pacificosred.com
Open in
urlscan Pro
2607:f1c0:100f:f000::256
Malicious Activity!
Public Scan
Effective URL: https://pacificosred.com/
Submission Tags: 7064624
Submission: On April 09 via api from NL
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on February 28th 2021. Valid for: a year.
This is the only time pacificosred.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Galicia (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2607:f1c0:100... 2607:f1c0:100f:f000::2d6 | 8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS) | |
2 9 | 2607:f1c0:100... 2607:f1c0:100f:f000::256 | 8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS) | |
8 | 2 |
ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
www.floresmiriannis.com |
ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
pacificosred.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
pacificosred.com
2 redirects
pacificosred.com |
1 MB |
1 |
floresmiriannis.com
www.floresmiriannis.com |
232 B |
8 | 2 |
Domain | Requested by | |
---|---|---|
9 | pacificosred.com |
2 redirects
pacificosred.com
|
1 | www.floresmiriannis.com | |
8 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.floresmiriannis.com Encryption Everywhere DV TLS CA - G1 |
2021-04-09 - 2022-04-08 |
a year | crt.sh |
*.pacificosred.com Encryption Everywhere DV TLS CA - G1 |
2021-02-28 - 2022-02-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://pacificosred.com/
Frame ID: 8DF49A46C96CEF718290AAD75B2897F0
Requests: 8 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.floresmiriannis.com/ Page URL
- https://pacificosred.com/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.floresmiriannis.com/ Page URL
- https://pacificosred.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://pacificosred.com/images/default/logo.svg HTTP 301
- https://pacificosred.com/Images/default/logo.svg
- https://pacificosred.com/images/art/68-Gisela-Zoratto_desierto%26oasis.jpg HTTP 301
- https://pacificosred.com/Images/art/68-Gisela-Zoratto_desierto&oasis.jpg
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.floresmiriannis.com/ |
69 B 232 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
pacificosred.com/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min7b94.css
pacificosred.com/Content/ |
121 KB 121 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.minff96.css
pacificosred.com/Content/ |
989 KB 990 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
pacificosred.com/Images/default/ Redirect Chain
|
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-Regular.woff2
pacificosred.com/Content/fonts/ |
87 KB 87 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
68-Gisela-Zoratto_desierto&oasis.jpg
pacificosred.com/Images/art/ Redirect Chain
|
126 KB 126 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
pacificosred.com/Content/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Galicia (Banking)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
pacificosred.com
www.floresmiriannis.com
2607:f1c0:100f:f000::256
2607:f1c0:100f:f000::2d6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720
842ecd7fb6b4d5c497f50da917974a93eeb82406868507fb185d3de51add9288
9fc44b6928a5ede91bd14be21b94d50a9b6d19643df3763a9fac4065db68c290
b4ff0e55e735bcecbe65b3d851306ed458d3ef865d108b74dbc107ead609a17a
cdbcfd25de48d44b6e93444d482402a66ea5881535d7431534b75374341aa456
f691750a818f5aeaa92b3772d53b5c742281b429d5d257a5f52eaf0c92880065