urlscan.io logo urlscan.io
SecurityTrails logo

haldsoe.info Open in urlscan Pro
108.179.228.212  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Submission: On August 11 via manual from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 14 HTTP transactions. The main IP is 108.179.228.212, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is haldsoe.info.
This is the only time haldsoe.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Santander (Banking)

Domain & IP information

IP Address AS Autonomous System
8 108.179.228.212 46606 (UNIFIEDLA...)
1 104.111.215.136 16625 (AKAMAI-AS)
2 104.109.92.35 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
14 4
Domain Requested by
8 haldsoe.info haldsoe.info
3 fonts.gstatic.com haldsoe.info
2 banco.santander.cl haldsoe.info
1 tags.tiqcdn.com haldsoe.info
14 4

This site contains links to these domains. Also see Links.

Domain
www.santandermovil.cl
banco.santander.cl
www.santander.cl
ayuda.santander.cl
Subject Issuer Validity Valid
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2020-03-16 -
2021-06-15		 a year crt.sh
www.santander.cl
GeoTrust RSA CA 2018		 2020-05-15 -
2020-10-21		 5 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Frame ID: D30D58995303205972FA258A32B24CC7
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

Page Statistics

14
Requests

43 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

180 kB
Transfer

301 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.asp
haldsoe.info/www.santander.cl/pagina/UI.Web.Login/ 		33 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
HTTP/1.1
Server
108.179.228.212 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box6048.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
36307b0c15727e284f7f7c292a7cd27df875ed43e3003033cf8f2d2410a20b08

Request headers

Host
haldsoe.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.14.1
Date
Tue, 11 Aug 2020 17:51:22 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
css
haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/css
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
HTTP/1.1
Server
108.179.228.212 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box6048.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
90a0595f3757cda0dacca51930fc4b8755e1bb9f11a338b7040222091b3d354c

Request headers

Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 17:51:22 GMT
Last-Modified
Sun, 19 Apr 2020 21:15:56 GMT
Server
nginx/1.14.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7330
component-main.css
haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/ 		93 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/component-main.css
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
HTTP/1.1
Server
108.179.228.212 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box6048.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
c48ab4a3dcc0dc6184743f36fe683b9f46b80a639cef2ee166cf792988c6ba3d

Request headers

Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 17:51:22 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Apr 2020 21:15:56 GMT
Server
nginx/1.14.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/css
styles.431c552708cd8810886c.bundle.css
haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/ 		29 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/styles.431c552708cd8810886c.bundle.css
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
HTTP/1.1
Server
108.179.228.212 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box6048.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
fd721619408a7820a29a38652ba1e4d18736842e4a49a4a52ffbac6f8984e245

Request headers

Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 17:51:22 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Apr 2020 21:15:56 GMT
Server
nginx/1.14.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/css
utag.4.js
tags.tiqcdn.com/utag/santander/ch-web-mobile/dev/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/santander/ch-web-mobile/dev/utag.4.js?utv=ut4.44.201906071552
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-136.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ac1a310c066beb0e36d5390e7bca7430fb49ede9a7a23da3f192f17bc105d1c1

Request headers

Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 17:51:22 GMT
content-encoding
gzip
last-modified
Mon, 10 Dec 2018 18:47:22 GMT
server
AkamaiNetStorage
etag
"b989ff3dd8cff7b91dd1fc0cd2f531fe:1544467642"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
4177
expires
Wed, 26 Aug 2020 17:51:22 GMT
logotipo.png
haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/logotipo.png
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
HTTP/1.1
Server
108.179.228.212 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box6048.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
a449e9bbaec53ec53a7b0bc04f4ae661034be2aa44fc6a4da00a052206377b8c

Request headers

Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 17:51:22 GMT
Last-Modified
Sun, 19 Apr 2020 21:30:02 GMT
Server
nginx/1.14.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13216
Content-Type
image/png
info_importnate.png
haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/info_importnate.png
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
HTTP/1.1
Server
108.179.228.212 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box6048.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
36085cbef0c415aef51882b212406bcbf8ba3c3627827d1a03cc96b25956da28

