urlscan.io logo urlscan.io
SecurityTrails logo

trindex.com Open in urlscan Pro
192.185.156.33  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://trindex.com/a/pacifico/password.php
Submission: On October 26 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 22 HTTP transactions. The main IP is 192.185.156.33, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is trindex.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 5th 2020. Valid for: 3 months.
This is the only time trindex.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco del Pacífico (Banking)

Domain & IP information

IP Address AS Autonomous System
7 192.185.156.33 46606 (UNIFIEDLA...)
10 45.180.126.142 267931 (BANCO DEL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.221.58.108 15169 (GOOGLE)
22 6
7    192.185.156.33 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-156-33.unifiedlayer.com
trindex.com
10    45.180.126.142 (Ecuador)

ASN267931 (BANCO DEL PACIFICO S.A., EC)
PTR: www.intermatico.com
www.intermatico.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    35.221.58.108 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 108.58.221.35.bc.googleusercontent.com
collector-axa.cloud.ca.com
Domain Requested by
10 www.intermatico.com trindex.com
www.intermatico.com
7 trindex.com trindex.com
2 collector-axa.cloud.ca.com trindex.com
2 ssl.google-analytics.com 1 redirects trindex.com
1 stats.g.doubleclick.net trindex.com
22 5

This site contains links to these domains. Also see Links.

Domain
www.intermatico.com
www.bancodelpacifico.com
Subject Issuer Validity Valid
webdisk.trindex.com
Let's Encrypt Authority X3		 2020-09-05 -
2020-12-04		 3 months crt.sh
www.intermatico.com
GlobalSign Extended Validation CA - SHA256 - G3		 2020-01-03 -
2022-01-03		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.cloud.ca.com
DigiCert SHA2 Secure Server CA		 2020-03-04 -
2022-03-05		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://trindex.com/a/pacifico/password.php
Frame ID: E4E025511E1647C3E89CB2AAB56D2739
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

22
Requests

95 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

6
IPs

4
Countries

576 kB
Transfer

876 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=58429244&utmhn=trindex.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Banco%20del%20Pacifico%20-%20Iniciar%20sesi%C3%B3n&utmhid=855974591&utmr=-&utmp=%2Fa%2Fpacifico%2Fpassword.php&utmht=1603719647068&utmac=UA-18555495-3&utmcc=__utma%3D38924262.387895797.1603719647.1603719647.1603719647.1%3B%2B__utmz%3D38924262.1603719647.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=779705113&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18555495-3&cid=387895797.1603719647&jid=779705113&_v=5.7.2&z=58429244

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request password.php
trindex.com/a/pacifico/ 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trindex.com/a/pacifico/password.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.156.33 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-156-33.unifiedlayer.com
Software
Apache /
Resource Hash
71f9b8d4bd72c814464c0727d9261ad20fb9e2a93ccd38079e9e8a3d71f5bf95

