slasher.pl Open in urlscan Pro
5.252.229.113 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login
Submission: On April 15 via automatic, source openphish (April 15th 2021, 1:39:15 am UTC)

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 5.252.229.113, located in Poland and belongs to LH, PL. The main domain is slasher.pl.

This is the only time slasher.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BancoEstado (Banking)

Domain & IP information

	IP Address	AS Autonomous System
19	5.252.229.113 5.252.229.113	203417 (LH) (LH)
3	52.2.86.101 52.2.86.101	14618 (AMAZON-AES) (AMAZON-AES)
22	2

19 5.252.229.113 (Poland)

ASN203417 (LH, PL)
PTR: h3.d2.pl

slasher.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.2.86.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-86-101.compute-1.amazonaws.com

detectca.easysol.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	slasher.pl slasher.pl	194 KB
3	easysol.net detectca.easysol.net	2 KB
22	2

	Domain	Requested by
19	slasher.pl	slasher.pl
3	detectca.easysol.net	slasher.pl
22	2

This site contains no links.

Subject Issuer	Validity	Valid
*.easysol.net DigiCert SHA2 Secure Server CA	`2019-10-10` - `2021-09-10`	2 years	crt.sh

This page contains 2 frames:

Primary Page: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login
Frame ID: CC886BC25489E5E65F7F405FA2872D31
Requests: 19 HTTP requests in this frame

Frame: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/CajaLoginLocal.html
Frame ID: A4FAFDAE5762663AF589958A172201B2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

