www.it-campagna-amazon.com Open in urlscan Pro
160.153.128.7 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.it-campagna-amazon.com/
Submission: On December 18 via automatic, source certstream-suspicious (December 18th 2019, 6:33:35 pm UTC)

Summary HTTP 17 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 17 HTTP transactions. The main IP is 160.153.128.7, located in Scottsdale, United States and belongs to GODADDY-AMS, DE. The main domain is www.it-campagna-amazon.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 18th 2019. Valid for: 3 months.

This is the only time www.it-campagna-amazon.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	160.153.128.7 160.153.128.7	21501 (GODADDY-AMS) (GODADDY-AMS)
10	2a04:4e42:1b:... 2a04:4e42:1b::272	54113 (FASTLY) (FASTLY - Fastly)
3	52.48.62.161 52.48.62.161	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.96.127 143.204.96.127	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
17	4

3 160.153.128.7 (Scottsdale, United States)

ASN21501 (GODADDY-AMS, DE)
PTR: ip-160-153-128-7.ip.secureserver.net

www.it-campagna-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:1b::272 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.48.62.161 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-62-161.eu-west-1.compute.amazonaws.com

fls-eu.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.96.127 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-96-127.fra50.r.cloudfront.net

images-eu.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ssl-images-amazon.com images-na.ssl-images-amazon.com images-eu.ssl-images-amazon.com	217 KB
3	amazon.com fls-eu.amazon.com	462 B
3	it-campagna-amazon.com www.it-campagna-amazon.com	24 KB
2	media-amazon.com m.media-amazon.com	28 KB
17	4

	Domain	Requested by
8	images-na.ssl-images-amazon.com	www.it-campagna-amazon.com
3	fls-eu.amazon.com	images-eu.ssl-images-amazon.com
3	www.it-campagna-amazon.com
2	m.media-amazon.com	www.it-campagna-amazon.com
1	images-eu.ssl-images-amazon.com	www.it-campagna-amazon.com
17	5

This site contains links to these domains. Also see Links.

Domain
www.amazon.it

Subject Issuer	Validity	Valid
it-campagna-amazon.com Let's Encrypt Authority X3	`2019-12-18` - `2020-03-17`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2019-10-02` - `2020-10-02`	a year	crt.sh
fls-eu.amazon.com Amazon	`2019-09-06` - `2020-09-06`	a year	crt.sh
Images-na.ssl-images-amazon.com DigiCert Global CA G2	`2019-05-02` - `2020-04-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.it-campagna-amazon.com/
Frame ID: 5A03FF92F2E3F2F7B46F670DD27884AA
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

269 kB
Transfer

906 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.it/gp/help/customer/display.html/ref=ap_desktop_footer_cou?ie=UTF8&nodeId=200545940
Title: Condizioni d'uso

