URL: http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
Submission: On May 09 via automatic, source openphish

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 190.107.178.38, located in Santiago, Chile and belongs to Gtd Internet S.A., CL. The main domain is cbltda.cl.
This is the only time cbltda.cl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

IP Address AS Autonomous System
5 190.107.178.38 14259 (Gtd Inter...)
1 52.84.116.169 16509 (AMAZON-02)
6 2
Apex Domain
Subdomains
Transfer
5 cbltda.cl
cbltda.cl
232 KB
1 ssl-images-amazon.com
images-na.ssl-images-amazon.com
21 KB
6 2
Domain Requested by
5 cbltda.cl cbltda.cl
1 images-na.ssl-images-amazon.com cbltda.cl
6 2

This site contains links to these domains. Also see Links.

Domain
www.amazon.com
Subject Issuer Validity Valid
Images-na.ssl-images-amazon.com
Symantec Class 3 Secure Server CA - G4
2016-09-23 -
2017-10-26
a year crt.sh

This page contains 1 frames:

Primary Page: http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
Frame ID: 16656.1
Requests: 6 HTTP requests in this frame

Screenshot


Page Statistics

6
Requests

17 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

254 kB
Transfer

254 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request info.html
cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/
18 KB
18 KB
Document
General
Full URL
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
Protocol
HTTP/1.1
Server
190.107.178.38 Santiago, Chile, ASN14259 (Gtd Internet S.A., CL),
Reverse DNS
srv.ultrahosting.cl
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 /
Resource Hash
29f23a39dbe563606ea450618bc1905a6cd1a72b54b23ec65670703c08ca0fe3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
cbltda.cl
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 09 May 2017 21:48:27 GMT
Last-Modified
Tue, 09 May 2017 20:47:09 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
ETag
"4609f7-49e7-54f1d759dfeae"
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
18919
AmazonUI-fcf27290b68379bc8ce89fd6edf394527c9f9508.rendering_engine-not-trident.secure.min._V2_.css
cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/Info_files/
158 KB
158 KB
Stylesheet
General
Full URL
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/Info_files/AmazonUI-fcf27290b68379bc8ce89fd6edf394527c9f9508.rendering_engine-not-trident.secure.min._V2_.css
Requested by
Host: cbltda.cl
URL: http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
Protocol
HTTP/1.1
Server
190.107.178.38 Santiago, Chile, ASN14259 (Gtd Internet S.A., CL),
Reverse DNS
srv.ultrahosting.cl
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 /
Resource Hash
756c6f82e93dec60a35528fc2ed3c89a3fc187db99f86181c70fcf10177c8b4a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
cbltda.cl
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 09 May 2017 21:48:27 GMT
Last-Modified
Tue, 09 May 2017 20:47:09 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
ETag
"46077a-27971-54f1d759df2f6"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
162161
jokamer_validator.js
cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/
31 KB
31 KB
Script
General
Full URL
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/jokamer_validator.js
Requested by
Host: cbltda.cl
URL: http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
Protocol
HTTP/1.1
Server
190.107.178.38 Santiago, Chile, ASN14259 (Gtd Internet S.A., CL),
Reverse DNS
srv.ultrahosting.cl
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 /
Resource Hash
ba301c5ae0d795e133519ac0d2891d8f9cf3820c487e029dbfef86cf61a0c5d2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
cbltda.cl
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 09 May 2017 21:48:27 GMT
Last-Modified
Tue, 09 May 2017 20:47:09 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
ETag
"460885-7d55-54f1d759df6de"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
32085
fwcim._CB342128453_.js
cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/Info_files/
13 KB
13 KB
Script
General
Full URL
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/Info_files/fwcim._CB342128453_.js
Requested by
Host: cbltda.cl
URL: http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
Protocol
HTTP/1.1
Server
190.107.178.38 Santiago, Chile, ASN14259 (Gtd Internet S.A., CL),
Reverse DNS
srv.ultrahosting.cl
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 /
Resource Hash
ce80ee2ee4c7f0f305633f0b21df9706727e3cad8e33fdd770eaff7473eedf3a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
cbltda.cl
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 09 May 2017 21:48:27 GMT
Last-Modified
Tue, 09 May 2017 20:47:09 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
ETag
"46079f-3216-54f1d759df2f6"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12822
aui_sprite_0029-1x._V1_.png
images-na.ssl-images-amazon.com/images/G/01/amazonui/sprites/
21 KB
21 KB
Image
General
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/amazonui/sprites/aui_sprite_0029-1x._V1_.png
Requested by
Host: cbltda.cl
URL: http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.116.169 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-116-169.iad16.r.cloudfront.net
Software
nginx /
Resource Hash
11b2083cdc7b8f40bb37f550418ab53b58f37716c343a53b37904427dd2d779e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
images-na.ssl-images-amazon.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/Info_files/AmazonUI-fcf27290b68379bc8ce89fd6edf394527c9f9508.rendering_engine-not-trident.secure.min._V2_.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/Info_files/AmazonUI-fcf27290b68379bc8ce89fd6edf394527c9f9508.rendering_engine-not-trident.secure.min._V2_.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Wed, 20 Apr 2016 00:00:47 GMT
Via
1.1 565c5243db2ec940986d684b1d27280f.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 Aug 2014 01:15:04 GMT
Server
nginx
Age
4237558
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=630720000,public
Connection
keep-alive
Content-Length
21662
X-Amz-Cf-Id
BByXsh2PkYF_3PzfolcN7ArYaa4rD4uUQCQBg-4YUScBUPuuTXzQaQ==
Expires
Wed, 18 May 2033 03:33:20 GMT
amazon-icon.png
cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/
12 KB
12 KB
Other
General
Full URL
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/amazon-icon.png
Protocol
HTTP/1.1
Server
190.107.178.38 Santiago, Chile, ASN14259 (Gtd Internet S.A., CL),
Reverse DNS
srv.ultrahosting.cl
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 /
Resource Hash
596b5e9dc7064701e116558ffdfbc7474db1a1a1ecd5410cb802a5249c021048

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
cbltda.cl
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cbltda.cl/modules/am/c070cb59760abd97ec0e121ae82bae4e/info.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 09 May 2017 21:48:31 GMT
Last-Modified
Tue, 09 May 2017 20:47:09 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
ETag
"460c4f-2ec7-54f1d759e0296"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
11975

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies