www.vm.co.mz
Open in
urlscan Pro
45.60.76.192
Malicious Activity!
Public Scan
Effective URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Submission: On January 31 via manual from PT — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 25th 2022. Valid for: a year.
This is the only time www.vm.co.mz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Vodafone (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 162.214.3.199 162.214.3.199 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
12 | 45.60.76.192 45.60.76.192 | 19551 (INCAPSULA) (INCAPSULA) | |
1 | 2a00:1450:400... 2a00:1450:400d:804::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 34.102.238.29 34.102.238.29 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
17 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.360mozambique.com
www.diarioeconomico.co.mz |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.238.102.34.bc.googleusercontent.com
gcpsmapi.vodafone.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
vm.co.mz
www.vm.co.mz |
207 KB |
4 |
vodafone.com
gcpsmapi.vodafone.com — Cisco Umbrella Rank: 28154 |
3 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
57 KB |
1 |
diarioeconomico.co.mz
1 redirects
www.diarioeconomico.co.mz |
393 B |
17 | 4 |
Domain | Requested by | |
---|---|---|
12 | www.vm.co.mz |
www.vm.co.mz
|
4 | gcpsmapi.vodafone.com |
www.vm.co.mz
|
1 | www.googletagmanager.com |
www.vm.co.mz
|
1 | www.diarioeconomico.co.mz | 1 redirects |
17 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
supplierportal.vm.co.mz |
www.facebook.com |
www.instagram.com |
twitter.com |
www.youtube.com |
www.linkedin.com |
www.mzbusiness.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.vm.co.mz DigiCert SHA2 Secure Server CA |
2022-07-25 - 2023-07-25 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
gcpsmapi.vodafone.com DigiCert SHA2 Secure Server CA |
2022-05-09 - 2023-05-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Frame ID: E56C332E8C37EEE71F8851EC15FABAA6
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Plano Empresas - Vodacom Moçambiquemain_icn_Chevron_downmain_icn_Chevron_downmain_icn_Chevron_rightmain_icn_Chevron_rightmain_icn_Chevron_rightmain_icn_Chevron_rightmain_icn_Searchsocial-facebooksocial-twittersocial-youtubemain_icn_Chevron_upmain_icn_Chevron_upmain_icn_Chevron_uptail [Converted]Page URL History Show full URLs
-
https://www.diarioeconomico.co.mz/?mailpoet_router&endpoint=track&action=click&data=WyIyNjY4OCIsIjljOTEzZTc3MD...
HTTP 302
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas Page URL
Detected technologies
Google Tag Manager (Tag Managers) ExpandDetected patterns
- googletagmanager\.com/gtm\.js
Imperva (Security) Expand
Detected patterns
- /_Incapsula_Resource
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Portal de fornecedores
Search URL Search Domain Scan URL
Title: social-facebook Facebook
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: social-twitter Twitter
Search URL Search Domain Scan URL
Title: social-youtube Youtube
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Desenvolvido por Mzbusiness.com
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.diarioeconomico.co.mz/?mailpoet_router&endpoint=track&action=click&data=WyIyNjY4OCIsIjljOTEzZTc3MDQ1YmMwMzI5ZjBlODU0ZjI4ZGMzOWFkIiwiMTAyODAiLCJmMjk0NmRmMWQ5NGIiLGZhbHNlXQ
HTTP 302