22
Requests

5 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

196 kB
Transfer

293 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response slasher.pl/Bancoestado.cl/rsd/paglg/personas/	5 KB 2 KB	81ms 34ms	Document text/html	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / PHP/7.3.23 Resource Hash `2523243d918de96d28bc6a6eca40395e7abcc183f17075149099f93492e809ed` Request headers Host slasher.pl Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Server Apache/2 X-Powered-By PHP/7.3.23 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Set-Cookie PHPSESSID=5vnao3m1s9vjspkmqh1ru7hvhu; path=/ Upgrade h2,h2c Connection Upgrade, Keep-Alive Vary Accept-Encoding,User-Agent Content-Encoding gzip Content-Length 1654 Keep-Alive timeout=2, max=100 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	estilos.css slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/	5 KB 2 KB	32ms 32ms	Stylesheet text/css	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/estilos.css Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `368c41fd41b7caa785c2ac51532f610fe7bfb6bce7ab7d31614b0fe44b28442e` Request headers Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Content-Encoding gzip Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "1323-54d8609a02580-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 1381
GET H/1.1	200 OK	login.css slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/	7 KB 2 KB	54ms 29ms	Stylesheet text/css	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/login.css Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `e514468b5b5df93d7ca69f22bb308382442c62bd0a7387a1c3d7c9454dbd35d6` Request headers Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Content-Encoding gzip Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "1c26-54d8609a02580-gzip" Vary Accept-Encoding,User-Agent Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/css Keep-Alive timeout=2, max=100 Content-Length 1808
GET H/1.1	200 OK	logo-banco-estado.jpg slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/	16 KB 16 KB	61ms 31ms	Image image/jpeg	5.252.229.113 LH
General Check archive.org Show headers Download Go to Show image Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/logo-banco-estado.jpg Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `2e40c42646f6000bfb9d70872f516980b78e432643be4e3aebfb74e86dbd8d22` Request headers Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "3f0b-54d8609a02580" Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=2, max=100 Content-Length 16139
GET H/1.1	200 OK	icono_llamar_soporte.png slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/	47 KB 47 KB	61ms 28ms	Image image/png	5.252.229.113 LH
General Check archive.org Show headers Download Go to Show image Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/icono_llamar_soporte.png Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `096c1fde7c277a376903e76c6ba35b9c1e56909652111cf0c3555ebf70deeda4` Request headers Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "bc10-54d8609a02580" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=98 Content-Length 48144
GET H/1.1	200 OK	banner_nuevo_login.jpg slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/	26 KB 27 KB	48ms 27ms	Image image/jpeg	5.252.229.113 LH
General Check archive.org Show headers Download Go to Show image Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/banner_nuevo_login.jpg Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `20f34a98f3237380ebc966acf2f3f360502578ea6e634131bbcbe0f1ead6288d` Request headers Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "69d8-54d8609a02580" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 27096
GET H/1.1	200 OK	icono-llave.png slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/	2 KB 3 KB	37ms 27ms	Image image/png	5.252.229.113 LH
General Check archive.org Show headers Download Go to Show image Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/icono-llave.png Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `43a71c22a6fe30abfdc5c1dc573e2bee94928ea24f78643a04e3f76071939b8a` Request headers Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "9fb-54d8609a02580" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 2555
GET H/1.1	200 OK	icono-seguridad.png slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/	2 KB 3 KB	42ms 27ms	Image image/png	5.252.229.113 LH
General Check archive.org Show headers Download Go to Show image Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/icono-seguridad.png Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `da942b4f61dd9963c0beba9278e5e012d09141774ce1f7a17b705e1c387f04b5` Request headers Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "9ae-54d8609a02580" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=98 Content-Length 2478
GET H/1.1	200 OK	analytics.js.descarga Show response slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/	27 KB 12 KB	30ms 29ms	Script application/javascript	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/analytics.js.descarga Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `3ce672632d9ccd249014dc1bb913f7fa26ad5758fe180671e5cfb90b0f8a55d3` Request headers Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Content-Encoding gzip Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "6c9d-54d8609a02580-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=98 Content-Length 11595
GET H/1.1	200 OK	facil.js.descarga Show response slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/	884 B 708 B	61ms 31ms	Script application/javascript	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/facil.js.descarga Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `2760b1e9b1eca6ba057a77c129173424c519551f2f1997749283d0d704875a7d` Request headers Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Content-Encoding gzip Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "374-54d8609a02580-gzip" Vary Accept-Encoding,User-Agent Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type application/javascript Keep-Alive timeout=2, max=100 Content-Length 335
GET H/1.1	200 OK	detect.js.descarga Show response slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/	2 KB 881 B	61ms 31ms	Script application/javascript	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/detect.js.descarga Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `4976cada3dd0e8543f5f173351f46a21f7d9fd8b8191fffe769736bee856d514` Request headers Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Content-Encoding gzip Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "66c-54d8609a02580-gzip" Vary Accept-Encoding,User-Agent Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type application/javascript Keep-Alive timeout=2, max=100 Content-Length 508
GET H/1.1	200 OK	CajaLoginLocal.html Show response slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ Frame A4FA	13 KB 4 KB	58ms 31ms	Document text/html	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/CajaLoginLocal.html Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `3f8e2406bbfb0231d51976171640d268e3776f725a512d33bda6c68cb8c04031` Request headers Host slasher.pl Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Accept-Encoding gzip, deflate Accept-Language en-US Cookie PHPSESSID=5vnao3m1s9vjspkmqh1ru7hvhu Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Server Apache/2 Upgrade h2,h2c Connection Upgrade, Keep-Alive Last-Modified Wed, 19 Apr 2017 14:42:46 GMT ETag "35ae-54d8609a02580-gzip" Accept-Ranges bytes Vary Accept-Encoding,User-Agent Content-Encoding gzip Content-Length 3666 Keep-Alive timeout=2, max=100 Content-Type text/html
GET H/1.1	404 Not Found	ico_secured.png slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/img/	315 B 315 B	36ms 27ms	Image text/html	5.252.229.113 LH
