theamguy.com
Open in
urlscan Pro
192.163.207.194
Malicious Activity!
Public Scan
Submitted URL: http://myteluspages.com/
Effective URL: http://theamguy.com/mediamarket/index.html?bemobdata=c%3D20025510-72bd-46c1-87e7-5b1ca94a4c9b..a%3D0..b%3D0..e%3Dzra...
Submission: On April 11 via manual from CA
Effective URL: http://theamguy.com/mediamarket/index.html?bemobdata=c%3D20025510-72bd-46c1-87e7-5b1ca94a4c9b..a%3D0..b%3D0..e%3Dzra...
Submission: On April 11 via manual from CA
Summary
This website contacted 3 IPs
in 1 countries
across 6 domains to perform 24 HTTP transactions.
The main IP is 192.163.207.194, located in
Provo, United States and
belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US.
The main domain is theamguy.com.
This is the only time theamguy.com was scanned on urlscan.io!
This is the only time theamguy.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 209.15.13.134 209.15.13.134 | 13768 (COGECO-PEER1) (COGECO-PEER1 - Cogeco Peer 1) | |
| 1 2 | 209.15.13.136 209.15.13.136 | 13768 (COGECO-PEER1) (COGECO-PEER1 - Cogeco Peer 1) | |
| 2 | 34.194.204.58 34.194.204.58 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 1 | 18.185.209.24 18.185.209.24 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 21 | 192.163.207.194 192.163.207.194 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer) | |
| 24 | 3 |
1
209.15.13.134
(Atlanta, United States)
ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)
ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)
| myteluspages.com |
2
34.194.204.58
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-194-204-58.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-194-204-58.compute-1.amazonaws.com
| usd.photios-raj.com | |
| usd.dauid-iep.com |
1
18.185.209.24
(Cambridge, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-209-24.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-209-24.eu-central-1.compute.amazonaws.com
| amszu.bemobtrk.com |
21
192.163.207.194
(Provo, United States)
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: server.theamguy.com
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: server.theamguy.com
| theamguy.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 21 |
theamguy.com
theamguy.com |
199 KB |
| 2 |
dprtb.com
1 redirects
dprtb.com |
3 KB |
| 1 |
bemobtrk.com
1 redirects
amszu.bemobtrk.com |
2 KB |
| 1 |
dauid-iep.com
usd.dauid-iep.com |
2 KB |
| 1 |
photios-raj.com
usd.photios-raj.com |
2 KB |
| 1 |
myteluspages.com
1 redirects
myteluspages.com |
545 B |
| 24 | 6 |
| Domain | Requested by | |
|---|---|---|
| 21 | theamguy.com |
usd.dauid-iep.com
theamguy.com |
| 2 | dprtb.com | 1 redirects |
| 1 | amszu.bemobtrk.com | 1 redirects |
| 1 | usd.dauid-iep.com |
usd.photios-raj.com
|
| 1 | usd.photios-raj.com |
dprtb.com
|
| 1 | myteluspages.com | 1 redirects |
| 24 | 6 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| amszu.bemobtrk.com |
| Subject Issuer | Validity | Valid |
|---|
This page contains 1 frames:
Primary Page:
http://theamguy.com/mediamarket/index.html?bemobdata=c%3D20025510-72bd-46c1-87e7-5b1ca94a4c9b..a%3D0..b%3D0..e%3Dzrab6c28105c7211e9ab1812f5546cc0bc51ee602b4ed54743ba1e23cf127dacf203747951e2a08c44bc..c1%3Dindia-sap-gNzayAuw..c2%3Dgamboge-moose..c3%3Dmytelus%2520pages%252Cmyteluspages%252Cmyteluspages.com..c4%3DDOMAIN..c6%3DNON-ADULT..c8%3D1194282..c9%3DDE%2520-%2520(D)(R)(M)%2520MediaMarket%2520(1)..c10%3DMacOS..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253Dab6c2810-5c72-11e9-ab18-12f5546cc0bc%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Frame ID: 6FF6EFCE44BEC3D2F1AFFDEDDDA60402
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://myteluspages.com/
HTTP 302
http://dprtb.com/click?data=RllBc1plUnlsM0JvVkpQVXNfLUN1X0k5MGQ3elJBVTVGWDJzdzFfTEpoRDlnRnNUW... Page URL
-
http://dprtb.com/Redirect/
HTTP 302
http://usd.photios-raj.com/zcvisitor/ab6c2810-5c72-11e9-ab18-12f5546cc0bc?campaignid=f3909cd0-5be5-11e9... Page URL
- http://usd.dauid-iep.com/zcredirect?visitid=ab6c2810-5c72-11e9-ab18-12f5546cc0bc&type=js&browserWidth... Page URL
-
https://amszu.bemobtrk.com/go/20025510-72bd-46c1-87e7-5b1ca94a4c9b?cid=zrab6c28105c7211e9ab1812f5546cc0...
HTTP 302
http://theamguy.com/mediamarket/index.html?bemobdata=c%3D20025510-72bd-46c1-87e7-5b1ca94a4c9b..a... Page URL
Detected technologies
Windows Server
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://amszu.bemobtrk.com/click
Title: BEANSPRUCHE JETZT
Title: BEANSPRUCHE JETZT
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://myteluspages.com/
HTTP 302
http://dprtb.com/click?data=RllBc1plUnlsM0JvVkpQVXNfLUN1X0k5MGQ3elJBVTVGWDJzdzFfTEpoRDlnRnNUWE5HNFJabUs1N2kzZDYwY2VpTHppNUNYVzBEaVlQTFltcUZOTzBXdTFUWEJpaVhqRVlzQmM5eFFwbHJFMnR1eEdoN1pGTVJmR1IyRjlfZlgwTFdvNlR1eEZZRlZqVGlfUFlxZ3lBMg2&id=7b18d06c-7e6e-4b68-b0ec-c390ee481d17 Page URL
-
http://dprtb.com/Redirect/
HTTP 302
http://usd.photios-raj.com/zcvisitor/ab6c2810-5c72-11e9-ab18-12f5546cc0bc?campaignid=f3909cd0-5be5-11e9-8fd5-12077332b422 Page URL
- http://usd.dauid-iep.com/zcredirect?visitid=ab6c2810-5c72-11e9-ab18-12f5546cc0bc&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
-
https://amszu.bemobtrk.com/go/20025510-72bd-46c1-87e7-5b1ca94a4c9b?cid=zrab6c28105c7211e9ab1812f5546cc0bc51ee602b4ed54743ba1e23cf127dacf203747951e2a08c44bc&target=india-sap-gNzayAuw&source=gamboge-moose&keyword=mytelus+pages%2Cmyteluspages%2Cmyteluspages.com&traffic_type=DOMAIN&match=&visitor_type=NON-ADULT&target_url=&campaign_id=1194282&campaign_name=DE+-+%28D%29%28R%29%28M%29+MediaMarket+%281%29&os=MacOS
HTTP 302
http://theamguy.com/mediamarket/index.html?bemobdata=c%3D20025510-72bd-46c1-87e7-5b1ca94a4c9b..a%3D0..b%3D0..e%3Dzrab6c28105c7211e9ab1812f5546cc0bc51ee602b4ed54743ba1e23cf127dacf203747951e2a08c44bc..c1%3Dindia-sap-gNzayAuw..c2%3Dgamboge-moose..c3%3Dmytelus%2520pages%252Cmyteluspages%252Cmyteluspages.com..c4%3DDOMAIN..c6%3DNON-ADULT..c8%3D1194282..c9%3DDE%2520-%2520(D)(R)(M)%2520MediaMarket%2520(1)..c10%3DMacOS..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253Dab6c2810-5c72-11e9-ab18-12f5546cc0bc%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://myteluspages.com/ HTTP 302
- http://dprtb.com/click?data=RllBc1plUnlsM0JvVkpQVXNfLUN1X0k5MGQ3elJBVTVGWDJzdzFfTEpoRDlnRnNUWE5HNFJabUs1N2kzZDYwY2VpTHppNUNYVzBEaVlQTFltcUZOTzBXdTFUWEJpaVhqRVlzQmM5eFFwbHJFMnR1eEdoN1pGTVJmR1IyRjlfZlgwTFdvNlR1eEZZRlZqVGlfUFlxZ3lBMg2&id=7b18d06c-7e6e-4b68-b0ec-c390ee481d17
- http://dprtb.com/Redirect/ HTTP 302
- http://usd.photios-raj.com/zcvisitor/ab6c2810-5c72-11e9-ab18-12f5546cc0bc?campaignid=f3909cd0-5be5-11e9-8fd5-12077332b422
24 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
 Cookie set
click
dprtb.com/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ab6c2810-5c72-11e9-ab18-12f5546cc0bc
usd.photios-raj.com/zcvisitor/ Redirect Chain
|
1004 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
zcredirect
usd.dauid-iep.com/ |
1002 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
index.html
theamguy.com/mediamarket/ Redirect Chain
|
14 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
theamguy.com/mediamarket/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css.min.css
theamguy.com/mediamarket/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Mediamarkt.jpg
theamguy.com/mediamarket/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
len-de.png
theamguy.com/mediamarket/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mm750.jpg
