urlscan.io logo urlscan.io
SecurityTrails logo

orlandocomcarlao.com.br Open in urlscan Pro
172.67.218.134  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://orlandocomcarlao.com.br/bpse/bbva/
Submission Tags: @phish_report
Submission: On August 15 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 172.67.218.134, located in United States and belongs to CLOUDFLARENET, US. The main domain is orlandocomcarlao.com.br.
TLS certificate: Issued by WE1 on June 28th 2024. Valid for: 3 months.
This is the only time orlandocomcarlao.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 8 172.67.218.134 13335 (CLOUDFLAR...)
6 23.37.43.213 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.117.59.81 396982 (GOOGLE-CL...)
20 5
Apex Domain
Subdomains		 Transfer
8 orlandocomcarlao.com.br
orlandocomcarlao.com.br
19 KB
6 bbvanet.com.co
nuevaversion.bbvanet.com.co — Cisco Umbrella Rank: 886169
36 KB
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 5710
419 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
31 KB
20 4
Domain Requested by
8 orlandocomcarlao.com.br 1 redirects orlandocomcarlao.com.br
6 nuevaversion.bbvanet.com.co orlandocomcarlao.com.br
nuevaversion.bbvanet.com.co
1 ipinfo.io orlandocomcarlao.com.br
1 ajax.googleapis.com orlandocomcarlao.com.br
20 4

This site contains no links.

Subject Issuer Validity Valid
orlandocomcarlao.com.br
WE1		 2024-06-28 -
2024-09-26		 3 months crt.sh
bbva.com.co
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-13 -
2025-05-13		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
ipinfo.io
R10		 2024-07-03 -
2024-10-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://orlandocomcarlao.com.br/bpse/bbva/
Frame ID: 458E5A31F1D64EB67D4F35BBB146EDFB
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BBV

Page URL History Show full URLs

  1. https://orlandocomcarlao.com.br/bpse/bbva/ Page URL
  2. https://orlandocomcarlao.com.br/cdn-cgi/phish-bypass?atok=66jg9UXoGrCiSSWqKy4FNjkZ6SSSq1kqf.V3X_Dq8xQ-172373... HTTP 301
    https://orlandocomcarlao.com.br/bpse/bbva/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

75 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

86 kB
Transfer

362 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://orlandocomcarlao.com.br/bpse/bbva/ Page URL
  2. https://orlandocomcarlao.com.br/cdn-cgi/phish-bypass?atok=66jg9UXoGrCiSSWqKy4FNjkZ6SSSq1kqf.V3X_Dq8xQ-1723732524-0.0.1.1-%2Fbpse%2Fbbva%2F HTTP 301
    https://orlandocomcarlao.com.br/bpse/bbva/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
orlandocomcarlao.com.br/bpse/bbva/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://orlandocomcarlao.com.br/bpse/bbva/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba46c588fecce8df2eb87eea70c0a73c3fb255bc58f1bb19f28229a8933ae83e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

cf-ray
8b39e9336b48c008-WAW
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Aug 2024 14:35:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCxwvw03w9rE9g4C8e8hcfU4FxZuzuiKMXfVtKzl4ea89LH8AzU%2FMkmsPxLWWJ21gxpIcquEYesvfDo%2BXMoZojgKH%2FZuv%2B9TFNwYHSkWfF%2Bpl7RnzGEe6xPaq%2BgigyMxTwohecBE2Y49tg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
orlandocomcarlao.com.br/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orlandocomcarlao.com.br/cdn-cgi/styles/cf.errors.css
Requested by
Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bbva/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://orlandocomcarlao.com.br/bpse/bbva/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 15 Aug 2024 14:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Aug 2024 15:29:31 GMT
server
cloudflare
etag
W/"66b635db-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
8b39e933ebd9c008-WAW
expires
Thu, 15 Aug 2024 16:35:24 GMT
icon-exclamation.png
orlandocomcarlao.com.br/cdn-cgi/images/ 		452 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orlandocomcarlao.com.br/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://orlandocomcarlao.com.br/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 15 Aug 2024 14:35:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Aug 2024 15:29:31 GMT
server
cloudflare
etag
"66b635db-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
8b39e9345c69c008-WAW
content-length
452
expires
Thu, 15 Aug 2024 16:35:24 GMT
favicon.ico
orlandocomcarlao.com.br/ 		22 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://orlandocomcarlao.com.br/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31577c3941483a10e2819bff604c7133886f7a98feb65a3381125a14a0e0231

