theamguy.com
Open in
urlscan Pro
192.163.207.194
Malicious Activity!
Public Scan
Effective URL: http://theamguy.com/mediamarket/index.html?bemobdata=c%3D20025510-72bd-46c1-87e7-5b1ca94a4c9b..a%3D0..b%3D0..e%3Dzr7...
Submission Tags: phishing malicious Search All
Submission: On April 11 via api from GB
Summary
This is the only time theamguy.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 37.48.65.155 37.48.65.155 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
1 | 54.88.43.23 54.88.43.23 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 54.236.74.179 54.236.74.179 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 18.195.251.71 18.195.251.71 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
21 | 192.163.207.194 192.163.207.194 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer) | |
23 | 3 |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-88-43-23.compute-1.amazonaws.com
usd.photios-raj.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-236-74-179.compute-1.amazonaws.com
usd.dauid-iep.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-251-71.eu-central-1.compute.amazonaws.com
amszu.bemobtrk.com |
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: server.theamguy.com
theamguy.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
theamguy.com
theamguy.com |
198 KB |
1 |
bemobtrk.com
1 redirects
amszu.bemobtrk.com |
2 KB |
1 |
dauid-iep.com
usd.dauid-iep.com |
2 KB |
1 |
photios-raj.com
usd.photios-raj.com |
2 KB |
1 |
hashhot.com
1 redirects
bbr.hashhot.com |
390 B |
23 | 5 |
Domain | Requested by | |
---|---|---|
21 | theamguy.com |
usd.dauid-iep.com
theamguy.com |
1 | amszu.bemobtrk.com | 1 redirects |
1 | usd.dauid-iep.com |
usd.photios-raj.com
|
1 | usd.photios-raj.com | |
1 | bbr.hashhot.com | 1 redirects |
23 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
amszu.bemobtrk.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://theamguy.com/mediamarket/index.html?bemobdata=c%3D20025510-72bd-46c1-87e7-5b1ca94a4c9b..a%3D0..b%3D0..e%3Dzr71349c995c3b11e9a49612bb18f1e89c3ae3534bfea1495ca082e98d168e6bfb037473f3ed639c1f48..c1%3Dbravo-rep-WGbOSVJ7..c2%3Dbadious-buzzard..c3%3Dhot%2520chocolate%252Cdrink%252Chashhot%252Chashhot.com..c4%3DDOMAIN..c6%3DNON-ADULT..c8%3D1194282..c9%3DDE%2520-%2520(D)(R)(M)%2520MediaMarket%2520(1)..c10%3DMacOS..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D71349c99-5c3b-11e9-a496-12bb18f1e89c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Frame ID: E689F7CAA05E6F470AE4E714565741DA
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://bbr.hashhot.com/
HTTP 302
http://usd.photios-raj.com/zcvisitor/71349c99-5c3b-11e9-a496-12bb18f1e89c?campaignid=f3909cd0-5be5-11e9... Page URL
- http://usd.dauid-iep.com/zcredirect?visitid=71349c99-5c3b-11e9-a496-12bb18f1e89c&type=js&browserWidth... Page URL
-
https://amszu.bemobtrk.com/go/20025510-72bd-46c1-87e7-5b1ca94a4c9b?cid=zr71349c995c3b11e9a49612bb18f1e8...
HTTP 302
http://theamguy.com/mediamarket/index.html?bemobdata=c%3D20025510-72bd-46c1-87e7-5b1ca94a4c9b..a... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- env /^jQuery$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: BEANSPRUCHE JETZT
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bbr.hashhot.com/
HTTP 302
http://usd.photios-raj.com/zcvisitor/71349c99-5c3b-11e9-a496-12bb18f1e89c?campaignid=f3909cd0-5be5-11e9-8fd5-12077332b422 Page URL
- http://usd.dauid-iep.com/zcredirect?visitid=71349c99-5c3b-11e9-a496-12bb18f1e89c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
-
https://amszu.bemobtrk.com/go/20025510-72bd-46c1-87e7-5b1ca94a4c9b?cid=zr71349c995c3b11e9a49612bb18f1e89c3ae3534bfea1495ca082e98d168e6bfb037473f3ed639c1f48&target=bravo-rep-WGbOSVJ7&source=badious-buzzard&keyword=hot+chocolate%2Cdrink%2Chashhot%2Chashhot.com&traffic_type=DOMAIN&match=&visitor_type=NON-ADULT&target_url=&campaign_id=1194282&campaign_name=DE+-+%28D%29%28R%29%28M%29+MediaMarket+%281%29&os=MacOS
HTTP 302
http://theamguy.com/mediamarket/index.html?bemobdata=c%3D20025510-72bd-46c1-87e7-5b1ca94a4c9b..a%3D0..b%3D0..e%3Dzr71349c995c3b11e9a49612bb18f1e89c3ae3534bfea1495ca082e98d168e6bfb037473f3ed639c1f48..c1%3Dbravo-rep-WGbOSVJ7..c2%3Dbadious-buzzard..c3%3Dhot%2520chocolate%252Cdrink%252Chashhot%252Chashhot.com..c4%3DDOMAIN..c6%3DNON-ADULT..c8%3D1194282..c9%3DDE%2520-%2520(D)(R)(M)%2520MediaMarket%2520(1)..c10%3DMacOS..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D71349c99-5c3b-11e9-a496-12bb18f1e89c%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://bbr.hashhot.com/ HTTP 302
