urlscan.io logo urlscan.io
SecurityTrails logo

www.vm.co.mz Open in urlscan Pro
45.60.76.192  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.diarioeconomico.co.mz/?mailpoet_router&endpoint=track&action=click&data=WyIyNjY4OCIsIjljOTEzZTc3MDQ1YmMwMzI5ZjBlODU0Zj...
Effective URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Submission: On January 31 via manual from PT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 45.60.76.192, located in United States and belongs to INCAPSULA, US. The main domain is www.vm.co.mz.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 25th 2022. Valid for: a year.
This is the only time www.vm.co.mz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Vodafone (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 1 162.214.3.199 46606 (UNIFIEDLA...)
12 45.60.76.192 19551 (INCAPSULA)
1 2a00:1450:400... 15169 (GOOGLE)
4 34.102.238.29 396982 (GOOGLE-CL...)
17 3
Apex Domain
Subdomains		 Transfer
12 vm.co.mz
www.vm.co.mz
207 KB
4 vodafone.com
gcpsmapi.vodafone.com — Cisco Umbrella Rank: 28154
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
57 KB
1 diarioeconomico.co.mz
www.diarioeconomico.co.mz
393 B
17 4
Domain Requested by
12 www.vm.co.mz www.vm.co.mz
4 gcpsmapi.vodafone.com www.vm.co.mz
1 www.googletagmanager.com www.vm.co.mz
1 www.diarioeconomico.co.mz 1 redirects
17 4
Subject Issuer Validity Valid
www.vm.co.mz
DigiCert SHA2 Secure Server CA		 2022-07-25 -
2023-07-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
gcpsmapi.vodafone.com
DigiCert SHA2 Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Frame ID: E56C332E8C37EEE71F8851EC15FABAA6
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Plano Empresas - Vodacom Moçambiquemain_icn_Chevron_downmain_icn_Chevron_downmain_icn_Chevron_rightmain_icn_Chevron_rightmain_icn_Chevron_rightmain_icn_Chevron_rightmain_icn_Searchsocial-facebooksocial-twittersocial-youtubemain_icn_Chevron_upmain_icn_Chevron_upmain_icn_Chevron_uptail [Converted]

Page URL History Show full URLs

  1. https://www.diarioeconomico.co.mz/?mailpoet_router&endpoint=track&action=click&data=WyIyNjY4OCIsIjljOTEzZTc3MD... HTTP 302
    https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

267 kB
Transfer

859 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.diarioeconomico.co.mz/?mailpoet_router&endpoint=track&action=click&data=WyIyNjY4OCIsIjljOTEzZTc3MDQ1YmMwMzI5ZjBlODU0ZjI4ZGMzOWFkIiwiMTAyODAiLCJmMjk0NmRmMWQ5NGIiLGZhbHNlXQ HTTP 302
    https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Plano-Empresas
www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/
Redirect Chain
  • https://www.diarioeconomico.co.mz/?mailpoet_router&endpoint=track&action=click&data=WyIyNjY4OCIsIjljOTEzZTc3MDQ1YmMwMzI5ZjBlODU0ZjI4ZGMzOWFkIiwiMTAyODAiLCJmMjk0NmRmMWQ5NGIiLGZhbHNlXQ
  • https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
268 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.192 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache / vm.co.mz
Resource Hash
1838bf144b116551629d6cac9d2a560c55cbf638b996f9feb024044f094cb84c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-encoding
gzip, compress, br
cache-control
max-age=31536000, no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 31 Jan 2023 16:22:25 GMT
referrer-policy
same-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 d51c589e5c767f633277e1c42d3e5c0a.cloudfront.net (CloudFront)
x-amz-cf-id
ICLKcyJSUc-XaiWDXR2bH0uOkmoMu_90qELYV38tHWsK2pjK3JSobQ==
x-amz-cf-pop
JNB50-C1
x-cache
Miss from cloudfront
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
14-85388686-84188591 pNYN RT(1675182143813 9) q(0 0 0 0) r(15 15) U12
x-powered-by
vm.co.mz
x-xss-protection
1; mode=block