Search URL Search Domain Scan URL

URL: https://www.amazon.it/gp/help/customer/display.html/ref=ap_desktop_footer_privacy_notice?ie=UTF8&nodeId=200545460
Title: Informativa sulla privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.it-campagna-amazon.com/	61 KB 23 KB	1147ms 51ms	Document text/html	160.153.128.7 GODADDY-AMS
General Check archive.org Show headers Download Go to Full URL https://www.it-campagna-amazon.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.128.7 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE), Reverse DNS ip-160-153-128-7.ip.secureserver.net Software Apache / PHP/5.6.40 Resource Hash `08ceb17c98c770cfbb714a86162f8cfb4d4dc18f55b824d5907debb550b9d2b9` Request headers :method GET :authority www.it-campagna-amazon.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 date Wed, 18 Dec 2019 18:33:12 GMT server Apache x-powered-by PHP/5.6.40 vary Accept-Encoding,User-Agent content-encoding gzip content-length 23276 content-type text/html; charset=UTF-8
GET H2	200	61eRrGh+pIL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css images-na.ssl-images-amazon.com/images/I/	135 KB 22 KB	23ms 7ms	Stylesheet text/css	2a04:4e42:1b::272 Fastly
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/61eRrGh+pIL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css?AUIClients/AmazonUI Requested by Host: www.it-campagna-amazon.com URL: https://www.it-campagna-amazon.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash `ab3b450a8e2261a962adfc062bb7533c2d8775649f1fdfa222604a35541f4164` Request headers Referer https://www.it-campagna-amazon.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Dec 2019 18:33:12 GMT content-encoding gzip age 2891159 x-cache HIT from fastly, HIT from fastly status 200 content-length 22806 x-served-by cache-iad2145-IAD, cache-hhn4063-HHN last-modified Wed, 03 Jan 2018 00:14:57 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 1b447868-6fb6-4180-9913-e5df952b42d7 accept-ranges bytes timing-allow-origin https://www.amazon.com expires Thu, 10 Nov 2039 07:27:12 GMT
GET H2	200	01SdjaY0ZsL._RC%7C419x3gj3czL.css,419RS+HnI5L.css_.css images-na.ssl-images-amazon.com/images/I/	49 KB 9 KB	28ms 13ms	Stylesheet text/css	2a04:4e42:1b::272 Fastly
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC%7C419x3gj3czL.css,419RS+HnI5L.css_.css?AUIClients/AuthenticationPortalAssets Requested by Host: www.it-campagna-amazon.com URL: https://www.it-campagna-amazon.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash `27ca6f594ebd709b2ee47a4f9ff82d10d4e310e4935ae10269a337c44609207e` Request headers Referer https://www.it-campagna-amazon.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Dec 2019 18:33:12 GMT content-encoding gzip age 505136 x-cache HIT from fastly, HIT from fastly status 200 content-length 8982 x-served-by cache-iad2126-IAD, cache-hhn4063-HHN last-modified Sat, 30 May 2015 02:58:48 GMT vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 4fb2203b-f416-48f8-a57c-feb1049f1341 accept-ranges bytes timing-allow-origin https://www.amazon.com expires Wed, 07 Dec 2039 22:14:16 GMT
GET H2	200	11Yih2A8AxL.css images-na.ssl-images-amazon.com/images/I/	2 KB 1 KB	21ms 7ms	Stylesheet text/css	2a04:4e42:1b::272 Fastly
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/11Yih2A8AxL.css?AUIClients/CVFAssets Requested by Host: www.it-campagna-amazon.com URL: https://www.it-campagna-amazon.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash `f3334cf534390c2b992a341f9e40869db35a2161623c27445f69e206f440fa2e` Request headers Referer https://www.it-campagna-amazon.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Dec 2019 18:33:12 GMT content-encoding gzip age 3796462 x-cache MISS from fastly, HIT from fastly status 200 content-length 811 x-served-by cache-iad2145-IAD, cache-hhn4063-HHN last-modified Thu, 12 Sep 2019 22:08:39 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 882b894c-530b-49a3-8a40-87dba1d4d486 accept-ranges bytes timing-allow-origin https://www.amazon.com expires Sun, 30 Oct 2039 19:58:50 GMT
GET H2	200	61-6nKPKyWL._RC%7C11-BZEJ8lnL.js,61q-U9rAZ3L.js,31x4ENTlVIL.js,31f4+QIEeqL.js,01N6xzIJxbL.js,518BI433aLL.js,01rpauTep4L.js,31QZSjMuoeL.js,61ofwvddDeL.js,01KsMxlPtzL.js_.js Show response images-na.ssl-images-amazon.com/images/I/	314 KB 97 KB	21ms 7ms	Script application/x-javascript	2a04:4e42:1b::272 Fastly