Request headers

Referer
https://orlandocomcarlao.com.br/bpse/bbva/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 15 Aug 2024 14:35:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Aug 2024 14:35:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4SdUFWHc9Huo614xNd19jIdzwG2lBPjvnHMQ7E5axyrTOrMAWjIFhed99H3QZI6nhQIfph5LWlAUnj4NJk1G8jznfhhBsw1wnN%2BtNOi0yrYc7%2BGMnkH4XJ1WHiAdeDYAY0Ix20xmRZvISA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
8b39e934cce8c008-WAW
alt-svc
h3=":443"; ma=86400
Primary Request /
orlandocomcarlao.com.br/bpse/bbva/
Redirect Chain
  • https://orlandocomcarlao.com.br/cdn-cgi/phish-bypass?atok=66jg9UXoGrCiSSWqKy4FNjkZ6SSSq1kqf.V3X_Dq8xQ-1723732524-0.0.1.1-%2Fbpse%2Fbbva%2F
  • https://orlandocomcarlao.com.br/bpse/bbva/
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://orlandocomcarlao.com.br/bpse/bbva/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40deab952b872c3f042f32fef6bb2e086fc2dc7f6723d6498e4d78811c928d8

Request headers

Referer
https://orlandocomcarlao.com.br/bpse/bbva/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b39e94ae82dc008-WAW
content-encoding
br
content-type
text/html
date
Thu, 15 Aug 2024 14:35:28 GMT
last-modified
Tue, 11 Jun 2024 20:36:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rtaGAkNyTO3oMvdDroC37ti8jxoh9TYFXYI9CYZuRnRIBtbfTvofzbOEy4Gm5VTSUN44PC%2BHcOGZipGE3g22zj7Hj3cK%2FNIUUmiB8LsQ%2BI3PN9akRCMrUXMy25bYrwJ8AfJhbF%2FUKXs8xA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
private, no-cache
cf-ray
8b39e94a7fcac008-WAW
content-length
167
content-type
text/html
date
Thu, 15 Aug 2024 14:35:27 GMT
location
https://orlandocomcarlao.com.br/bpse/bbva/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
global.min.css
nuevaversion.bbvanet.com.co/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nuevaversion.bbvanet.com.co/css/global.min.css
Requested by
Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bbva/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37424454e0879382a35d1e44281d0ce8d333af9e1d80ef6f7974159a4ba9c6d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://nuevaversion.bbvanet.com.co
X-Xss-Protection 1; mode=block

Request headers

Referer
https://orlandocomcarlao.com.br/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-edgeconnect-origin-mex-latency
80
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Aug 2024 14:35:29 GMT
last-modified
Thu, 04 Jun 2020 21:12:32 GMT
x-permitted-cross-domain-policies
master-only
x-edgeconnect-midmile-rtt
117
x-frame-options
ALLOW-FROM https://nuevaversion.bbvanet.com.co
vary
Accept-Encoding
content-type
text/css
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
3271
x-xss-protection
1; mode=block
coronita.css
nuevaversion.bbvanet.com.co/css/ 		146 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nuevaversion.bbvanet.com.co/css/coronita.css
Requested by
Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bbva/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c4ec72540de214cc06875d1ae24635ccd2be8b5c3090d923f871329ce69c9cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://nuevaversion.bbvanet.com.co
X-Xss-Protection 1; mode=block

