consultas.aperturatusolicitud.info Open in urlscan Pro
2606:4700:3036::ac43:8337 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://consultas.aperturatusolicitud.info/
Submission: On March 18 via api (March 18th 2024, 6:23:53 pm UTC) from US — Scanned from US

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3036::ac43:8337, located in United States and belongs to CLOUDFLARENET, US. The main domain is consultas.aperturatusolicitud.info.
TLS certificate: Issued by GTS CA 1P5 on March 14th 2024. Valid for: 3 months.

This is the only time consultas.aperturatusolicitud.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco de Crédito del Perú (Banking)

Domain & IP information

	IP Address		AS Autonomous System
18	2606:4700:303... 2606:4700:3036::ac43:8337		13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	1

18 2606:4700:3036::ac43:8337 (United States)

ASN13335 (CLOUDFLARENET, US)

consultas.aperturatusolicitud.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	aperturatusolicitud.info consultas.aperturatusolicitud.info	414 KB
18	1

	Domain	Requested by
18	consultas.aperturatusolicitud.info	consultas.aperturatusolicitud.info
18	1

This site contains no links.

Subject Issuer	Validity	Valid
aperturatusolicitud.info GTS CA 1P5	`2024-03-14` - `2024-06-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://consultas.aperturatusolicitud.info/
Frame ID: 09664E4C070BAB54D081C2C39577BB30
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

