www.vodaphone-newbill.com
Open in
urlscan Pro
162.213.251.109
Malicious Activity!
Public Scan
Effective URL: https://www.vodaphone-newbill.com/Login.php?sslchannel=true&sessionid=W5NGaKswl5AV6l3Ij2Mh12BeQkSofuGLBArbJ9gRt3ou1QtRooE3f98gXLK9...
Submission: On November 26 via automatic, source phishtank
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 25th 2020. Valid for: a year.
This is the only time www.vodaphone-newbill.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Vodafone (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 25 | 162.213.251.109 162.213.251.109 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
2 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
27 | 3 |
ASN22612 (NAMECHEAP-NET, US)
PTR: business89-5.web-hosting.com
www.vodaphone-newbill.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
vodaphone-newbill.com
1 redirects
www.vodaphone-newbill.com |
375 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
82 KB |
27 | 2 |
Domain | Requested by | |
---|---|---|
25 | www.vodaphone-newbill.com |
1 redirects
www.vodaphone-newbill.com
|
2 | cdnjs.cloudflare.com |
www.vodaphone-newbill.com
cdnjs.cloudflare.com |
27 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
vodaphone-newbill.com Sectigo RSA Domain Validation Secure Server CA |
2020-11-25 - 2021-11-25 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.vodaphone-newbill.com/Login.php?sslchannel=true&sessionid=W5NGaKswl5AV6l3Ij2Mh12BeQkSofuGLBArbJ9gRt3ou1QtRooE3f98gXLK9PPGX7Ff0JiLiMeglsJF4GvektP4CPQgXTVFvzYna6zkzV4ZRZcnyep8OhfA6NdawHXXcbd
Frame ID: D7ECE0C49599C79E2D9829631B7ABDFF
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.vodaphone-newbill.com/
HTTP 302
https://www.vodaphone-newbill.com/Login.php?sslchannel=true&sessionid=W5NGaKswl5AV6l3Ij2Mh12BeQkSofuGLBArbJ9gR... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.vodaphone-newbill.com/
HTTP 302
https://www.vodaphone-newbill.com/Login.php?sslchannel=true&sessionid=W5NGaKswl5AV6l3Ij2Mh12BeQkSofuGLBArbJ9gRt3ou1QtRooE3f98gXLK9PPGX7Ff0JiLiMeglsJF4GvektP4CPQgXTVFvzYna6zkzV4ZRZcnyep8OhfA6NdawHXXcbd Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Login.php
www.vodaphone-newbill.com/ Redirect Chain
|
243 KB 45 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.vodaphone-newbill.com/assets/css/ |
671 KB 113 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
second.css
www.vodaphone-newbill.com/assets/css/ |
496 KB 73 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
last.css
www.vodaphone-newbill.com/assets/css/ |
1021 KB 135 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader_small.gif
www.vodaphone-newbill.com/cs/groups/system/documents/webasset/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grip.png
www.vodaphone-newbill.com/webcenter/adf/oracle/webcenter/toolbar/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t.gif
www.vodaphone-newbill.com/webcenter/adf/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
func_paperpencil_16_dis.png
www.vodaphone-newbill.com/webcenter/adf/oracle/webcenter/toolbar/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
confirmation.png
www.vodaphone-newbill.com/webcenter/afr/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
warning.png
www.vodaphone-newbill.com/webcenter/afr/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
info.png
www.vodaphone-newbill.com/webcenter/afr/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error.png
www.vodaphone-newbill.com/webcenter/afr/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.vodaphone-newbill.com/assets/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css_myacc_interim_mob_generic.css
www.vodaphone-newbill.com/assets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_img_body_bg_high.gif
www.vodaphone-newbill.com/cs/groups/system/documents/webasset/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
padlock_icon.png
www.vodaphone-newbill.com/assets/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_facebook_icon.svg
www.vodaphone-newbill.com/assets/css/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_twitter_icon.svg
www.vodaphone-newbill.com/assets/css/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
com.svg
www.vodaphone-newbill.com/assets/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vodafone_regular_woff.woff
www.vodaphone-newbill.com/cs/groups/system/documents/webasset/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonco_font_lt_woff.woff
www.vodaphone-newbill.com/cs/groups/system/documents/webasset/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vodafone_light_woff.woff
www.vodaphone-newbill.com/cs/groups/system/documents/webasset/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonco_font_lt_ttf.ttf
www.vodaphone-newbill.com/cs/groups/system/documents/webasset/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vodafone_regular_ttf.ttf
www.vodaphone-newbill.com/cs/groups/system/documents/webasset/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vodafone_light_ttf.ttf
www.vodaphone-newbill.com/cs/groups/system/documents/webasset/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.vodaphone-newbill.com
- URL
- https://www.vodaphone-newbill.com/assets/css/css_myacc_interim_mob_generic.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Vodafone (Telecommunication)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| zipCheck function| nullCheck function| hide_label function| passMask1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.vodaphone-newbill.com/ | Name: PHPSESSID Value: e075ba5e8c34fe34584d839225b39147 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
www.vodaphone-newbill.com
www.vodaphone-newbill.com
162.213.251.109
2606:4700::6810:125e
15aa28d9b08ef15e0846a1606ed512cd1a6b77ae56548e53d52b3a8c4c702a73
4b3579fe8a0736c35dd07b1dec62db5a104ca302c1b3f5efd10817eae264ccc8
7982a84ce0e7172d4a5113002ce00dbd2645c38a9747dd4a1ce4d65ee2595a12
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ec892e7be6385040dfc1dfac84a11b809f603b659091659b7b4e58543021ba6
9d766e66a19888eed8ab668adbd0b414bcda496d70ef22e27506faf105bf430f
bb7ab29b75909ff5a8ba5e7e38f6fbca7cf67ee5764d5c23199b930425d38f1f
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e207a4173f289560f902c325059f31e4e5b6186ca1bdac2c5fbbc21035292b58