYYTMX8ooqc7o5JCPcCnppWifAjvS3cL3loVXO%2FYqe%2B0hK%2B13O0hlxlxsFlNNjHGB081wLroD1tMwsW8FMWQzXIMZNVwTyTlp9%2BgQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 797db6ad0b34bb7a-FRA
content-type: text/html; charset=UTF-8
date: Sat, 11 Feb 2023 14:18:24 GMT
location: sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8pvcXOjZDhjS6IiwzaY8TYNLE8peUtY9NwAnmUgM0Pou%2FxkjF745V3NTW83LTG7j3a3AsCJH9YRE%2BZk3KQMKfEvx6Q9AGw0NW4vuGXuxPo1MPUTefhp56Hnzn4vMFajoxW3K%2B1nfoEgIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 loginid.css
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 48 KB
11 KB 20ms
18ms Stylesheet
text/css 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f9d13abeeae93cee07cfa497dafbb8d943d338b743e08b3ec51844ae5d4e329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 30 Oct 2022 10:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1994
etag: W/"635e56ec-bea3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEdRI7ASiqwIlvh130%2FBbghdWvfIzjg5GgpTzqUiVcAuQpDBFE0SzefYamiHrvDnYXU04NKtMRzoGilMUKD6t0zeg8kqTc1i0mYOMCocUPA4iNXjq6rlv2EgL19dIElIBazqeE%2BJ%2FQYJbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 797db6af2f505c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 component.style.css
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 16 KB
3 KB 17ms
16ms Stylesheet
text/css 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/component.style.css
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c38bc354a340cc77a0aed07e867dfbc22c3ce1e8558d3924de7387b6424f458b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 30 Oct 2022 10:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1994
etag: W/"635e56ec-3e4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fe1oN7diQVo0FQPEmu1SEF5D6cCmOYbdkhVpq9a0bSNqUYeL71Oz25m9UHvGlaMYQf1GCHrVFNClHpI1B938lWrI%2BH%2FCPeQVBZp3Eef3FvuC%2F47a5CqSRApHOURZFLON7dW8m%2BeZ1HLyQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 797db6af2f525c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-ui-1.8.2.custom.css
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 31 KB
7 KB 24ms
23ms Stylesheet
text/css 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/jquery-ui-1.8.2.custom.css
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e17ae9c26c4f360fcaef638b4adae6303305b1d7293c1b074d0258c4e3c9db9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 30 Oct 2022 10:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1994
etag: W/"635e56ec-7c41"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSnf7pWfOMne7WjvO%2F7pII7GBMuq%2BvZK2by8O0kTRCJ%2Bh53RbOINqukpBV%2BJ%2BHTTdzZaz4nBOZ0EICTlvWKIk0UQ4qZZzpZIHTMvjxxFH0t5biBY66yQu1%2B3F33rh%2BtctR2olrI3nQLYQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 797db6af2f535c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-1.4.2.min.js.download Show response
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 70 KB
71 KB 54ms
52ms Script
application/octet-stream 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/jquery-1.4.2.min.js.download
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711ab01b82effbaf81ca9f559bfdab3b4bb426bfaadad3b093fa64bacd73e908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 30 Oct 2022 10:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "635e56ec-119eb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EiAKWWwSLi3WiRzidvKRzGN9TDNUqOKDfqx%2Fza8%2F5Y1X12bX5chY%2BuQDSBiqCzBRKoxjTDLXFQfHPbh8P101oNOTUiNrkXkC%2FrhYCSbp9KoPcd9AQLnhxFNO5A5JQvZ6uNT06n5NQ%2FHlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 797db6af2f545c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72171

GET
H3 200 ui.core.min.js.download Show response
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 8 KB
8 KB 48ms
46ms Script
application/octet-stream 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ui.core.min.js.download
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e50ddb10b6ed5a5edba53318b2366c3f4e092e1082573d999960d371aae105c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 30 Oct 2022 10:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "635e56ec-1fb0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHTE8yMcZ4r0CHEVrtmpMdpV4z2vl4VajgxUabN23nswFg%2FP%2F5%2FNm0LrqBBUpklYLkLL5SZoEtopHtoC18rGYEak425ikp%2BQcZWRaTVcuwXxnfd1ExU6OQopj7OdGNyun3S7SaKxyVEoZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 797db6af2f555c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8112

GET
H3 200 ccti.js.download Show response
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 14 KB
15 KB 55ms
53ms Script
application/octet-stream 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ccti.js.download
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66fdd7becc92b6ab637f9a6b046cca60b96fe3a21449539616583b7a07518b20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 30 Oct 2022 10:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "635e56ec-38d8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHNNMCv%2BMEOt2U4Bkszc9gnog5L4m8F%2FXw%2BZP0qsvUqld6GnrhdP04uxlxehCE%2Fxb5yZObnInV77zLqSwHT88C%2FM6g0w8UbkXOgWdjzEq9WNI0gWf17mUuj%2BzE3i07FXxbu5YlXTKVeQ3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 797db6af2f565c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14552