Redirect headers

cache-control
private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 31 Jan 2023 16:22:20 GMT
expires
Tue, 31 Jan 2023 16:22:20 GMT
location
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
server
Apache
vary
Accept-Encoding,User-Agent
456b3da.js
www.vm.co.mz/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vm.co.mz/js/456b3da.js
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.192 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 16:22:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 11 Oct 2022 21:51:14 GMT
x-cdn
Imperva
etag
"15d9c-5eac9466988a8-gzip"
content-type
application/javascript
x-iinfo
14-85388686-85388868 2CNN RT(1675182143813 3449) q(0 0 0 -1) r(0 0)
cache-control
max-age=47860, public
content-length
30840
expires
Wed, 01 Feb 2023 05:40:07 GMT
b5079d8.js
www.vm.co.mz/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vm.co.mz/js/b5079d8.js
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.192 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5a984b9b7c397cb898ec2fd5df6bb79b1a9eb0917e18696532c732e02a8161da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 16:22:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 11 Oct 2022 21:51:14 GMT
x-cdn
Imperva
etag
"5b64-5eac946698c90-gzip"
content-type
application/javascript
x-iinfo
14-85388686-85387745 2CNN RT(1675182143813 3456) q(0 0 0 -1) r(0 0)
cache-control
max-age=49728, public
content-length
4629
expires
Wed, 01 Feb 2023 06:11:15 GMT
0258e70.js
www.vm.co.mz/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vm.co.mz/js/0258e70.js
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.192 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8574c8788ca24229e6bdfba08917c96a9e442b7960c3fe3feb080d9af5d81ccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 16:22:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 11 Oct 2022 21:51:14 GMT
x-cdn
Imperva
etag
"4b2b-5eac9466988a8-gzip"
content-type
application/javascript
x-iinfo
14-85388686-85389338 2CNN RT(1675182143813 3470) q(0 0 0 -1) r(0 0)
cache-control
max-age=49206, public
content-length
2826
expires
Wed, 01 Feb 2023 06:02:33 GMT
26eca53.js
www.vm.co.mz/js/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vm.co.mz/js/26eca53.js
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.192 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
35ba03f288ea676cb8bbef90ab80b95d44ac1951a7cfe68fcf64bc069775aef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 16:22:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 11 Oct 2022 21:51:14 GMT
x-cdn
Imperva
etag
"1307a-5eac9466988a8-gzip"
content-type
application/javascript
x-iinfo
14-85388686-85384907 2CNN RT(1675182143813 3475) q(0 0 0 -1) r(0 0)
cache-control
max-age=49207, public
content-length
22532
expires
Wed, 01 Feb 2023 06:02:34 GMT
7d09b59.js
www.vm.co.mz/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vm.co.mz/js/7d09b59.js
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.192 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b7dea323f4da0259b6e4f256153809958411a55c29b33cf5b06c2572e98e16dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 16:22:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 11 Oct 2022 21:51:14 GMT
x-cdn
Imperva
etag
"1089-5eac946698c90-gzip"
content-type
application/javascript
x-iinfo
14-85388686-85384855 2CNN RT(1675182143813 3478) q(0 0 0 -1) r(0 0)
cache-control
max-age=49728, public
content-length
1713
expires
Wed, 01 Feb 2023 06:11:15 GMT
gtm.js
www.googletagmanager.com/ 		171 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NV7PPC4
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c071d102e8664abbf4cb6c143073ee85b608e78e1d20b5e995dfc422f802ac00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 16:22:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57719
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 31 Jan 2023 16:22:27 GMT
vodafone-light.woff
www.vm.co.mz/bundles/mzbusinessbase/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.vm.co.mz/bundles/mzbusinessbase/fonts/vodafone-light.woff
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.192 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1eae84d47a02419a0d8ac8aeb8dd586a2d40a3f3d4c317b3b93e689c34f2b17a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Origin
https://www.vm.co.mz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 16:22:27 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 11 Oct 2022 21:51:09 GMT
x-cdn
Imperva
etag
"6444-5eac9461eb468"
content-type
font/woff
x-iinfo
14-85388686-85387745 2CNN RT(1675182143813 3500) q(0 0 0 -1) r(0 0)
cache-control
max-age=49727, public
content-length
25668
expires
Wed, 01 Feb 2023 06:11:14 GMT
logo-vodacom.png
www.vm.co.mz/bundles/mzbusinessbase/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vm.co.mz/bundles/mzbusinessbase/images/logo-vodacom.png
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.192 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c02e312f5b3533d3378f5628d84d8b67348d356c9d2ee64bb10d1728691783d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 16:22:27 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 11 Oct 2022 21:51:09 GMT
x-cdn
Imperva
etag
"1131-5eac9461ecbd8"
content-type
image/png
x-iinfo
14-85388686-85384855 2CNN RT(1675182143813 3568) q(0 0 0 -1) r(0 0)
cache-control
max-age=69763, public
content-length
1507
expires
Wed, 01 Feb 2023 11:45:10 GMT
VodafoneRg.woff
www.vm.co.mz/bundles/mzbusinessbase/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.vm.co.mz/bundles/mzbusinessbase/fonts/VodafoneRg.woff