Request headers

:method
GET
:authority
trindex.com
:scheme
https
:path
/a/pacifico/password.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 26 Oct 2020 13:40:43 GMT
server
Apache
vary
Accept-Encoding
content-encoding
gzip
content-length
5230
content-type
text/html
cssintermaticonaos
www.intermatico.com/Content/css/ 		40 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intermatico.com/Content/css/cssintermaticonaos?v=SOtSqxZ2YZYMUw0UB7uFXp14zcV9gpHY3K567NREgUY1
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.180.126.142 , Ecuador, ASN267931 (BANCO DEL PACIFICO S.A., EC),
Reverse DNS
www.intermatico.com
Software
/
Resource Hash
70171655754d0434be973b127d3d42aa3448a441b337373df432e5d060d851c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 13:40:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 26 Oct 2020 13:40:46 GMT
X-Frame-Options
Deny
P3P
CP="{}", CP="{}"
Cache-Control
public
Transfer-Encoding
chunked
Content-Type
text/css; charset=utf-8
Vary
User-Agent, Accept-Encoding
Expires
Tue, 26 Oct 2021 13:40:46 GMT
impromptucss
www.intermatico.com/Content/impromptu/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intermatico.com/Content/impromptu/impromptucss?v=Kiab0-q5AicqpWBzC-UvM8nkLMawYYgAodVG7dhucbA1
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.180.126.142 , Ecuador, ASN267931 (BANCO DEL PACIFICO S.A., EC),
Reverse DNS
www.intermatico.com
Software
/
Resource Hash
cd0b8878975d416d2c670e862ab7eed3fc1f02588b87066dd5f7fad5fec87908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 13:40:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 26 Oct 2020 13:40:46 GMT
X-Frame-Options
Deny
P3P
CP="{}", CP="{}"
Cache-Control
public
Transfer-Encoding
chunked
Content-Type
text/css; charset=utf-8
Vary
User-Agent, Accept-Encoding
Expires
Tue, 26 Oct 2021 13:40:46 GMT
ga.js
trindex.com/a/pacifico/files/ 		45 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trindex.com/a/pacifico/files/ga.js
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.156.33 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-156-33.unifiedlayer.com
Software
Apache /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 26 Oct 2020 13:40:46 GMT
content-encoding
gzip
last-modified
Thu, 10 Sep 2020 13:17:32 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
jquery
www.intermatico.com/bundles/ 		82 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intermatico.com/bundles/jquery?v=XrScCT693DyOnAZpu4pIgv826ntWeUmBY7iOgMbP9B41
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.180.126.142 , Ecuador, ASN267931 (BANCO DEL PACIFICO S.A., EC),
Reverse DNS
www.intermatico.com
Software
/
Resource Hash
c575e74de00753a15241238c9526ab07d37022e7c04abfdb22eef2b2bebaffde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 13:40:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 26 Oct 2020 13:40:46 GMT
Age
0
X-Frame-Options
Deny
P3P
CP="{}", CP="{}"
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
text/javascript; charset=utf-8
Vary
User-Agent, Accept-Encoding
Content-Length
41492
Expires
Tue, 26 Oct 2021 13:40:47 GMT
impromptujs
www.intermatico.com/bundles/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intermatico.com/bundles/impromptujs?v=i5co50cQs0zMrKnmyk_Pj6ftXbqd7fTwH7uz2Xq6Ooo1
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.180.126.142 , Ecuador, ASN267931 (BANCO DEL PACIFICO S.A., EC),
Reverse DNS
www.intermatico.com
Software
/
Resource Hash
a6ee047420fb1ebd7dacacaa0ffac1e295acbdb588500df63cf82ca38f761dcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 13:40:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 26 Oct 2020 13:40:46 GMT
Age
0
X-Frame-Options
Deny
P3P
CP="{}", CP="{}"
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
text/javascript; charset=utf-8
Vary
User-Agent, Accept-Encoding
Content-Length
8095
Expires
Tue, 26 Oct 2021 13:40:47 GMT
intermaticotools
www.intermatico.com/bundles/ 		9 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intermatico.com/bundles/intermaticotools?v=wE5a92nCGRczWVTVhlmX-BwXHqeJhj4G11dXRfvZU0U1
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.180.126.142 , Ecuador, ASN267931 (BANCO DEL PACIFICO S.A., EC),
Reverse DNS
www.intermatico.com
Software
/
Resource Hash
5a2e30cfb42f4c25c0f5254eb905c8689aeac765c85a4d12cc7d99fd55330e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 13:40:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 26 Oct 2020 13:40:46 GMT
X-Frame-Options
Deny
P3P
CP="{}", CP="{}"
Cache-Control
public
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Vary
User-Agent, Accept-Encoding
Expires
Tue, 26 Oct 2021 13:40:46 GMT
BA_Intermatico_Prod.js
trindex.com/a/pacifico/files/ 		201 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trindex.com/a/pacifico/files/BA_Intermatico_Prod.js
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.156.33 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-156-33.unifiedlayer.com
Software
Apache /
Resource Hash
89fd358681e966ab1b491d7383c4df348b0fc0062c24ecab65c8e5a81042157a

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 26 Oct 2020 13:40:43 GMT
content-encoding
gzip
last-modified
Thu, 10 Sep 2020 13:17:32 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
configuraciones-generales.js
trindex.com/a/pacifico/files/ 		686 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trindex.com/a/pacifico/files/configuraciones-generales.js
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.156.33 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-156-33.unifiedlayer.com
Software
Apache /
Resource Hash
4a5470696a7cd50d1a497ee31b3c38e65bb3258bcf435f8cf58d416a99166b45

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 26 Oct 2020 13:40:43 GMT
content-encoding
gzip
last-modified
Thu, 10 Sep 2020 13:17:32 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
419
jqueryval
www.intermatico.com/bundles/ 		28 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intermatico.com/bundles/jqueryval?v=EnOQ-k6Z5m2T-bj7Tsm_q2lxSpKVtqhMliZMLe7o1Cw1
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.180.126.142 , Ecuador, ASN267931 (BANCO DEL PACIFICO S.A., EC),
Reverse DNS
www.intermatico.com
Software
/
Resource Hash
38f726fc521a4fdf6b2caa2a0345cc67243e863461f12d92f2c690a5649d6f2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 13:40:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 26 Oct 2020 13:40:46 GMT
X-Frame-Options
Deny
P3P
CP="{}", CP="{}"
Cache-Control
public
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Vary
User-Agent, Accept-Encoding
Expires
Tue, 26 Oct 2021 13:40:46 GMT
loader.gif
trindex.com/a/pacifico/files/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trindex.com/a/pacifico/files/loader.gif
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.156.33 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-156-33.unifiedlayer.com
Software
Apache /
Resource Hash
a659752620b5cfd44886fa1e1098ac3c3e2a506fa073bd6b8b2ce964a472d557

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 26 Oct 2020 13:40:46 GMT
last-modified
Thu, 10 Sep 2020 13:17:32 GMT
server
Apache
accept-ranges
bytes
content-length
35658
content-type
image/gif
image.jpg
trindex.com/a/pacifico/files/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trindex.com/a/pacifico/files/image.jpg
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.156.33 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-156-33.unifiedlayer.com
Software
Apache /
Resource Hash
b60c7816c6718800d7dfb247eee81c36ba7a171063a9b12bde9f5fb0df5d90bb

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 26 Oct 2020 13:40:47 GMT
last-modified
Thu, 10 Sep 2020 13:22:16 GMT
server
Apache
accept-ranges
bytes
content-length
2503
content-type
image/jpeg
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
6402
date
Mon, 26 Oct 2020 11:54:04 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 26 Oct 2020 13:54:04 GMT
07.jpg
trindex.com/a/pacifico/files/ 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trindex.com/a/pacifico/files/07.jpg
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.156.33 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-156-33.unifiedlayer.com
Software
Apache /
Resource Hash
0a4199856991809d0775f3fc362416fd97c3b6a640d462e884318ec5e9e2e3f0

