activacion.vodafone-was.es Open in urlscan Pro
45.223.61.237 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://activacion.vodafone-was.es/
Submission: On July 06 via automatic, source certstream-suspicious (July 6th 2024, 4:15:26 pm UTC) — Scanned from ES

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 45.223.61.237, located in United States and belongs to INCAPSULA, US. The main domain is activacion.vodafone-was.es.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q2 on July 5th 2024. Valid for: 6 months.

This is the only time activacion.vodafone-was.es was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Vodafone (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
19	45.223.61.237 45.223.61.237		19551 (INCAPSULA) (INCAPSULA)
19	1

19 45.223.61.237 (United States)

ASN19551 (INCAPSULA, US)

activacion.vodafone-was.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	vodafone-was.es activacion.vodafone-was.es	724 KB
19	1

	Domain	Requested by
19	activacion.vodafone-was.es	activacion.vodafone-was.es
19	1

This site contains no links.

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-07-05` - `2025-01-01`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://activacion.vodafone-was.es/
Frame ID: E8E3CA7187A382391659013187F5663C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vodafone | Activa tu tarjeta prepago desde cualquier sitio con Vodafone.

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

724 kB
Transfer

1326 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
activacion.vodafone-was.es/ 3 KB
2 KB 1106ms
996ms Document
text/html 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

b518ba7d4f057077328805e91c8a5cbf2117ace3beb98bd4754b16d3f41f07ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=60000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 06 Jul 2024 16:15:22 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Google Frontend
strict-transport-security: max-age=60000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-cdn: Imperva
x-cloud-trace-context: 98fef263592435c745147f4a73141395
x-frame-options: SAMEORIGIN
x-iinfo: 8-10509490-10509493 NNNN CT(0 14 0) RT(1720282520866 34) q(0 0 0 2) r(9 9) U24

GET
H2 200 aos.css
activacion.vodafone-was.es/assets/libs/aos/dist/ 28 KB
3 KB 106ms
104ms Stylesheet
text/css 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/assets/libs/aos/dist/aos.css

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8695f5fc64d65593f9763a5b28d14bc34e3cf802317e1ffad2125a7c8fedfafe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "705d-61c2b239350d0-gzip"
vary: Accept-Encoding
content-type: text/css
x-iinfo: 8-10509490-10509493 PNNN RT(1720282520866 1035) q(0 0 0 -1) r(0 0) U24
x-cloud-trace-context: 67bf096b0c426cde2fe1b294a3f4594c
cache-control: private
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 theme.min.css
activacion.vodafone-was.es/assets/css/ 343 KB
43 KB 136ms
135ms Stylesheet
text/css 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/assets/css/theme.min.css

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

f61f5fcb58c9ebae5d2d5aacac9fd248b8f71170870d0d7ace6822038edfb946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "55b84-61c2b2393318f-gzip"
vary: Accept-Encoding
content-type: text/css
x-iinfo: 8-10509490-10509552 NNNN CT(5 24 0) RT(1720282520866 1042) q(0 0 0 -1) r(0 0) U24
x-cloud-trace-context: f45fe670ac25b58453df81905ab9847d
cache-control: private
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 custom.css
activacion.vodafone-was.es/assets/css/ 40 KB
7 KB 117ms
117ms Stylesheet
text/css 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/assets/css/custom.css

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

a0c433d93da2304e57cf39261b6a18a1acfca65515e822352772ef56250c9ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "a04c-61c2b239321ef-gzip"
vary: Accept-Encoding
content-type: text/css
x-iinfo: 8-10509490-10509554 NNNN CT(4 23 0) RT(1720282520866 1048) q(0 0 0 -1) r(0 0) U24
x-cloud-trace-context: b50dd6e03a3e0f0132d4240f8a9a7a9e
cache-control: private
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 logo.png
activacion.vodafone-was.es/assets/img/ 13 KB
14 KB 106ms
106ms Image
image/png 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activacion.vodafone-was.es/assets/img/logo.png

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

eeeb9326ca5957df394d364ca447a95456a426a0e6c0967541ee87465d0a4766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "3519-61c2b23934130"
content-type: image/png
x-iinfo: 8-10509490-10509556 NNNN CT(4 8 0) RT(1720282520866 1051) q(0 0 0 -1) r(0 0) U24
x-cloud-trace-context: c65e165983080e02d47e0db654ebe9c2
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13593

GET
H2 200 ESP.png
activacion.vodafone-was.es/assets/img/ 429 B
581 B 105ms
105ms Image
image/png 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activacion.vodafone-was.es/assets/img/ESP.png

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

4da746da6b9fd81690abf2f0007fcbe9ae497abab5c214960c96b2b60c6bda65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "1ad-61c2b2393318f"
content-type: image/png
x-iinfo: 8-10509490-10509558 NNNN CT(4 6 0) RT(1720282520866 1053) q(0 0 0 -1) r(0 0) U24
x-cloud-trace-context: b85d858043adaf4d77cd1bbacb40075a
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 429

GET
H2 200 chevron-right_black.svg
activacion.vodafone-was.es/assets/img/ 212 B
321 B 101ms
99ms Image
image/svg+xml 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activacion.vodafone-was.es/assets/img/chevron-right_black.svg