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.192 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache / vm.co.mz
Resource Hash
7dda03ebed4182350fe64f0f1a1f2a1047cb4947d9e2426278691253f4accac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Origin
https://www.vm.co.mz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Jan 2023 16:43:58 GMT
x-content-type-options
nosniff
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
86169
x-powered-by
vm.co.mz
x-cache
Hit from cloudfront
x-iinfo
14-85388686-85387745 2NNN RT(1675182143813 3600) q(0 0 0 -1) r(0 0) U12
content-length
26392
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 11 Oct 2022 21:51:09 GMT
server
Apache
etag
"6718-5eac9461eb080"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff
accept-ranges
bytes
x-amz-cf-id
ZWZsgCJMP5aDObokLl9geKAsUc7cxwi4ZKSJ3YC3jzgbxkwc1JgEJw==
vodafonergbd-webfont.woff
www.vm.co.mz/bundles/mzbusinessbase/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.vm.co.mz/bundles/mzbusinessbase/fonts/vodafonergbd-webfont.woff
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.192 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache / vm.co.mz
Resource Hash
af5836ae6698d6250d5e858c597fafe36980a0f0e36573df924553a86daa37a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Origin
https://www.vm.co.mz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 11:07:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
FRA60-P1
age
18915
x-powered-by
vm.co.mz
x-cache
Hit from cloudfront
x-iinfo
14-85388686-85384907 2NNN RT(1675182143813 3728) q(0 0 0 -1) r(0 0) U12
content-length
23656
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 11 Oct 2022 21:51:09 GMT
server
Apache
etag
"5c68-5eac9461eb468"
x-frame-options
SAMEORIGIN
content-type
font/woff
accept-ranges
bytes
x-amz-cf-id
nyISXdAKTaE9cF0S7i4Oyx04A4Jczq9Ne7fwdcs9jQRduJ7eL--R2A==
_Incapsula_Resource
www.vm.co.mz/ 		152 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vm.co.mz/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=419223917
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.192 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c1d9107845665469f631f9d6659b8d4c35cccdbbddf24f606022ca560efa5fc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
21949
content-type
application/javascript
/
gcpsmapi.vodafone.com/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gcpsmapi.vodafone.com/
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.238.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.238.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
86ffd810bf3c114ef7505a41087e3f605de7e7b122f46afd948512400d44c81b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;
Public-Key-Pins pin-sha256="EYP6+gAXAXSAY775yFUJeL2Rl+xK0ASj5EZWff0KOr4="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="m3/cwN17LWGuNABZlsrNd7xuwJC99BZ8K7PfnSb3CQI="; max-age=1800; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 16:22:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;
via
1.1 gcpsmapi.vodafone.com, 1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="EYP6+gAXAXSAY775yFUJeL2Rl+xK0ASj5EZWff0KOr4="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="m3/cwN17LWGuNABZlsrNd7xuwJC99BZ8K7PfnSb3CQI="; max-age=1800; includeSubDomains
pragma
no-cache
server
Apache
expect-ct
enforce, max-age=300
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers
*
expires
0
/
gcpsmapi.vodafone.com/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gcpsmapi.vodafone.com/
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.238.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.238.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
86ffd810bf3c114ef7505a41087e3f605de7e7b122f46afd948512400d44c81b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;
Public-Key-Pins pin-sha256="EYP6+gAXAXSAY775yFUJeL2Rl+xK0ASj5EZWff0KOr4="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="m3/cwN17LWGuNABZlsrNd7xuwJC99BZ8K7PfnSb3CQI="; max-age=1800; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 16:22:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;
via
1.1 gcpsmapi.vodafone.com, 1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="EYP6+gAXAXSAY775yFUJeL2Rl+xK0ASj5EZWff0KOr4="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="m3/cwN17LWGuNABZlsrNd7xuwJC99BZ8K7PfnSb3CQI="; max-age=1800; includeSubDomains
pragma
no-cache
server
Apache
expect-ct
enforce, max-age=300
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers
*
expires
0
_Incapsula_Resource
www.vm.co.mz/ 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vm.co.mz/_Incapsula_Resource?SWKMTFSR=1&e=0.35299433752323517
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.76.192 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
settings
gcpsmapi.vodafone.com/ 		99 B
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gcpsmapi.vodafone.com/settings
Requested by
Host: www.vm.co.mz
URL: https://www.vm.co.mz/Negocios/Solucoes-Moveis/Voz/Plano-Empresas
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.238.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.238.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
b915f85189ac5a5c2d699d3b27824aeee5b1e287889c592d95777861bb7800b7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;
Public-Key-Pins pin-sha256="EYP6+gAXAXSAY775yFUJeL2Rl+xK0ASj5EZWff0KOr4="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="m3/cwN17LWGuNABZlsrNd7xuwJC99BZ8K7PfnSb3CQI="; max-age=1800; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

x-vf-trace-source
js:web.vm.co.mz
x-vf-trace-source-version
6
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 16:22:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;
via
1.1 gcpsmapi.vodafone.com, 1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="EYP6+gAXAXSAY775yFUJeL2Rl+xK0ASj5EZWff0KOr4="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="m3/cwN17LWGuNABZlsrNd7xuwJC99BZ8K7PfnSb3CQI="; max-age=1800; includeSubDomains
pragma
no-cache
server
Apache
expect-ct
enforce, max-age=300
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers
*
expires
0
settings
gcpsmapi.vodafone.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gcpsmapi.vodafone.com/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.238.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.238.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;
Public-Key-Pins pin-sha256="EYP6+gAXAXSAY775yFUJeL2Rl+xK0ASj5EZWff0KOr4="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="m3/cwN17LWGuNABZlsrNd7xuwJC99BZ8K7PfnSb3CQI="; max-age=1800; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-vf-trace-source,x-vf-trace-source-version
Access-Control-Request-Method
GET
Origin
https://www.vm.co.mz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
x-vf-trace-source, x-vf-trace-source-version
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;
date
Tue, 31 Jan 2023 16:22:27 GMT
expect-ct
enforce, max-age=300
expires
0
pragma
no-cache
public-key-pins
pin-sha256="EYP6+gAXAXSAY775yFUJeL2Rl+xK0ASj5EZWff0KOr4="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="m3/cwN17LWGuNABZlsrNd7xuwJC99BZ8K7PfnSb3CQI="; max-age=1800; includeSubDomains
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 gcpsmapi.vodafone.com, 1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Vodafone (Telecommunication)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| dataLayer function| setCookiePop function| getCookiePop function| checkCookiePop boolean| displayPopUp function| $ function| jQuery object| Popper number| uidEvent object| bootstrap object| google_tag_manager object| sec object| headers object| submitter

8 Cookies

Domain/Path Name / Value
www.diarioeconomico.co.mz/ Name: mailpoet_revenue_tracking
Value: %7B%22statistics_clicks%22%3A439381%2C%22created_at%22%3A1675182142%7D
www.diarioeconomico.co.mz/ Name: mailpoet_subscriber
Value: %7B%22subscriber_id%22%3A26688%7D
.vm.co.mz/ Name: visid_incap_2674048
Value: 5FvhtpgxQ6mqCkvRyfEhej9A2WMAAAAAQUIPAAAAAAD+CHDDhE3X59LQRx6wKLIN
.vm.co.mz/ Name: incap_ses_247_2674048
Value: C1SrOSjAw1T2G+lzM4ZtA0FA2WMAAAAAkroRg57Txa+X0F5D6c+FsQ==
.vm.co.mz/ Name: nlbi_2674048
Value: ZEedVUAdWjRyaXu2xoBd5gAAAABR34bQHbKn/5KkuawLAcbc
www.vm.co.mz/ Name: smapi_subject_id
Value: 242999da-3eef-456b-a24c-f6e29b12f3b5
www.vm.co.mz/ Name: smapi_install_id
Value: 242999da-3eef-456b-a24c-f6e29b12f3b5
www.vm.co.mz/ Name: ___utmvc
Value: iCMA38NNYvbPtOW6oxMUzIhbSkEuycPzsxHaT1qOslTEeRLHfZklyWSF8+sntIi5TRgpK60e4XF2HvnEnxX3J119ky+ixa4ov5u6mKFH8iFjS84ENsRaah8SLBMZAc8FiCz6zFEWoBzKmeLyJ2YTiIHLKLTQeNSPS7fH7EeQt6wdAnsG81X76JUKulpLyZt0KExIcKHTTcU7m2yJe0N0jNEVFDPyUuZdKO3J0wp20BTP8BfWAlYr1CwUGP3ok32zjdrY61VgBCGRuWc3RgAlMU3OINA05WdSpRyHtlT37rdmiH8BtY7/wCIYRAmYLa8R58UEh7IUUYAZeElcKh935Lgkx/X2lIAs3bA2qw+2qqq61ec9rLsoKnfOwfJlRuIxfC01Pglr0XyCfHCBSCcQH34YOBWVDVVeaZX0rlw+aDiMMoo19qTOSeiOJmOgLjxpOB2NV25Dchw03JcP5S12j9QZgOgBoyIkrqcpcKYMtb8ChgrpWB/bd34tkIa6ya6yDKo/3199pekH2+FA2tDJK6PYdsRoSLS5hOkTKOyXAB4qnawuV68dZ2WQse5bcBSICH63w5m6YS9WF6C2geFIiu+Dsnyl2iZ8Wdzkmy7yyRXsviuBRwesSLtIha9nbzDEs6gCkZju5kgCynz5RgpP9g7NOHiw0yirZaDe4yUDLZWwfGlhY3u2qsDFZ6hgTZApMaThaeUjD1xOvOWEPHTRnLBjv5Bj2SlFFwcd1d81vjXboPdtT1PbwAqSkZ0TFQWlGZtigMBtxm9QzS8brD4t0XHp+m9vAVltEAkp0bq3XA1IHYkkdf0UZ3fWxaFmUPLrGdiaEX0cXkDwCsxwuvLv/fbRo4l1rDtxsWQpEu4x4JYWZoU5/SwYWPRALGP+xlVd+5ugjY1x+Ebiw+HwkUAa1U3HNec4v1G33imzBd3vptVURGOFN3Lp8oelZdRWz0iQB+edxJe1nwJUg5OKdVN51Y21ogmpTrx2DyxZIIh3C5JCp6pnHshpiO1waiZI9upAMJs9Q1FqlrDAIUL3t5y9ZvBBAJRNwDFwswPjKidInOYF1Uhp91211i/TW4Zd/5sXpvS49FL1qmGQu8RZ+OGf5