Request headers

Referer
https://orlandocomcarlao.com.br/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-edgeconnect-origin-mex-latency
75
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Aug 2024 14:35:29 GMT
last-modified
Tue, 09 Jul 2024 14:31:44 GMT
x-permitted-cross-domain-policies
master-only
x-edgeconnect-midmile-rtt
118
x-frame-options
ALLOW-FROM https://nuevaversion.bbvanet.com.co
vary
Accept-Encoding
content-type
text/css
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
19861
x-xss-protection
1; mode=block
rocket-loader.min.js
orlandocomcarlao.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orlandocomcarlao.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bbva/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://orlandocomcarlao.com.br/bpse/bbva/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 15 Aug 2024 14:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Aug 2024 15:30:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66b635fa-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iuiBorRPX6b6leLCPKwGab1ULyE34ePkFcMNkvykLUVqWpzfkzblS85B0cXPHlX9Ccrh9ZrmJ9eBr0btTbArBSvUElJO4AZVpDjUfwJz1jP9oNOVjfLPoHv4WM%2BusdERklRZ%2BrszqgVsCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8b39e94d2a91c008-WAW
expires
Sat, 17 Aug 2024 14:35:28 GMT
wurfl.js
nuevaversion.bbvanet.com.co/choose/js/ 		527 B
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nuevaversion.bbvanet.com.co/choose/js/wurfl.js
Requested by
Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2b6e88498ee3d836b3fd8ff62523433cf8eb4fbb1facd52d337ce8e15fccb891
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://nuevaversion.bbvanet.com.co
X-Xss-Protection 1; mode=block

Request headers

Referer
https://orlandocomcarlao.com.br/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-edgeconnect-origin-mex-latency
74
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Aug 2024 14:35:29 GMT
last-modified
Thu, 24 Sep 2020 22:33:57 GMT
x-permitted-cross-domain-policies
master-only
x-edgeconnect-midmile-rtt
119
x-frame-options
ALLOW-FROM https://nuevaversion.bbvanet.com.co
vary
Accept-Encoding
content-type
application/x-javascript
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
397
x-xss-protection
1; mode=block
dataLayer.js
nuevaversion.bbvanet.com.co/choose/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuevaversion.bbvanet.com.co/choose/js/dataLayer.js
Requested by
Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9618269b7e286d2084a996e18c0ffd8ea989d1e95fc51bf55bdaae36d8d7919
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://nuevaversion.bbvanet.com.co
X-Xss-Protection 1; mode=block

Request headers

Referer
https://orlandocomcarlao.com.br/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-edgeconnect-origin-mex-latency
73
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Aug 2024 14:35:29 GMT
last-modified
Thu, 24 Sep 2020 22:33:57 GMT
x-permitted-cross-domain-policies
master-only
x-edgeconnect-midmile-rtt
120
x-frame-options
ALLOW-FROM https://nuevaversion.bbvanet.com.co
vary
Accept-Encoding
content-type
application/x-javascript
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
3523
x-xss-protection
1; mode=block
iframe-resizer-contentwindow.min.js
nuevaversion.bbvanet.com.co/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuevaversion.bbvanet.com.co/js/iframe-resizer-contentwindow.min.js
Requested by
Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d9412a719fb4d7e8691d5d2783dbaedb3fc1add22474175f17ddb0b29663b93c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://nuevaversion.bbvanet.com.co
X-Xss-Protection 1; mode=block