theamguy.com/mediamarket/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loading.gif
theamguy.com/mediamarket/ |
15 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Mediamarkt-250-EURO.jpg
theamguy.com/mediamarket/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1.jpg
theamguy.com/mediamarket/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
like.png
theamguy.com/mediamarket/ |
469 B 781 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2.jpg
theamguy.com/mediamarket/ |
875 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3.jpg
theamguy.com/mediamarket/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
4.jpg
theamguy.com/mediamarket/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5.jpg
theamguy.com/mediamarket/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
6.jpg
theamguy.com/mediamarket/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
7.jpg
theamguy.com/mediamarket/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
winners.jpg
theamguy.com/mediamarket/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8.jpg
theamguy.com/mediamarket/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9.jpg
theamguy.com/mediamarket/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
10.jpg
theamguy.com/mediamarket/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
21.gif
theamguy.com/mediamarket/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| getUrlParameter undefined| city function| getURLParameter object| dayNames object| monthNames object| now string| today function| get_date function| speak function| startTimer function| funcc string| backOfferUrl0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amszu.bemobtrk.com
dprtb.com
myteluspages.com
theamguy.com
usd.dauid-iep.com
usd.photios-raj.com
18.185.209.24
192.163.207.194
209.15.13.134
209.15.13.136
34.194.204.58
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e4c3d99efa3b2c5bc62e7e9775f6df76aedb4439717f62dea63e33855dfac92
0f7476367287cf4091b0ab6504a2dadc508a8f7dfe86970bc8435f9161b1229a
17593e5592a005c9293908397e3000a9152fa96f4582609bf48b088491dff94c
1a381623bd87f77b8b642d150404adf1f6edba167de3caa88cccf0385791b2e3
1c4606232b522c700d783c3d0690978f8ffa4fde90293f587d0aba7cd1f54bb8
36779a96d76baca9011906873a568ba677272dacc4a2787b073bdca35bf2dd91
4d52b2fa6c5c1f04781bd68da07c9e2d7002dd0c8cb79ff7604a7b11f6c3c0d2
64ef066211b7218254295043e0e7bffe0962943446af423f64752c80004b65b1
73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa
7abc3ff370287154f2402b902dce9361e98ab118d74debbbe333e8fdeabb1646
9860f4ce37af4594415edd7ff4b0a83d5fb72e9175cfd748e2254133a86cf17e
9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606
9d425d2ee401fde3ddf7481b9df7ce8f724b7e1f2166fedda4ba0e6a94da85f5
b949bbbd2d1cc6b8a131535d114c471512c13d5c5735c75dcbdb83f1885be4e5
c3ba4b8f1b708bf9fb64f6b530ffea5feb0ec53711ea00cd58ac7fa295e528ce
c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291
c98e3c06687a6c9a67da873207a10e671c0ff86ec9125b7f59dc8c7c644b45b2
d59184d19acac5e205e0dd8dbead7cf1e39ed3dbc2eb0707fea809ff78d7e391
ec845b8ab59d8880590ff0ef7aab85472609821dacf9ab3e1b47e3dd55a99a0c
f05ad879b50b9695331b73e8482fc46252c9b5c9de997204d6818af8a6fc7333
f92067ee6ad7f78a0f6eb0428b80537429f9d3c068452efb8cd13786eddb4610
fba1dafda080b2bf2c0074fc8eb29203c48f2afa916065df41a0a76e48f63987