mgfs.es Open in urlscan Pro
185.176.9.32 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mgfs.es/insidei5/payment.php
Submission: On January 03 via manual (January 3rd 2022, 6:19:01 pm UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 20 HTTP transactions. The main IP is 185.176.9.32, located in Spain and belongs to AXARNET-AS, ES. The main domain is mgfs.es.
TLS certificate: Issued by R3 on November 30th 2021. Valid for: 3 months.

This is the only time mgfs.es was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Saudi Post (Government)

Domain & IP information

	IP Address		AS Autonomous System
20	185.176.9.32 185.176.9.32		50926 (AXARNET-AS) (AXARNET-AS)
20	1

20 185.176.9.32 (Spain)

ASN50926 (AXARNET-AS, ES)
PTR: chl09032.avzservicios.es

mgfs.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	mgfs.es mgfs.es	949 KB
20	1

	Domain	Requested by
20	mgfs.es	mgfs.es
20	1

This site contains no links.

Subject Issuer	Validity	Valid
nortec-control.es R3	`2021-11-30` - `2022-02-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mgfs.es/insidei5/payment.php
Frame ID: C28E1EBCDDE006A726C7D387A7CF7EA5
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Saudi Post - Simple & Trusted Payments

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

949 kB
Transfer

945 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request payment.php Show response mgfs.es/insidei5/	17 KB 17 KB	178ms 60ms	Document text/html	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `a986c719cec3f724474437ef3a91f066d3e23c3543e667294d7a770df6ea296e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	bootstrap.css mgfs.es/insidei5/files/	140 KB 140 KB	96ms 57ms	Stylesheet text/css	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://mgfs.es/insidei5/files/bootstrap.css Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `e3ac3b8c4a13f2f0ae8c1ae1ecffa93f7f3528c05d440141f83cfea940132d6d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 143399
GET H/1.1	200 OK	custom.css mgfs.es/insidei5/files/	12 KB 12 KB	168ms 57ms	Stylesheet text/css	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://mgfs.es/insidei5/files/custom.css Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `1027cddddbd69edd1f84013d8f86a9bafa415503b104e5e1fb003b70e5362e3b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 12037
GET H/1.1	200 OK	style.css mgfs.es/insidei5/files/	2 KB 2 KB	168ms 56ms	Stylesheet text/css	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://mgfs.es/insidei5/files/style.css Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `68b7e9302357f948488decd18e467a578a663902ec7b18773f680eca120e8cd9` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1782
GET H/1.1	200 OK	opensans.css mgfs.es/insidei5/files/	1 KB 1 KB	168ms 56ms	Stylesheet text/css	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://mgfs.es/insidei5/files/opensans.css Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `7b813b380d5e99d9d7ae94501469895cb3658f7b45d91ac6cfdfaa3665388112` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1193
GET H/1.1	200 OK	intlTelInput.css mgfs.es/insidei5/build/css/	25 KB 25 KB	170ms 56ms	Stylesheet text/css	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://mgfs.es/insidei5/build/css/intlTelInput.css Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 25254
GET H/1.1	200 OK	loading_payment.gif mgfs.es/insidei5/files/	11 KB 11 KB	170ms 57ms	Image image/gif	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mgfs.es/insidei5/files/loading_payment.gif Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `5432b59decde382eae206cbe12dee7dd05ca9dcacb67f027a59b6a97a4379f07` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 10819
GET H/1.1	200 OK	62617_1589791686.png mgfs.es/insidei5/files/	12 KB 12 KB	57ms 57ms	Image image/png	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mgfs.es/insidei5/files/62617_1589791686.png Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `16893732c1d56cff7778f74e569a833e345cc0f0fb0c3226380d7bcf414f51fe` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 12128
GET H/1.1	200 OK	58482363cef1014c0b5e49c1.png mgfs.es/insidei5/files/	80 KB 81 KB	311ms 310ms	Image image/png	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mgfs.es/insidei5/files/58482363cef1014c0b5e49c1.png Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `60fc37f80886700e21b2f04c04bf880087a5a69d87a530e33d11e4eaea5ac67c` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 82387
GET H/1.1	200 OK	58482354cef1014c0b5e49c0.png mgfs.es/insidei5/files/	37 KB 38 KB	56ms 56ms	Image image/png	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mgfs.es/insidei5/files/58482354cef1014c0b5e49c0.png Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `750ac8d2bd2d0168a404a67733239d84262902c0dc2f231fff66182436a6e0c4` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 38193
GET H/1.1	200 OK	intlTelInput.js Show response mgfs.es/insidei5/build/js/	87 KB 87 KB	312ms 311ms	Script application/javascript	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://mgfs.es/insidei5/build/js/intlTelInput.js Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `1bc2d5be2d753eaf2f6c0e91bdb24a95a9e20d19e1d76edcbf1a0bb13818643f` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 89338
GET H/1.1	200 OK	cards.png mgfs.es/insidei5/files/	18 KB 18 KB	57ms 56ms	Image image/png	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mgfs.es/insidei5/files/cards.png Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `0434701192cc2fbfad32f66624b56676a8f416d3d94b259fa1eb1aaa60f6ad39` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 18118
GET H/1.1	200 OK	cards1.png mgfs.es/insidei5/files/	17 KB 17 KB	57ms 57ms	Image image/png	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mgfs.es/insidei5/files/cards1.png Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `186c8713eeaa90ab36660a4ae84f95e51aa3730dd3543c5ce18e776108a75b60` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 17252
GET H/1.1	200 OK	trust-removebg-preview.png mgfs.es/insidei5/files/	132 KB 132 KB	57ms 57ms	Image image/png	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mgfs.es/insidei5/files/trust-removebg-preview.png Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `4f1bf1cc5ae0cd0c356965fd378e4e9c30268533949d65349c2d4315852627a0` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 135423
GET H/1.1	200 OK	express-checkout.png mgfs.es/insidei5/files/	37 KB 37 KB	58ms 57ms	Image image/png	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mgfs.es/insidei5/files/express-checkout.png Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/payment.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `1a84a7da15921a85f7a8bd195b2eee6310715e1d9afa14bf75b2ce6fd7bfd52d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:54 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 37960
GET H/1.1	404 CategorÃa no encontrada	mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 mgfs.es/insidei5/files/	0 0	232ms 232ms	Font text/html	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://mgfs.es/insidei5/files/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/files/opensans.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash Request headers Referer https://mgfs.es/insidei5/files/opensans.css Origin https://mgfs.es Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Mon, 03 Jan 2022 18:18:54 GMT Server Apache Transfer-Encoding chunked P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Keep-Alive timeout=5, max=98
GET H/1.1	404 CategorÃa no encontrada	mem5YaGs126MiZpBA-UNirkOUuhp.woff2 mgfs.es/insidei5/files/	0 0	257ms 225ms	Font text/html	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://mgfs.es/insidei5/files/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/files/opensans.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash Request headers Referer https://mgfs.es/insidei5/files/opensans.css Origin https://mgfs.es Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Mon, 03 Jan 2022 18:18:54 GMT Server Apache Transfer-Encoding chunked P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Keep-Alive timeout=5, max=97
GET H/1.1	404 CategorÃa no encontrada	mem8YaGs126MiZpBA-UFVZ0b.woff2 mgfs.es/insidei5/files/	0 0	312ms 225ms	Font text/html	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://mgfs.es/insidei5/files/mem8YaGs126MiZpBA-UFVZ0b.woff2 Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/files/opensans.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash Request headers Referer https://mgfs.es/insidei5/files/opensans.css Origin https://mgfs.es Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Mon, 03 Jan 2022 18:18:54 GMT Server Apache Transfer-Encoding chunked P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Keep-Alive timeout=5, max=97
GET H/1.1	200 OK	flags.png mgfs.es/insidei5/build/img/	69 KB 69 KB	57ms 57ms	Image image/png	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mgfs.es/insidei5/build/img/flags.png Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/build/css/intlTelInput.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/build/css/intlTelInput.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:55 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 70857
GET H/1.1	200 OK	utils.js Show response mgfs.es/insidei5/build/js/	248 KB 248 KB	57ms 57ms	Script application/javascript	185.176.9.32 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://mgfs.es/insidei5/build/js/utils.js Requested by Host: mgfs.es URL: https://mgfs.es/insidei5/build/js/intlTelInput.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.176.9.32 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS chl09032.avzservicios.es Software Apache / Resource Hash `aeb6bc2ecd957d24b8bb08c9ebd6248835fbf6bbed3eeb1ac61d403eed193f56` Request headers Accept-Language de-DE,de;q=0.9 Referer https://mgfs.es/insidei5/payment.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 03 Jan 2022 18:18:55 GMT Last-Modified Sat, 23 Oct 2021 17:06:54 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 254079