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/61-6nKPKyWL._RC%7C11-BZEJ8lnL.js,61q-U9rAZ3L.js,31x4ENTlVIL.js,31f4+QIEeqL.js,01N6xzIJxbL.js,518BI433aLL.js,01rpauTep4L.js,31QZSjMuoeL.js,61ofwvddDeL.js,01KsMxlPtzL.js_.js?AUIClients/AmazonUI Requested by Host: www.it-campagna-amazon.com URL: https://www.it-campagna-amazon.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash `fe98215ed68d14f34fc46c2bb52d784d40c8e6690f74dc39897912443f07730e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.it-campagna-amazon.com/ Origin https://www.it-campagna-amazon.com Response headers date Wed, 18 Dec 2019 18:33:12 GMT content-encoding gzip age 1470862 x-cache HIT from fastly, HIT from fastly status 200 content-length 99521 x-served-by cache-iad2144-IAD, cache-hhn4046-HHN last-modified Thu, 12 Sep 2019 21:14:10 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 1001d963-6998-445b-9299-b7279451b362 accept-ranges bytes timing-allow-origin https://www.amazon.com expires Sat, 26 Nov 2039 17:58:50 GMT
GET H2	200	21RhrSU9lHL._RC%7C21pimbFDlkL.js,21hSRH0v3RL.js,31+k9Z-FF2L.js,21hE9xd08IL.js,013DX0Lip-L.js,51wHyvKhx4L.js_.js Show response images-na.ssl-images-amazon.com/images/I/	75 KB 21 KB	21ms 6ms	Script application/x-javascript	2a04:4e42:1b::272 Fastly
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/21RhrSU9lHL._RC%7C21pimbFDlkL.js,21hSRH0v3RL.js,31+k9Z-FF2L.js,21hE9xd08IL.js,013DX0Lip-L.js,51wHyvKhx4L.js_.js?AUIClients/AuthenticationPortalAssets Requested by Host: www.it-campagna-amazon.com URL: https://www.it-campagna-amazon.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash `afde0fbf68a641dec1714f561240b070234758d6f92a695def4a33179a54ddc9` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.it-campagna-amazon.com/ Origin https://www.it-campagna-amazon.com Response headers date Wed, 18 Dec 2019 18:33:12 GMT content-encoding gzip age 1036468 x-cache HIT from fastly, HIT from fastly status 200 content-length 21762 x-served-by cache-iad2132-IAD, cache-hhn4046-HHN last-modified Thu, 04 Jul 2019 01:31:46 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 2f3b5f2d-7802-413c-81b7-99857ee33ff5 accept-ranges bytes timing-allow-origin https://www.amazon.com expires Thu, 01 Dec 2039 18:38:44 GMT
GET H2	200	01AIGGSCkCL.js Show response images-na.ssl-images-amazon.com/images/I/	518 B 497 B	19ms 7ms	Script application/x-javascript	2a04:4e42:1b::272 Fastly
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/01AIGGSCkCL.js?AUIClients/AuthenticationPortalInlineAssets Requested by Host: www.it-campagna-amazon.com URL: https://www.it-campagna-amazon.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash `99e360090b4ffc6c5671b310ace9c7530ca59c8693e5ca2418450a082a25606e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.it-campagna-amazon.com/ Origin https://www.it-campagna-amazon.com Response headers date Wed, 18 Dec 2019 18:33:12 GMT content-encoding gzip age 3605129 x-cache HIT from fastly, HIT from fastly status 200 content-length 349 x-served-by cache-iad2130-IAD, cache-hhn4046-HHN last-modified Thu, 04 Jul 2019 01:31:45 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 856fbab9-b703-429a-8e64-cb9fea341c57 accept-ranges bytes timing-allow-origin https://www.amazon.com expires Wed, 02 Nov 2039 01:07:42 GMT
GET H2	200	21BlRP28OmL.js Show response images-na.ssl-images-amazon.com/images/I/	8 KB 3 KB	19ms 7ms	Script application/x-javascript	2a04:4e42:1b::272 Fastly
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/21BlRP28OmL.js?AUIClients/CVFAssets Requested by Host: www.it-campagna-amazon.com URL: https://www.it-campagna-amazon.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash `f33371b4cad292c24175b57b15e3c1798a2e25030e96a042019feedcbfcedc8e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.it-campagna-amazon.com/ Origin https://www.it-campagna-amazon.com Response headers date Wed, 18 Dec 2019 18:33:12 GMT content-encoding gzip age 513470 x-cache HIT from fastly, HIT from fastly status 200 content-length 2932 x-served-by cache-iad2136-IAD, cache-hhn4046-HHN last-modified Wed, 11 Dec 2019 20:40:50 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 4aead2fb-30fe-4a24-9318-e4c1eeeea3d0 accept-ranges bytes timing-allow-origin https://www.amazon.com expires Wed, 07 Dec 2039 19:55:22 GMT
GET H2	200	71+yE0ODnlL.js Show response images-na.ssl-images-amazon.com/images/I/	225 KB 58 KB	18ms 6ms	Script application/x-javascript	2a04:4e42:1b::272 Fastly
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/71+yE0ODnlL.js?AUIClients/FWCIMAssets Requested by Host: www.it-campagna-amazon.com URL: https://www.it-campagna-amazon.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash `7658cf2f927869823da6b86631d097a598e89d8c3a606351e481760ea40f406b` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.it-campagna-amazon.com/ Origin https://www.it-campagna-amazon.com Response headers date Wed, 18 Dec 2019 18:33:12 GMT content-encoding gzip age 513362 x-cache HIT from fastly, HIT from fastly status 200 content-length 58808 x-served-by cache-iad2137-IAD, cache-hhn4046-HHN last-modified Wed, 11 Dec 2019 20:23:06 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id a4962815-4057-44df-a2d1-bb405a6957f7 accept-ranges bytes timing-allow-origin https://www.amazon.com expires Wed, 07 Dec 2039 19:57:10 GMT
