ordo.cl Open in urlscan Pro
190.107.177.239 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://856tielanpy9vqz.e-merciii.com/
Effective URL:
https://ordo.cl/dpdch/
Submission: On September 22 via api (September 22nd 2023, 1:40:46 pm UTC) from US — Scanned from CH

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 190.107.177.239, located in Chile and belongs to SOC. COMERCIAL WIRENET CHILE LTDA., CL. The main domain is ordo.cl.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 19th 2023. Valid for: 3 months.

This is the only time ordo.cl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DPD (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.27.200.239 103.27.200.239	58955 (BANGMODEN...) (BANGMODENTERPRISE-TH Bangmod Enterprise Co.)
1 12	190.107.177.239 190.107.177.239	265831 (SOC. COME...) (SOC. COMERCIAL WIRENET CHILE LTDA.)
11	1

1 103.27.200.239 (Thailand) 1 redirects

ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH)
PTR: mail.moindy.com

856tielanpy9vqz.e-merciii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 190.107.177.239 (Chile) 1 redirects

ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL)
PTR: srv9.cpanelhost.cl

ordo.cl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	ordo.cl 1 redirects ordo.cl	393 KB
1	e-merciii.com 1 redirects 856tielanpy9vqz.e-merciii.com	263 B
11	2

	Domain	Requested by
12	ordo.cl	1 redirects ordo.cl
1	856tielanpy9vqz.e-merciii.com	1 redirects
11	2

This site contains no links.

Subject Issuer	Validity	Valid
ordo.cl cPanel, Inc. Certification Authority	`2023-07-19` - `2023-10-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ordo.cl/dpdch/
Frame ID: AEA2D72B855EC2B51312518DB5B08BFA
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Follow My Parcel

Page URL History Show full URLs

http://856tielanpy9vqz.e-merciii.com/ HTTP 301
https://ordo.cl/dpdch HTTP 301
https://ordo.cl/dpdch/ Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

