apprecargas.jirehtel.com
Open in
urlscan Pro
2606:4700:310c::ac42:2c73
Malicious Activity!
Public Scan
Submission: On February 13 via api from US — Scanned from US
Summary
TLS certificate: Issued by E1 on February 12th 2024. Valid for: 3 months.
This is the only time apprecargas.jirehtel.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 2606:4700:310... 2606:4700:310c::ac42:2c73 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2607:f8b0:400... 2607:f8b0:4004:c0b::54 | 15169 (GOOGLE) (GOOGLE) | |
5 | 2607:f8b0:400... 2607:f8b0:4006:80f::2003 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2607:f8b0:400... 2607:f8b0:4006:806::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:303... 2606:4700:3036::6815:324e | () () | |
32 | 6 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
jirehtel.com
apprecargas.jirehtel.com |
3 MB |
5 |
gstatic.com
www.gstatic.com |
127 KB |
4 |
googleapis.com
identitytoolkit.googleapis.com — Cisco Umbrella Rank: 4032 |
2 KB |
2 |
google.com
accounts.google.com — Cisco Umbrella Rank: 30 |
80 KB |
1 |
linntae.mx
linntae.mx |
|
32 | 5 |
Domain | Requested by | |
---|---|---|
18 | apprecargas.jirehtel.com |
apprecargas.jirehtel.com
|
5 | www.gstatic.com |
apprecargas.jirehtel.com
|
4 | identitytoolkit.googleapis.com |
www.gstatic.com
|
2 | accounts.google.com |
apprecargas.jirehtel.com
accounts.google.com |
1 | linntae.mx |
apprecargas.jirehtel.com
|
32 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
apprecargas.jirehtel.com E1 |
2024-02-12 - 2024-05-12 |
3 months | crt.sh |
accounts.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
linntae.mx GTS CA 1P5 |
2024-01-30 - 2024-04-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://apprecargas.jirehtel.com/
Frame ID: B103EB65F5A40624D5985D305D8632F6
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
RecargasDetected technologies
Firebase (Databases) ExpandDetected patterns
- /firebasejs/([\d.]+)/firebase
Google Sign-in (Social logins) Expand
Detected patterns
- <meta[^>]*google-signin-client_id
- accounts\.google\.com/gsi/client
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
apprecargas.jirehtel.com/ |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.dart.js
apprecargas.jirehtel.com/ |
7 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
FontManifest.json
apprecargas.jirehtel.com/assets/ |
1 KB 806 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MaterialIcons-Regular.otf
apprecargas.jirehtel.com/assets/fonts/ |
23 KB 13 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
poppins_regular.ttf
apprecargas.jirehtel.com/assets/fonts/ |
154 KB 70 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
poppins_extra_bold.ttf
apprecargas.jirehtel.com/assets/fonts/ |
149 KB 69 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
poppins_bold.ttf
apprecargas.jirehtel.com/assets/fonts/ |
150 KB 69 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
poppins_medium.ttf
apprecargas.jirehtel.com/assets/fonts/ |
153 KB 69 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
poppins_semi_bold.ttf
apprecargas.jirehtel.com/assets/fonts/ |
152 KB 69 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
poppins_italic.ttf
apprecargas.jirehtel.com/assets/fonts/ |
178 KB 80 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LinntaeIcons.ttf
apprecargas.jirehtel.com/assets/fonts/ |
16 KB 12 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
CupertinoIcons.ttf
apprecargas.jirehtel.com/assets/packages/cupertino_icons/assets/ |
2 KB 2 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-brands-400.ttf
apprecargas.jirehtel.com/assets/packages/font_awesome_flutter/lib/fonts/ |
165 KB 101 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-regular-400.ttf
apprecargas.jirehtel.com/assets/packages/font_awesome_flutter/lib/fonts/ |
48 KB 20 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.ttf
apprecargas.jirehtel.com/assets/packages/font_awesome_flutter/lib/fonts/ |
349 KB 141 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client
accounts.google.com/gsi/ |
206 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
no_sleep.js
apprecargas.jirehtel.com/assets/packages/wakelock_plus/assets/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
firebase-app.js
www.gstatic.com/firebasejs/10.1.0/ |
91 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
firebase-auth.js
www.gstatic.com/firebasejs/10.1.0/ |
139 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
