activacion.vodafone-was.es
Open in
urlscan Pro
45.223.61.237
Malicious Activity!
Public Scan
Submission: On July 06 via automatic, source certstream-suspicious — Scanned from ES
Summary
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q2 on July 5th 2024. Valid for: 6 months.
This is the only time activacion.vodafone-was.es was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Vodafone (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 45.223.61.237 45.223.61.237 | 19551 (INCAPSULA) (INCAPSULA) | |
19 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
vodafone-was.es
activacion.vodafone-was.es |
724 KB |
19 | 1 |
Domain | Requested by | |
---|---|---|
19 | activacion.vodafone-was.es |
activacion.vodafone-was.es
|
19 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q2 |
2024-07-05 - 2025-01-01 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://activacion.vodafone-was.es/
Frame ID: E8E3CA7187A382391659013187F5663C
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Vodafone | Activa tu tarjeta prepago desde cualquier sitio con Vodafone.Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Imperva (Security) Expand
Detected patterns
- /_Incapsula_Resource
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
activacion.vodafone-was.es/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aos.css
activacion.vodafone-was.es/assets/libs/aos/dist/ |
28 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.min.css
activacion.vodafone-was.es/assets/css/ |
343 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
activacion.vodafone-was.es/assets/css/ |
40 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
activacion.vodafone-was.es/assets/img/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ESP.png
activacion.vodafone-was.es/assets/img/ |
429 B 581 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron-right_black.svg
activacion.vodafone-was.es/assets/img/ |
212 B 321 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ENG.png
activacion.vodafone-was.es/assets/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
activacion.vodafone-was.es/assets/libs/jquery/dist/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
activacion.vodafone-was.es/assets/libs/bootstrap/dist/js/ |
79 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aos.js
activacion.vodafone-was.es/assets/libs/aos/dist/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.min.js
activacion.vodafone-was.es/assets/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
activacion.vodafone-was.es/assets/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
activacion.vodafone-was.es/ |
138 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg1.jpg
activacion.vodafone-was.es/assets/img/ |
368 KB 371 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Vodafone-Bold.ttf
activacion.vodafone-was.es/assets/css/fonts/ |
94 KB 95 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Vodafone.ttf
activacion.vodafone-was.es/assets/css/fonts/ |
105 KB 106 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
activacion.vodafone-was.es/ |
1 B 36 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
activacion.vodafone-was.es/assets/img/ |
1 KB 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Vodafone (Telecommunication)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| $ function| jQuery object| bootstrap object| AOS3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
activacion.vodafone-was.es/ | Name: PHPSESSID Value: 9a659efd0aafea61ef66c1bc7d94513d |
|
.vodafone-was.es/ | Name: visid_incap_3102447 Value: MIWnPtHISvq9DvNedl95jZhtiWYAAAAAQUIPAAAAAACPdSuZiwExHvTn2ZKBD4ii |
|
.vodafone-was.es/ | Name: incap_ses_1311_3102447 Value: 0r5ePB0N0Bim+ighpZsxEpltiWYAAAAALRR3w26fmbU0wtc555d5ug== |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=60000; includeSubDomains; preload |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
activacion.vodafone-was.es
45.223.61.237
13c3bb2a4a17e6b7622481cbca485f2b442b8cb533dd47bc5fdcdd08a58e2580
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
4da746da6b9fd81690abf2f0007fcbe9ae497abab5c214960c96b2b60c6bda65
51b65afb7cbccf5e533a6a84a6c4da2884c6a20f610c803adf9cce2579384af4
835ddcbb85b4fb7d8fdaee4ed3c24e799d3cb1f78bd9c4c5cf25922c0b35be32
8695f5fc64d65593f9763a5b28d14bc34e3cf802317e1ffad2125a7c8fedfafe
a0c433d93da2304e57cf39261b6a18a1acfca65515e822352772ef56250c9ce8
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b1a4575839ebf70d791e45f534ec4f1589aa263080ad5d037164d9f5c0e3a875
b42fba48c00c788de7399b2b9ee6eba9060600fa7ba71b7e4381f0d053ff787a
b4bd11158c965495745daceed4f26778f5e285305fc4fe53aae75adafa29ceef
b518ba7d4f057077328805e91c8a5cbf2117ace3beb98bd4754b16d3f41f07ec
b5b787ae9871ca2e4dcf11d90d2cf2b67150b95b0fb9a2712e8246e9e0f74cec
cf17e35be358926b6ae4f0a1367986ead6c3039dde5f638f0e3c3888e68f7ba8
dd1f9acf13b12f189da475e0f23c7c505767859ab620aac636964974093c281d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeeb9326ca5957df394d364ca447a95456a426a0e6c0967541ee87465d0a4766
f61f5fcb58c9ebae5d2d5aacac9fd248b8f71170870d0d7ace6822038edfb946
fda9cc3471faa1c18a436c9d1e5aad5243860dfe5c44b49b08b68d189b9f61b3