393 kB
Transfer

390 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://856tielanpy9vqz.e-merciii.com/ HTTP 301
https://ordo.cl/dpdch HTTP 301
https://ordo.cl/dpdch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ordo.cl/dpdch/ Redirect Chain http://856tielanpy9vqz.e-merciii.com/ https://ordo.cl/dpdch https://ordo.cl/dpdch/	16 KB 16 KB	241ms 240ms	Document text/html	190.107.177.239 SOC. COMERCIAL WI...
General Check archive.org Show headers Download Go to Full URL https://ordo.cl/dpdch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.107.177.239 , Chile, ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL), Reverse DNS srv9.cpanelhost.cl Software Apache / Resource Hash `2fcc77698d106c02b0f53232a0c2e2232535b3634d4dc49fd8d8aea3b71720cb` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-CH,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 16449 Content-Type text/html Date Fri, 22 Sep 2023 13:40:38 GMT Keep-Alive timeout=5, max=99 Last-Modified Fri, 22 Sep 2023 12:35:56 GMT Server Apache Redirect headers Connection Keep-Alive Content-Length 230 Content-Type text/html; charset=iso-8859-1 Date Fri, 22 Sep 2023 13:40:38 GMT Keep-Alive timeout=5, max=100 Location https://ordo.cl/dpdch/ Server Apache
GET H/1.1	200 OK	app.css ordo.cl/dpdch/files/	183 KB 183 KB	251ms 250ms	Stylesheet text/css	190.107.177.239 SOC. COMERCIAL WI...
General Check archive.org Show headers Download Go to Full URL https://ordo.cl/dpdch/files/app.css Requested by Host: ordo.cl URL: https://ordo.cl/dpdch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.107.177.239 , Chile, ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL), Reverse DNS srv9.cpanelhost.cl Software Apache / Resource Hash `d3a9d53bed47724a9a3a6134220f6079537ca8d78c0e5cb70d6adc69f863b90c` Request headers accept-language de-CH,de;q=0.9 Referer https://ordo.cl/dpdch/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Fri, 22 Sep 2023 13:40:39 GMT Last-Modified Fri, 25 Sep 2020 16:36:58 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 187321
GET H/1.1	200 OK	app2.css ordo.cl/dpdch/files/	29 KB 29 KB	729ms 239ms	Stylesheet text/css	190.107.177.239 SOC. COMERCIAL WI...
General Check archive.org Show headers Download Go to Full URL https://ordo.cl/dpdch/files/app2.css Requested by Host: ordo.cl URL: https://ordo.cl/dpdch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.107.177.239 , Chile, ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL), Reverse DNS srv9.cpanelhost.cl Software Apache / Resource Hash `e5f09705b4e1052ee58ce24a921810cd38a151051deb168cf58dc25cca746f36` Request headers accept-language de-CH,de;q=0.9 Referer https://ordo.cl/dpdch/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Fri, 22 Sep 2023 13:40:39 GMT Last-Modified Fri, 25 Sep 2020 16:36:58 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 29200
GET H/1.1	200 OK	dpd.png ordo.cl/dpdch/files/	21 KB 21 KB	1027ms 523ms	Image image/png	190.107.177.239 SOC. COMERCIAL WI...
General Check archive.org Show headers Download Go to Show image Full URL https://ordo.cl/dpdch/files/dpd.png Requested by Host: ordo.cl URL: https://ordo.cl/dpdch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.107.177.239 , Chile, ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL), Reverse DNS srv9.cpanelhost.cl Software Apache / Resource Hash `268b37ae55b70848676c6c100f52249325e99c6d511d95ebe841ad03bc685069` Request headers accept-language de-CH,de;q=0.9 Referer https://ordo.cl/dpdch/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Fri, 22 Sep 2023 13:40:39 GMT Last-Modified Fri, 25 Sep 2020 16:36:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 21097
GET H/1.1	200 OK	claim.png ordo.cl/dpdch/files/	17 KB 17 KB	1011ms 507ms	Image image/png	190.107.177.239 SOC. COMERCIAL WI...
General Check archive.org Show headers Download Go to Show image Full URL https://ordo.cl/dpdch/files/claim.png Requested by Host: ordo.cl URL: https://ordo.cl/dpdch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.107.177.239 , Chile, ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL), Reverse DNS srv9.cpanelhost.cl Software Apache / Resource Hash `863a24f0e0d23c794479143baad6d856fcbdfaec2701a67988fbd5b85b5b1218` Request headers accept-language de-CH,de;q=0.9 Referer https://ordo.cl/dpdch/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Fri, 22 Sep 2023 13:40:39 GMT Last-Modified Fri, 25 Sep 2020 16:36:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 17674
GET H/1.1	200 OK	warning_red.png ordo.cl/dpdch/files/	3 KB 3 KB	745ms 241ms	Image image/png	190.107.177.239 SOC. COMERCIAL WI...
General Check archive.org Show headers Download Go to Show image Full URL https://ordo.cl/dpdch/files/warning_red.png Requested by Host: ordo.cl URL: https://ordo.cl/dpdch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.107.177.239 , Chile, ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL), Reverse DNS srv9.cpanelhost.cl Software Apache / Resource Hash `7a89397dda9a9adbd6a118c432895e46317944ce976d794c895f3788d27b0286` Request headers accept-language de-CH,de;q=0.9 Referer https://ordo.cl/dpdch/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Fri, 22 Sep 2023 13:40:39 GMT Last-Modified Fri, 25 Sep 2020 16:36:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2703
GET H/1.1	200 OK	dpd_group_82x22.png ordo.cl/dpdch/files/	3 KB 3 KB	746ms 242ms	Image image/png	190.107.177.239 SOC. COMERCIAL WI...
General Check archive.org Show headers Download Go to Show image Full URL https://ordo.cl/dpdch/files/dpd_group_82x22.png Requested by Host: ordo.cl URL: https://ordo.cl/dpdch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.107.177.239 , Chile, ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL), Reverse DNS srv9.cpanelhost.cl Software Apache / Resource Hash `9e72e47498366f1af8dc4972041ce63172ed73fc49553c3e729c66191e6ff2ea` Request headers accept-language de-CH,de;q=0.9 Referer https://ordo.cl/dpdch/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Fri, 22 Sep 2023 13:40:39 GMT Last-Modified Fri, 25 Sep 2020 16:36:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2947
GET H/1.1	200 OK	plutosansdpdlight-web.woff ordo.cl/dpdch/files/	59 KB 60 KB	249ms 249ms	Font font/woff	190.107.177.239 SOC. COMERCIAL WI...
General Check archive.org Show headers Download Go to Full URL https://ordo.cl/dpdch/files/plutosansdpdlight-web.woff Requested by Host: ordo.cl URL: https://ordo.cl/dpdch/files/app.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.107.177.239 , Chile, ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL), Reverse DNS srv9.cpanelhost.cl Software Apache / Resource Hash `9e462606602d426b676f2b6f9c0b6629b02f91204214898f7d4a56749c4e00d0` Request headers Referer https://ordo.cl/dpdch/files/app.css Origin https://ordo.cl accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Fri, 22 Sep 2023 13:40:40 GMT Last-Modified Fri, 25 Sep 2020 16:36:58 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 60781
GET H/1.1	200 OK	ico-magnifying-glass-14x14.png ordo.cl/dpdch/files/	1 KB 1 KB	249ms 249ms	Image image/png	190.107.177.239 SOC. COMERCIAL WI...
General Check archive.org Show headers Download Go to Show image Full URL https://ordo.cl/dpdch/files/ico-magnifying-glass-14x14.png Requested by Host: ordo.cl URL: https://ordo.cl/dpdch/files/app.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.107.177.239 , Chile, ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL), Reverse DNS srv9.cpanelhost.cl Software Apache / Resource Hash `7d7224d9babceb8ed6e0b7c860678d49c0ea5b53df49153d8db99c18c1e4a986` Request headers accept-language de-CH,de;q=0.9 Referer https://ordo.cl/dpdch/files/app.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Fri, 22 Sep 2023 13:40:40 GMT Last-Modified Fri, 25 Sep 2020 16:36:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1136
GET H/1.1	404 Not Found	dpd-mobile.html ordo.cl/dpdch/_files/	315 B 315 B	248ms 248ms	Image text/html	190.107.177.239 SOC. COMERCIAL WI...
General Check archive.org Show headers Download Go to Show image Full URL https://ordo.cl/dpdch/_files/dpd-mobile.html Requested by Host: ordo.cl URL: https://ordo.cl/dpdch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.107.177.239 , Chile, ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL), Reverse DNS srv9.cpanelhost.cl Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language de-CH,de;q=0.9 Referer https://ordo.cl/dpdch/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Fri, 22 Sep 2023 13:40:40 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	plutosansdpdregular-web.woff ordo.cl/dpdch/files/	59 KB 59 KB	244ms 244ms	Font font/woff	190.107.177.239 SOC. COMERCIAL WI...
General Check archive.org Show headers Download Go to Full URL https://ordo.cl/dpdch/files/plutosansdpdregular-web.woff Requested by Host: ordo.cl URL: https://ordo.cl/dpdch/files/app.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.107.177.239 , Chile, ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL), Reverse DNS srv9.cpanelhost.cl Software Apache / Resource Hash `c99d0b5a290e48d4e4cbb86c29dd12436f465696702a81ded130a411f1e98cd3` Request headers Referer https://ordo.cl/dpdch/files/app.css Origin https://ordo.cl accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Fri, 22 Sep 2023 13:40:40 GMT Last-Modified Fri, 25 Sep 2020 16:36:58 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 60042

