mygas-mypay.com
Open in
urlscan Pro
198.187.31.160
Malicious Activity!
Public Scan
Effective URL: https://mygas-mypay.com/Login.php?sslchannel=true&sessionid=z6mCv1s68EVjcY7W3jCDG9RBnDpGqUJXKmKXgml3Sgcot64TXfFrjExqwBH7...
Submission: On April 05 via manual from GB
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 3rd 2021. Valid for: a year.
This is the only time mygas-mypay.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: British Gas (Utility)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 18 | 198.187.31.160 198.187.31.160 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
16 | 1 |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium97-3.web-hosting.com
mygas-mypay.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
mygas-mypay.com
2 redirects
mygas-mypay.com |
260 KB |
16 | 1 |
Domain | Requested by | |
---|---|---|
18 | mygas-mypay.com |
2 redirects
mygas-mypay.com
|
16 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.britishgas.co.uk |
onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mygas-mypay.com Sectigo RSA Domain Validation Secure Server CA |
2021-04-03 - 2022-04-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://mygas-mypay.com/Login.php?sslchannel=true&sessionid=z6mCv1s68EVjcY7W3jCDG9RBnDpGqUJXKmKXgml3Sgcot64TXfFrjExqwBH7sLcECKonDzndih3weLWawXnKJ8f4C8dU1zuNBQPoW8OlAGP5o8rLYiUA6uyZuXGIlXY9Kr
Frame ID: 172893B0B5894873405F1B9A39C5176C
Requests: 16 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://mygas-mypay.com/
HTTP 301
https://mygas-mypay.com/ HTTP 302
https://mygas-mypay.com/Login.php?sslchannel=true&sessionid=z6mCv1s68EVjcY7W3jCDG9RBnDpGqUJXKmKXgml3... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: More Information
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mygas-mypay.com/
HTTP 301
https://mygas-mypay.com/ HTTP 302
https://mygas-mypay.com/Login.php?sslchannel=true&sessionid=z6mCv1s68EVjcY7W3jCDG9RBnDpGqUJXKmKXgml3Sgcot64TXfFrjExqwBH7sLcECKonDzndih3weLWawXnKJ8f4C8dU1zuNBQPoW8OlAGP5o8rLYiUA6uyZuXGIlXY9Kr Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Login.php
mygas-mypay.com/ Redirect Chain
|
408 KB 121 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-vi-4.1.0.css
mygas-mypay.com/assets/css/ |
297 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
mygas-mypay.com/assets/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
mygas-mypay.com/assets/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-vi-4.css
mygas-mypay.com/assets/css/ |
214 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-a09fed3867270aa1370f907d6338f0c1.css
mygas-mypay.com/assets/css/ |
183 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identity-d511dfadc782f9427f545f3aeb98e0b2.css
mygas-mypay.com/assets/css/ |
25 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optanon.css
mygas-mypay.com/assets/css/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nucleus.min.js
mygas-mypay.com/assets/js/ |
228 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hpp-embedded-integration-library.css
mygas-mypay.com/assets/css/ |
122 B 264 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-logo-mobile.svg
mygas-mypay.com/assets/img/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
megamenu.png
mygas-mypay.com/assets/img/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navigation_image_hive.png
mygas-mypay.com/assets/img/ |
48 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rewards-logo.png
mygas-mypay.com/assets/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-app.png
mygas-mypay.com/assets/img/ |
64 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style_survey_v3.css
mygas-mypay.com/assets/css/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: British Gas (Utility)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mygas-mypay.com
198.187.31.160
06b26acc9673dcdef6cd50822c2ade6d4964a8be8ef63d123bf41cbf8a2ae011
0b09bd432167b281c5a25bcc8b257e2f1c1ae28a7930d0cad0cbfbfb10759d21
11715c8e28d67a86cbbe9b96be976228013600dcef05179d26d13d2aca1e8aaf
14fd07b0d1a64a1059fda926e24c73d9fb4f199af50cf26e1cf7fa5f6988f2ef
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
500f068123155e82228e3e5bdf823dcb205435517ae1ec083ff6fc7fc92269fa
5ccae84a95bd53bd6edbd5789a3af69a8a163fcba1a82ac2cc50b54bb144ea94
76474a324d32396333c2da247d725301b9593464faf0203d6ff4a59121f2d73b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
d50f03a4bb1b106a50b1056dfea164423cf16b250689e0bfeb236470890b9330
ef0ac5e72f125224ebc68eb5580c944487d8d42831ec695323a30caf6490bdb4