Request headers

Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 17:51:22 GMT
Last-Modified
Sun, 19 Apr 2020 21:24:12 GMT
Server
nginx/1.14.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4436
Content-Type
image/png
isotipo.png
haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/isotipo.png
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
HTTP/1.1
Server
108.179.228.212 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box6048.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
701d745bc50cf2cc9932f740c8a6cddcfe7cf12035d59497182c90fad121daf9

Request headers

Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 17:51:22 GMT
Last-Modified
Sun, 19 Apr 2020 21:24:12 GMT
Server
nginx/1.14.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3646
Content-Type
image/png
Logo_Sakura.jpg
banco.santander.cl/uploads/000/006/598/4e0300df-c8ce-48d8-bbbb-50cbd378fc22/original/ 		30 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banco.santander.cl/uploads/000/006/598/4e0300df-c8ce-48d8-bbbb-50cbd378fc22/original/Logo_Sakura.jpg
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.92.35 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-92-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fca3331fd2098186c87836005508a91b01052011c75090c3a1746afa58639a7e
Security Headers
Name Value
Content-Security-Policy media-src 'self' https://www.facebook.com https://youtube.com https://vimeo.com; form-action 'self' https://*.santander.cl https://*.santandermovil.cl https://www.santander.cl; frame-src https://*.santander.cl https://*.vimeo.com https://*.youtube.com https://aws.redbanc.cl https://www.google.com https://apis.google.com https://web.facebook.com https://www.facebook.com https://pixel.mathtag.com https://banco.santander.cl http://santander.vintom.com https://accounts.google.com https://malware.opendns.com https://wsplgu.santander.cl https://*.fls.doubleclick.net https://connect.facebook.net https://platform.twitter.com https://www.google.com/maps https://bid.g.doubleclick.net https://staticxx.facebook.com https://webpay3g.transbank.cl http://*.facebook.com/plugins https://gateway.zscalertwo.net https://meritolife.santander.cl https://saltcdn2.googleapis.com https://superpuntos.santander.cl http://857732.fls.doubleclick.net https://857732.fls.doubleclick.net https://clickandtalk.medularis.com https://googleads.g.doubleclick.net https://captcha.gecirtnotification.com https://bancosantander.finmarketslive.cl https://1.b406929acabac9b095f124c81bdfcf57f.com https://1.c81358859121583b7adf2ace89cb39f44.com https://1.1a79ab95c1589a13f8a4cab612bc71f9f7.com http://bancosantanderinversiones.finmarketslive.cl https://bancosantanderinversiones.finmarketslive.cl http://bancosantanderinversiones.finmarketslive.cl/www/widgetbempresas.html https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/qa1/crossdomain.html https://bancosantanderinversiones.finmarketslive.cl/www/widgetbempresas.html http://1.c81358859121583b7adf2ace89cb39f44.com.x.244772b2007ab0421609452071f9c32a5718.92708549.id.opendns.com http://1.c81358859121583b7adf2ace89cb39f44.com.x.82f9b16b0ff0a047990a82a0b0afa829262d.9270854c.id.opendns.com http://1.c81358859121583b7adf2ace89cb39f44.com.x.a27119ad070170484c0bd470a664014ddf67.92708549.id.opendns.com https://*.zenitseguros.cl https://*.segurossura.cl
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
media-src 'self' https://www.facebook.com https://youtube.com https://vimeo.com; form-action 'self' https://*.santander.cl https://*.santandermovil.cl https://www.santander.cl; frame-src https://*.santander.cl https://*.vimeo.com https://*.youtube.com https://aws.redbanc.cl https://www.google.com https://apis.google.com https://web.facebook.com https://www.facebook.com https://pixel.mathtag.com https://banco.santander.cl http://santander.vintom.com https://accounts.google.com https://malware.opendns.com https://wsplgu.santander.cl https://*.fls.doubleclick.net https://connect.facebook.net https://platform.twitter.com https://www.google.com/maps https://bid.g.doubleclick.net https://staticxx.facebook.com https://webpay3g.transbank.cl http://*.facebook.com/plugins https://gateway.zscalertwo.net https://meritolife.santander.cl https://saltcdn2.googleapis.com https://superpuntos.santander.cl http://857732.fls.doubleclick.net https://857732.fls.doubleclick.net https://clickandtalk.medularis.com https://googleads.g.doubleclick.net https://captcha.gecirtnotification.com https://bancosantander.finmarketslive.cl https://1.b406929acabac9b095f124c81bdfcf57f.com https://1.c81358859121583b7adf2ace89cb39f44.com https://1.1a79ab95c1589a13f8a4cab612bc71f9f7.com http://bancosantanderinversiones.finmarketslive.cl https://bancosantanderinversiones.finmarketslive.cl http://bancosantanderinversiones.finmarketslive.cl/www/widgetbempresas.html https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/qa1/crossdomain.html https://bancosantanderinversiones.finmarketslive.cl/www/widgetbempresas.html http://1.c81358859121583b7adf2ace89cb39f44.com.x.244772b2007ab0421609452071f9c32a5718.92708549.id.opendns.com http://1.c81358859121583b7adf2ace89cb39f44.com.x.82f9b16b0ff0a047990a82a0b0afa829262d.9270854c.id.opendns.com http://1.c81358859121583b7adf2ace89cb39f44.com.x.a27119ad070170484c0bd470a664014ddf67.92708549.id.opendns.com https://*.zenitseguros.cl https://*.segurossura.cl