GET H2	200	AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png m.media-amazon.com/images/G/01/AUIClients/	27 KB 27 KB	7ms 6ms	Image image/png	2a04:4e42:1b::272 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://m.media-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png Requested by Host: www.it-campagna-amazon.com URL: https://www.it-campagna-amazon.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash `437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5` Request headers Referer https://images-na.ssl-images-amazon.com/images/I/61eRrGh+pIL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css?AUIClients/AmazonUI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Dec 2019 18:33:12 GMT last-modified Fri, 22 Sep 2017 00:23:19 GMT age 4317948 x-served-by cache-iad2140-IAD, cache-hhn4063-HHN x-cache HIT from fastly, HIT from fastly content-type image/png status 200 cache-control max-age=630720000,public x-amz-ir-id 9521da85-4b13-4136-982c-6d7de4e80050 accept-ranges bytes timing-allow-origin https://www.amazon.com access-control-allow-origin * content-length 27972 expires Mon, 24 Oct 2039 19:07:23 GMT
GET H2	404	uedata www.it-campagna-amazon.com/ap/	315 B 315 B	56ms 54ms	Image text/html	160.153.128.7 GODADDY-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://www.it-campagna-amazon.com/ap/uedata?ld&v=0.205901.0&id=KX4SH5TQDNDQF9R869EC&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=KX4SH5TQDNDQF9R869EC&ue=2&bb=41&cf=52&be=58&fp=57&fcp=57&pc=149&tc=-1155&na_=-1155&ul_=-1576693992461&_ul=-1576693992461&rd_=-1576693992461&_rd=-1576693992461&fe_=-1155&lk_=-1154&_lk=-1130&co_=-1130&_co=-58&sc_=-107&rq_=-58&rs_=-7&_rs=9&dl_=-4&di_=60&de_=60&_de=61&_dc=148&ld_=148&_ld=-1576693992461&ntd=-1&ty=0&rc=0&hob=1&hoe=2&ld=149&t=1576693992610&ctb=1&rt=cf:3-0-3-0-1-0-1__ld:9-5-3-0-2-1-0&csmtags=aui\|aui:aui_build_date:3.19.8-2019-12-11\|fls-eu-amazon-com&viz=visible:2&pty=AuthenticationPortal&spty=RegistrationApplication&pti=undefined&tid=KX4SH5TQDNDQF9R869EC&aftb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.128.7 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE), Reverse DNS ip-160-153-128-7.ip.secureserver.net Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer https://www.it-campagna-amazon.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 404 date Wed, 18 Dec 2019 18:33:12 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	APJ6JRA9NG5V4:261-6517066-6262138:KX4SH5TQDNDQF9R869EC$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.205901.0%26id%3DKX4SH5TQDNDQF9R869EC%26sw%3D1600%26sh%3D1200%26vw%3D1600%26vh%3D1200%26m%3D1%26sc%3DKX4SH... fls-eu.amazon.com/1/batch/1/OP/	43 B 148 B	361ms 36ms	Image image/gif	52.48.62.161 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://fls-eu.amazon.com/1/batch/1/OP/APJ6JRA9NG5V4:261-6517066-6262138:KX4SH5TQDNDQF9R869EC$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.205901.0%26id%3DKX4SH5TQDNDQF9R869EC%26sw%3D1600%26sh%3D1200%26vw%3D1600%26vh%3D1200%26m%3D1%26sc%3DKX4SH5TQDNDQF9R869EC%26ue%3D2%26bb%3D41%26cf%3D52%26be%3D58%26fp%3D57%26fcp%3D57%26pc%3D149%26tc%3D-1155%26na_%3D-1155%26ul_%3D-1576693992461%26_ul%3D-1576693992461%26rd_%3D-1576693992461%26_rd%3D-1576693992461%26fe_%3D-1155%26lk_%3D-1154%26_lk%3D-1130%26co_%3D-1130%26_co%3D-58%26sc_%3D-107%26rq_%3D-58%26rs_%3D-7%26_rs%3D9%26dl_%3D-4%26di_%3D60%26de_%3D60%26_de%3D61%26_dc%3D148%26ld_%3D148%26_ld%3D-1576693992461%26ntd%3D-1%26ty%3D0%26rc%3D0%26hob%3D1%26hoe%3D2%26ld%3D149%26t%3D1576693992610%26ctb%3D1%26rt%3Dcf%3A3-0-3-0-1-0-1__ld%3A9-5-3-0-2-1-0%26csmtags%3Daui%7Caui%3Aaui_build_date%3A3.19.8-2019-12-11%7Cfls-eu-amazon-com%26viz%3Dvisible%3A2%26pty%3DAuthenticationPortal%26spty%3DRegistrationApplication%26pti%3Dundefined%26tid%3DKX4SH5TQDNDQF9R869EC%26aftb%3D1:150 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.62.161 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-48-62-161.eu-west-1.compute.amazonaws.com Software / Resource Hash `a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce` Request headers Referer https://www.it-campagna-amazon.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 18 Dec 2019 18:33:12 GMT x-amzn-requestid 06229724-3cdf-4029-ab00-85ebf9ecac1c content-length 43 content-type image/gif