#PrestamoDigital BCP

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

414 kB
Transfer

879 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response consultas.aperturatusolicitud.info/	25 KB 4 KB	757ms 495ms	Document text/html	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consultas.aperturatusolicitud.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b688023d479ad8a3caa22a93c3ef4eb4f8cc086e5097b984f1110573904b42ad` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 866741721ed6749f-MIA content-encoding br content-type text/html; charset=UTF-8 date Mon, 18 Mar 2024 18:23:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dEvkUzlZ0P%2FEZZ5Oo0dmeeeYsECNudCANqBwrQ%2BgsRA6Y%2B0nVtDCw1J%2FyYRIWj%2BlZKZxbgRVzF%2B3aDAWpGmjbFicIQJDengtNXxh2WN3cxLweboe3LnBpWUMZVCRLleI04aSG%2FQH26DZ%2FDBxlMNcFPNj1xQTOwBdJ9kFa%2Bcw9EDw"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	main.css consultas.aperturatusolicitud.info/wp-content/	257 KB 27 KB	776ms 759ms	Stylesheet text/css	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consultas.aperturatusolicitud.info/wp-content/main.css Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3ae9c970964fb43809f1493a8b469197b53a384d06ea332dda04c9ee3628be1e` Request headers accept-language en-US,en;q=0.9 Referer https://consultas.aperturatusolicitud.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:46 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:08:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"402f6-60e865e9cba00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xs89aV%2Bqb4dRRz7I6CFTIOUTltPfmWm24wNbfqqNvbyAwJaVPwFJnoIsppoZd4bVTW4EG31S48RMriq%2BTujKERPCTybFWaPrydSA7PlZXGrVaI3LWFdzZ%2Fuivsej8vT%2BGth4Apwx41bM3UCvqss99USlFwsa0a0zVAp6cp2nv8M3"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 866741755bf1749f-MIA alt-svc h3=":443"; ma=86400
GET H2	200	stylo.css consultas.aperturatusolicitud.info/wp-content/	188 KB 32 KB	811ms 795ms	Stylesheet text/css	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consultas.aperturatusolicitud.info/wp-content/stylo.css Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2a9e19ec399115010f1a659c59f9f0ac000f82910fdd0577e3a6800ac037cd0b` Request headers accept-language en-US,en;q=0.9 Referer https://consultas.aperturatusolicitud.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:46 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:08:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2f1df-60e865e042380-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z30tdBPv1sKdJE8q9k88%2BASEiz5NXcD5IkV5QHOLTcnKTnIdJvTAUDXL9sp4wcmSzrYBq3JVk%2FxpGoghfrDXw6bgTT73zUveSZvyTVFCOen5PecJXrS%2FPtx2CuNHTsHhcRjl8ba%2BZZokfYGDzENrB3OUh6V6wBrSkk5HmXO6av2m"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 866741755bf5749f-MIA alt-svc h3=":443"; ma=86400
GET H2	200	spinner.gif consultas.aperturatusolicitud.info/wp-content/	37 KB 37 KB	754ms 740ms	Image image/gif	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://consultas.aperturatusolicitud.info/wp-content/spinner.gif Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `12dc8b98e41da945d7986329534be7796c67d57eb9188b72c14d673527b25ca3` Request headers accept-language en-US,en;q=0.9 Referer https://consultas.aperturatusolicitud.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:46 GMT cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "92fe-60e864a95c600" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q9R%2F2XBoLm%2F9nDSZGf7l6lSmZuKOI7RtgaV2oSquOFNRAHdpyPwmOlSX76cBUmZu%2BqCtEdF%2F0U3R%2B4RRRe5%2BP9nbq8PAEvPufMXmBAPzT6CdxBHfy%2BhGc5TTAiinL9ih9B1wOpqPCaGslJHTR0hqhPE76BXVKIg6ukjE8C8gC9JE"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 866741755bf7749f-MIA alt-svc h3=":443"; ma=86400 content-length 37630
GET H2	200	dark-default.svg consultas.aperturatusolicitud.info/wp-content/	5 KB 3 KB	530ms 516ms	Image image/svg+xml	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://consultas.aperturatusolicitud.info/wp-content/dark-default.svg Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `449a762acaaea4a237d5e28917804f7e47f666244014dea10b814bc2930b2737` Request headers accept-language en-US,en;q=0.9 Referer https://consultas.aperturatusolicitud.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"149f-60e864a95c600-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7bOxeiQuWAoMBAG4m0twO1RoJDPAaY4BfPx40tlYNUQ5uwlF4mtsaBaItnQq0R4dJk33D3B5DA%2F%2BJtSKks9koUhK2krzxM2l5vThTOY85TkOMfS4HCltvGYfYqTSalLFFcywW2m5EravFqThOApLxj2nnY%2BicxqSeGXem%2FstJhl"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 866741755bf8749f-MIA alt-svc h3=":443"; ma=86400
GET H2	200	fondo.png consultas.aperturatusolicitud.info/wp-content/	138 KB 139 KB	1028ms 1014ms	Image image/png	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://consultas.aperturatusolicitud.info/wp-content/fondo.png Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `27817cc668bec9c1bf7121be792e394b2e429ed7f1e2cd8ed40bfa198b947260` Request headers accept-language en-US,en;q=0.9 Referer https://consultas.aperturatusolicitud.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:46 GMT cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2288d-60e864a95c600" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HA1WFwtRsgB%2FFeJuFMA1lfpMG3KQCxV7%2BanVWZlApkxcHuqkG6hrrmOqeg6UhcnJQWQUu7P5OA1eND4CECU1Uphx49c8APyPYuYwbg9MEQ3dpmo9%2B9kDl5uTm0OsE2xBz5F1MHg9F%2By4lFRKQri5Q73f532D5JFRtQlYCddkDLrU"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 866741755bf9749f-MIA alt-svc h3=":443"; ma=86400 content-length 141453
