www.hmz.gov.me Open in urlscan Pro
195.66.163.23 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.hmz.gov.me/galerija/us.php
Submission: On August 10 via api (August 10th 2017, 2:23:39 pm UTC) from CA

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 195.66.163.23, located in Podgorica, Montenegro and belongs to INTERNET-CG, ME. The main domain is www.hmz.gov.me.

This is the only time www.hmz.gov.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online) Apple (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	195.66.163.23 195.66.163.23	8585 (INTERNET-CG) (INTERNET-CG)
9	198.154.217.171 198.154.217.171	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
14	3

1 195.66.163.23 (Podgorica, Montenegro)

ASN8585 (INTERNET-CG, ME)
PTR: web.meteo.co.me

www.hmz.gov.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 198.154.217.171 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)

gothic-jewelry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	gothic-jewelry.com gothic-jewelry.com Failed	47 KB
1	hmz.gov.me www.hmz.gov.me	121 B
14	2

	Domain	Requested by
9	gothic-jewelry.com	gothic-jewelry.com
1	www.hmz.gov.me
14	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Frame: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254
Frame ID: 14334.1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

14
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

47 kB
Transfer

130 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request 0

http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/
http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254

Request 8

http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/js/appCheck.js
http://gothic-jewelry.com/index.php?controller=404

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request us.php Show response www.hmz.gov.me/galerija/	116 B 121 B	131ms 40ms	Document text/html	195.66.163.23 INTERNET-CG
General Check archive.org Show headers Download Go to Full URL http://www.hmz.gov.me/galerija/us.php Protocol HTTP/1.1 Server 195.66.163.23 Podgorica, Montenegro, ASN8585 (INTERNET-CG, ME), Reverse DNS web.meteo.co.me Software Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.14 Resource Hash `72ffd721e5be23aaab10d47c1a9b9bc8ff9bf3ac158bf32836aa2aca57d74b2a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 14:23:27 GMT Content-Encoding gzip Server Apache/2.4.7 (Ubuntu) X-Powered-By PHP/5.5.9-1ubuntu4.14 Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 121
GET		login.php gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/ Redirect Chain http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/ http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254	0 0