GET H2	200	ClientSideMetricsAUIJavascript@jserrorsForester.10f2559e93ec589d92509318a7e2acbac74c343a._V2_.js Show response images-eu.ssl-images-amazon.com/images/G/01/AUIClients/	9 KB 5 KB	1163ms 77ms	Script application/x-javascript	143.204.96.127 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://images-eu.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript@jserrorsForester.10f2559e93ec589d92509318a7e2acbac74c343a._V2_.js Requested by Host: www.it-campagna-amazon.com URL: https://www.it-campagna-amazon.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.96.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-96-127.fra50.r.cloudfront.net Software Server / Resource Hash `5ea5d14e97b5a39ae16ca0e2d8ddfcb2d5e29112e64615aabf5b59cd37230082` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.it-campagna-amazon.com/ Origin https://www.it-campagna-amazon.com Response headers date Thu, 13 Dec 2018 12:54:59 GMT content-encoding gzip age 458332 x-cache Hit from cloudfront status 200 via 1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront) last-modified Wed, 14 Nov 2018 15:06:07 GMT server Server content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 8d7c3685-5716-414e-809b-12cf7cd2b3cb x-amz-cf-pop FRA50-C1 timing-allow-origin https://www.amazon.com x-amz-cf-id AyBTqnOe_D8H_A3dwBvkpJ3MM6-s4DE5dB9QqZAykxBB-RpffV1Iog== expires Sun, 05 Dec 2038 07:43:34 GMT
GET H2	200	showads.v2.js Show response m.media-amazon.com/images/G/01/csm/	23 B 200 B	6ms 6ms	Script application/x-javascript	2a04:4e42:1b::272 Fastly
General Check archive.org Show headers Download Go to Full URL https://m.media-amazon.com/images/G/01/csm/showads.v2.js Requested by Host: www.it-campagna-amazon.com URL: https://www.it-campagna-amazon.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash `88ea58255d4cd82340f7acaabe0e6a99f195a4dc2ca6ef56ec503d03b331bee5` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.it-campagna-amazon.com/ Origin https://www.it-campagna-amazon.com Response headers date Wed, 18 Dec 2019 18:33:12 GMT content-encoding gzip last-modified Mon, 28 Nov 2016 08:24:04 GMT age 44402 vary Accept-Encoding x-cache HIT from fastly, HIT from fastly content-type application/x-javascript status 200 cache-control max-age=86400,public x-amz-ir-id f7a65af0-7f20-478e-8450-21ce4f389d8c accept-ranges bytes access-control-allow-origin * content-length 43 x-served-by cache-iad2142-IAD, cache-hhn4046-HHN
GET H2	404	uedata www.it-campagna-amazon.com/ap/	315 B 315 B	30ms 30ms	Image text/html	160.153.128.7 GODADDY-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://www.it-campagna-amazon.com/ap/uedata?at&v=0.205901.0&id=KX4SH5TQDNDQF9R869EC&m=1&sc=adblk_no&pc=160&at=160&t=1576693992621&csmtags=adblk_no&pty=AuthenticationPortal&spty=RegistrationApplication&pti=undefined&tid=KX4SH5TQDNDQF9R869EC&aftb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.128.7 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE), Reverse DNS ip-160-153-128-7.ip.secureserver.net Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer https://www.it-campagna-amazon.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 404 date Wed, 18 Dec 2019 18:33:12 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	APJ6JRA9NG5V4:261-6517066-6262138:KX4SH5TQDNDQF9R869EC$uedata=s:%2Fap%2Fuedata%3Fat%26v%3D0.205901.0%26id%3DKX4SH5TQDNDQF9R869EC%26m%3D1%26sc%3Dadblk_no%26pc%3D160%26at%3D160%26t%3D1576693992621%26... fls-eu.amazon.com/1/batch/1/OP/	43 B 149 B	351ms 37ms	Image image/gif	52.48.62.161 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://fls-eu.amazon.com/1/batch/1/OP/APJ6JRA9NG5V4:261-6517066-6262138:KX4SH5TQDNDQF9R869EC$uedata=s:%2Fap%2Fuedata%3Fat%26v%3D0.205901.0%26id%3DKX4SH5TQDNDQF9R869EC%26m%3D1%26sc%3Dadblk_no%26pc%3D160%26at%3D160%26t%3D1576693992621%26csmtags%3Dadblk_no%26pty%3DAuthenticationPortal%26spty%3DRegistrationApplication%26pti%3Dundefined%26tid%3DKX4SH5TQDNDQF9R869EC%26aftb%3D1:160 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.62.161 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-48-62-161.eu-west-1.compute.amazonaws.com Software / Resource Hash `a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce` Request headers Referer https://www.it-campagna-amazon.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 18 Dec 2019 18:33:12 GMT x-amzn-requestid f36684b1-3022-4eb7-b39f-07e3b64318b7 content-length 43 content-type image/gif
POST H2	204	/ fls-eu.amazon.com/1/batch/1/OE/	0 165 B	38ms 37ms	Other text/plain	52.48.62.161 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://fls-eu.amazon.com/1/batch/1/OE/ Requested by Host: images-eu.ssl-images-amazon.com URL: https://images-eu.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript@jserrorsForester.10f2559e93ec589d92509318a7e2acbac74c343a._V2_.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.62.161 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-48-62-161.eu-west-1.compute.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.it-campagna-amazon.com/ Origin https://www.it-campagna-amazon.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers status 204 date Wed, 18 Dec 2019 18:33:14 GMT access-control-allow-origin * x-amzn-requestid d590783c-9377-49e7-a038-ba03ee120275 access-control-expose-headers x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.it-campagna-amazon.com/	1970-01-19 22:46:13	Name: csm-hit Value: tb:s-KX4SH5TQDNDQF9R869EC\|1576693992501&t:1576693992621&adb:adblk_no

