cervezaelhechicero.cl Open in urlscan Pro
45.239.108.252 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cutt.ly/cjGJ0tF
Effective URL:
https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html
Submission: On January 23 via manual (January 23rd 2021, 1:16:10 pm UTC) from RO

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 45.239.108.252, located in Chile and belongs to ECOHOSTING INTERNET LIMITADA, CL. The main domain is cervezaelhechicero.cl.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 27th 2020. Valid for: 3 months.

This is the only time cervezaelhechicero.cl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:1e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	45.239.108.252 45.239.108.252	266855 (ECOHOSTIN...) (ECOHOSTING INTERNET LIMITADA)
9	1

1 2606:4700:10::6816:1e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 45.239.108.252 (Chile)

ASN266855 (ECOHOSTING INTERNET LIMITADA, CL)
PTR: whale.ecohosting.cl

cervezaelhechicero.cl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cervezaelhechicero.cl cervezaelhechicero.cl	124 KB
1	cutt.ly 1 redirects cutt.ly	575 B
9	2

	Domain	Requested by
9	cervezaelhechicero.cl	cervezaelhechicero.cl
1	cutt.ly	1 redirects
9	2

This site contains links to these domains. Also see Links.

Domain
mentahost.com

Subject Issuer	Validity	Valid
cervezaelhechicero.cl cPanel, Inc. Certification Authority	`2020-12-27` - `2021-03-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html
Frame ID: 223E4681B568CF73EA70F941DE1732E9
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cutt.ly/cjGJ0tF HTTP 301
https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html Page URL

Detected technologies

Jekyll (Static Site Generator) Expand

Overall confidence: 100%
Detected patterns

meta generator /Jekyll (v[\d.]+)?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

124 kB
Transfer

324 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://mentahost.com/PRODUCTION/es/
Title: Tu envío esté en camino

