trend-it.es

https://trend-it.es/

92.205.170.124 · Host Europe GmbH

Location

Frankfurt am Main, Germany

Domain Age

—

HTTP

200 · 50.8s

SSL

Valid· R13, Let's Encrypt, US

Status

COMPLETED

Visual Evidence

Zoom

Save

Domain Intelligence: trend-it.es

Scanned 2 times since Apr 29, 2026, 09:09 AM UTC

ℹ Low (10)

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

Trend-IT (trend-it.es)

Unknown

Technology · 6/3/2026

Summary

The page presents branding for Trend-IT with Spanish language content and visuals in the header. However, the page appears to be a SPA with zero static login forms in HTML while loading numerous external scripts; credential collection could be rendered dynamically by JavaScript. External endpoints observed include POSTs to csp.secureserver.net/eventbus/web with 202 responses, which may indicate analytics or event bus usage rather than direct credential harvesting. No explicit login form or credential capture UI is found in the static HTML, but the SPA nature combined with extensive external JS assets warrants caution for potential credential collection behind the scenes.

Evidence Summary

▸Observed 3 capture stage(s); canonical stage is late_render_3s.

▸POST targets observed during capture: https://csp.secureserver.net/eventbus/web?clientid=8da2217409854bee82e12dc4ca0b39fb, https://csp.secureserver.net/eventbus/web?clientid=b18ef4f046435b64a469b32c3c1c20a3.

▸Distinctive asset clues: v4-shims.min.js, jquery-migrate.min.js, regular.min.css, all.min.css, bg-1-2.png, cropped-Logo-TrendIT-1.webp.

Capture

Stages: 3

Canonical: Late Render (+3s)

Changed: No

Credential Signals

Forms: 0

Password fields: 0

Late-stage login UI: No

Resource Signals

Resources: 167

Hosts: 4

Domains: 4

Observed Signals (2)

Single-Page Application (SPA) behavior with credential UI rendered client-sidePOST requests to an external eventbus endpoint (csp.secureserver.net) which could be used for analytics or data exfiltration

Observed Indicators (0)

No suspicious indicators identified

Risk AssessmentUsed in abuse reports

The analysis shows branding for Trend-IT with a modern SPA approach, but no static credential form is present in the HTML. The page loads many third-party scripts (Elementor/WordPress ecosystem) and makes POST requests to an external eventbus endpoint, which could be benign analytics or could enable data exfiltration in a compromised or misused configuration. The presence of a valid Let's Encrypt certificate for a hosted subdomain and the absence of obvious credential fields in the static HTML reduce certainty of credential harvesting at this moment, but given SPA behavior, credential capture could still occur via dynamically injected UI. Recommend monitoring and further verification of credential collection behavior, especially during user interactions.

Recommended Action

Monitor

Cross-Reference8

URL Intelligence