wY8zfXGLkRL70vZfuw9SDoydZ19+lcSOFTSTTQY/vsPtF55iij35JE4tvtT0i2aiy/EWSk3mT9k0PmUm7Vw7NHe4IAKjkUk5XdUpMlGc4WBTwtpjiuQitkpILHGF18KChDqLGPnDuy6NYXBoM5fbuPAlSy8eCTqr1aufuIW3o0ItR5ge2Is6cFs9XKd02ABIz6Hx38UrswOioVSbRaeS0Bx+/IKd/CaGQlrZitQRFnt/vidfv7xJcSWXo8ScImItZAkVHpEL4mDB59A08JQ8RoSSk0aWeHhtD11abLtbcE3bWkE/Y6cZJQJlpJFWODWkTcDPMGVxmCM9/hwM0aboOkNLqZsHRfFCW61u2zrptVrWf33gXebXmrl6imcwERHCQIB/kOs4mQiOC2VbFWK/8teupSXqZXF6IGelDfRQlku8gme9ZMj4ahC0WVa8lJ5A2/pTaqEiECbhlKxk3KhVB0TfPDjZDWqUhiP4Wz0cYFiakOcXW3GRi8bn8cpSPR9Vy4fVy1A6g+tRgLP5LrPaXvV4OtCwOPtZeV3NUOzCoD2O07y/brtzuVBrYXpGOA9sOXnO5igGlSiekbERrCsSayNq1HxgL9LqWYy8wzrTQuzZmtqNHxLW61HpfmLY6nxRgSPTolkR4DRkuxN5PB1pAETt8JfmjXZac4GJ2yLpLRw9ktM4epiMl5fM3JnmjFr9PzOMEbcK78LPhIJMTC6UUA2NHTUpCy5MfLFNxtB19ZPdJ5n97IDPyRxp7AAbPA1gY/lOHaNrRmqcaWAj7qG59RayR3+Hsadb3S/9mar6A0I6aF0Tlw+ZoaEAEmMku3t8Apk5efb5grsJjR3s4tQsKU4ZUq2c7cOvJ2BoT6Q8HSF7C/P5ENwx2elsQ121uOJVk11WyYU0mXbHLb9H2LIqiFBRE8qFi58pzKNR81759UbQAdUJCUDgriUcBNQdhiuoQopLC7EOIZlvS8+gul33NhFPvTsU8liG4gq9qiHV7piI9FE6H1hERO2g6s6EYsOC+LR3iWWSb9LoJx9R657Tgc17NAQEF0w+xjllTHmuQazynJpwy9gJu9uXjKhiqITVBWTP3vSiv3USLpBdJslX43yWvaTgWS7MYi6dm82DDSienBj5/l2Dgguy+zjq09QrbHt1FB6JyaH+imBTANaOxRbuSbr1eF4MIQiS57fFpnDdXHM+V5Ofw4KvTYsHH8t5Tj8rzC+XZuh/J9TAX/UCR0t9KfJpPCqsEXSHlYZ0WzGrx9D0YV7VU0vcC4wuh3LUlCTwmRCx7NbcthDatlFHdP395dreV4nQlcrGAAb+Y3GbVOlJI7LAg7+aFu1pcoSXu9Nm6aN+yTwJ7QHd699LAsacoMjV+Wy3556JVsJahzpyhq1ac9tPbaDTFqeIMMfvPXmfQKWqOJE3lllDOxdYCYoDI6kUslyCq979ngc4fzWqaP6dl+3HqXLxhW+CEn2+INrsqu96y8jSbWJvmT0CIVTp3+k/2ZSkUrUDM7hUwOvnGfl3J6CBjn7bmEqT8BCsZTQiXrkWLhp5byEeJoxmI4O+fjFfjn7scQYo1wWgWzcLGRpZ2VzdD0xODM1NzUscz05NjhkNjQ3ODhlYTA3ZjZhODM5ZTlmN2M3NzZjN2ZhZGFhYTM3NDhjYTNhMmE5Njk3MmEwN2Y3YzlhYWZhODljNjQ3NmEyNmM4NTlmNzA3Mg==

1 Console Messages

Source Level URL
Text
network error URL: https://gcpsmapi.vodafone.com/settings
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block