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cutt.ly/cjGJ0tF HTTP 301
https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request DHLGlobalES.html Show response cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/ Redirect Chain https://cutt.ly/cjGJ0tF https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html	7 KB 2 KB	1013ms 263ms	Document text/html	45.239.108.252 ECOHOSTING INTERN...
General Check archive.org Show headers Download Go to Full URL https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.239.108.252 , Chile, ASN266855 (ECOHOSTING INTERNET LIMITADA, CL), Reverse DNS whale.ecohosting.cl Software LiteSpeed / Resource Hash `2ab8fc6018ea9a69a12d63c0fcd38fad4b49fe2d3083afcb5b489189aa7e49ab` Request headers :method GET :authority cervezaelhechicero.cl :scheme https :path /dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers last-modified Thu, 21 Jan 2021 17:11:03 GMT content-type text/html content-length 2147 accept-ranges bytes content-encoding br vary Accept-Encoding date Sat, 23 Jan 2021 13:15:50 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="35,39,43,44" Redirect headers date Sat, 23 Jan 2021 13:15:49 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=de11ce073b0825c018be8f327e073bc5b1611407749; expires=Mon, 22-Feb-21 13:15:49 GMT; path=/; domain=.cutt.ly; HttpOnly; SameSite=Lax PHPSESSID=tvrd4ahh27shl2g4b7d1njqtbt; path=/; secure expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-cache, no-store, must-revalidate pragma no-cache location https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html vary Accept-Encoding x-xss-protection 1; mode=block x-frame-options SAMEORIGIN x-content-type-options nosniff cf-cache-status DYNAMIC cf-request-id 07d0fc09c000001456b8937000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6161c922ce171456-FRA
GET H2	200	bootstrap.css cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/css/	157 KB 21 KB	264ms 263ms	Stylesheet text/css	45.239.108.252 ECOHOSTING INTERN...
General Check archive.org Show headers Download Go to Full URL https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/css/bootstrap.css Requested by Host: cervezaelhechicero.cl URL: https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.239.108.252 , Chile, ASN266855 (ECOHOSTING INTERNET LIMITADA, CL), Reverse DNS whale.ecohosting.cl Software LiteSpeed / Resource Hash `5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a` Request headers Origin https://cervezaelhechicero.cl Referer https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 23 Jan 2021 13:15:50 GMT content-encoding br last-modified Fri, 08 Jan 2021 04:55:22 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 21303 expires Sat, 30 Jan 2021 13:15:50 GMT
GET H2	200	css.css cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/css/	3 KB 476 B	533ms 533ms	Stylesheet text/css	45.239.108.252 ECOHOSTING INTERN...
General Check archive.org Show headers Download Go to Full URL https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/css/css.css Requested by Host: cervezaelhechicero.cl URL: https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.239.108.252 , Chile, ASN266855 (ECOHOSTING INTERNET LIMITADA, CL), Reverse DNS whale.ecohosting.cl Software LiteSpeed / Resource Hash `d30cea868347c321aeab5139a54ec5391a5e9fa0886ef088cc99b84a45a63b20` Request headers Referer https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 23 Jan 2021 13:15:50 GMT content-encoding br last-modified Fri, 08 Jan 2021 04:54:30 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 411 expires Sat, 30 Jan 2021 13:15:50 GMT
GET H2	200	blog.css cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/css/	2 KB 659 B	534ms 533ms	Stylesheet text/css	45.239.108.252 ECOHOSTING INTERN...
General Check archive.org Show headers Download Go to Full URL https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/css/blog.css Requested by Host: cervezaelhechicero.cl URL: https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.239.108.252 , Chile, ASN266855 (ECOHOSTING INTERNET LIMITADA, CL), Reverse DNS whale.ecohosting.cl Software LiteSpeed / Resource Hash `a2f44208c6b3a38d233252a4c79f3adbce6436746ca4d1e4cd6f8bed027753c2` Request headers Referer https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 23 Jan 2021 13:15:50 GMT content-encoding br last-modified Fri, 08 Jan 2021 04:54:38 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 593 expires Sat, 30 Jan 2021 13:15:50 GMT
GET H2	200	dhl_logo.gif cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/img/	443 B 515 B	752ms 751ms	Image image/gif	45.239.108.252 ECOHOSTING INTERN...
General Check archive.org Show headers Download Go to Show image Full URL https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/img/dhl_logo.gif Requested by Host: cervezaelhechicero.cl URL: https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.239.108.252 , Chile, ASN266855 (ECOHOSTING INTERNET LIMITADA, CL), Reverse DNS whale.ecohosting.cl Software LiteSpeed / Resource Hash `2f680b51b19fc3c5befd02bd9d0d4e88c2722a5210157e4ef68933c5ba352109` Request headers Referer https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 23 Jan 2021 13:15:50 GMT last-modified Fri, 08 Jan 2021 04:51:56 GMT server LiteSpeed content-type image/gif cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 443 expires Sat, 30 Jan 2021 13:15:50 GMT
GET H2	200	illustration-parcel-dhl.png cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/img/	52 KB 52 KB	752ms 751ms	Image image/png	45.239.108.252 ECOHOSTING INTERN...
General Check archive.org Show headers Download Go to Show image Full URL https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/img/illustration-parcel-dhl.png Requested by Host: cervezaelhechicero.cl URL: https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.239.108.252 , Chile, ASN266855 (ECOHOSTING INTERNET LIMITADA, CL), Reverse DNS whale.ecohosting.cl Software LiteSpeed / Resource Hash `2093d835a2088e7979b736312d9b55e793220d27dac76ff6fc18d1a24125aae7` Request headers Referer https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 23 Jan 2021 13:15:50 GMT last-modified Fri, 08 Jan 2021 04:52:44 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 53616 expires Sat, 30 Jan 2021 13:15:50 GMT
GET H2	200	loading.gif cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/img/	17 KB 17 KB	991ms 991ms	Image image/gif	45.239.108.252 ECOHOSTING INTERN...
General Check archive.org Show headers Download Go to Show image Full URL https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/img/loading.gif Requested by Host: cervezaelhechicero.cl URL: https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.239.108.252 , Chile, ASN266855 (ECOHOSTING INTERNET LIMITADA, CL), Reverse DNS whale.ecohosting.cl Software LiteSpeed / Resource Hash `ce6a239fde88d8fb01c7a10d6f7b27d1bc23f5462d02f5ebb4927479fa32a302` Request headers Referer https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 23 Jan 2021 13:15:51 GMT last-modified Fri, 08 Jan 2021 04:49:52 GMT server LiteSpeed content-type image/gif cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 17585 expires Sat, 30 Jan 2021 13:15:50 GMT
GET H2	200	jquery-3.3.1.min.js Show response cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/js/	85 KB 29 KB	533ms 532ms	Script application/javascript	45.239.108.252 ECOHOSTING INTERN...
General Check archive.org Show headers Download Go to Full URL https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/js/jquery-3.3.1.min.js Requested by Host: cervezaelhechicero.cl URL: https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.239.108.252 , Chile, ASN266855 (ECOHOSTING INTERNET LIMITADA, CL), Reverse DNS whale.ecohosting.cl Software LiteSpeed / Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers Origin https://cervezaelhechicero.cl Referer https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 23 Jan 2021 13:15:50 GMT content-encoding br last-modified Fri, 08 Jan 2021 04:50:06 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 29708 expires Sat, 30 Jan 2021 13:15:50 GMT
GET H2	200	jquery.preloadinator.min.js Show response cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/js/	1 KB 422 B	751ms 751ms	Script application/javascript	45.239.108.252 ECOHOSTING INTERN...
General Check archive.org Show headers Download Go to Full URL https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/js/jquery.preloadinator.min.js Requested by Host: cervezaelhechicero.cl URL: https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.239.108.252 , Chile, ASN266855 (ECOHOSTING INTERNET LIMITADA, CL), Reverse DNS whale.ecohosting.cl Software LiteSpeed / Resource Hash `6dab4fcc95fb9e408fa8901ab6024e30da6ce2eefff0bcfdb5b1fc71cb330d50` Request headers Referer https://cervezaelhechicero.cl/dhl.es-tracking-apptrack/DHLSpain/DHLGlobalES.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 23 Jan 2021 13:15:50 GMT content-encoding br last-modified Fri, 08 Jan 2021 04:50:22 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 356 expires Sat, 30 Jan 2021 13:15:50 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cervezaelhechicero.cl
cutt.ly
2606:4700:10::6816:1e8
45.239.108.252
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2093d835a2088e7979b736312d9b55e793220d27dac76ff6fc18d1a24125aae7
2ab8fc6018ea9a69a12d63c0fcd38fad4b49fe2d3083afcb5b489189aa7e49ab
2f680b51b19fc3c5befd02bd9d0d4e88c2722a5210157e4ef68933c5ba352109
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
6dab4fcc95fb9e408fa8901ab6024e30da6ce2eefff0bcfdb5b1fc71cb330d50
a2f44208c6b3a38d233252a4c79f3adbce6436746ca4d1e4cd6f8bed027753c2
ce6a239fde88d8fb01c7a10d6f7b27d1bc23f5462d02f5ebb4927479fa32a302
d30cea868347c321aeab5139a54ec5391a5e9fa0886ef088cc99b84a45a63b20

cervezaelhechicero.cl Open in urlscan Pro 45.239.108.252 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

124 kBTransfer

324 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

Indicators

cervezaelhechicero.cl Open in urlscan Pro
45.239.108.252 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

124 kB
Transfer

324 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!