slasher.pl
Open in
urlscan Pro
5.252.229.113
Malicious Activity!
Public Scan
Submission: On April 15 via automatic, source openphish
Summary
This is the only time slasher.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BancoEstado (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 5.252.229.113 5.252.229.113 | 203417 (LH) (LH) | |
3 | 52.2.86.101 52.2.86.101 | 14618 (AMAZON-AES) (AMAZON-AES) | |
22 | 2 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-86-101.compute-1.amazonaws.com
detectca.easysol.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
slasher.pl
slasher.pl |
194 KB |
3 |
easysol.net
detectca.easysol.net |
2 KB |
22 | 2 |
Domain | Requested by | |
---|---|---|
19 | slasher.pl |
slasher.pl
|
3 | detectca.easysol.net |
slasher.pl
|
22 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.easysol.net DigiCert SHA2 Secure Server CA |
2019-10-10 - 2021-09-10 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login
Frame ID: CC886BC25489E5E65F7F405FA2872D31
Requests: 19 HTTP requests in this frame
Frame:
http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/CajaLoginLocal.html
Frame ID: A4FAFDAE5762663AF589958A172201B2
Requests: 3 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
slasher.pl/Bancoestado.cl/rsd/paglg/personas/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
estilos.css
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-banco-estado.jpg
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icono_llamar_soporte.png
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ |
47 KB 47 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner_nuevo_login.jpg
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ |
26 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icono-llave.png
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icono-seguridad.png
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js.descarga
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ |
27 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facil.js.descarga
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ |
884 B 708 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
detect.js.descarga
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ |
2 KB 881 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CajaLoginLocal.html
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ Frame A4FA |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico_secured.png
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/img/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-semibold-webfont.ttf
slasher.pl/Bancoestado.cl/rsd/paglg/personas/_font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-regular-webfont.ttf
slasher.pl/Bancoestado.cl/rsd/paglg/personas/_font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
detect.js
detectca.easysol.net/detectca/scripts/tmjrnkMWhU9BeB6tERmCF7ZkJQFa4b/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
estilos(1).css
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ Frame A4FA |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-regular-webfont.ttf
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ |
44 KB 24 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-semibold-webfont.ttf
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ |
44 KB 25 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-regular-webfont.ttf
slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ Frame A4FA |
44 KB 24 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DetectCA.png
detectca.easysol.net/detectca/images/tmjrnkMWhU9BeB6tERmCF7ZkJQFa4b/ |
82 B 303 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DetectCA.png
detectca.easysol.net/detectca/images/tmjrnkMWhU9BeB6tERmCF7ZkJQFa4b/ |
82 B 303 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BancoEstado (Banking)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| _0xfnvsk string| __h function| ga object| gaplugins object| _pGW function| _Arni object| _ki8Y object| _ztg function| _gHDU object| _jZg21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
slasher.pl/ | Name: PHPSESSID Value: 5vnao3m1s9vjspkmqh1ru7hvhu |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
detectca.easysol.net
slasher.pl
5.252.229.113
52.2.86.101
08af3df7952e97c6ba9f2e4017085ff366908c2456f2aab41614d165e3dc1ae9
096c1fde7c277a376903e76c6ba35b9c1e56909652111cf0c3555ebf70deeda4
20f34a98f3237380ebc966acf2f3f360502578ea6e634131bbcbe0f1ead6288d
2523243d918de96d28bc6a6eca40395e7abcc183f17075149099f93492e809ed
2760b1e9b1eca6ba057a77c129173424c519551f2f1997749283d0d704875a7d
2e40c42646f6000bfb9d70872f516980b78e432643be4e3aebfb74e86dbd8d22
2f27228800da5215315985ade070bc45fdc4ff133781be4ea3f1744cb507ec96
368c41fd41b7caa785c2ac51532f610fe7bfb6bce7ab7d31614b0fe44b28442e
3ce672632d9ccd249014dc1bb913f7fa26ad5758fe180671e5cfb90b0f8a55d3
3dc898a4ae9a6203f55dc6c8f034528701719fef2764d6c0292c67bec8cd69a9
3f8e2406bbfb0231d51976171640d268e3776f725a512d33bda6c68cb8c04031
43a71c22a6fe30abfdc5c1dc573e2bee94928ea24f78643a04e3f76071939b8a
46119498e56f4164317b88d4e821443921c43bddcfd4e45207ebb99ce6b78552
4976cada3dd0e8543f5f173351f46a21f7d9fd8b8191fffe769736bee856d514
ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
da942b4f61dd9963c0beba9278e5e012d09141774ce1f7a17b705e1c387f04b5
e514468b5b5df93d7ca69f22bb308382442c62bd0a7387a1c3d7c9454dbd35d6