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Plano-Empresas
www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/ Redirect Chain
|
268 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
456b3da.js
www.vm.co.mz/js/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b5079d8.js
www.vm.co.mz/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0258e70.js
www.vm.co.mz/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26eca53.js
www.vm.co.mz/js/ |
76 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7d09b59.js
www.vm.co.mz/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
171 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vodafone-light.woff
www.vm.co.mz/bundles/mzbusinessbase/fonts/ |
25 KB 25 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-vodacom.png
www.vm.co.mz/bundles/mzbusinessbase/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VodafoneRg.woff
www.vm.co.mz/bundles/mzbusinessbase/fonts/ |
26 KB 26 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vodafonergbd-webfont.woff
www.vm.co.mz/bundles/mzbusinessbase/fonts/ |
23 KB 24 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.vm.co.mz/ |
152 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
gcpsmapi.vodafone.com/ |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
gcpsmapi.vodafone.com/ |
1 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.vm.co.mz/ |
1 B 36 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
settings
gcpsmapi.vodafone.com/ |
99 B 127 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
settings
gcpsmapi.vodafone.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Vodafone (Telecommunication)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| dataLayer function| setCookiePop function| getCookiePop function| checkCookiePop boolean| displayPopUp function| $ function| jQuery object| Popper number| uidEvent object| bootstrap object| google_tag_manager object| sec object| headers object| submitter8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.diarioeconomico.co.mz/ | Name: mailpoet_revenue_tracking Value: %7B%22statistics_clicks%22%3A439381%2C%22created_at%22%3A1675182142%7D |
|
www.diarioeconomico.co.mz/ | Name: mailpoet_subscriber Value: %7B%22subscriber_id%22%3A26688%7D |
|
.vm.co.mz/ | Name: visid_incap_2674048 Value: 5FvhtpgxQ6mqCkvRyfEhej9A2WMAAAAAQUIPAAAAAAD+CHDDhE3X59LQRx6wKLIN |
|
.vm.co.mz/ | Name: incap_ses_247_2674048 Value: C1SrOSjAw1T2G+lzM4ZtA0FA2WMAAAAAkroRg57Txa+X0F5D6c+FsQ== |
|
.vm.co.mz/ | Name: nlbi_2674048 Value: ZEedVUAdWjRyaXu2xoBd5gAAAABR34bQHbKn/5KkuawLAcbc |
|
www.vm.co.mz/ | Name: smapi_subject_id Value: 242999da-3eef-456b-a24c-f6e29b12f3b5 |
|
www.vm.co.mz/ | Name: smapi_install_id Value: 242999da-3eef-456b-a24c-f6e29b12f3b5 |
|
www.vm.co.mz/ | Name: ___utmvc Value: iCMA38NNYvbPtOW6oxMUzIhbSkEuycPzsxHaT1qOslTEeRLHfZklyWSF8+sntIi5TRgpK60e4XF2HvnEnxX3J119ky+ixa4ov5u6mKFH8iFjS84ENsRaah8SLBMZAc8FiCz6zFEWoBzKmeLyJ2YTiIHLKLTQeNSPS7fH7EeQt6wdAnsG81X76JUKulpLyZt0KExIcKHTTcU7m2yJe0N0jNEVFDPyUuZdKO3J0wp20BTP8BfWAlYr1CwUGP3ok32zjdrY61VgBCGRuWc3RgAlMU3OINA05WdSpRyHtlT37rdmiH8BtY7/wCIYRAmYLa8R58UEh7IUUYAZeElcKh935Lgkx/X2lIAs3bA2qw+2qqq61ec9rLsoKnfOwfJlRuIxfC01Pglr0XyCfHCBSCcQH34YOBWVDVVeaZX0rlw+aDiMMoo19qTOSeiOJmOgLjxpOB2NV25Dchw03JcP5S12j9QZgOgBoyIkrqcpcKYMtb8ChgrpWB/bd34tkIa6ya6yDKo/3199pekH2+FA2tDJK6PYdsRoSLS5hOkTKOyXAB4qnawuV68dZ2WQse5bcBSICH63w5m6YS9WF6C2geFIiu+Dsnyl2iZ8