Security Scan Report: amarnati.agency

Redirected to:
https://amarnati.agency/wp-login.php?redirect_to=https%3A%2F%2Famarnat...
Submitted: Oct 27, 2025, 4:25:31 AMCompleted: Oct 27, 2025, 4:28:41 AMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main domain is amarnati.agency and was registered NaN years ago.

Submitted URL: http://amarnati.agency/wp-admin/

Effective URL: https://amarnati.agency/wp-login.php?redirect_to=https%3A%2F%2Famarnati.agency%2Fwp-admin%2F&reauth=1Redirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

New, unranked WordPress login page likely used for phishing – treat as confirmed scam.

Risk Factors
Brand new domain (<7 days) with credential‑harvesting login page
Compromised WordPress site indicators (wp-admin, wp-login.php)
Unranked domain with no established reputation
Redirect chain to wp-login.php suggests credential collection
Domain age information unavailable

Details

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Page Title

Bot Verification

Scan Type

public

Language

🇺🇸

English

(64% confidence)

Category

unknown

(0%)

Domain Information

The domain name 'amarnati.agency' uses the .agency top-level domain with no subdomain. Its registrable label 'amarnati' stretches across 8 characters split between four vowels and 4 consonants. Segmentation suggests 2 words: amarna, ti. Median word length is four characters. Most frequently, 'amara' shows up in Croatian. Usage also turns up in Slovenian and Bosnian contexts.

Screenshot

Security scan screenshot of http://amarnati.agency/wp-admin/

Page Load Overview

1.97s
Total Load Time
15
HTTP Requests
4
Domains
1.1 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:64%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:64%
Script Type:Latin
Text Length:54 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: static
Method: structural

All Detected Categories

No categories detected

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
5142.250.186.35United States
AS15169GOOGLE
3195.88.211.226Jakarta, Jakarta, Indonesia
AS214882Hadi Santosa
3142.250.186.99United States
AS15169GOOGLE
1142.250.185.195United States
AS15169GOOGLE
1142.250.185.163United States
AS15169GOOGLE
1216.58.206.67United States
AS15169GOOGLE
1142.250.181.227United States
AS15169GOOGLE
12a00:1450:4001:82a::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
12a00:1450:4001:81c::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
1172.217.18.3United States
AS15169GOOGLE
1512--

Detected Technologies2

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D0A1A57105B14424DC1382B5A2F177896833B253F986C9947CECA614FFCC9F6C8A3768

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:vrlklWJNJ6UmpK7AxGJIi+KMud6OynZT6/H:OlWJn6UmpK7kGJIKQI

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:4980:QijJoABBIBDEqMWgUgBQAEAgAwKDAAGzgEGBECgQCUUAgIAIZAoAAkJEZATAAyghIZACMgCAAIRQkEkhggEkCBEaAHAQoAiA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7e7e7ffffffff
Perceptual Hash:b333cccccc993323
Difference Hash:000c0c0c00000000
Wavelet Hash:3f0303030f0f0f0f
Color Hash:#8788c5

Other Hashes

Crop Resistant:000c0c0c00000000

Scan History

Scan history not available

Unable to load historical scan data