# pacificar-ec.webcindario.com — MALICIOUS

> PhishDestroy identifies pacificar-ec.webcindario.com as a live credential-stealing portal flagged by 15/95 VirusTotal vendors.

## Summary
PhishDestroy identifies pacificar-ec.webcindario.com as a live credential-stealing portal that mimics legitimate business login pages to harvest usernames and passwords.  

This domain was flagged by 15 of 95 VirusTotal security vendors, first appeared on a public blocklist, and was created on February 28, 2001. Registrant details show hosting via TUCOWS.COM, CO. and resolution to IP 5.57.226.202 with a Let’s Encrypt SSL certificate.  

If you visited this site, stop using any passwords you may have entered and enable multi-factor authentication everywhere possible. Run a full antivirus scan on the device you used to access the page. Report the incident to your IT or security team and change credentials for any accounts that might have been exposed.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2001-02-28 12:45:04
- Registrar: TUCOWS.COM, CO.
- IP: 5.57.226.202

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OpenPhish"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/pacificar-ec.webcindario.com
- PhishDestroy: https://phishdestroy.io/domain/pacificar-ec.webcindario.com/
- LLM endpoint: https://phishdestroy.io/domain/pacificar-ec.webcindario.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/pacificar-ec.webcindario.com/
Last updated: 2026-04-10