GET H2	200	spots-b-bill-three-d.svg consultas.aperturatusolicitud.info/wp-content/	2 KB 1 KB	514ms 502ms	Image image/svg+xml	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://consultas.aperturatusolicitud.info/wp-content/spots-b-bill-three-d.svg Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6ebf0b01b6a6b91ee30ee25f898210abaf1bd00458d5268b2751d1183b42cbd2` Request headers accept-language en-US,en;q=0.9 Referer https://consultas.aperturatusolicitud.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"760-60e864a95c600-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k1ArWOEGYWkEezWWRI4F5uITAu%2BOdfv9NJ6kh94Az%2FOmEtmoe0fVliXKHV77XndD%2F8Qx34CfSY58mTflgGrXrD40ZoEyLQwVLdBolnrsdC1Z%2FnqZ6nsgVYNoOp65Lu0RxCDKOAC%2FwajTkXErm%2FJfccv%2BtUcSUjj7E6jB24f19%2FIX"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 866741755bfa749f-MIA alt-svc h3=":443"; ma=86400
GET H2	200	spots-p-padlock-d.svg consultas.aperturatusolicitud.info/wp-content/	622 B 706 B	545ms 533ms	Image image/svg+xml	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://consultas.aperturatusolicitud.info/wp-content/spots-p-padlock-d.svg Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ab08f8acb8445fa0fe3792059ad3c9feb64b4d56bc78b7caa47fb0484e3841e0` Request headers accept-language en-US,en;q=0.9 Referer https://consultas.aperturatusolicitud.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:46 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"26e-60e864a95c600-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JpftfZfHZl0RLwe6a9yOruBxPrK5O3GrDjD7mqBemjTOSa3sJCaa1gXgy%2FMb61WSLfnbAutX1SvXGb610TQ4FBq3PVieFfJG4%2FxxuuoJvjbeIHTXhRzqwuiwuQu021uJWJZH7qYSzVAC%2BtM8bUFzqSQ%2F7WIL51gPZgnu4RMBqeE%2B"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 866741755bfc749f-MIA alt-svc h3=":443"; ma=86400
GET H2	200	spots-l-list-circle-d.svg consultas.aperturatusolicitud.info/wp-content/	1 KB 878 B	527ms 519ms	Image image/svg+xml	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://consultas.aperturatusolicitud.info/wp-content/spots-l-list-circle-d.svg Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3248b5d2f2827c6b2e53afcce755ee9be9fbd573a68c09be815c85c0a15ba595` Request headers accept-language en-US,en;q=0.9 Referer https://consultas.aperturatusolicitud.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5f8-60e864a95c600-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kARDDZk2hP0%2BFaU2f%2BCpYMxPc9FZruncmP7hcLaGnZpna4g%2FFbcTdMsJIGxhqyUqBnVMW5v4ul%2BWbnXto%2Bn6lHzi7JC0JNHqGfHUQ55awwEEZofEqhmbC%2BHiQ%2BKZ7wLxRk1mT%2BjlW3FmL7cbNZJ8esu2A0LA88wfM%2Fd%2BorMCcNb5"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 866741755c04749f-MIA alt-svc h3=":443"; ma=86400
GET H2	200	dark-grey.svg consultas.aperturatusolicitud.info/wp-content/	5 KB 3 KB	565ms 557ms	Image image/svg+xml	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://consultas.aperturatusolicitud.info/wp-content/dark-grey.svg Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `beb64a7f93a96115e3c678b68b88b90cc9befa5c6d8e57e284c8d65ea580a910` Request headers accept-language en-US,en;q=0.9 Referer https://consultas.aperturatusolicitud.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:46 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"144f-60e864a95c600-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zi4E3LRCe61ASTb8jrbnF38%2Fpq5HFITTED9kV9HiZhepc%2Bt8hBT88z%2FK%2F2gk8T9iF%2BwR2yFARluBYxSJhOlTXfEwlv8a%2BJ9Fh%2FoqNY0DyDZr4k72IDxULYIxLA%2FXa%2BNUWhypbiAf99Xsr6KiytYJIOKoj7g9abp%2Be6DeabZFxW8R"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 866741757c2e749f-MIA alt-svc h3=":443"; ma=86400
GET H2	200	jquery-3.1.0.min.js Show response consultas.aperturatusolicitud.info/wp-content/	84 KB 31 KB	739ms 730ms	Script application/javascript	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consultas.aperturatusolicitud.info/wp-content/jquery-3.1.0.min.js Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb` Request headers accept-language en-US,en;q=0.9 Referer https://consultas.aperturatusolicitud.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:46 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1514f-60e864a95c600-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T9wy1amMEKmXE0im8uHH3k6hpfyKrm0A4s7AubXGURIjNht9y5k92x%2BciJUJhvT88t3Ee3zFXyO45A9Kkh3ghGumm9XMpCJJEZxpwlr6Rvg6UNgFNxFJRXt2vaOyJ4Q6q10gKJtumm31mYPPkQnYQ3DUW8ZUGzBOghdiBEyoPISP"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 866741755c01749f-MIA alt-svc h3=":443"; ma=86400
GET H2	200	node.js Show response consultas.aperturatusolicitud.info/wp-content/	952 B 578 B	507ms 498ms	Script application/javascript	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consultas.aperturatusolicitud.info/wp-content/node.js Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `902c5e954279929f3f3b1e8f1fd1152b94831fc35af53112e3bb41759655b0b5` Request headers accept-language en-US,en;q=0.9 Referer https://consultas.aperturatusolicitud.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3b8-60e864a95c600-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mCReAtCKnOjphXtX8qABEtXNLc4vRfs6rJkko7FYuvSqZwy7UXdFVv%2F0uPP%2F8NgB5gbqvZ657Q%2B9BZN1WZ8T0a697Na76yiootwI0sZX4T51xOeaHQTTGEf3GURbZEcu4sWjSCIO4gCA3RBosNbELcQ5x0dwpJpqOunn0%2FX6zDlO"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 866741755c02749f-MIA alt-svc h3=":443"; ma=86400
