0/100

low Risk

amkvay.com

https://amkvay.com

104.21.1.12 · Cloudflare, Inc.

Location

Toronto, Canada

Domain Age

254 days

HTTP

200 · 24.8s

SSL

Valid· WE1, Google Trust Services, US

Status

COMPLETED

Visual Evidence

Zoom

Title: "Süperbahis - Süperbahis Giriş - Süperbahis Güncel Giriş Adresi"

Save

Linked Phishing Report

This scan is attached to a vendor submission report

Brand

Google

Vendors

29/31

Status

partial

✓ microsoft✓ avast✓ bitdefender✓ avg✓ chainpatrol✗ drweb✓ cisa✓ brightcloud✓ apple✓ isitphish✓ eset✓ yandex✓ sophos✓ polyswarm✓ urlquery✗ norton✓ openphish✓ apwg✓ urlscan✓ emsisoft✓ spamhaus✓ phishreport✓ netcraft✓ phishtank✓ virustotal✓ urlabuse✓ kaspersky✓ threatyeti✓ fortiguard✓ google✓ mcafee

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

Google

Unknown

gambling | technology | finance | ecommerce | other · 6/3/2026

Summary

The page displays branding and content for Google, including the page title, meta tags, and imagery. However, the domain amkvay.com is not the official Google domain, and the screenshot shows a Google login/gateway look-alike interface on a non-official domain, indicating impersonation. Technical signals include multiple external script loads, a WordPress/Litespeed setup, and a suspicious endpoint POST to a guest.vary.php, which may be used for caching/abuse. The combination of brand impersonation and potential misusage of endpoints constitutes a suspected phishing/brand impersonation scenario rather than legitimate first-party content.

Evidence Summary

▸Observed 3 capture stage(s); canonical stage is late_render_3s.

▸POST targets observed during capture: https://amkvay.com/wp-content/plugins/litespeed-cache/guest.vary.php.

▸Distinctive asset clues: jquery.min.js, 44767e467280e81f8a0ee07558eaa5e5.js, fec097406630c4c51f7673948b9bed1e.css, css, superbahis-giris-1024x512.png, superbahis-guncel-adres-300x251.png.

Capture

Stages: 3

Canonical: Late Render (+3s)

Changed: No

Credential Signals

Forms: 1

Password fields: 0

Late-stage login UI: No

Resource Signals

Resources: 24

Hosts: 3

Domains: 3

Suspicious Endpoints

hxxps://amkvay[.]com/

Observed Signals (2)

Brand impersonation via non-official domainSuspicious POST endpoint: /wp-content/plugins/litespeed-cache/guest.vary.php (possible abuse surface)

Observed Indicators (2)

▸External assets include superbahis-logo.png and images, reinforcing impersonation

▸Sitelogo and content mimic a betting site; no explicit PayPal/tech support branding observed in page content, but strong impersonation risk via visuals

Risk AssessmentUsed in abuse reports

The evidence strongly indicates brand impersonation: the page presents Google branding on a non-official domain (amkvay.com). The screenshot shows a Google-themed page with multiple articles and a login-like header, which suggests an attempt to harvest credentials or phish users of Google. There is also suspicious network activity, including a POST to a LiteSpeed guest.vary.php endpoint and numerous external scripts, which may point to malicious loading or data exfiltration. Due to the impersonation signals combined with potential abuse endpoints, this site should be treated as a phishing/impersonation risk with high confidence and appropriate action considered.

Recommended Action

Monitor

Cross-Reference9

URL Intelligence