General Check archive.org Show headers Download Go to Show image Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/img/ico_secured.png Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/login.css Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Server Apache/2 Connection Keep-Alive Keep-Alive timeout=2, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	opensans-semibold-webfont.ttf slasher.pl/Bancoestado.cl/rsd/paglg/personas/_font/	0 0	32ms 27ms	Font text/html	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/_font/opensans-semibold-webfont.ttf Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/login.css Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash Request headers Origin http://slasher.pl Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Server Apache/2 Connection Keep-Alive Keep-Alive timeout=2, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	opensans-regular-webfont.ttf slasher.pl/Bancoestado.cl/rsd/paglg/personas/_font/	0 0	32ms 27ms	Font text/html	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/_font/opensans-regular-webfont.ttf Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/login.css Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash Request headers Origin http://slasher.pl Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Server Apache/2 Connection Keep-Alive Keep-Alive timeout=2, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	detect.js Show response detectca.easysol.net/detectca/scripts/tmjrnkMWhU9BeB6tERmCF7ZkJQFa4b/	2 KB 2 KB	269ms 237ms	Script application/javascript	52.2.86.101 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://detectca.easysol.net/detectca/scripts/tmjrnkMWhU9BeB6tERmCF7ZkJQFa4b/detect.js Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/facil.js.descarga Protocol HTTP/1.1 Server 52.2.86.101 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-2-86-101.compute-1.amazonaws.com Software nginx/1.13.5 / Resource Hash `2f27228800da5215315985ade070bc45fdc4ff133781be4ea3f1744cb507ec96` Request headers Referer http://slasher.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 15 Apr 2021 01:16:30 GMT Last-Modified Fri, 04 Jan 2019 18:44:44 GMT Server nginx/1.13.5 ETag "5c2fa99c-668" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1640
GET H/1.1	200 OK	estilos(1).css slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ Frame A4FA	5 KB 2 KB	32ms 27ms	Stylesheet text/css	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/estilos(1).css Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/CajaLoginLocal.html Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `08af3df7952e97c6ba9f2e4017085ff366908c2456f2aab41614d165e3dc1ae9` Request headers Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/CajaLoginLocal.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Content-Encoding gzip Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "133f-54d8609a02580-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=98 Content-Length 1391
GET H/1.1	200 OK	opensans-regular-webfont.ttf slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/	44 KB 24 KB	31ms 30ms	Font application/x-font-ttf	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/opensans-regular-webfont.ttf Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/estilos.css Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `46119498e56f4164317b88d4e821443921c43bddcfd4e45207ebb99ce6b78552` Request headers Origin http://slasher.pl Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/estilos.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Content-Encoding gzip Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "b038-54d8609a02580-gzip" Vary Accept-Encoding,User-Agent Content-Type application/x-font-ttf Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=97 Content-Length 24571
GET H/1.1	200 OK	opensans-semibold-webfont.ttf slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/	44 KB 25 KB	39ms 30ms	Font application/x-font-ttf	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/opensans-semibold-webfont.ttf Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/estilos.css Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `3dc898a4ae9a6203f55dc6c8f034528701719fef2764d6c0292c67bec8cd69a9` Request headers Origin http://slasher.pl Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/estilos.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Content-Encoding gzip Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "b068-54d8609a02580-gzip" Vary Accept-Encoding,User-Agent Content-Type application/x-font-ttf Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=98 Content-Length 24746
GET H/1.1	200 OK	opensans-regular-webfont.ttf slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/ Frame A4FA	44 KB 24 KB	29ms 28ms	Font application/x-font-ttf	5.252.229.113 LH
General Check archive.org Show headers Download Go to Full URL http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/opensans-regular-webfont.ttf Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/estilos(1).css Protocol HTTP/1.1 Server 5.252.229.113 , Poland, ASN203417 (LH, PL), Reverse DNS h3.d2.pl Software Apache/2 / Resource Hash `46119498e56f4164317b88d4e821443921c43bddcfd4e45207ebb99ce6b78552` Request headers Origin http://slasher.pl Referer http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/pagina/login_files/estilos(1).css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 01:38:58 GMT Content-Encoding gzip Last-Modified Wed, 19 Apr 2017 14:42:46 GMT Server Apache/2 ETag "b038-54d8609a02580-gzip" Vary Accept-Encoding,User-Agent Content-Type application/x-font-ttf Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=97 Content-Length 24571
GET H/1.1	200 OK	DetectCA.png detectca.easysol.net/detectca/images/tmjrnkMWhU9BeB6tERmCF7ZkJQFa4b/	82 B 303 B	145ms 145ms	Image image/png	52.2.86.101 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL http://detectca.easysol.net/detectca/images/tmjrnkMWhU9BeB6tERmCF7ZkJQFa4b/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&sr=1600%20x%201200&url=http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/&rf=&nc=0.6300089751943914 Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Server 52.2.86.101 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-2-86-101.compute-1.amazonaws.com Software nginx/1.13.5 / Express Resource Hash `ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491` Request headers Referer http://slasher.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 15 Apr 2021 01:16:30 GMT Server nginx/1.13.5 Connection keep-alive X-Powered-By Express Transfer-Encoding chunked Content-Type image/png
GET H/1.1	200 OK	DetectCA.png detectca.easysol.net/detectca/images/tmjrnkMWhU9BeB6tERmCF7ZkJQFa4b/	82 B 303 B	399ms 141ms	Image image/png	52.2.86.101 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://detectca.easysol.net/detectca/images/tmjrnkMWhU9BeB6tERmCF7ZkJQFa4b/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&sr=1600%20x%201200&url=http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/&rf=&nc=0.6996143957744472 Requested by Host: slasher.pl URL: http://slasher.pl/Bancoestado.cl/rsd/paglg/personas/?STP=login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.2.86.101 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-2-86-101.compute-1.amazonaws.com Software nginx/1.13.5 / Express Resource Hash `ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491` Request headers Referer http://slasher.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 15 Apr 2021 01:16:30 GMT Server nginx/1.13.5 Connection keep-alive X-Powered-By Express Transfer-Encoding chunked Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BancoEstado (Banking)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			slasher.pl/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5vnao3m1s9vjspkmqh1ru7hvhu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