GET H3	200	242863_3_0.woff2 consultas.aperturatusolicitud.info/wp-content/fuente/	36 KB 37 KB	740ms 738ms	Font font/woff2	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consultas.aperturatusolicitud.info/wp-content/fuente/242863_3_0.woff2 Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/wp-content/stylo.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `172472d9b72d8be8e681b38fff7b094fc60840c1247a3f0ff963d2b2499dee1f` Request headers Referer https://consultas.aperturatusolicitud.info/wp-content/stylo.css Origin https://consultas.aperturatusolicitud.info accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:47 GMT cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"9110-60e864a95c600-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2cFxzTRzXja5Eo6nJcsvOLwfT7NS67sna%2BevvvLcPsKp0WVADYaxxvloAA7yyZwQpo6FY3EjVhYC62Q8ja3RLi2IAu8egbr2CQ5HH1%2FORilxpx6wzvdaE%2BraMaPDoJRqBanmsDjnp%2BfCDAulSWgO7DNmJXsEtI7bOndkDl5w9RlQ"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 cf-ray 8667417abc6c31f8-MIA alt-svc h3=":443"; ma=86400
GET H3	404	242863_C_0.woff2 consultas.aperturatusolicitud.info/wp-content/fuente/	0 0	551ms 550ms	Font text/html	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consultas.aperturatusolicitud.info/wp-content/fuente/242863_C_0.woff2 Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/wp-content/stylo.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://consultas.aperturatusolicitud.info/wp-content/stylo.css Origin https://consultas.aperturatusolicitud.info accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:46 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ICzom%2FQPki1jYI%2FTADuphwbcK6JDvt6Cp67pIeL%2BKdJEGPD5TrMcmgm4aRFtU0jxtLgbaDwT%2Bn%2B%2FXVFHexvyoKPdrv%2Fwad6YywWdXb0eGF2TYukdU4lnFYKTj%2FWPG9XCaajU6MqZ2GuNSdTgnCmxxpm72KnhSSkI%2BO42pRGMt5V9"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8667417abc6e31f8-MIA alt-svc h3=":443"; ma=86400
GET H3	200	icons.woff2 consultas.aperturatusolicitud.info/wp-content/fuente/	62 KB 63 KB	1444ms 1443ms	Font font/woff2	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consultas.aperturatusolicitud.info/wp-content/fuente/icons.woff2 Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/wp-content/stylo.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `89e7446c433282f7156d401c17b2268d6e45ca4b32f577bfe5c2a1a531e1dfab` Request headers Referer https://consultas.aperturatusolicitud.info/wp-content/stylo.css Origin https://consultas.aperturatusolicitud.info accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:47 GMT cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"f900-60e864a95c600-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dkvVoq4fSklscl8WXUbcOyl%2BaG2f8epvC8l8lOlkeCObGY45zuRcSpWWLqsQqIsdkNBzBSzgU3LkMx3%2FZ9V8yfrW4chwxGipKTSqMwShK1JN3zemnNbNFOSgeYOB1tsLOKgMSiILh47nh%2FglwqDvThejfcMLu5UZQfEGbqgfzose"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 cf-ray 8667417abc6f31f8-MIA alt-svc h3=":443"; ma=86400
GET H3	200	242863_E_0.woff2 consultas.aperturatusolicitud.info/wp-content/fuente/	36 KB 37 KB	1491ms 1490ms	Font font/woff2	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consultas.aperturatusolicitud.info/wp-content/fuente/242863_E_0.woff2 Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/wp-content/stylo.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b20b970309c9c3d108c026f0d93d2b675ac510c831f71f0a6939b1caca36c592` Request headers Referer https://consultas.aperturatusolicitud.info/wp-content/stylo.css Origin https://consultas.aperturatusolicitud.info accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:47 GMT cf-cache-status MISS last-modified Tue, 09 Jan 2024 17:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"9028-60e864a95c600-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5k63aeMG5yXQs1ANqdEieYBSBQDzDIB7%2BRmD%2ByvZAK7GoAejCHxi%2FLOiDqcnIaXP4PD7JsPRsF%2ByV%2FveqRKbN%2FV8JOCc2NxHefr26hupjeK5y33yFOzrqYJhmQAC4jP%2BEUufkL7UKlJ%2F%2F5p7RcAFchH4Tht09rowNcPDWhV2GSHw"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 cf-ray 8667417abc7131f8-MIA alt-svc h3=":443"; ma=86400
GET H3	404	242863_C_0.woff consultas.aperturatusolicitud.info/wp-content/fuente/	0 0	531ms 530ms	Font text/html	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consultas.aperturatusolicitud.info/wp-content/fuente/242863_C_0.woff Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/wp-content/stylo.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://consultas.aperturatusolicitud.info/wp-content/stylo.css Origin https://consultas.aperturatusolicitud.info accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:47 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8kl2a3lzMlVC3CUYNWmPRXoJ1DAJwg82XAJuGM1OymdL%2BZq0FbAOpe6Eae9GrovCXt7vakdHm7SHo3NrCDmcDpHP2jSkivvBm%2BDZHuZ79a8bC20z6q7pqGKMrp3BsO6eJUICIAwWnPrtgxBJadpzLCv8l00Tg0t1mgaTAdLGydYr"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8667417e2b3931f8-MIA alt-svc h3=":443"; ma=86400
GET H3	404	242863_C_0.ttf consultas.aperturatusolicitud.info/wp-content/fuente/	0 0	530ms 530ms	Font text/html	2606:4700:3036::ac43:8337 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consultas.aperturatusolicitud.info/wp-content/fuente/242863_C_0.ttf Requested by Host: consultas.aperturatusolicitud.info URL: https://consultas.aperturatusolicitud.info/wp-content/stylo.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:8337 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://consultas.aperturatusolicitud.info/wp-content/stylo.css Origin https://consultas.aperturatusolicitud.info accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 18:23:47 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSiR9NOxbMjom6L4meV2yTWJSgKXlyCUwrnhFMAyVa3Au3toW0R8BnlfGDJMctrDeOWjd7nizj%2Ble5xoXIO8fNc9K02IPETpVeFDC8O0VNk7vrdj%2B7KUWgyDoGoAKgqPT%2F5odRx8l7Awil1Id2G17XY1RH60EB9XFt8MADx%2FXzZB"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 86674181793b31f8-MIA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco de Crédito del Perú (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| filtrex function| post