- http://usd.photios-raj.com/zcvisitor/71349c99-5c3b-11e9-a496-12bb18f1e89c?campaignid=f3909cd0-5be5-11e9-8fd5-12077332b422
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
71349c99-5c3b-11e9-a496-12bb18f1e89c
usd.photios-raj.com/zcvisitor/ Redirect Chain
|
1004 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zcredirect
usd.dauid-iep.com/ |
1002 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.html
theamguy.com/mediamarket/ Redirect Chain
|
14 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
theamguy.com/mediamarket/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.min.css
theamguy.com/mediamarket/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Mediamarkt.jpg
theamguy.com/mediamarket/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
len-de.png
theamguy.com/mediamarket/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mm750.jpg
theamguy.com/mediamarket/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.gif
theamguy.com/mediamarket/ |
15 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Mediamarkt-250-EURO.jpg
theamguy.com/mediamarket/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
theamguy.com/mediamarket/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
like.png
theamguy.com/mediamarket/ |
469 B 710 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.jpg
theamguy.com/mediamarket/ |
875 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.jpg
theamguy.com/mediamarket/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4.jpg
theamguy.com/mediamarket/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5.jpg
theamguy.com/mediamarket/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6.jpg
theamguy.com/mediamarket/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7.jpg
theamguy.com/mediamarket/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
winners.jpg
theamguy.com/mediamarket/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8.jpg
theamguy.com/mediamarket/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9.jpg
theamguy.com/mediamarket/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
10.jpg
theamguy.com/mediamarket/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
21.gif
theamguy.com/mediamarket/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| getUrlParameter undefined| city function| getURLParameter object| dayNames object| monthNames object| now string| today function| get_date function| speak function| startTimer function| funcc string| backOfferUrl0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' |
X-Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amszu.bemobtrk.com
bbr.hashhot.com
theamguy.com
usd.dauid-iep.com
usd.photios-raj.com
18.195.251.71
192.163.207.194
37.48.65.155
54.236.74.179
54.88.43.23
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e4c3d99efa3b2c5bc62e7e9775f6df76aedb4439717f62dea63e33855dfac92
0f7476367287cf4091b0ab6504a2dadc508a8f7dfe86970bc8435f9161b1229a
1a381623bd87f77b8b642d150404adf1f6edba167de3caa88cccf0385791b2e3
1c4606232b522c700d783c3d0690978f8ffa4fde90293f587d0aba7cd1f54bb8
4d52b2fa6c5c1f04781bd68da07c9e2d7002dd0c8cb79ff7604a7b11f6c3c0d2
64ef066211b7218254295043e0e7bffe0962943446af423f64752c80004b65b1
73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa
7abc3ff370287154f2402b902dce9361e98ab118d74debbbe333e8fdeabb1646
9860f4ce37af4594415edd7ff4b0a83d5fb72e9175cfd748e2254133a86cf17e
9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606
9d425d2ee401fde3ddf7481b9df7ce8f724b7e1f2166fedda4ba0e6a94da85f5
a7a5fbdf142ac5f718e2cac478efb6264ee1529d2ae4cbbacf7f512a0e4a6e71
b949bbbd2d1cc6b8a131535d114c471512c13d5c5735c75dcbdb83f1885be4e5
c3ba4b8f1b708bf9fb64f6b530ffea5feb0ec53711ea00cd58ac7fa295e528ce
c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291
c98e3c06687a6c9a67da873207a10e671c0ff86ec9125b7f59dc8c7c644b45b2
ced61ae598e8a6955a8404d27f9bd47b7ae0b4278db1776e27acd8daf2cc7a1f
d59184d19acac5e205e0dd8dbead7cf1e39ed3dbc2eb0707fea809ff78d7e391
ec845b8ab59d8880590ff0ef7aab85472609821dacf9ab3e1b47e3dd55a99a0c
f05ad879b50b9695331b73e8482fc46252c9b5c9de997204d6818af8a6fc7333
f92067ee6ad7f78a0f6eb0428b80537429f9d3c068452efb8cd13786eddb4610
fba1dafda080b2bf2c0074fc8eb29203c48f2afa916065df41a0a76e48f63987