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Saudi Post (Government)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mgfs.es/	1969-12-31 23:59:59	Name: 33d8453b92cd2e72ede95328d0bfa4e2 Value: mfojti2dcg9t16pm01h80oi2b1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mgfs.es/insidei5/files/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 Message: Failed to load resource: the server responded with a status of 404 (CategorÃa no encontrada)
network	error	URL: https://mgfs.es/insidei5/files/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 Message: Failed to load resource: the server responded with a status of 404 (CategorÃa no encontrada)
network	error	URL: https://mgfs.es/insidei5/files/mem8YaGs126MiZpBA-UFVZ0b.woff2 Message: Failed to load resource: the server responded with a status of 404 (CategorÃa no encontrada)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mgfs.es
185.176.9.32
0434701192cc2fbfad32f66624b56676a8f416d3d94b259fa1eb1aaa60f6ad39
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
1027cddddbd69edd1f84013d8f86a9bafa415503b104e5e1fb003b70e5362e3b
16893732c1d56cff7778f74e569a833e345cc0f0fb0c3226380d7bcf414f51fe
186c8713eeaa90ab36660a4ae84f95e51aa3730dd3543c5ce18e776108a75b60
1a84a7da15921a85f7a8bd195b2eee6310715e1d9afa14bf75b2ce6fd7bfd52d
1bc2d5be2d753eaf2f6c0e91bdb24a95a9e20d19e1d76edcbf1a0bb13818643f
4f1bf1cc5ae0cd0c356965fd378e4e9c30268533949d65349c2d4315852627a0
5432b59decde382eae206cbe12dee7dd05ca9dcacb67f027a59b6a97a4379f07
60fc37f80886700e21b2f04c04bf880087a5a69d87a530e33d11e4eaea5ac67c
68b7e9302357f948488decd18e467a578a663902ec7b18773f680eca120e8cd9
750ac8d2bd2d0168a404a67733239d84262902c0dc2f231fff66182436a6e0c4
7b813b380d5e99d9d7ae94501469895cb3658f7b45d91ac6cfdfaa3665388112
a986c719cec3f724474437ef3a91f066d3e23c3543e667294d7a770df6ea296e
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
aeb6bc2ecd957d24b8bb08c9ebd6248835fbf6bbed3eeb1ac61d403eed193f56
e3ac3b8c4a13f2f0ae8c1ae1ecffa93f7f3528c05d440141f83cfea940132d6d

mgfs.es Open in urlscan Pro 185.176.9.32 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

949 kBTransfer

945 kBSize

1 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

mgfs.es Open in urlscan Pro
185.176.9.32 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

949 kB
Transfer

945 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!