hmax.cz Open in urlscan Pro
207.180.196.43 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://school8.kvz.kubannet.ru/cli/1ndex.php
Effective URL:
https://hmax.cz/validate/localbitcoins.com/login.php
Submission: On November 27 via api (November 27th 2019, 11:18:35 pm UTC) from CZ

Summary HTTP 15 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 207.180.196.43, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is hmax.cz.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 12th 2019. Valid for: 3 months.

This is the only time hmax.cz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: LocalBitcoins (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1	212.192.128.49 212.192.128.49	8663 (KUBANNET) (KUBANNET)
1 15	207.180.196.43 207.180.196.43	51167 (CONTABO) (CONTABO)
15	2

1 212.192.128.49 (Russian Federation)

ASN8663 (KUBANNET, RU)
PTR: webhost9.kubannet.ru

school8.kvz.kubannet.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 207.180.196.43 (Nuremberg, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: server1.elighthost.com

hmax.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	hmax.cz 1 redirects hmax.cz	191 KB
1	kubannet.ru school8.kvz.kubannet.ru	335 B
15	2

	Domain	Requested by
15	hmax.cz	1 redirects hmax.cz
1	school8.kvz.kubannet.ru
15	2

This site contains links to these domains. Also see Links.

Domain
localbitcoins.com
localbitcoinschain.com
www.facebook.com
twitter.com
www.instagram.com
www.reddit.com
www.weibo.com

Subject Issuer	Validity	Valid
hmax.cz cPanel, Inc. Certification Authority	`2019-11-12` - `2020-02-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hmax.cz/validate/localbitcoins.com/login.php
Frame ID: 71684C4F418F57E500A8774DF389E94F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://school8.kvz.kubannet.ru/cli/1ndex.php Page URL
https://hmax.cz/validate/localbitcoins.com/index.php HTTP 302
https://hmax.cz/validate/localbitcoins.com/login.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
headers server /php\/?([\d.]+)?/i

UNIX (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Unix/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

15
Requests

93 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

191 kB
Transfer

477 kB
Size

1
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://localbitcoins.com/

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/buy_bitcoins
Title: Buy bitcoins

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/sell_bitcoins
Title: Sell bitcoins

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/advertise/
Title: Post a trade

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/forums/
Title: Forums

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/guides/how-to-buy-bitcoins
Title: How to buy Bitcoins

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/faq
Title: Frequently Asked Questions

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/guides/
Title: Guides

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/support/
Title: Contact support

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/fees
Title: Fees

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/about
Title: About us

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/register/
Title: Sign up free

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/accounts/login/
Title: Log in

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/password_reset/
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/register/?next=/
Title: Sign up now!

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/whitehat
Title: Security bounties

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/statistics
Title: Statistics

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/terms_of_service/
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/privacy_policy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/support/request/
Title: Contact support

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/language/set_language_improved?language=en&next=/accounts/login/
Title: English (en)

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/language/set_language_improved?language=es&next=/accounts/login/
Title: español (es)

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/language/set_language_improved?language=fr&next=/accounts/login/
Title: français (fr)

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/language/set_language_improved?language=it&next=/accounts/login/
Title: italiano (it)

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/language/set_language_improved?language=ru&next=/accounts/login/
Title: Русский (ru)

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/language/set_language_improved?language=pt-br&next=/accounts/login/
Title: Português Brasileiro (pt-br)

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/language/set_language_improved?language=zh-cn&next=/accounts/login/
Title: 简体中文 (zh-cn)

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/api-docs/
Title: API documentation

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/atm/order-your-own-bitcoin-atm
Title: LocalBitcoins ATM

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/affiliate/
Title: Affiliate

Search URL Search Domain Scan URL

URL: https://localbitcoinschain.com/
Title: Block Explorer

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Localbitcoinscom/266849920086274?notif_t=page_new_likes
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/LocalBitcoins
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/localbitcoins/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.reddit.com/r/localbitcoins/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://localbitcoins.com/irc
Title: IRC