Request headers

Referer
https://orlandocomcarlao.com.br/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-edgeconnect-origin-mex-latency
75
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Aug 2024 14:35:29 GMT
last-modified
Thu, 24 Sep 2020 22:33:57 GMT
x-permitted-cross-domain-policies
master-only
x-edgeconnect-midmile-rtt
123
x-frame-options
ALLOW-FROM https://nuevaversion.bbvanet.com.co
vary
Accept-Encoding
content-type
application/x-javascript
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
5824
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://orlandocomcarlao.com.br/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 12 Aug 2024 14:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Aug 2025 14:36:52 GMT
arrow-select-b.png
nuevaversion.bbvanet.com.co/choose/img/ 		425 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nuevaversion.bbvanet.com.co/choose/img/arrow-select-b.png
Requested by
Host: nuevaversion.bbvanet.com.co
URL: https://nuevaversion.bbvanet.com.co/css/global.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2252078762616251f5af9d6473de26515dd6e8807552270c1cef50e92e0cde00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://nuevaversion.bbvanet.com.co
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nuevaversion.bbvanet.com.co/css/global.min.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-edgeconnect-origin-mex-latency
96
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Aug 2024 14:35:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Sep 2020 22:33:57 GMT
x-permitted-cross-domain-policies
master-only
x-edgeconnect-midmile-rtt
117
x-frame-options
ALLOW-FROM https://nuevaversion.bbvanet.com.co
content-type
image/png
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
425
x-xss-protection
1; mode=block
BentonSansBBVA-Book.woff
nuevaversion.bbvanet.com.co/fonts/coronita/benton/book/ 		0
0
BentonSansBBVA-Book.woff
nuevaversion.bbvanet.com.co/css/fonts/ 		0
0
BentonSansBBVA-Medium.woff
nuevaversion.bbvanet.com.co/css/fonts/ 		0
0
coronita-icons-v3.woff
nuevaversion.bbvanet.com.co/css/fonts/ 		0
0
BentonSansBBVA-Book.ttf
nuevaversion.bbvanet.com.co/fonts/coronita/benton/book/ 		0
0
favicon.ico
orlandocomcarlao.com.br/ 		22 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://orlandocomcarlao.com.br/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31577c3941483a10e2819bff604c7133886f7a98feb65a3381125a14a0e0231

Request headers

Referer
https://orlandocomcarlao.com.br/bpse/bbva/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 15 Aug 2024 14:35:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Aug 2024 14:35:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4SdUFWHc9Huo614xNd19jIdzwG2lBPjvnHMQ7E5axyrTOrMAWjIFhed99H3QZI6nhQIfph5LWlAUnj4NJk1G8jznfhhBsw1wnN%2BtNOi0yrYc7%2BGMnkH4XJ1WHiAdeDYAY0Ix20xmRZvISA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
8b39e934cce8c008-WAW
alt-svc
h3=":443"; ma=86400
json
ipinfo.io/ 		325 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/json
Requested by
Host: orlandocomcarlao.com.br
URL: https://orlandocomcarlao.com.br/bpse/bbva/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
28eae87fe755f13bf1ba68d43d765a1129983212c16dbd86a80bfd9f3409da2d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://orlandocomcarlao.com.br/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 15 Aug 2024 14:35:30 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 google
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
220

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nuevaversion.bbvanet.com.co
URL
https://nuevaversion.bbvanet.com.co/fonts/coronita/benton/book/BentonSansBBVA-Book.woff
Domain
nuevaversion.bbvanet.com.co
URL
https://nuevaversion.bbvanet.com.co/css/fonts/BentonSansBBVA-Book.woff
Domain
nuevaversion.bbvanet.com.co
URL
https://nuevaversion.bbvanet.com.co/css/fonts/BentonSansBBVA-Medium.woff?v=63e781ba
Domain
nuevaversion.bbvanet.com.co
URL
https://nuevaversion.bbvanet.com.co/css/fonts/coronita-icons-v3.woff
Domain
nuevaversion.bbvanet.com.co
URL
https://nuevaversion.bbvanet.com.co/fonts/coronita/benton/book/BentonSansBBVA-Book.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR function| $ function| jQuery function| _classCallCheck function| _defineProperties function| _createClass object| digitalData function| DataLayer object| WURFL function| carl boolean| __cfRLUnblockHandlers