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

cf17e35be358926b6ae4f0a1367986ead6c3039dde5f638f0e3c3888e68f7ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
via: 1.1 google
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "d4-61c2b23934130"
content-type: image/svg+xml
x-iinfo: 8-10509490-10509560 NNYN CT(5 5 0) RT(1720282520866 1055) q(0 0 0 -1) r(0 0) U24
x-cloud-trace-context: 8cc0601b55af02ba98fdf7c482acff8b
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ENG.png
activacion.vodafone-was.es/assets/img/ 1 KB
1 KB 126ms
125ms Image
image/png 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activacion.vodafone-was.es/assets/img/ENG.png

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

835ddcbb85b4fb7d8fdaee4ed3c24e799d3cb1f78bd9c4c5cf25922c0b35be32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "456-61c2b2393318f"
content-type: image/png
x-iinfo: 8-10509490-10509493 PNNN RT(1720282520866 1058) q(0 0 0 -1) r(0 0) U24
x-cloud-trace-context: 9a35367c5d3b67c8aa442dfbc718cf45
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1110

GET
H2 200 jquery.min.js Show response
activacion.vodafone-was.es/assets/libs/jquery/dist/ 88 KB
31 KB 139ms
138ms Script
application/javascript 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/assets/libs/jquery/dist/jquery.min.js

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "15e40-61c2b23936071-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 8-10509490-10509558 PNNN RT(1720282520866 1059) q(0 0 0 -1) r(1 1) U24
x-cloud-trace-context: b0300fa60d56d3c6fca82007f4d4ed15
cache-control: private
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bootstrap.bundle.min.js Show response
activacion.vodafone-was.es/assets/libs/bootstrap/dist/js/ 79 KB
23 KB 156ms
155ms Script
application/javascript 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/assets/libs/bootstrap/dist/js/bootstrap.bundle.min.js

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "13b3a-61c2b23936071-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 8-10509490-10509556 PNNN RT(1720282520866 1063) q(0 0 0 -1) r(1 1) U24
x-cloud-trace-context: f655a7b28be339c51cf3467e8115c5df
cache-control: private
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 aos.js Show response
activacion.vodafone-was.es/assets/libs/aos/dist/ 13 KB
5 KB 156ms
155ms Script
application/javascript 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/assets/libs/aos/dist/aos.js

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

dd1f9acf13b12f189da475e0f23c7c505767859ab620aac636964974093c281d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "35e8-61c2b23936071-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 8-10509490-10509560 PNNN RT(1720282520866 1065) q(0 0 0 -1) r(1 1) U24
x-cloud-trace-context: cb3cf19df81a6a7b7f68e92cd8e2cebf
cache-control: private
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 theme.min.js Show response
activacion.vodafone-was.es/assets/js/ 7 KB
2 KB 168ms
167ms Script
application/javascript 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/assets/js/theme.min.js

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

b5b787ae9871ca2e4dcf11d90d2cf2b67150b95b0fb9a2712e8246e9e0f74cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "1b3d-61c2b239350d0-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 8-10509490-10509554 PNNN RT(1720282520866 1067) q(0 1 1 -1) r(1 1) U24
x-cloud-trace-context: 9ff50e243f2464671c14ff6a551855d8
cache-control: private
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 script.js Show response
activacion.vodafone-was.es/assets/js/ 4 KB
1 KB 162ms
161ms Script
application/javascript 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/assets/js/script.js

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

b42fba48c00c788de7399b2b9ee6eba9060600fa7ba71b7e4381f0d053ff787a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "111c-61c2b239350d0-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 8-10509490-10509493 PNNN RT(1720282520866 1068) q(0 1 1 -1) r(1 1) U24
x-cloud-trace-context: b9d47927f01df8997c1e51f747f6477b
cache-control: private
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 _Incapsula_Resource Show response
activacion.vodafone-was.es/ 138 KB
19 KB 63ms
62ms Script
application/javascript 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=821674390

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fda9cc3471faa1c18a436c9d1e5aad5243860dfe5c44b49b08b68d189b9f61b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19772
content-type: application/javascript

GET
H2 200 bg1.jpg
activacion.vodafone-was.es/assets/img/ 368 KB
371 KB 80ms
80ms Image
image/jpeg 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activacion.vodafone-was.es/assets/img/bg1.jpg

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/assets/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

51b65afb7cbccf5e533a6a84a6c4da2884c6a20f610c803adf9cce2579384af4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/assets/css/custom.css
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "5c04b-61c2b2393318f"
content-type: image/jpeg
x-iinfo: 8-10509490-10509554 PNNN RT(1720282520866 1189) q(0 0 0 -1) r(1 1) U24
x-cloud-trace-context: cf4af20a49eda538856e0ccb04513d09
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 376907

GET
H2 200 Vodafone-Bold.ttf
activacion.vodafone-was.es/assets/css/fonts/ 94 KB
95 KB 76ms
75ms Font
font/ttf 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/assets/css/fonts/Vodafone-Bold.ttf