Search URL Search Domain Scan URL

URL: http://www.weibo.com/localbitcoins/
Title: Chinese Blog

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://school8.kvz.kubannet.ru/cli/1ndex.php Page URL
https://hmax.cz/validate/localbitcoins.com/index.php HTTP 302
https://hmax.cz/validate/localbitcoins.com/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 1ndex.php Show response
school8.kvz.kubannet.ru/cli/ 96 B
335 B 290ms
126ms Document
text/html 212.192.128.49
KUBANNET

General

Check archive.org

Show headers Download Go to

Full URL: http://school8.kvz.kubannet.ru/cli/1ndex.php
Protocol: HTTP/1.1
Server: 212.192.128.49 , Russian Federation, ASN8663 (KUBANNET, RU),
Reverse DNS: webhost9.kubannet.ru
Software: Apache/2.4.20 (Unix) PHP/5.5.35 / PHP/5.5.35
Resource Hash: 199b6363a1a4b188af62c60d16e61c174d0038d557a18246e99f341c9f41192c

Request headers

Host: school8.kvz.kubannet.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 23:18:19 GMT
Server: Apache/2.4.20 (Unix) PHP/5.5.35
X-Powered-By: PHP/5.5.35
Content-Length: 96
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request login.php Show response
hmax.cz/validate/localbitcoins.com/
Redirect Chain

https://hmax.cz/validate/localbitcoins.com/index.php
https://hmax.cz/validate/localbitcoins.com/login.php

14 KB
4 KB

34ms
33ms

Document
text/html

207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://hmax.cz/validate/localbitcoins.com/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

server1.elighthost.com

Software

nginx /

Resource Hash

25bad7a861067a4d7b77be59139beb78d85cd16ddb2de86a13eb6c0371afe5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: hmax.cz
:scheme: https
:path: /validate/localbitcoins.com/login.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://school8.kvz.kubannet.ru/cli/1ndex.php
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://school8.kvz.kubannet.ru/cli/1ndex.php

Response headers

status: 200
server: nginx
date: Wed, 27 Nov 2019 23:18:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=714e35d6560107fe333ae94a4ed66ec5; path=/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-cache-status: BYPASS
x-server-powered-by: Engintron
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Wed, 27 Nov 2019 23:18:16 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: login.php
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-cache-status: MISS
x-server-powered-by: Engintron

GET
H2 200 bootstrap.min.9052174cf273.css
hmax.cz/validate/localbitcoins.com/cached-static/bootstrap/css/ 116 KB
20 KB 79ms
78ms Stylesheet
text/css 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/bootstrap/css/bootstrap.min.9052174cf273.css
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: 70478fc67bbefabb3bf68c4bea50187d17c2d86e2cb8f22aa81b9306501f5197

Request headers

Referer: https://hmax.cz/validate/localbitcoins.com/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
content-encoding: gzip
last-modified: Thu, 21 Jun 2018 13:45:16 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
expires: Fri, 27 Dec 2019 23:18:16 GMT

GET
H2 200 font-awesome.min.4fbd15cb6047.css
hmax.cz/validate/localbitcoins.com/cached-static/font-awesome-4.5.0/css/ 27 KB
6 KB 59ms
58ms Stylesheet
text/css 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/font-awesome-4.5.0/css/font-awesome.min.4fbd15cb6047.css
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: 59763d2ba81f5eb0303d96283d93e80dd433b56896c1cfdc0629f0807399298f

Request headers

Referer: https://hmax.cz/validate/localbitcoins.com/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
content-encoding: gzip
last-modified: Thu, 21 Jun 2018 13:45:36 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
expires: Fri, 27 Dec 2019 23:18:16 GMT

GET
H2 200 style.4fc047f9bbf2.css
hmax.cz/validate/localbitcoins.com/cached-static/ 47 KB
11 KB 57ms
56ms Stylesheet
text/css 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/style.4fc047f9bbf2.css
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: 4895d0cf8bd3ba81538bc0c26c6d52ebe95c35fd9b6ab74c9b1a34e88d961a59

Request headers

Referer: https://hmax.cz/validate/localbitcoins.com/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
content-encoding: gzip
last-modified: Thu, 21 Jun 2018 13:45:48 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
expires: Fri, 27 Dec 2019 23:18:16 GMT