Wdzkmy7yyRXsviuBRwesSLtIha9nbzDEs6gCkZju5kgCynz5RgpP9g7NOHiw0yirZaDe4yUDLZWwfGlhY3u2qsDFZ6hgTZApMaThaeUjD1xOvOWEPHTRnLBjv5Bj2SlFFwcd1d81vjXboPdtT1PbwAqSkZ0TFQWlGZtigMBtxm9QzS8brD4t0XHp+m9vAVltEAkp0bq3XA1IHYkkdf0UZ3fWxaFmUPLrGdiaEX0cXkDwCsxwuvLv/fbRo4l1rDtxsWQpEu4x4JYWZoU5/SwYWPRALGP+xlVd+5ugjY1x+Ebiw+HwkUAa1U3HNec4v1G33imzBd3vptVURGOFN3Lp8oelZdRWz0iQB+edxJe1nwJUg5OKdVN51Y21ogmpTrx2DyxZIIh3C5JCp6pnHshpiO1waiZI9upAMJs9Q1FqlrDAIUL3t5y9ZvBBAJRNwDFwswPjKidInOYF1Uhp91211i/TW4Zd/5sXpvS49FL1qmGQu8RZ+OGf5wY8zfXGLkRL70vZfuw9SDoydZ19+lcSOFTSTTQY/vsPtF55iij35JE4tvtT0i2aiy/EWSk3mT9k0PmUm7Vw7NHe4IAKjkUk5XdUpMlGc4WBTwtpjiuQitkpILHGF18KChDqLGPnDuy6NYXBoM5fbuPAlSy8eCTqr1aufuIW3o0ItR5ge2Is6cFs9XKd02ABIz6Hx38UrswOioVSbRaeS0Bx+/IKd/CaGQlrZitQRFnt/vidfv7xJcSWXo8ScImItZAkVHpEL4mDB59A08JQ8RoSSk0aWeHhtD11abLtbcE3bWkE/Y6cZJQJlpJFWODWkTcDPMGVxmCM9/hwM0aboOkNLqZsHRfFCW61u2zrptVrWf33gXebXmrl6imcwERHCQIB/kOs4mQiOC2VbFWK/8teupSXqZXF6IGelDfRQlku8gme9ZMj4ahC0WVa8lJ5A2/pTaqEiECbhlKxk3KhVB0TfPDjZDWqUhiP4Wz0cYFiakOcXW3GRi8bn8cpSPR9Vy4fVy1A6g+tRgLP5LrPaXvV4OtCwOPtZeV3NUOzCoD2O07y/brtzuVBrYXpGOA9sOXnO5igGlSiekbERrCsSayNq1HxgL9LqWYy8wzrTQuzZmtqNHxLW61HpfmLY6nxRgSPTolkR4DRkuxN5PB1pAETt8JfmjXZac4GJ2yLpLRw9ktM4epiMl5fM3JnmjFr9PzOMEbcK78LPhIJMTC6UUA2NHTUpCy5MfLFNxtB19ZPdJ5n97IDPyRxp7AAbPA1gY/lOHaNrRmqcaWAj7qG59RayR3+Hsadb3S/9mar6A0I6aF0Tlw+ZoaEAEmMku3t8Apk5efb5grsJjR3s4tQsKU4ZUq2c7cOvJ2BoT6Q8HSF7C/P5ENwx2elsQ121uOJVk11WyYU0mXbHLb9H2LIqiFBRE8qFi58pzKNR81759UbQAdUJCUDgriUcBNQdhiuoQopLC7EOIZlvS8+gul33NhFPvTsU8liG4gq9qiHV7piI9FE6H1hERO2g6s6EYsOC+LR3iWWSb9LoJx9R657Tgc17NAQEF0w+xjllTHmuQazynJpwy9gJu9uXjKhiqITVBWTP3vSiv3USLpBdJslX43yWvaTgWS7MYi6dm82DDSienBj5/l2Dgguy+zjq09QrbHt1FB6JyaH+imBTANaOxRbuSbr1eF4MIQiS57fFpnDdXHM+V5Ofw4KvTYsHH8t5Tj8rzC+XZuh/J9TAX/UCR0t9KfJpPCqsEXSHlYZ0WzGrx9D0YV7VU0vcC4wuh3LUlCTwmRCx7NbcthDatlFHdP395dreV4nQlcrGAAb+Y3GbVOlJI7LAg7+aFu1pcoSXu9Nm6aN+yTwJ7QHd699LAsacoMjV+Wy3556JVsJahzpyhq1ac9tPbaDTFqeIMMfvPXmfQKWqOJE3lllDOxdYCYoDI6kUslyCq979ngc4fzWqaP6dl+3HqXLxhW+CEn2+INrsqu96y8jSbWJvmT0CIVTp3+k/2ZSkUrUDM7hUwOvnGfl3J6CBjn7bmEqT8BCsZTQiXrkWLhp5byEeJoxmI4O+fjFfjn7scQYo1wWgWzcLGRpZ2VzdD0xODM1NzUscz05NjhkNjQ3ODhlYTA3ZjZhODM5ZTlmN2M3NzZjN2ZhZGFhYTM3NDhjYTNhMmE5Njk3MmEwN2Y3YzlhYWZhODljNjQ3NmEyNmM4NTlmNzA3Mg== |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
gcpsmapi.vodafone.com
www.diarioeconomico.co.mz
www.googletagmanager.com
www.vm.co.mz
162.214.3.199
2a00:1450:400d:804::2008
34.102.238.29
45.60.76.192
1838bf144b116551629d6cac9d2a560c55cbf638b996f9feb024044f094cb84c
1eae84d47a02419a0d8ac8aeb8dd586a2d40a3f3d4c317b3b93e689c34f2b17a
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
35ba03f288ea676cb8bbef90ab80b95d44ac1951a7cfe68fcf64bc069775aef4
5a984b9b7c397cb898ec2fd5df6bb79b1a9eb0917e18696532c732e02a8161da
7dda03ebed4182350fe64f0f1a1f2a1047cb4947d9e2426278691253f4accac0
8574c8788ca24229e6bdfba08917c96a9e442b7960c3fe3feb080d9af5d81ccf
86ffd810bf3c114ef7505a41087e3f605de7e7b122f46afd948512400d44c81b
af5836ae6698d6250d5e858c597fafe36980a0f0e36573df924553a86daa37a6
b7dea323f4da0259b6e4f256153809958411a55c29b33cf5b06c2572e98e16dd
b915f85189ac5a5c2d699d3b27824aeee5b1e287889c592d95777861bb7800b7
c02e312f5b3533d3378f5628d84d8b67348d356c9d2ee64bb10d1728691783d7
c071d102e8664abbf4cb6c143073ee85b608e78e1d20b5e995dfc422f802ac00
c1d9107845665469f631f9d6659b8d4c35cccdbbddf24f606022ca560efa5fc2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855