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DPD (Transportation)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ordo.cl/dpdch/_files/dpd-mobile.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

856tielanpy9vqz.e-merciii.com
ordo.cl
103.27.200.239
190.107.177.239
268b37ae55b70848676c6c100f52249325e99c6d511d95ebe841ad03bc685069
2fcc77698d106c02b0f53232a0c2e2232535b3634d4dc49fd8d8aea3b71720cb
7a89397dda9a9adbd6a118c432895e46317944ce976d794c895f3788d27b0286
7d7224d9babceb8ed6e0b7c860678d49c0ea5b53df49153d8db99c18c1e4a986
863a24f0e0d23c794479143baad6d856fcbdfaec2701a67988fbd5b85b5b1218
9e462606602d426b676f2b6f9c0b6629b02f91204214898f7d4a56749c4e00d0
9e72e47498366f1af8dc4972041ce63172ed73fc49553c3e729c66191e6ff2ea
c99d0b5a290e48d4e4cbb86c29dd12436f465696702a81ded130a411f1e98cd3
d3a9d53bed47724a9a3a6134220f6079537ca8d78c0e5cb70d6adc69f863b90c
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e5f09705b4e1052ee58ce24a921810cd38a151051deb168cf58dc25cca746f36

ordo.cl Open in urlscan Pro 190.107.177.239 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

393 kBTransfer

390 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

ordo.cl Open in urlscan Pro
190.107.177.239 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

393 kB
Transfer

390 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!