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://consultas.aperturatusolicitud.info/wp-content/fuente/242863_C_0.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://consultas.aperturatusolicitud.info/wp-content/fuente/242863_C_0.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://consultas.aperturatusolicitud.info/wp-content/fuente/242863_C_0.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consultas.aperturatusolicitud.info
2606:4700:3036::ac43:8337
12dc8b98e41da945d7986329534be7796c67d57eb9188b72c14d673527b25ca3
172472d9b72d8be8e681b38fff7b094fc60840c1247a3f0ff963d2b2499dee1f
27817cc668bec9c1bf7121be792e394b2e429ed7f1e2cd8ed40bfa198b947260
2a9e19ec399115010f1a659c59f9f0ac000f82910fdd0577e3a6800ac037cd0b
3248b5d2f2827c6b2e53afcce755ee9be9fbd573a68c09be815c85c0a15ba595
3ae9c970964fb43809f1493a8b469197b53a384d06ea332dda04c9ee3628be1e
449a762acaaea4a237d5e28917804f7e47f666244014dea10b814bc2930b2737
6ebf0b01b6a6b91ee30ee25f898210abaf1bd00458d5268b2751d1183b42cbd2
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
89e7446c433282f7156d401c17b2268d6e45ca4b32f577bfe5c2a1a531e1dfab
902c5e954279929f3f3b1e8f1fd1152b94831fc35af53112e3bb41759655b0b5
ab08f8acb8445fa0fe3792059ad3c9feb64b4d56bc78b7caa47fb0484e3841e0
b20b970309c9c3d108c026f0d93d2b675ac510c831f71f0a6939b1caca36c592
b688023d479ad8a3caa22a93c3ef4eb4f8cc086e5097b984f1110573904b42ad
beb64a7f93a96115e3c678b68b88b90cc9befa5c6d8e57e284c8d65ea580a910

consultas.aperturatusolicitud.info Open in urlscan Pro 2606:4700:3036::ac43:8337 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

414 kBTransfer

879 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

consultas.aperturatusolicitud.info Open in urlscan Pro
2606:4700:3036::ac43:8337 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

414 kB
Transfer

879 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!