GET
H3 200 base.css
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 6 KB
2 KB 18ms
16ms Stylesheet
text/css 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/base.css
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 401c2fcfcf9fb260a7c6f94da2b665847a4c6951d6b22f5f85977cff1d7111e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 30 Oct 2022 10:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1994
etag: W/"635e56ec-1883"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlnf41tXWGq5mCyN%2Bkbk2y%2BgnvpfcDKv6nVBZ8uOM3RJYro8cT26ZfNixKeNPX49guhN16n4qqxbZn0%2BAuXl%2FO0PC9SDtOeczPJLeHhIaKIu3OQ4G3o%2BGo874HcMWEptdoJR3i%2ByG0CqIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 797db6af2f575c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.rc4.js.download Show response
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 5 KB
6 KB 48ms
47ms Script
application/octet-stream 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/jquery.rc4.js.download
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 328d300e2048d2554bee8bd5a6e157eef91c5b24bc518fd67546c1cbd6e0efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 30 Oct 2022 10:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "635e56ec-142a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3CbzvgjbLqou8N%2B71bxK4qzPf8fsnpAh%2B%2FwQywBYgXcj6gqcZPXbQHkLgylS%2Fj3fLBy1cw0qGnRgFDGHpi7jlxZoUG5u9k0z%2B20e%2BmQWRYEqGxbHOr473mloiQoqN9apDijfO9MNJlRSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 797db6af2f595c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5162

GET
H3 200 images
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 100 KB
101 KB 29ms
29ms Image
application/octet-stream 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/images
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f26cb317c012c7d1e57508b64096e98f522748cbf5c820c2909044f1f14544b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 30 Oct 2022 10:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "635e56ec-19195"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5ZTfGSrzHk6yw0GQg1lVSR3XFg%2BGaBlucju9St7pAN5kEWvAnH3Nf8PGgYZL5qi4Kkr%2BHZ53gh%2B58JnlxOYfAov9rdIptKkE03SEvJ3aJAtziw4lxcthyYop7Dvw9f%2Bla8qihrixJFgDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 797db6af9fb45c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 102805

GET
H3 200 email-decode.min.js Show response
orodonti.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orodonti.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/login.php?josso_back_to=https://online.bdo.com.ph/sso/josso_security_check
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Feb 2023 12:46:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63e4eb3a-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2F04rHbPk4tCboaDSfvQcLZ5eV8v6ZwEA%2BSyhs4Tg2%2BZvZBj6OcW1iF2IrUrZD9B8XOr2wBc8o8XhBFZIpoG6y2bApBzSnJxYlQSXowO4%2FVgIoWYhG7ftTilm5s37%2B%2BYXbLD%2Bih2wi2y4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 797db6af8fb25c1a-FRA
expires: Mon, 13 Feb 2023 14:18:24 GMT

GET
H3 404 profile-white.png
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 23 KB
23 KB 306ms
306ms Image
text/html 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/profile-white.png
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc4e3166e1f43d82204252fb46e2b8b408c0e3a495faab622bc57b46b57452bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdOJ0XapHwyzgGVaQSuPQHAnWzx5dw1ftxTOMNYpvNx8DOlvUMZjM4g4s28vDofoiiYgRdn0eQAy%2B2inZoQpyudoGpFjVi93tu07CpJI%2BH3x3rGqzogJcGkbC0ZffDBdGlzyEEt0E0LtZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400, must-revalidate
cf-ray: 797db6afafce5c1a-FRA
link: <https://orodonti.co/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 bdo-logo.jpg
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 35 KB
36 KB 16ms
15ms Image
image/jpeg 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/bdo-logo.jpg
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5225eebca373ae103c2e83513cb277b4eecd319df532a4bb41868a20341e71fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
cf-cache-status: HIT
last-modified: Sun, 30 Oct 2022 10:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1993
etag: "635e56ec-8d90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrKEp2Stu2lVQBlcwuLnMZYM1xGJ1RAHeiwf8NsspYjJGXWMbVQJ4wCX%2B5BGS471yW00rqMZj0Degu%2BhYDlWz3J2Q7ilq5oDHAz3DiWD4oet0FFAw2l8NvrU8NYeha9xmiZigeKsrUPPXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 797db6afafd05c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36240