6 Cookies

Domain/Path Name / Value
nuevaversion.bbvanet.com.co/choose/img Name: f5avraaaaaaaaaaaaaaaa_session_
Value: NHNALBLMBCECCDBLNDLIKNCOEKHAEMABJJLHNLIFOPMAIOMCMOMEJJNMAFDJPDGHBOGDMPDOGBOCGCODGAMANNFBOBJKNDFDLLMIGENEDJELHBJKAKJKEHGFNKOMOFBN
nuevaversion.bbvanet.com.co/choose/js Name: f5avraaaaaaaaaaaaaaaa_session_
Value: KCAHPBNCIDPLGELOLFBIKELBNMBDPFNIBPJOJOJJEJLDKANELJELAAILBFHIGEIAPNCDLHDDGBAHLKOODJAAPADNOBLKPPODJJGCHPLMIHPCHMAEIJBJKJELPMDGAMDL
nuevaversion.bbvanet.com.co/css Name: f5avraaaaaaaaaaaaaaaa_session_
Value: EHALNLFCIPJOALJBBJIDFJCNKBHCNNCJIJHCMLJKLFAGNDJELHHBGGHNNGIKFODAOPLDEEBMGBFFIHKLOMPAFCJPOBJHLEBPOLPKGIECOEILIBCFMBKDICBGIJAOHEFP
nuevaversion.bbvanet.com.co/js Name: f5avraaaaaaaaaaaaaaaa_session_
Value: BGNDCKLCOPJNJKPGAAFBEOMBFEGKDFINGAJDOABGBCIOCGGMFGMELIMPANIIEJPBCJODOKDMGBHELKGKKDMACLKIOBICDNKNJBAHBBNCEFAGLHMJCOAOGMNGJGPNPOMF
.orlandocomcarlao.com.br/ Name: __cf_mw_byp
Value: 66jg9UXoGrCiSSWqKy4FNjkZ6SSSq1kqf.V3X_Dq8xQ-1723732524-0.0.1.1-/bpse/bbva/
nuevaversion.bbvanet.com.co/ Name: BIGipServerP_BBVANET_COM_CO
Value: 2707693256.47873.0000

11 Console Messages

Source Level URL
Text
recommendation verbose URL: https://orlandocomcarlao.com.br/bpse/bbva/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript error URL: https://orlandocomcarlao.com.br/bpse/bbva/
Message:
Access to font at 'https://nuevaversion.bbvanet.com.co/css/fonts/BentonSansBBVA-Medium.woff?v=63e781ba' from origin 'https://orlandocomcarlao.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nuevaversion.bbvanet.com.co/css/fonts/BentonSansBBVA-Medium.woff?v=63e781ba
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://orlandocomcarlao.com.br/bpse/bbva/
Message:
Access to font at 'https://nuevaversion.bbvanet.com.co/css/fonts/coronita-icons-v3.woff' from origin 'https://orlandocomcarlao.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nuevaversion.bbvanet.com.co/css/fonts/coronita-icons-v3.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://orlandocomcarlao.com.br/bpse/bbva/
Message:
Access to font at 'https://nuevaversion.bbvanet.com.co/fonts/coronita/benton/book/BentonSansBBVA-Book.woff' from origin 'https://orlandocomcarlao.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nuevaversion.bbvanet.com.co/fonts/coronita/benton/book/BentonSansBBVA-Book.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://orlandocomcarlao.com.br/bpse/bbva/
Message:
Access to font at 'https://nuevaversion.bbvanet.com.co/css/fonts/BentonSansBBVA-Book.woff' from origin 'https://orlandocomcarlao.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nuevaversion.bbvanet.com.co/css/fonts/BentonSansBBVA-Book.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://orlandocomcarlao.com.br/bpse/bbva/
Message:
Access to font at 'https://nuevaversion.bbvanet.com.co/fonts/coronita/benton/book/BentonSansBBVA-Book.ttf' from origin 'https://orlandocomcarlao.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nuevaversion.bbvanet.com.co/fonts/coronita/benton/book/BentonSansBBVA-Book.ttf
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN