pacificosred.com Open in urlscan Pro
2607:f1c0:100f:f000::256  Malicious Activity! Public Scan

URL: https://pacificosred.com/
Submission Tags: 7064622
Submission: On April 09 via api from NL

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2607:f1c0:100f:f000::256, located in United States and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is pacificosred.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on February 28th 2021. Valid for: a year.
This is the only time pacificosred.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Galicia (Banking)

Domain & IP information

IP Address AS Autonomous System
2 9 2607:f1c0:100... 8560 (IONOS-AS ...)
7 1
Apex Domain
Subdomains
Transfer
9 pacificosred.com
pacificosred.com
1 MB
7 1
Domain Requested by
9 pacificosred.com 2 redirects pacificosred.com
7 1

This site contains no links.

Subject Issuer Validity Valid
*.pacificosred.com
Encryption Everywhere DV TLS CA - G1
2021-02-28 -
2022-02-27
a year crt.sh

This page contains 1 frames:

Primary Page: https://pacificosred.com/
Frame ID: DAC7FA7F2094CEBD9790CC667E016250
Requests: 7 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

7
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1407 kB
Transfer

1407 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://pacificosred.com/images/default/logo.svg HTTP 301
  • https://pacificosred.com/Images/default/logo.svg
Request Chain 4
  • https://pacificosred.com/images/art/68-Gisela-Zoratto_desierto%26oasis.jpg HTTP 301
  • https://pacificosred.com/Images/art/68-Gisela-Zoratto_desierto&oasis.jpg

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pacificosred.com/
4 KB
2 KB
Document
General
Full URL
https://pacificosred.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::256 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache / PHP/7.4.16
Resource Hash
f691750a818f5aeaa92b3772d53b5c742281b429d5d257a5f52eaf0c92880065

Request headers

:method
GET
:authority
pacificosred.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 09 Apr 2021 19:36:23 GMT
server
Apache
x-powered-by
PHP/7.4.16
content-encoding
gzip
bootstrap.min7b94.css
pacificosred.com/Content/
121 KB
121 KB
Stylesheet
General
Full URL
https://pacificosred.com/Content/bootstrap.min7b94.css
Requested by
Host: pacificosred.com
URL: https://pacificosred.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::256 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
842ecd7fb6b4d5c497f50da917974a93eeb82406868507fb185d3de51add9288

Request headers

Referer
https://pacificosred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:36:24 GMT
last-modified
Wed, 10 Mar 2021 19:22:46 GMT
server
Apache
accept-ranges
bytes
etag
"1e36f-5bd33977bad80"
content-length
123759
content-type
text/css
default.minff96.css
pacificosred.com/Content/
989 KB
990 KB
Stylesheet
General
Full URL
https://pacificosred.com/Content/default.minff96.css
Requested by
Host: pacificosred.com
URL: https://pacificosred.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::256 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
cdbcfd25de48d44b6e93444d482402a66ea5881535d7431534b75374341aa456

Request headers

Referer
https://pacificosred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:36:24 GMT
last-modified
Wed, 10 Mar 2021 19:23:02 GMT
server
Apache
accept-ranges
bytes
etag
"f7441-5bd33986fd180"
content-length
1012801
content-type
text/css
logo.svg
pacificosred.com/Images/default/
Redirect Chain
  • https://pacificosred.com/images/default/logo.svg
  • https://pacificosred.com/Images/default/logo.svg
5 KB
5 KB
Image
General
Full URL
https://pacificosred.com/Images/default/logo.svg
Requested by
Host: pacificosred.com
URL: https://pacificosred.com/Content/default.minff96.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::256 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b4ff0e55e735bcecbe65b3d851306ed458d3ef865d108b74dbc107ead609a17a

Request headers

Referer
https://pacificosred.com/Content/default.minff96.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:36:25 GMT
last-modified
Fri, 19 Mar 2021 20:45:50 GMT
server
Apache
accept-ranges
bytes
etag
"144f-5bde9cd1fdb80"
content-length
5199
content-type
image/svg+xml

Redirect headers

location
https://pacificosred.com/Images/default/logo.svg
date
Fri, 09 Apr 2021 19:36:25 GMT
server
Apache
content-length
256
content-type
text/html; charset=iso-8859-1
Inter-Regular.woff2
pacificosred.com/Content/fonts/
87 KB
87 KB
Font
General
Full URL
https://pacificosred.com/Content/fonts/Inter-Regular.woff2
Requested by
Host: pacificosred.com
URL: https://pacificosred.com/Content/default.minff96.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::256 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720

Request headers

Origin
https://pacificosred.com
Referer
https://pacificosred.com/Content/default.minff96.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:36:25 GMT
last-modified
Wed, 10 Mar 2021 19:22:46 GMT
server
Apache
accept-ranges
bytes
etag
"15c7c-5bd33977bad80"
content-length
89212
68-Gisela-Zoratto_desierto&oasis.jpg
pacificosred.com/Images/art/
Redirect Chain
  • https://pacificosred.com/images/art/68-Gisela-Zoratto_desierto%26oasis.jpg
  • https://pacificosred.com/Images/art/68-Gisela-Zoratto_desierto&oasis.jpg
126 KB
126 KB
Image
General
Full URL
https://pacificosred.com/Images/art/68-Gisela-Zoratto_desierto&oasis.jpg
Requested by
Host: pacificosred.com
URL: https://pacificosred.com/Content/default.minff96.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::256 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
9fc44b6928a5ede91bd14be21b94d50a9b6d19643df3763a9fac4065db68c290

Request headers

Referer
https://pacificosred.com/Content/default.minff96.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:36:25 GMT
last-modified
Wed, 10 Mar 2021 19:22:48 GMT
server
Apache
accept-ranges
bytes
etag
"1f6cc-5bd33979a3200"
content-length
128716
content-type
image/jpeg

Redirect headers

location
https://pacificosred.com/Images/art/68-Gisela-Zoratto_desierto&oasis.jpg
date
Fri, 09 Apr 2021 19:36:25 GMT
server
Apache
content-length
284
content-type
text/html; charset=iso-8859-1
fontawesome-webfont.woff2
pacificosred.com/Content/fonts/
75 KB
76 KB
Font
General
Full URL
https://pacificosred.com/Content/fonts/fontawesome-webfont.woff2
Requested by
Host: pacificosred.com
URL: https://pacificosred.com/Content/default.minff96.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::256 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://pacificosred.com
Referer
https://pacificosred.com/Content/default.minff96.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:36:25 GMT
last-modified
Wed, 10 Mar 2021 19:22:46 GMT
server
Apache
accept-ranges
bytes
etag
"12d68-5bd33977bad80"
content-length
77160

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Galicia (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

0 Cookies