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/assets/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

b4bd11158c965495745daceed4f26778f5e285305fc4fe53aae75adafa29ceef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/assets/css/custom.css
Origin: https://activacion.vodafone-was.es
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "178f0-61c2b239321ef"
content-type: font/ttf
x-iinfo: 8-10509490-10509493 PNNN RT(1720282520866 1192) q(0 0 0 -1) r(1 1) U24
x-cloud-trace-context: ce118c214e814461d8eb3515b9bea5a9
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96496

GET
H2 200 Vodafone.ttf
activacion.vodafone-was.es/assets/css/fonts/ 105 KB
106 KB 106ms
106ms Font
font/ttf 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/assets/css/fonts/Vodafone.ttf

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/assets/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

b1a4575839ebf70d791e45f534ec4f1589aa263080ad5d037164d9f5c0e3a875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/assets/css/custom.css
Origin: https://activacion.vodafone-was.es
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "1a3ac-61c2b2393318f"
content-type: font/ttf
x-iinfo: 8-10509490-10509556 PNNN RT(1720282520866 1194) q(0 0 0 -1) r(1 1) U24
x-cloud-trace-context: eb6ac83e0043e8cbcaaaa3688bd709b7
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107436

GET
H2 200 _Incapsula_Resource
activacion.vodafone-was.es/ 1 B
36 B 31ms
31ms Image
text/plain 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activacion.vodafone-was.es/_Incapsula_Resource?SWKMTFSR=1&e=0.8145611684725829

Requested by

Host: activacion.vodafone-was.es
URL: https://activacion.vodafone-was.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 favicon.ico
activacion.vodafone-was.es/assets/img/ 1 KB
1 KB 80ms
79ms Other
image/vnd.microsoft.icon 45.223.61.237
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://activacion.vodafone-was.es/assets/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.61.237 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

13c3bb2a4a17e6b7622481cbca485f2b442b8cb533dd47bc5fdcdd08a58e2580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://activacion.vodafone-was.es/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 16:15:22 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 08:11:06 GMT
server: Google Frontend
x-cdn: Imperva
etag: "47e-61c2b23934130"
content-type: image/vnd.microsoft.icon
x-iinfo: 8-10509490-10509554 PNNN RT(1720282520866 1337) q(0 0 0 -1) r(0 0) U24
x-cloud-trace-context: 0d44596ddb236f452ed701e896fcd595
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1150

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Vodafone (Telecommunication)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
activacion.vodafone-was.es/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9a659efd0aafea61ef66c1bc7d94513d
.vodafone-was.es/	1970-01-21 06:35:54	Name: visid_incap_3102447 Value: MIWnPtHISvq9DvNedl95jZhtiWYAAAAAQUIPAAAAAACPdSuZiwExHvTn2ZKBD4ii
.vodafone-was.es/	1969-12-31 23:59:59	Name: incap_ses_1311_3102447 Value: 0r5ePB0N0Bim+ighpZsxEpltiWYAAAAALRR3w26fmbU0wtc555d5ug==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=60000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activacion.vodafone-was.es
45.223.61.237
13c3bb2a4a17e6b7622481cbca485f2b442b8cb533dd47bc5fdcdd08a58e2580
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
4da746da6b9fd81690abf2f0007fcbe9ae497abab5c214960c96b2b60c6bda65
51b65afb7cbccf5e533a6a84a6c4da2884c6a20f610c803adf9cce2579384af4
835ddcbb85b4fb7d8fdaee4ed3c24e799d3cb1f78bd9c4c5cf25922c0b35be32
8695f5fc64d65593f9763a5b28d14bc34e3cf802317e1ffad2125a7c8fedfafe
a0c433d93da2304e57cf39261b6a18a1acfca65515e822352772ef56250c9ce8
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b1a4575839ebf70d791e45f534ec4f1589aa263080ad5d037164d9f5c0e3a875
b42fba48c00c788de7399b2b9ee6eba9060600fa7ba71b7e4381f0d053ff787a
b4bd11158c965495745daceed4f26778f5e285305fc4fe53aae75adafa29ceef
b518ba7d4f057077328805e91c8a5cbf2117ace3beb98bd4754b16d3f41f07ec
b5b787ae9871ca2e4dcf11d90d2cf2b67150b95b0fb9a2712e8246e9e0f74cec
cf17e35be358926b6ae4f0a1367986ead6c3039dde5f638f0e3c3888e68f7ba8
dd1f9acf13b12f189da475e0f23c7c505767859ab620aac636964974093c281d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeeb9326ca5957df394d364ca447a95456a426a0e6c0967541ee87465d0a4766
f61f5fcb58c9ebae5d2d5aacac9fd248b8f71170870d0d7ace6822038edfb946
fda9cc3471faa1c18a436c9d1e5aad5243860dfe5c44b49b08b68d189b9f61b3

activacion.vodafone-was.es Open in urlscan Pro 45.223.61.237 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

724 kBTransfer

1326 kBSize

3 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

activacion.vodafone-was.es Open in urlscan Pro
45.223.61.237 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

724 kB
Transfer

1326 kB
Size

3
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!