X-Content-Type-Options
nosniff
grace
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=23932
Date
Tue, 11 Aug 2020 17:51:22 GMT
X-Varnish
211012272 210760483
X-Cache-Hits
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31113
Expires
Wed, 12 Aug 2020 00:30:14 GMT
logo_bozzo_110.jpg
banco.santander.cl/uploads/000/012/107/0a5d53c1-00c1-41c6-88b6-4c8eba406ea9/original/ 		6 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banco.santander.cl/uploads/000/012/107/0a5d53c1-00c1-41c6-88b6-4c8eba406ea9/original/logo_bozzo_110.jpg
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.92.35 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-92-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c17bdaef39ca6492b5fe9a141b6c096200b7f78a01bc9ce30d091c89a8e17258
Security Headers
Name Value
Content-Security-Policy media-src 'self' https://www.facebook.com https://youtube.com https://vimeo.com; form-action 'self' https://*.santander.cl https://*.santandermovil.cl https://www.santander.cl; frame-src https://*.santander.cl https://*.vimeo.com https://*.youtube.com https://aws.redbanc.cl https://www.google.com https://apis.google.com https://web.facebook.com https://www.facebook.com https://pixel.mathtag.com https://banco.santander.cl http://santander.vintom.com https://accounts.google.com https://malware.opendns.com https://wsplgu.santander.cl https://*.fls.doubleclick.net https://connect.facebook.net https://platform.twitter.com https://www.google.com/maps https://bid.g.doubleclick.net https://staticxx.facebook.com https://webpay3g.transbank.cl http://*.facebook.com/plugins https://gateway.zscalertwo.net https://meritolife.santander.cl https://saltcdn2.googleapis.com https://superpuntos.santander.cl http://857732.fls.doubleclick.net https://857732.fls.doubleclick.net https://clickandtalk.medularis.com https://googleads.g.doubleclick.net https://captcha.gecirtnotification.com https://bancosantander.finmarketslive.cl https://1.b406929acabac9b095f124c81bdfcf57f.com https://1.c81358859121583b7adf2ace89cb39f44.com https://1.1a79ab95c1589a13f8a4cab612bc71f9f7.com http://bancosantanderinversiones.finmarketslive.cl https://bancosantanderinversiones.finmarketslive.cl http://bancosantanderinversiones.finmarketslive.cl/www/widgetbempresas.html https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/qa1/crossdomain.html https://bancosantanderinversiones.finmarketslive.cl/www/widgetbempresas.html http://1.c81358859121583b7adf2ace89cb39f44.com.x.244772b2007ab0421609452071f9c32a5718.92708549.id.opendns.com http://1.c81358859121583b7adf2ace89cb39f44.com.x.82f9b16b0ff0a047990a82a0b0afa829262d.9270854c.id.opendns.com http://1.c81358859121583b7adf2ace89cb39f44.com.x.a27119ad070170484c0bd470a664014ddf67.92708549.id.opendns.com https://*.zenitseguros.cl https://*.segurossura.cl
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
media-src 'self' https://www.facebook.com https://youtube.com https://vimeo.com; form-action 'self' https://*.santander.cl https://*.santandermovil.cl https://www.santander.cl; frame-src https://*.santander.cl https://*.vimeo.com https://*.youtube.com https://aws.redbanc.cl https://www.google.com https://apis.google.com https://web.facebook.com https://www.facebook.com https://pixel.mathtag.com https://banco.santander.cl http://santander.vintom.com https://accounts.google.com https://malware.opendns.com https://wsplgu.santander.cl https://*.fls.doubleclick.net https://connect.facebook.net https://platform.twitter.com https://www.google.com/maps https://bid.g.doubleclick.net https://staticxx.facebook.com https://webpay3g.transbank.cl http://*.facebook.com/plugins https://gateway.zscalertwo.net https://meritolife.santander.cl https://saltcdn2.googleapis.com https://superpuntos.santander.cl http://857732.fls.doubleclick.net https://857732.fls.doubleclick.net https://clickandtalk.medularis.com https://googleads.g.doubleclick.net https://captcha.gecirtnotification.com https://bancosantander.finmarketslive.cl https://1.b406929acabac9b095f124c81bdfcf57f.com https://1.c81358859121583b7adf2ace89cb39f44.com https://1.1a79ab95c1589a13f8a4cab612bc71f9f7.com http://bancosantanderinversiones.finmarketslive.cl https://bancosantanderinversiones.finmarketslive.cl http://bancosantanderinversiones.finmarketslive.cl/www/widgetbempresas.html https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/qa1/crossdomain.html https://bancosantanderinversiones.finmarketslive.cl/www/widgetbempresas.html http://1.c81358859121583b7adf2ace89cb39f44.com.x.244772b2007ab0421609452071f9c32a5718.92708549.id.opendns.com http://1.c81358859121583b7adf2ace89cb39f44.com.x.82f9b16b0ff0a047990a82a0b0afa829262d.9270854c.id.opendns.com http://1.c81358859121583b7adf2ace89cb39f44.com.x.a27119ad070170484c0bd470a664014ddf67.92708549.id.opendns.com https://*.zenitseguros.cl https://*.segurossura.cl
X-Content-Type-Options
nosniff
grace
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=12030
Date
Tue, 11 Aug 2020 17:51:22 GMT
X-Varnish
200318197 200409226
X-Cache-Hits
4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6443
Expires
Tue, 11 Aug 2020 21:11:52 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v17/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/css
Origin
http://haldsoe.info