firebase-database.js
www.gstatic.com/firebasejs/10.1.0/ |
182 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
firebase-messaging.js
www.gstatic.com/firebasejs/10.1.0/ |
28 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
firebase-storage.js
www.gstatic.com/firebasejs/10.1.0/ |
45 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
accounts:signInWithPassword
identitytoolkit.googleapis.com/v1/ |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
accounts:signInWithPassword
identitytoolkit.googleapis.com/v1/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
accounts:lookup
identitytoolkit.googleapis.com/v1/ |
684 B 382 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
accounts:lookup
identitytoolkit.googleapis.com/v1/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style
accounts.google.com/gsi/ |
533 B 608 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
version.json
apprecargas.jirehtel.com/ |
86 B 569 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AssetManifest.bin
apprecargas.jirehtel.com/assets/ |
3 KB 3 KB |
Fetch
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
getInfoMarca.json
linntae.mx/anonymous/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
getInfoMarca.json
linntae.mx/anonymous/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
background_web.png
apprecargas.jirehtel.com/assets/assets/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- linntae.mx
- URL
- https://linntae.mx/anonymous/getInfoMarca.json?dominio=apprecargas.jirehtel.com&deviceData=web%3BWin32%2C+chrome%3B5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F121.0.6167.160+Safari%2F537.36
- Domain
- apprecargas.jirehtel.com
- URL
- https://apprecargas.jirehtel.com/assets/assets/images/background_web.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| serviceWorkerVersion boolean| scriptLoaded function| loadMainDartJs string| flutterWebRenderer function| _flutter_web_set_location_strategy function| onGoogleLibraryLoad string| webm string| mp4 function| _createClass function| _classCallCheck boolean| oldIOS boolean| nativeWakeLock function| NoSleep object| noSleep object| Wakelock object| default_gsi object| _F_toggles object| google object| firebase_storage object| firebase_messaging object| firebase_core object| firebase_database object| firebase_auth object| __G_ID_CLIENT__ object| closure_lm_7789010 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
apprecargas.jirehtel.com
identitytoolkit.googleapis.com
linntae.mx
www.gstatic.com
apprecargas.jirehtel.com
linntae.mx
2606:4700:3036::6815:324e
2606:4700:310c::ac42:2c73
2607:f8b0:4004:c0b::54
2607:f8b0:4006:806::200a
2607:f8b0:4006:80f::2003
0898631a7a27908e048043bf7c23dd252fef0741d1937031905b06e17b7fee7a
16ebf0f5c975d8e4beb2eebc9b7780603277deb1c153d78b42e67ae8c2726cf4
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1e532405b2bc881fca0e4261e08585f4e1cfd1b5ea92e204b6d02e9a965da7b4
2395721ec2a7ba59d9ea05e0567339ca73d280e8768fb3f7eceb6fd2c1824913
32919b54dcd07bf49a2fa312b1406dd8e317699e0663eae297aa957f64f1be3b
447fca67794b281eb65229e4876d7a68b38f5cb70e98563629b7408bcf024808
49003edf417b7531ac27bce16596b3e067cf71057220e76ef6d3bc59f64dbdec
4d75cd8753d2e1519c230cb33d75e93df952c142ffda25d9a8669010078b4ee3
6b04ad8cd0e6be09eb285526cc0e4f66f84ae231d7eeffa4569f65b9fc3d511d
78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527
b1116ecf93db2a2661a469cb6d1b342ce5cba037e8b3e04e57b4cbe1ae9ba8eb
b6f8acd108f41dcd50b0e0727f8f7ef35604d88410facbbf1760ed94ff721a6b
bf5ec990d23d6b654b283d9c357b4794bca43a778f11ac9c0f674ddc07f376c7
bf9c1ff640acc8bb5441a9b564360943f9db90969742aa33a36329b2828d2759
c21da36fc37430185c83fdeb6e9ea9ac9e91bd62c6386c864e7b7b6041943829
c24de5695a67f26e8e1a2770f7a62f82d1aae59a68c498412bf7986beeb7d84b
c60fd47e09dba195123a9b88c3d7dd978a68efc186a574bfe7e40cb0cab5e724
d9f9f281e6a6da60cb229c80cf118a1dce9d47149584a21d097f542a9c8a3a96
dce4eef0b197b640ad6aaab2228ee1ee7dccf8bd6d6b5de5484dd1bd16430a78
e297316a4fd3827fecd066e29dbc5dfb977645b5af2351ebe4ddc4c572a5f3e7
e332fc2e3dff42f5de1aec574ff1bf976455b1adc223ce7817cb64c7c867e49e
e554db189b5d944ef0e6f98ee0e4e8c75f69e95315dc9f4ae0c616a8756a2ba4
e68cb27bed42fe434be64d0d6296d8dc5b81686a725fe31d4293509f8598636e
ea9f09bc65f018c412c75f7e632c88e844c306ecbd582df35125f4a642446713
f962c72b0d4d68053db9363544d199b4f8112c13951e036bf153ad6afdb471c8
fd0448019e06c3125257f7ecf2f3777f9215d6bc24189c417e5cd76c9dabb297