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 26 Oct 2020 13:40:47 GMT
last-modified
Thu, 10 Sep 2020 13:17:32 GMT
server
Apache
accept-ranges
bytes
content-length
195098
content-type
image/jpeg
logo.png
www.intermatico.com/Content/images/layout/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intermatico.com/Content/images/layout/logo.png
Requested by
Host: www.intermatico.com
URL: https://www.intermatico.com/Content/css/cssintermaticonaos?v=SOtSqxZ2YZYMUw0UB7uFXp14zcV9gpHY3K567NREgUY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.180.126.142 , Ecuador, ASN267931 (BANCO DEL PACIFICO S.A., EC),
Reverse DNS
www.intermatico.com
Software
Microsoft-IIS/8.5 /
Resource Hash
0b78b8a60d8380a35dae90d4b2a24e50fe056d5b714a5759a2fef07327e4b6dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://www.intermatico.com/Content/css/cssintermaticonaos?v=SOtSqxZ2YZYMUw0UB7uFXp14zcV9gpHY3K567NREgUY1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 13:40:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 09 Jun 2020 19:34:00 GMT
Server
Microsoft-IIS/8.5
Age
15071
ETag
"04a0ec943ed61:0"
X-Frame-Options
Deny
P3P
CP="{}"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
4305
login-text.png
www.intermatico.com/Content/images/layout/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intermatico.com/Content/images/layout/login-text.png
Requested by
Host: www.intermatico.com
URL: https://www.intermatico.com/Content/css/cssintermaticonaos?v=SOtSqxZ2YZYMUw0UB7uFXp14zcV9gpHY3K567NREgUY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.180.126.142 , Ecuador, ASN267931 (BANCO DEL PACIFICO S.A., EC),
Reverse DNS
www.intermatico.com
Software
Microsoft-IIS/8.5 /
Resource Hash
745cebf6a31b27ec19714c9a0a9680da2de4b9d32691915bab1cc47072126630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://www.intermatico.com/Content/css/cssintermaticonaos?v=SOtSqxZ2YZYMUw0UB7uFXp14zcV9gpHY3K567NREgUY1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 13:40:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 09 Jun 2020 19:34:00 GMT
Server
Microsoft-IIS/8.5
Age
15071
ETag
"04a0ec943ed61:0"
X-Frame-Options
Deny
P3P
CP="{}"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
5103
icon-passwd.png
www.intermatico.com/Content/images/icons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intermatico.com/Content/images/icons/icon-passwd.png
Requested by
Host: www.intermatico.com
URL: https://www.intermatico.com/Content/css/cssintermaticonaos?v=SOtSqxZ2YZYMUw0UB7uFXp14zcV9gpHY3K567NREgUY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.180.126.142 , Ecuador, ASN267931 (BANCO DEL PACIFICO S.A., EC),
Reverse DNS
www.intermatico.com
Software
Microsoft-IIS/8.5 /
Resource Hash
5c49a998e1f8582faf32a9121409cd657059921a6e2c7ccb71fec62169f0a020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://www.intermatico.com/Content/css/cssintermaticonaos?v=SOtSqxZ2YZYMUw0UB7uFXp14zcV9gpHY3K567NREgUY1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 13:40:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 09 Jun 2020 19:34:00 GMT
Server
Microsoft-IIS/8.5
Age
12887
ETag
"04a0ec943ed61:0"
X-Frame-Options
Deny
P3P
CP="{}"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
2536
Roboto-Regular.ttf
www.intermatico.com/Content/fonts/ 		0
0
01.jpg
www.intermatico.com/Content/images/layout/bg-login/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intermatico.com/Content/images/layout/bg-login/01.jpg
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.180.126.142 , Ecuador, ASN267931 (BANCO DEL PACIFICO S.A., EC),
Reverse DNS
www.intermatico.com
Software
Microsoft-IIS/8.5 /
Resource Hash
1f628d9b7890f4fab83e30ac4222fbd8bd37ba48260ebb4610f9749f6c7df044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 13:40:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 09 Jun 2020 19:34:00 GMT
Server
Microsoft-IIS/8.5
Age
14779
ETag
"04a0ec943ed61:0"
X-Frame-Options
Deny
P3P
CP="{}"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
154964
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=58429244&utmhn=trindex.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Banco%20de...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18555495-3&cid=387895797.1603719647&jid=779705113&_v=5.7.2&z=58429244
35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18555495-3&cid=387895797.1603719647&jid=779705113&_v=5.7.2&z=58429244
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 26 Oct 2020 13:40:47 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Oct 2020 13:40:47 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18555495-3&cid=387895797.1603719647&jid=779705113&_v=5.7.2&z=58429244
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
367
expires
Fri, 01 Jan 1990 00:00:00 GMT
browserMetrics
collector-axa.cloud.ca.com//api/1/urn:ca:tenantId:8C2AB19A-637C-4627-BC23-8240443D7C70/urn:ca:appId:Intermatico_Produccion/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://collector-axa.cloud.ca.com//api/1/urn:ca:tenantId:8C2AB19A-637C-4627-BC23-8240443D7C70/urn:ca:appId:Intermatico_Produccion/browserMetrics
Protocol
HTTP/1.1
Server
35.221.58.108 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.58.221.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://trindex.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
content-type
Date
Mon, 26 Oct 2020 13:40:51 GMT
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Access-Control-Allow-Origin
https://trindex.com
Vary
Origin
Access-Control-Allow-Credentials
true
Content-Length
0
Access-Control-Allow-Methods
PUT,POST,GET,DELETE
Access-Control-Max-Age
1800
Cache-control
private
browserMetrics
collector-axa.cloud.ca.com//api/1/urn:ca:tenantId:8C2AB19A-637C-4627-BC23-8240443D7C70/urn:ca:appId:Intermatico_Produccion/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-axa.cloud.ca.com//api/1/urn:ca:tenantId:8C2AB19A-637C-4627-BC23-8240443D7C70/urn:ca:appId:Intermatico_Produccion/browserMetrics
Requested by
Host: trindex.com
URL: https://trindex.com/a/pacifico/files/BA_Intermatico_Prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.221.58.108 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.58.221.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trindex.com/a/pacifico/password.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://trindex.com
Date
Mon, 26 Oct 2020 13:40:51 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Content-Type
text/plain;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.intermatico.com
URL
https://www.intermatico.com/Content/fonts/Roboto-Regular.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco del Pacífico (Banking)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery function| AlertNaos function| AlertNaosTitulo function| ConfirmNaos function| ReConfirmNaos function| bienvenida function| msgPacificID function| msgDsbSeguridad function| Impromptu object| swfobject object| BAAppProfile object| BrowserAgentExtension object| BrowserAgentBootstrap object| BrowserAgent boolean| band function| ShowKeyCode object| _gaq object| params string| data_validation function| errorshake function| clearForm undefined| dialog object| _gat object| gaGlobal