GET
H3 404 arrow-white.png
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 23 KB
23 KB 575ms
574ms Image
text/html 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/arrow-white.png
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 687f6b5b945f11e1cf7c2d889231c3cd7bc7e1f59ab7d6f462c4ec643955f8fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:25 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTmDIQcU9QuCTcwQbf9AlFRkSTaKXOtQZttFp2dysbYaJ%2B74QWuMNmrCkHPo71KaI2oZrViiv51lMBr5zn2d5RS1LfMtiSLea%2BZ0%2BNzmK88oJgl1rWB5jLKnO%2BM3ehuxZULao8GHaMhlRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400, must-revalidate
cf-ray: 797db6afafd25c1a-FRA
link: <https://orodonti.co/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 Roboto-Regular.ttf
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 0
0 588ms
587ms Font
text/html 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/Roboto-Regular.ttf
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
Origin: https://orodonti.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:25 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jY6BFwWyWKr4jK0sxWPsjWiNumJRUQkVI8VWG6oIAV%2FEtcBsilCjUYhm42nLcxfodDUVlYRE9SFaJjukYDVnGC9KxDmQgdtn5eqTyhUJ%2Ba0CkjquVmNT1boezJv%2BvCdGh%2F%2FXFAcn24OxTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400, must-revalidate
cf-ray: 797db6afafd35c1a-FRA
link: <https://orodonti.co/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 Roboto-Bold.ttf
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 0
0 324ms
324ms Font
text/html 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/Roboto-Bold.ttf
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
Origin: https://orodonti.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQFAs0wXME%2BI36U8cbAbQtRl9z%2Fw2c1H11TPjj9JjTX8BUrx9%2BP3sjZrJGrZdMXwrkRBWbj5rHXMqspTlmSgja5VK85Bs0KP0kQHAsxXvNeFiUvJ1l9cPqxy4v2iynK7HzUjCpixbbgvaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400, must-revalidate
cf-ray: 797db6afafd45c1a-FRA
link: <https://orodonti.co/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 arrow_right.png
orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/ 23 KB
23 KB 846ms
841ms Image
text/html 2606:4700:3030::ac43:d1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/arrow_right.png
Requested by: Host: orodonti.co
URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4cd1ec39397a71a6bdc9fec7bbceea9bda50051841760ec4d4b63af171aba53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/loginid.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 14:18:25 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDacLV9xWwGKSuFILoijnuH1ivzp4BJCaCPRZPZyjIKBVsYyG%2BaZAPH1PyVcozBpyBvugImK%2BnH8OURziWeBKEFsWABd%2FPDYmGvMY5CIVDjH7ffppQPpuCkRe%2FRc%2FA%2FqUeRqW8tDlNgLKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400, must-revalidate
cf-ray: 797db6afcfef5c1a-FRA
link: <https://orodonti.co/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BDO Bank (Banking)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/profile-white.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/Roboto-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/arrow-white.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/Roboto-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://orodonti.co/wp-content/uploads/online/sso/Banco%20De%20Oro_files/arrow_right.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

das.elroiss.com
orodonti.co
2606:4700:3030::ac43:d1f0
2606:4700:3033::6815:42e9
0f9d13abeeae93cee07cfa497dafbb8d943d338b743e08b3ec51844ae5d4e329
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
328d300e2048d2554bee8bd5a6e157eef91c5b24bc518fd67546c1cbd6e0efe4
3e50ddb10b6ed5a5edba53318b2366c3f4e092e1082573d999960d371aae105c
401c2fcfcf9fb260a7c6f94da2b665847a4c6951d6b22f5f85977cff1d7111e9
4f893852736e22480091f46f560f8f2d84d970c7b135f70e4ef064d79b08e76f
5225eebca373ae103c2e83513cb277b4eecd319df532a4bb41868a20341e71fe
66fdd7becc92b6ab637f9a6b046cca60b96fe3a21449539616583b7a07518b20
687f6b5b945f11e1cf7c2d889231c3cd7bc7e1f59ab7d6f462c4ec643955f8fa
711ab01b82effbaf81ca9f559bfdab3b4bb426bfaadad3b093fa64bacd73e908
c38bc354a340cc77a0aed07e867dfbc22c3ce1e8558d3924de7387b6424f458b
dc4e3166e1f43d82204252fb46e2b8b408c0e3a495faab622bc57b46b57452bc
e17ae9c26c4f360fcaef638b4adae6303305b1d7293c1b074d0258c4e3c9db9a
e4cd1ec39397a71a6bdc9fec7bbceea9bda50051841760ec4d4b63af171aba53
f26cb317c012c7d1e57508b64096e98f522748cbf5c820c2909044f1f14544b0

orodonti.co Open in urlscan Pro 2606:4700:3030::ac43:d1f0 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

94 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

337 kBTransfer

431 kBSize

0 Cookies

36 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

39 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

orodonti.co Open in urlscan Pro
2606:4700:3030::ac43:d1f0 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

337 kB
Transfer

431 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!