consultas.aperturatusolicitud.info
Open in
urlscan Pro
2606:4700:3036::ac43:8337
Malicious Activity!
Public Scan
Submission: On March 18 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on March 14th 2024. Valid for: 3 months.
This is the only time consultas.aperturatusolicitud.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco de Crédito del Perú (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 2606:4700:303... 2606:4700:3036::ac43:8337 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 1 |
ASN13335 (CLOUDFLARENET, US)
consultas.aperturatusolicitud.info |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
aperturatusolicitud.info
consultas.aperturatusolicitud.info |
414 KB |
18 | 1 |
Domain | Requested by | |
---|---|---|
18 | consultas.aperturatusolicitud.info |
consultas.aperturatusolicitud.info
|
18 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
aperturatusolicitud.info GTS CA 1P5 |
2024-03-14 - 2024-06-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://consultas.aperturatusolicitud.info/
Frame ID: 09664E4C070BAB54D081C2C39577BB30
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
#PrestamoDigital BCPDetected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
consultas.aperturatusolicitud.info/ |
25 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
consultas.aperturatusolicitud.info/wp-content/ |
257 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylo.css
consultas.aperturatusolicitud.info/wp-content/ |
188 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner.gif
consultas.aperturatusolicitud.info/wp-content/ |
37 KB 37 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dark-default.svg
consultas.aperturatusolicitud.info/wp-content/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fondo.png
consultas.aperturatusolicitud.info/wp-content/ |
138 KB 139 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spots-b-bill-three-d.svg
consultas.aperturatusolicitud.info/wp-content/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spots-p-padlock-d.svg
consultas.aperturatusolicitud.info/wp-content/ |
622 B 706 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spots-l-list-circle-d.svg
consultas.aperturatusolicitud.info/wp-content/ |
1 KB 878 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dark-grey.svg
consultas.aperturatusolicitud.info/wp-content/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.1.0.min.js
consultas.aperturatusolicitud.info/wp-content/ |
84 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
node.js
consultas.aperturatusolicitud.info/wp-content/ |
952 B 578 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
242863_3_0.woff2
consultas.aperturatusolicitud.info/wp-content/fuente/ |
36 KB 37 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
242863_C_0.woff2
consultas.aperturatusolicitud.info/wp-content/fuente/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons.woff2
consultas.aperturatusolicitud.info/wp-content/fuente/ |
62 KB 63 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
242863_E_0.woff2
consultas.aperturatusolicitud.info/wp-content/fuente/ |
36 KB 37 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
242863_C_0.woff
consultas.aperturatusolicitud.info/wp-content/fuente/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
242863_C_0.ttf
consultas.aperturatusolicitud.info/wp-content/fuente/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco de Crédito del Perú (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| filtrex function| post0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
consultas.aperturatusolicitud.info
2606:4700:3036::ac43:8337
12dc8b98e41da945d7986329534be7796c67d57eb9188b72c14d673527b25ca3
172472d9b72d8be8e681b38fff7b094fc60840c1247a3f0ff963d2b2499dee1f
27817cc668bec9c1bf7121be792e394b2e429ed7f1e2cd8ed40bfa198b947260
2a9e19ec399115010f1a659c59f9f0ac000f82910fdd0577e3a6800ac037cd0b
3248b5d2f2827c6b2e53afcce755ee9be9fbd573a68c09be815c85c0a15ba595
3ae9c970964fb43809f1493a8b469197b53a384d06ea332dda04c9ee3628be1e
449a762acaaea4a237d5e28917804f7e47f666244014dea10b814bc2930b2737
6ebf0b01b6a6b91ee30ee25f898210abaf1bd00458d5268b2751d1183b42cbd2
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
89e7446c433282f7156d401c17b2268d6e45ca4b32f577bfe5c2a1a531e1dfab
902c5e954279929f3f3b1e8f1fd1152b94831fc35af53112e3bb41759655b0b5
ab08f8acb8445fa0fe3792059ad3c9feb64b4d56bc78b7caa47fb0484e3841e0
b20b970309c9c3d108c026f0d93d2b675ac510c831f71f0a6939b1caca36c592
b688023d479ad8a3caa22a93c3ef4eb4f8cc086e5097b984f1110573904b42ad
beb64a7f93a96115e3c678b68b88b90cc9befa5c6d8e57e284c8d65ea580a910