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collector-axa.cloud.ca.com
ssl.google-analytics.com
stats.g.doubleclick.net
trindex.com
www.intermatico.com
www.intermatico.com
192.185.156.33
2a00:1450:4001:81c::2008
2a00:1450:4001:81d::2008
2a00:1450:400c:c08::9a
35.221.58.108
45.180.126.142
0a4199856991809d0775f3fc362416fd97c3b6a640d462e884318ec5e9e2e3f0
0b78b8a60d8380a35dae90d4b2a24e50fe056d5b714a5759a2fef07327e4b6dd
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1f628d9b7890f4fab83e30ac4222fbd8bd37ba48260ebb4610f9749f6c7df044
38f726fc521a4fdf6b2caa2a0345cc67243e863461f12d92f2c690a5649d6f2e
4a5470696a7cd50d1a497ee31b3c38e65bb3258bcf435f8cf58d416a99166b45
5a2e30cfb42f4c25c0f5254eb905c8689aeac765c85a4d12cc7d99fd55330e16
5c49a998e1f8582faf32a9121409cd657059921a6e2c7ccb71fec62169f0a020
70171655754d0434be973b127d3d42aa3448a441b337373df432e5d060d851c5
71f9b8d4bd72c814464c0727d9261ad20fb9e2a93ccd38079e9e8a3d71f5bf95
745cebf6a31b27ec19714c9a0a9680da2de4b9d32691915bab1cc47072126630
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fd358681e966ab1b491d7383c4df348b0fc0062c24ecab65c8e5a81042157a
a659752620b5cfd44886fa1e1098ac3c3e2a506fa073bd6b8b2ce964a472d557
a6ee047420fb1ebd7dacacaa0ffac1e295acbdb588500df63cf82ca38f761dcd
b60c7816c6718800d7dfb247eee81c36ba7a171063a9b12bde9f5fb0df5d90bb
c575e74de00753a15241238c9526ab07d37022e7c04abfdb22eef2b2bebaffde
cd0b8878975d416d2c670e862ab7eed3fc1f02588b87066dd5f7fad5fec87908
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855