trindex.com
Open in
urlscan Pro
192.185.156.33
Malicious Activity!
Public Scan
Submission: On October 26 via automatic, source openphish
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on September 5th 2020. Valid for: 3 months.
This is the only time trindex.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco del Pacífico (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 192.185.156.33 192.185.156.33 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
10 | 45.180.126.142 45.180.126.142 | 267931 (BANCO DEL...) (BANCO DEL PACIFICO S.A.) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:81d::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c08::9a | 15169 (GOOGLE) (GOOGLE) | |
2 | 35.221.58.108 35.221.58.108 | 15169 (GOOGLE) (GOOGLE) | |
22 | 6 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-156-33.unifiedlayer.com
trindex.com |
ASN267931 (BANCO DEL PACIFICO S.A., EC)
PTR: www.intermatico.com
www.intermatico.com |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: 108.58.221.35.bc.googleusercontent.com
collector-axa.cloud.ca.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
intermatico.com
www.intermatico.com |
246 KB |
7 |
trindex.com
trindex.com |
313 KB |
2 |
ca.com
collector-axa.cloud.ca.com |
313 B |
2 |
google-analytics.com
1 redirects
ssl.google-analytics.com |
17 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
100 B |
22 | 5 |
Domain | Requested by | |
---|---|---|
10 | www.intermatico.com |
trindex.com
www.intermatico.com |
7 | trindex.com |
trindex.com
|
2 | collector-axa.cloud.ca.com |
trindex.com
|
2 | ssl.google-analytics.com |
1 redirects
trindex.com
|
1 | stats.g.doubleclick.net |
trindex.com
|
22 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.intermatico.com |
www.bancodelpacifico.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
webdisk.trindex.com Let's Encrypt Authority X3 |
2020-09-05 - 2020-12-04 |
3 months | crt.sh |
www.intermatico.com GlobalSign Extended Validation CA - SHA256 - G3 |
2020-01-03 - 2022-01-03 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.cloud.ca.com DigiCert SHA2 Secure Server CA |
2020-03-04 - 2022-03-05 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://trindex.com/a/pacifico/password.php
Frame ID: E4E025511E1647C3E89CB2AAB56D2739
Requests: 21 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: ¿Olvidó su contraseña?
Search URL Search Domain Scan URL
Title: Regístrese aquí.
Search URL Search Domain Scan URL
Title: POR SU SEGURIDAD
Search URL Search Domain Scan URL
Title: POLÍTICAS Y TÉRMINOS DE USO
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=58429244&utmhn=trindex.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Banco%20del%20Pacifico%20-%20Iniciar%20sesi%C3%B3n&utmhid=855974591&utmr=-&utmp=%2Fa%2Fpacifico%2Fpassword.php&utmht=1603719647068&utmac=UA-18555495-3&utmcc=__utma%3D38924262.387895797.1603719647.1603719647.1603719647.1%3B%2B__utmz%3D38924262.1603719647.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=779705113&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18555495-3&cid=387895797.1603719647&jid=779705113&_v=5.7.2&z=58429244
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
password.php
trindex.com/a/pacifico/ |
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cssintermaticonaos
www.intermatico.com/Content/css/ |
40 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
impromptucss
www.intermatico.com/Content/impromptu/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
trindex.com/a/pacifico/files/ |
45 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery
www.intermatico.com/bundles/ |
82 KB 41 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
impromptujs
www.intermatico.com/bundles/ |
18 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
intermaticotools
www.intermatico.com/bundles/ |
9 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BA_Intermatico_Prod.js
trindex.com/a/pacifico/files/ |
201 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
configuraciones-generales.js
trindex.com/a/pacifico/files/ |
686 B 496 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jqueryval
www.intermatico.com/bundles/ |
28 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.gif
trindex.com/a/pacifico/files/ |
35 KB 35 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.jpg
trindex.com/a/pacifico/files/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
07.jpg
trindex.com/a/pacifico/files/ |
191 KB 192 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.intermatico.com/Content/images/layout/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-text.png
www.intermatico.com/Content/images/layout/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-passwd.png
www.intermatico.com/Content/images/icons/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Roboto-Regular.ttf
www.intermatico.com/Content/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
01.jpg
www.intermatico.com/Content/images/layout/bg-login/ |
151 KB 152 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
browserMetrics
collector-axa.cloud.ca.com//api/1/urn:ca:tenantId:8C2AB19A-637C-4627-BC23-8240443D7C70/urn:ca:appId:Intermatico_Produccion/ |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
browserMetrics
collector-axa.cloud.ca.com//api/1/urn:ca:tenantId:8C2AB19A-637C-4627-BC23-8240443D7C70/urn:ca:appId:Intermatico_Produccion/ |
0 313 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.intermatico.com
- URL
- https://www.intermatico.com/Content/fonts/Roboto-Regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco del Pacífico (Banking)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery function| AlertNaos function| AlertNaosTitulo function| ConfirmNaos function| ReConfirmNaos function| bienvenida function| msgPacificID function| msgDsbSeguridad function| Impromptu object| swfobject object| BAAppProfile object| BrowserAgentExtension object| BrowserAgentBootstrap object| BrowserAgent boolean| band function| ShowKeyCode object| _gaq object| params string| data_validation function| errorshake function| clearForm undefined| dialog object| _gat object| gaGlobal0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
collector-axa.cloud.ca.com
ssl.google-analytics.com
stats.g.doubleclick.net
trindex.com
www.intermatico.com
www.intermatico.com
192.185.156.33
2a00:1450:4001:81c::2008
2a00:1450:4001:81d::2008
2a00:1450:400c:c08::9a
35.221.58.108
45.180.126.142
0a4199856991809d0775f3fc362416fd97c3b6a640d462e884318ec5e9e2e3f0
0b78b8a60d8380a35dae90d4b2a24e50fe056d5b714a5759a2fef07327e4b6dd
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1f628d9b7890f4fab83e30ac4222fbd8bd37ba48260ebb4610f9749f6c7df044
38f726fc521a4fdf6b2caa2a0345cc67243e863461f12d92f2c690a5649d6f2e
4a5470696a7cd50d1a497ee31b3c38e65bb3258bcf435f8cf58d416a99166b45
5a2e30cfb42f4c25c0f5254eb905c8689aeac765c85a4d12cc7d99fd55330e16
5c49a998e1f8582faf32a9121409cd657059921a6e2c7ccb71fec62169f0a020
70171655754d0434be973b127d3d42aa3448a441b337373df432e5d060d851c5
71f9b8d4bd72c814464c0727d9261ad20fb9e2a93ccd38079e9e8a3d71f5bf95
745cebf6a31b27ec19714c9a0a9680da2de4b9d32691915bab1cc47072126630
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fd358681e966ab1b491d7383c4df348b0fc0062c24ecab65c8e5a81042157a
a659752620b5cfd44886fa1e1098ac3c3e2a506fa073bd6b8b2ce964a472d557
a6ee047420fb1ebd7dacacaa0ffac1e295acbdb588500df63cf82ca38f761dcd
b60c7816c6718800d7dfb247eee81c36ba7a171063a9b12bde9f5fb0df5d90bb
c575e74de00753a15241238c9526ab07d37022e7c04abfdb22eef2b2bebaffde
cd0b8878975d416d2c670e862ab7eed3fc1f02588b87066dd5f7fad5fec87908
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855