Response headers

date
Mon, 10 Aug 2020 22:39:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:57 GMT
server
sffe
age
69107
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Tue, 10 Aug 2021 22:39:35 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v17/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/css
Origin
http://haldsoe.info

Response headers

date
Fri, 07 Aug 2020 05:22:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:45 GMT
server
sffe
age
390543
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Sat, 07 Aug 2021 05:22:19 GMT
santander-icons.7c19ed40180f3116cf19.ttf
haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/santander-icons.7c19ed40180f3116cf19.ttf
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
HTTP/1.1
Server
108.179.228.212 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box6048.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
89b7c07797e17146d5393796553fa67956d2a0d269cdfb0ee16328cc29509f2a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/styles.431c552708cd8810886c.bundle.css
Origin
http://haldsoe.info

Response headers

Date
Tue, 11 Aug 2020 17:51:22 GMT
Last-Modified
Wed, 22 Apr 2020 11:03:16 GMT
Server
nginx/1.14.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24424
Content-Type
font/ttf
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v17/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: haldsoe.info
URL: http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://haldsoe.info/www.santander.cl/pagina/UI.Web.Login/index_files/css
Origin
http://haldsoe.info

Response headers

date
Tue, 21 Jul 2020 13:24:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
1830404
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
expires
Wed, 21 Jul 2021 13:24:38 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| validar

0 Cookies