expoferiapozarica.com

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 65.99.252.10, located in United States and belongs to AS17378, US. The main domain is expoferiapozarica.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 15th 2023. Valid for: 3 months.

This is the only time expoferiapozarica.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	65.99.252.10 65.99.252.10	17378 (AS17378) (AS17378)
5	2600:9000:20e... 2600:9000:20eb:e800:1d:d7f6:39d2:2dc1	16509 (AMAZON-02) (AMAZON-02)
6	2

1 65.99.252.10 (United States)

ASN17378 (AS17378, US)
PTR: svgr143.serverneubox.com.mx

expoferiapozarica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:20eb:e800:1d:d7f6:39d2:2dc1 (United States)

ASN16509 (AMAZON-02, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ssl-images-amazon.com images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 752	151 KB
1	expoferiapozarica.com expoferiapozarica.com	50 KB
6	2

	Domain	Requested by
5	images-na.ssl-images-amazon.com	expoferiapozarica.com images-na.ssl-images-amazon.com
1	expoferiapozarica.com
6	2

This site contains no links.

Subject Issuer	Validity	Valid
expoferiapozarica.com cPanel, Inc. Certification Authority	`2023-01-15` - `2023-04-15`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-26` - `2023-10-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://expoferiapozarica.com/amaz/
Frame ID: 9A00055E62BA10E4871D9BF21259CA33
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon Verification Sign In

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

201 kB
Transfer

560 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
expoferiapozarica.com/amaz/ 50 KB
50 KB 649ms
258ms Document
text/html 65.99.252.10
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://expoferiapozarica.com/amaz/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.10 , United States, ASN17378 (AS17378, US),

Reverse DNS

svgr143.serverneubox.com.mx

Software

Apache / PHP/7.4.33

Resource Hash

5b6c1cc397fd8510d899d72a7d43382cbcceee1b7a3b69735e8f6ecc8652afb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 09:38:32 GMT
referrer-policy: no-referrer-when-downgrade
server: Apache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33
x-xss-protection: 1

GET
H2 200 AmazonUI-de8acf3eb250580d6759e6f8f5aa7179debc59d2._V2_.css
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ 117 KB
20 KB 94ms
18ms Stylesheet
text/css 2600:9000:20eb:e800:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-de8acf3eb250580d6759e6f8f5aa7179debc59d2._V2_.css
Requested by: Host: expoferiapozarica.com
URL: https://expoferiapozarica.com/amaz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e800:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 8b1da396d990146a5c58465e5edd9a4b3153e7b0dba150937b639704b581bb3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://expoferiapozarica.com/amaz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:36:20 GMT
content-encoding: gzip
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
age: 370932
x-amz-cf-pop: FRA2-C1
edge-cache-tag: x-cache-146,/images/G/01/AUIClients/AmazonUI-de8acf3eb250580d6759e6f8f5aa7179debc59d2
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
surrogate-key: x-cache-146 /images/G/01/AUIClients/AmazonUI-de8acf3eb250580d6759e6f8f5aa7179debc59d2
last-modified: Fri, 27 May 2016 04:47:06 GMT
server: Server
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 4cf7d1cb-d587-4568-bf7a-268e607e102c
timing-allow-origin: https://www.amazon.com
x-amz-cf-id: OFJhADZj7UHwWGIiUMbOtC1l_tO-BBEqM5YICrq6pPu-qzYkOBnQfg==
expires: Sat, 21 Feb 2043 02:36:20 GMT

GET
H2 200 AmazonUI-fbe29e7e7feb1ee355f37cef9938c823338ae404._V2_.js Show response
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ 272 KB
75 KB 36ms
18ms Script
application/x-javascript 2600:9000:20eb:e800:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-fbe29e7e7feb1ee355f37cef9938c823338ae404._V2_.js
Requested by: Host: expoferiapozarica.com
URL: https://expoferiapozarica.com/amaz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e800:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: ad5052cfcd4bc6b262fae85507eea061c33bad087c67296846337a1935ff5b8d

Request headers

Referer: https://expoferiapozarica.com/amaz/
Origin: https://expoferiapozarica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:51:51 GMT
content-encoding: br
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
age: 2407601
x-amz-cf-pop: FRA2-C1
edge-cache-tag: x-cache-067,/images/G/01/AUIClients/AmazonUI-fbe29e7e7feb1ee355f37cef9938c823338ae404
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
surrogate-key: x-cache-067 /images/G/01/AUIClients/AmazonUI-fbe29e7e7feb1ee355f37cef9938c823338ae404
last-modified: Thu, 16 Jun 2016 03:52:41 GMT
server: Server
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 0b86c92e-57e9-4553-8650-e5152923847d
timing-allow-origin: https://www.amazon.com
x-amz-cf-id: aAu0ngPWRgdnGdAuc4Yud5vdw_EtNgAflUvv6Y0pblDbyCUUnBrdTg==
expires: Wed, 28 Jan 2043 12:51:50 GMT

GET
H2 200 AuthenticationPortalAssets-232052515ce620836dbb308fe54ea4362a88afeb._V2_.js Show response
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ 72 KB
21 KB 29ms
12ms Script
application/x-javascript 2600:9000:20eb:e800:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AuthenticationPortalAssets-232052515ce620836dbb308fe54ea4362a88afeb._V2_.js
Requested by: Host: expoferiapozarica.com
URL: https://expoferiapozarica.com/amaz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e800:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 10f5a050e2131debd8075d5d488a628f9964d7da2f03291ea6948864788431cf

Request headers

Referer: https://expoferiapozarica.com/amaz/
Origin: https://expoferiapozarica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:53:14 GMT
content-encoding: gzip
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
age: 463518
x-amz-cf-pop: FRA2-C1
edge-cache-tag: x-cache-824,/images/G/01/AUIClients/AuthenticationPortalAssets-232052515ce620836dbb308fe54ea4362a88afeb
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
surrogate-key: x-cache-824 /images/G/01/AUIClients/AuthenticationPortalAssets-232052515ce620836dbb308fe54ea4362a88afeb
last-modified: Wed, 25 Jan 2017 03:04:20 GMT
server: Server
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 945d7533-dc5b-48ca-a2d2-662579c3880f
timing-allow-origin: https://www.amazon.com
x-amz-cf-id: 4r_9-eOqzJ9669aLSPxhIEU3E34UnIsM_Ls7MZx6tuKuTLo0_ofKmg==
expires: Fri, 20 Feb 2043 00:53:14 GMT

GET
H2 200 FWCIMAssets-6cd9b9548d51ff660b6128f579a62611fae659cb._V2_.js Show response
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ 24 KB
10 KB 27ms
11ms Script
application/x-javascript 2600:9000:20eb:e800:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/FWCIMAssets-6cd9b9548d51ff660b6128f579a62611fae659cb._V2_.js
Requested by: Host: expoferiapozarica.com
URL: https://expoferiapozarica.com/amaz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e800:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: ef9336661b4f33b1160cab9443d244681a448858818424fa075c8e42efa58b65

Request headers

Referer: https://expoferiapozarica.com/amaz/
Origin: https://expoferiapozarica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:53:14 GMT
content-encoding: gzip
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
age: 2727918
x-amz-cf-pop: FRA2-C1
edge-cache-tag: x-cache-438,/images/G/01/AUIClients/FWCIMAssets-6cd9b9548d51ff660b6128f579a62611fae659cb
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
surrogate-key: x-cache-438 /images/G/01/AUIClients/FWCIMAssets-6cd9b9548d51ff660b6128f579a62611fae659cb
last-modified: Tue, 27 Sep 2016 23:02:10 GMT
server: Server
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 2db5482b-f96f-45ff-b0b6-fe45c8262aa7
timing-allow-origin: https://www.amazon.com
x-amz-cf-id: jKbVKL9NJl53S7Tlcc8nTg_Cg7IvQJhQkoBIRKWbCfTfKvCOW6RdZg==
expires: Sat, 24 Jan 2043 19:53:14 GMT

GET
H2 200 AmazonUIBaseCSS-sprite_1x-a45c662e707240b03417f6ca8b97bcb486f27428._V2_.png
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ 25 KB
25 KB 10ms
9ms Image
image/png 2600:9000:20eb:e800:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-a45c662e707240b03417f6ca8b97bcb486f27428._V2_.png
Requested by: Host: images-na.ssl-images-amazon.com
URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-de8acf3eb250580d6759e6f8f5aa7179debc59d2._V2_.css#AUIClients/AmazonUI.rendering_engine-not-trident.secure.min
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e800:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 3425e9036117199702c5eea1bec0a4cecc8b779edae5e4870e688d67d12ac71a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-de8acf3eb250580d6759e6f8f5aa7179debc59d2._V2_.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 14:44:01 GMT
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
age: 4733671
x-amz-cf-pop: FRA2-C1
edge-cache-tag: x-cache-261,/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-a45c662e707240b03417f6ca8b97bcb486f27428
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 25262
surrogate-key: x-cache-261 /images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-a45c662e707240b03417f6ca8b97bcb486f27428
last-modified: Sat, 13 Feb 2016 23:21:21 GMT
server: Server
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 7c3a97c5-1875-4227-bcb2-10d20a6976eb
accept-ranges: bytes
timing-allow-origin: https://www.amazon.com
x-amz-cf-id: zyyl_5gF5ITPumRZ5fuS23PWKzFVHc2ydnilZqMp3lhPDEJkQ-VTWA==
expires: Wed, 17 Dec 2042 15:51:53 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless number| aPageStart function| cf object| jQuery1640886038996766733

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

expoferiapozarica.com
images-na.ssl-images-amazon.com
2600:9000:20eb:e800:1d:d7f6:39d2:2dc1
65.99.252.10
10f5a050e2131debd8075d5d488a628f9964d7da2f03291ea6948864788431cf
3425e9036117199702c5eea1bec0a4cecc8b779edae5e4870e688d67d12ac71a
5b6c1cc397fd8510d899d72a7d43382cbcceee1b7a3b69735e8f6ecc8652afb2
8b1da396d990146a5c58465e5edd9a4b3153e7b0dba150937b639704b581bb3d
ad5052cfcd4bc6b262fae85507eea061c33bad087c67296846337a1935ff5b8d
ef9336661b4f33b1160cab9443d244681a448858818424fa075c8e42efa58b65

expoferiapozarica.com Open in urlscan Pro 65.99.252.10 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

201 kBTransfer

560 kBSize

0 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

expoferiapozarica.com Open in urlscan Pro
65.99.252.10 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

201 kB
Transfer

560 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!