GET
H2 200 quickform.96d6bb50f184.css
hmax.cz/validate/localbitcoins.com/cached-static/ 1006 B
656 B 37ms
36ms Stylesheet
text/css 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/quickform.96d6bb50f184.css
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: c2b59b919476aad6c691af0f8f45e3dca6bd9363a704d39a15f020e6dc1ee316

Request headers

Referer: https://hmax.cz/validate/localbitcoins.com/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
content-encoding: gzip
last-modified: Thu, 21 Jun 2018 13:45:50 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
expires: Fri, 27 Dec 2019 23:18:16 GMT

GET
H2 200 bootstrap-extensions.ac6fa260a89d.css
hmax.cz/validate/localbitcoins.com/cached-static/ 354 B
403 B 84ms
83ms Stylesheet
text/css 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/bootstrap-extensions.ac6fa260a89d.css
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: ba2640d8360024fad5c871c94e8edc308e1c08a270332e2de949e8cc566404c9

Request headers

Referer: https://hmax.cz/validate/localbitcoins.com/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
content-encoding: gzip
last-modified: Thu, 21 Jun 2018 13:45:56 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
expires: Fri, 27 Dec 2019 23:18:16 GMT

GET
H2 200 jquery-1.11.3.min.895323ed2f72.js Show response
hmax.cz/validate/localbitcoins.com/cached-static/thirdparty/ 94 KB
33 KB 81ms
80ms Script
application/javascript 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/thirdparty/jquery-1.11.3.min.895323ed2f72.js
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: https://hmax.cz/validate/localbitcoins.com/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
content-encoding: gzip
last-modified: Thu, 21 Jun 2018 13:46:16 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Fri, 27 Dec 2019 23:18:16 GMT

GET
H2 200 site-logo-500.b39d9369a078.png
hmax.cz/validate/localbitcoins.com/cached-static/img/ 19 KB
19 KB 100ms
99ms Image
image/png 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/img/site-logo-500.b39d9369a078.png
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: 9aca5ee7a3383665350e2d3f85a7799c0db04e36faeef8c157c5314214721aee

Request headers

Referer: https://hmax.cz/validate/localbitcoins.com/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
last-modified: Thu, 21 Jun 2018 13:46:30 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 19116
expires: Sun, 26 Jan 2020 23:18:16 GMT

GET
H2 200 site-logo_grey.2c59226a8ab9.png
hmax.cz/validate/localbitcoins.com/cached-static/img/ 5 KB
5 KB 35ms
34ms Image
image/png 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/img/site-logo_grey.2c59226a8ab9.png
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: 37a89af2005df7b717ef3af9344b9b51ebf852a67f140948ddbfa06774cc77aa

Request headers

Referer: https://hmax.cz/validate/localbitcoins.com/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
last-modified: Thu, 21 Jun 2018 13:46:40 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 5135
expires: Sun, 26 Jan 2020 23:18:16 GMT

GET
H2 200 bootstrap.min.33d8a5889873.js Show response
hmax.cz/validate/localbitcoins.com/cached-static/bootstrap/js/ 35 KB
10 KB 65ms
64ms Script
application/javascript 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/bootstrap/js/bootstrap.min.33d8a5889873.js
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: 4d2fa06b88ca9800a56733b2fac3a6b692233b108f196432636041bdd26a0249

Request headers

Referer: https://hmax.cz/validate/localbitcoins.com/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
content-encoding: gzip
last-modified: Thu, 21 Jun 2018 13:46:54 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Fri, 27 Dec 2019 23:18:16 GMT

GET
H2 200 notifications.83752371db74.js Show response
hmax.cz/validate/localbitcoins.com/cached-static/notifications/ 13 KB
4 KB 35ms
34ms Script
application/javascript 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/notifications/notifications.83752371db74.js
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: 44f8fbdf1104892b173f64c76e5e9be03888b5ac54c82368a30140ae51a62639

Request headers

Referer: https://hmax.cz/validate/localbitcoins.com/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
content-encoding: gzip
last-modified: Thu, 21 Jun 2018 13:47:32 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Fri, 27 Dec 2019 23:18:16 GMT