detectca.easysol.net
slasher.pl
5.252.229.113
52.2.86.101
08af3df7952e97c6ba9f2e4017085ff366908c2456f2aab41614d165e3dc1ae9
096c1fde7c277a376903e76c6ba35b9c1e56909652111cf0c3555ebf70deeda4
20f34a98f3237380ebc966acf2f3f360502578ea6e634131bbcbe0f1ead6288d
2523243d918de96d28bc6a6eca40395e7abcc183f17075149099f93492e809ed
2760b1e9b1eca6ba057a77c129173424c519551f2f1997749283d0d704875a7d
2e40c42646f6000bfb9d70872f516980b78e432643be4e3aebfb74e86dbd8d22
2f27228800da5215315985ade070bc45fdc4ff133781be4ea3f1744cb507ec96
368c41fd41b7caa785c2ac51532f610fe7bfb6bce7ab7d31614b0fe44b28442e
3ce672632d9ccd249014dc1bb913f7fa26ad5758fe180671e5cfb90b0f8a55d3
3dc898a4ae9a6203f55dc6c8f034528701719fef2764d6c0292c67bec8cd69a9
3f8e2406bbfb0231d51976171640d268e3776f725a512d33bda6c68cb8c04031
43a71c22a6fe30abfdc5c1dc573e2bee94928ea24f78643a04e3f76071939b8a
46119498e56f4164317b88d4e821443921c43bddcfd4e45207ebb99ce6b78552
4976cada3dd0e8543f5f173351f46a21f7d9fd8b8191fffe769736bee856d514
ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
da942b4f61dd9963c0beba9278e5e012d09141774ce1f7a17b705e1c387f04b5
e514468b5b5df93d7ca69f22bb308382442c62bd0a7387a1c3d7c9454dbd35d6

slasher.pl Open in urlscan Pro 5.252.229.113 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

5 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

196 kBTransfer

293 kBSize

1 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

1 Cookies

Indicators

slasher.pl Open in urlscan Pro
5.252.229.113 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

5 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

196 kB
Transfer

293 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!