GET H/1.1	200 OK	login.php Show response gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/ Frame 1438	4 KB 3 KB	955ms 764ms	Document text/html	198.154.217.171 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 Protocol HTTP/1.1 Server 198.154.217.171 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS Software Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 / PHP/5.5.15 Resource Hash `695f59f27f852d9898a77dab7e8ecbea6bf82b91ccf52398761f396bc5104ebe` Request headers Upgrade-Insecure-Requests 1 Referer http://www.hmz.gov.me/galerija/us.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 14:23:31 GMT Content-Encoding gzip Server Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 X-Powered-By PHP/5.5.15 Vary Accept-Encoding Content-Type text/html Connection close Content-Length 2921
GET H/1.1	200 OK	hok.js Show response gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/ Frame 1438	20 KB 6 KB	654ms 457ms	Script application/javascript	198.154.217.171 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/hok.js Requested by Host: gothic-jewelry.com URL: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 Protocol HTTP/1.1 Server 198.154.217.171 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS Software Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 / Resource Hash `847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8` Request headers Referer http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 14:23:32 GMT Content-Encoding gzip Last-Modified Thu, 10 Aug 2017 14:23:28 GMT Server Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 ETag "5f40418-4f65-55666f0ba8b83-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=604800 Connection close Accept-Ranges bytes Content-Length 6049 Expires Thu, 17 Aug 2017 14:23:32 GMT
GET H/1.1	200 OK	login.css gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/css/ Frame 1438	4 KB 1 KB	506ms 329ms	Stylesheet text/css	198.154.217.171 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/css/login.css Requested by Host: gothic-jewelry.com URL: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 Protocol HTTP/1.1 Server 198.154.217.171 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS Software Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 / Resource Hash `7d1fe2e2415e714306ae74b62ee2ade91120e79f9b014308bedd7344592b540c` Request headers Referer http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 14:23:32 GMT Content-Encoding gzip Last-Modified Thu, 10 Aug 2017 14:23:28 GMT Server Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 ETag "5f403a6-1077-55666f0ba77fb-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=604800 Connection close Accept-Ranges bytes Content-Length 1243 Expires Thu, 17 Aug 2017 14:23:32 GMT
GET H/1.1	200 OK	header.css gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/css/ Frame 1438	497 B 256 B	503ms 325ms	Stylesheet text/css	198.154.217.171 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/css/header.css Requested by Host: gothic-jewelry.com URL: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 Protocol HTTP/1.1 Server 198.154.217.171 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS Software Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 / Resource Hash `f9420da0d3043a589e266b0785a9455ce58d1d3ec9fe4296cf99478d09cfa22f` Request headers Referer http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 14:23:32 GMT Content-Encoding gzip Last-Modified Thu, 10 Aug 2017 14:23:28 GMT Server Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 ETag "5f403a8-1f1-55666f0ba77fb-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=604800 Connection close Accept-Ranges bytes Content-Length 256 Expires Thu, 17 Aug 2017 14:23:32 GMT
GET H/1.1	200 OK	footer.css gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/css/ Frame 1438	234 B 169 B	512ms 334ms	Stylesheet text/css	198.154.217.171 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/css/footer.css Requested by Host: gothic-jewelry.com URL: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 Protocol HTTP/1.1 Server 198.154.217.171 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS Software Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 / Resource Hash `0b4bb2ba35c2df698e4f9c5d40b851e7e343f00726fadb2a217ddbd4a7a1fa73` Request headers Referer http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 14:23:32 GMT Content-Encoding gzip Last-Modified Thu, 10 Aug 2017 14:23:28 GMT Server Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 ETag "5f403ac-ea-55666f0ba77fb-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=604800 Connection close Accept-Ranges bytes Content-Length 169 Expires Thu, 17 Aug 2017 14:23:32 GMT
GET H/1.1	200 OK	jquery-1.11.3.min.js Show response gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/js/ Frame 1438	94 KB 32 KB	503ms 314ms	Script application/javascript	198.154.217.171 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/js/jquery-1.11.3.min.js Requested by Host: gothic-jewelry.com URL: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 Protocol HTTP/1.1 Server 198.154.217.171 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS Software Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 / Resource Hash `ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8` Request headers Referer http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 14:23:32 GMT Content-Encoding gzip Last-Modified Thu, 10 Aug 2017 14:23:28 GMT Server Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 ETag "5f40386-176d5-55666f0ba702b-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=604800 Connection close Accept-Ranges bytes Content-Length 33279 Expires Thu, 17 Aug 2017 14:23:32 GMT
GET H/1.1	200 OK	validationEngine.js Show response gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/js/ Frame 1438	6 KB 1 KB	497ms 308ms	Script application/javascript	198.154.217.171 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/js/validationEngine.js Requested by Host: gothic-jewelry.com URL: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 Protocol HTTP/1.1 Server 198.154.217.171 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS Software Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 / Resource Hash `69afedae2a561f98a65f21226138824cb7cc37ad322aece2cfb5fd23752898f3` Request headers Referer http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 14:23:32 GMT Content-Encoding gzip Last-Modified Thu, 10 Aug 2017 14:23:28 GMT Server Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 ETag "5f40390-164b-55666f0ba7413-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=604800 Connection close Accept-Ranges bytes Content-Length 1359 Expires Thu, 17 Aug 2017 14:23:32 GMT
GET H/1.1	404 Not Found	index.php gothic-jewelry.com/ Frame 1438 Redirect Chain http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/js/appCheck.js http://gothic-jewelry.com/index.php?controller=404	0 0	823ms 640ms	Script text/html	198.154.217.171 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://gothic-jewelry.com/index.php?controller=404 Requested by Host: gothic-jewelry.com URL: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 Protocol HTTP/1.1 Server 198.154.217.171 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS Software Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 / PHP/5.5.15 Resource Hash Request headers Referer http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 14:23:33 GMT Server Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 X-Powered-By PHP/5.5.15 Vary Host P3P CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" Transfer-Encoding chunked Connection close Content-Type text/html; charset=utf-8 Redirect headers Date Thu, 10 Aug 2017 14:23:32 GMT Server Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 X-Powered-By PHP/5.5.15 Vary Host Content-Type text/html; charset=utf-8 Location http://gothic-jewelry.com/index.php?controller=404 Cache-Control no-cache Connection close Content-Length 0
GET H/1.1	200 OK	headerLogo.png gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/img/ Frame 1438	3 KB 3 KB	486ms 295ms	Image image/png	198.154.217.171 Unified Layer
General Check archive.org Show headers Download Go to Show image Full URL http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/img/headerLogo.png Requested by Host: gothic-jewelry.com URL: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 Protocol HTTP/1.1 Server 198.154.217.171 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS Software Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 / Resource Hash `40d19a3e1293a39a2cd091794d60b88e390a2d828e1cbebba5e3b8c46cedd944` Request headers Referer http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 14:23:33 GMT Last-Modified Thu, 10 Aug 2017 14:23:28 GMT Server Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 ETag "5f403ba-a69-55666f0ba7be3" Content-Type image/png Cache-Control max-age=2592000 Connection close Accept-Ranges bytes Content-Length 2665 Expires Sat, 09 Sep 2017 14:23:33 GMT
GET		header.png gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/img/ Frame 1438	0 0

GET		left.png gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/img/ Frame 1438	0 0

GET		footer.png gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/img/ Frame 1438	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gothic-jewelry.com
URL: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/login.php?ip=148.251.45.254

Domain: gothic-jewelry.com
URL: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/img/header.png

Domain: gothic-jewelry.com
URL: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/img/left.png

Domain: gothic-jewelry.com
URL: http://gothic-jewelry.com/override/controllers/admin/templates/IDlogin/fb0bd338f347914a53712209fbf1749c/assets/img/footer.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Apple (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gothic-jewelry.com
www.hmz.gov.me
gothic-jewelry.com
195.66.163.23
198.154.217.171
0b4bb2ba35c2df698e4f9c5d40b851e7e343f00726fadb2a217ddbd4a7a1fa73
40d19a3e1293a39a2cd091794d60b88e390a2d828e1cbebba5e3b8c46cedd944
695f59f27f852d9898a77dab7e8ecbea6bf82b91ccf52398761f396bc5104ebe
69afedae2a561f98a65f21226138824cb7cc37ad322aece2cfb5fd23752898f3
72ffd721e5be23aaab10d47c1a9b9bc8ff9bf3ac158bf32836aa2aca57d74b2a
7d1fe2e2415e714306ae74b62ee2ade91120e79f9b014308bedd7344592b540c
847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f9420da0d3043a589e266b0785a9455ce58d1d3ec9fe4296cf99478d09cfa22f

www.hmz.gov.me Open in urlscan Pro 195.66.163.23 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

14 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

47 kBTransfer

130 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

www.hmz.gov.me Open in urlscan Pro
195.66.163.23 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

47 kB
Transfer

130 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!