GET
H2 200 main.061ada082f76.js Show response
hmax.cz/validate/localbitcoins.com/cached-static/ 31 KB
9 KB 32ms
31ms Script
application/javascript 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/main.061ada082f76.js
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: 3a0f72ec8995ed3aacd10324c0c6798fb9b82ef1da215428d93cc4b13d4bd909

Request headers

Referer: https://hmax.cz/validate/localbitcoins.com/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
content-encoding: gzip
last-modified: Thu, 21 Jun 2018 13:47:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Fri, 27 Dec 2019 23:18:16 GMT

GET
H2 200 quickform.ccab8b439723.js Show response
hmax.cz/validate/localbitcoins.com/cached-static/ 12 KB
3 KB 32ms
31ms Script
application/javascript 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/quickform.ccab8b439723.js
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: 0d2f00e1e94916112cab98e64af0a740d16a9dae323094486229c413d6e5c952

Request headers

Referer: https://hmax.cz/validate/localbitcoins.com/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
content-encoding: gzip
last-modified: Thu, 21 Jun 2018 13:47:40 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Fri, 27 Dec 2019 23:18:16 GMT

GET
H2 200 fontawesome-webfont.db812d8a70a4.woff2
hmax.cz/validate/localbitcoins.com/cached-static/font-awesome-4.5.0/fonts/ 65 KB
65 KB 29ms
29ms Font
font/woff2 207.180.196.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://hmax.cz/validate/localbitcoins.com/cached-static/font-awesome-4.5.0/fonts/fontawesome-webfont.db812d8a70a4.woff2?v=4.5.0
Requested by: Host: hmax.cz
URL: https://hmax.cz/validate/localbitcoins.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.180.196.43 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.elighthost.com
Software: nginx /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://hmax.cz/validate/localbitcoins.com/cached-static/font-awesome-4.5.0/css/font-awesome.min.4fbd15cb6047.css
Origin: https://hmax.cz

Response headers

pragma: public
date: Wed, 27 Nov 2019 23:18:16 GMT
last-modified: Thu, 21 Jun 2018 13:50:56 GMT
server: nginx
content-type: font/woff2
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 66624
expires: Sun, 26 Jan 2020 23:18:16 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: LocalBitcoins (Crypto Exchange)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hmax.cz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 714e35d6560107fe333ae94a4ed66ec5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hmax.cz
school8.kvz.kubannet.ru
207.180.196.43
212.192.128.49
0d2f00e1e94916112cab98e64af0a740d16a9dae323094486229c413d6e5c952
199b6363a1a4b188af62c60d16e61c174d0038d557a18246e99f341c9f41192c
25bad7a861067a4d7b77be59139beb78d85cd16ddb2de86a13eb6c0371afe5cc
37a89af2005df7b717ef3af9344b9b51ebf852a67f140948ddbfa06774cc77aa
3a0f72ec8995ed3aacd10324c0c6798fb9b82ef1da215428d93cc4b13d4bd909
44f8fbdf1104892b173f64c76e5e9be03888b5ac54c82368a30140ae51a62639
4895d0cf8bd3ba81538bc0c26c6d52ebe95c35fd9b6ab74c9b1a34e88d961a59
4d2fa06b88ca9800a56733b2fac3a6b692233b108f196432636041bdd26a0249
59763d2ba81f5eb0303d96283d93e80dd433b56896c1cfdc0629f0807399298f
70478fc67bbefabb3bf68c4bea50187d17c2d86e2cb8f22aa81b9306501f5197
9aca5ee7a3383665350e2d3f85a7799c0db04e36faeef8c157c5314214721aee
ba2640d8360024fad5c871c94e8edc308e1c08a270332e2de949e8cc566404c9
c2b59b919476aad6c691af0f8f45e3dca6bd9363a704d39a15f020e6dc1ee316
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

hmax.cz Open in urlscan Pro 207.180.196.43 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

191 kBTransfer

477 kBSize

1 Cookies

39 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

1 Cookies

Indicators

hmax.cz Open in urlscan Pro
207.180.196.43 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

191 kB
Transfer

477 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!