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fls-eu.amazon.com
images-eu.ssl-images-amazon.com
images-na.ssl-images-amazon.com
m.media-amazon.com
www.it-campagna-amazon.com
143.204.96.127
160.153.128.7
2a04:4e42:1b::272
52.48.62.161
08ceb17c98c770cfbb714a86162f8cfb4d4dc18f55b824d5907debb550b9d2b9
27ca6f594ebd709b2ee47a4f9ff82d10d4e310e4935ae10269a337c44609207e
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
5ea5d14e97b5a39ae16ca0e2d8ddfcb2d5e29112e64615aabf5b59cd37230082
7658cf2f927869823da6b86631d097a598e89d8c3a606351e481760ea40f406b
88ea58255d4cd82340f7acaabe0e6a99f195a4dc2ca6ef56ec503d03b331bee5
99e360090b4ffc6c5671b310ace9c7530ca59c8693e5ca2418450a082a25606e
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
ab3b450a8e2261a962adfc062bb7533c2d8775649f1fdfa222604a35541f4164
afde0fbf68a641dec1714f561240b070234758d6f92a695def4a33179a54ddc9
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3334cf534390c2b992a341f9e40869db35a2161623c27445f69e206f440fa2e
f33371b4cad292c24175b57b15e3c1798a2e25030e96a042019feedcbfcedc8e
fe98215ed68d14f34fc46c2bb52d784d40c8e6690f74dc39897912443f07730e

www.it-campagna-amazon.com Open in urlscan Pro 160.153.128.7 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

25 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

269 kBTransfer

906 kBSize

1 Cookies

2 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

68 JavaScript Global Variables

1 Cookies

Indicators

www.it-campagna-amazon.com Open in urlscan Pro
160.153.128.7 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

269 kB
Transfer

906 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!