posmank.tk Open in urlscan Pro
45.153.184.169 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://um.lk/dev
Effective URL:
https://posmank.tk/knab/
Submission: On November 20 via manual (November 20th 2019, 9:41:06 am UTC) from NL

Summary HTTP 28 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 5 IPs in 5 countries across 9 domains to perform 28 HTTP transactions. The main IP is 45.153.184.169, located in Bulgaria and belongs to MVPS https://www.mvps.net, EU. The main domain is posmank.tk.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 17th 2019. Valid for: 3 months.

This is the only time posmank.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Knab (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::6818:72f9	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	2600:9000:20e... 2600:9000:20eb:e400:15:f434:4640:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
23	45.153.184.169 45.153.184.169	202448 (MVPS http...) (MVPS https://www.mvps.net)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	212.113.82.189 212.113.82.189	9166 (CEGEKA-HA...) (CEGEKA-HASSELT)
28	5

1 2606:4700:30::6818:72f9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

um.lk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e400:15:f434:4640:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

bernjonnas.shortcm.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 45.153.184.169 (Bulgaria)

ASN202448 (MVPS https://www.mvps.net, EU)
PTR: no-reverse-yet.local

posmank.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.113.82.189 (Ascension Island)

ASN9166 (CEGEKA-HASSELT, BE)

eum.knab.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	posmank.tk posmank.tk	732 KB
2	knab.nl eum.knab.nl	16 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	185 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	160 B
1	googletagmanager.com www.googletagmanager.com	25 KB
1	shortcm.li 1 redirects bernjonnas.shortcm.li	297 B
1	um.lk 1 redirects um.lk	362 B
28	9

	Domain	Requested by
23	posmank.tk	posmank.tk
2	eum.knab.nl	posmank.tk eum.knab.nl
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	www.google.de	posmank.tk
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	posmank.tk
1	bernjonnas.shortcm.li	1 redirects
1	um.lk	1 redirects
28	9

This site contains links to these domains. Also see Links.

Domain
www.knab.nl
crowdfunding.knab.nl
play.google.com
itunes.apple.com
persoonlijk.knab.nl
knab.nl

Subject Issuer	Validity	Valid
posmank.tk Let's Encrypt Authority X3	`2019-11-17` - `2020-02-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
eum.knab.nl GlobalSign Domain Validation CA - SHA256 - G2	`2019-03-05` - `2020-03-31`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://posmank.tk/knab/
Frame ID: 898F90B167E7318ED20996EEC028BB3A
Requests: 22 HTTP requests in this frame

Frame: https://posmank.tk/knab/bestanden/frame.htm
Frame ID: 0AB2DDDF21D17CE5F79433F352FF7F9E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://um.lk/dev HTTP 302
https://bernjonnas.shortcm.li/OklxuM HTTP 302
https://posmank.tk/knab/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /angular.*\.js/i

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /require.*\.js/i

Page Statistics

28
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

5
IPs

5
Countries

791 kB
Transfer

2235 kB
Size

4
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.knab.nl/

Search URL Search Domain Scan URL

URL: https://crowdfunding.knab.nl/
Title: Crowdfunding

Search URL Search Domain Scan URL

URL: https://www.knab.nl/hypotheken/faq-beeindiging-hypotheken
Title: Hypotheken

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=bvm.bvmapp
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/nl/app/knab-app/id529493145?mt=8
Title:

Search URL Search Domain Scan URL

URL: https://persoonlijk.knab.nl/problemen-met-inloggen?s=0
Title: Gebruikersnaam vergeten?

Search URL Search Domain Scan URL

URL: https://persoonlijk.knab.nl/problemen-met-inloggen?s=1
Title: Wachtwoord vergeten?

Search URL Search Domain Scan URL

URL: https://www.knab.nl/pakketten
Title: Klant worden

Search URL Search Domain Scan URL

URL: https://knab.nl/veiligheid/online-inloggen
Title: hier

Search URL Search Domain Scan URL

URL: https://persoonlijk.knab.nl/
Title: https://persoonlijk.knab.nl

Search URL Search Domain Scan URL

URL: https://www.knab.nl/verzekeren
Title: https://www.knab.nl/verzekeren

Search URL Search Domain Scan URL

URL: https://www.knab.nl/veiligheid/phishing
Title: phishing

Search URL Search Domain Scan URL

URL: https://www.knab.nl/veiligheid
Title: Veiligheid

Search URL Search Domain Scan URL

URL: https://www.knab.nl/privacybeleid
Title: Privacybeleid

Search URL Search Domain Scan URL

URL: https://www.knab.nl/belangenbeleid
Title: Belangenbeleid

Search URL Search Domain Scan URL

URL: https://www.knab.nl/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://www.knab.nl/cookies
Title: Cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://um.lk/dev HTTP 302
https://bernjonnas.shortcm.li/OklxuM HTTP 302
https://posmank.tk/knab/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1488227606&t=pageview&_s=1&dl=https%3A%2F%2Fposmank.tk%2Fknab%2Fbestanden%2Fframe.htm&dp=%2Finloggen&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAUAB~&jid=1613518037&gjid=1838368937&cid=192053949.1574242850&tid=UA-30995594-5&_gid=1485365369.1574242850&_r=1&gtm=2wgav9TM75DJK&z=205122388 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30995594-5&cid=192053949.1574242850&jid=1613518037&_gid=1485365369.1574242850&gjid=1838368937&_v=j79&z=205122388 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30995594-5&cid=192053949.1574242850&jid=1613518037&_v=j79&z=205122388 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30995594-5&cid=192053949.1574242850&jid=1613518037&_v=j79&z=205122388&slf_rd=1&random=540308011

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
posmank.tk/knab/
Redirect Chain

http://um.lk/dev
https://bernjonnas.shortcm.li/OklxuM
https://posmank.tk/knab/

32 KB
8 KB

3369ms
23ms

Document
text/html

45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: ba942e11bd4abd1e8410f4cf7a7d8f3c503f610975481f47c15280892ec6d886

Request headers

Host: posmank.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Server: nginx
Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7676
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: PHPSESSID=gshldsp70na26cuulqmm9crb24; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

status: 302
content-type: text/html; charset=utf-8
content-length: 79
location: https://posmank.tk/knab/
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
date: Wed, 20 Nov 2019 09:40:46 GMT
x-cache: Miss from cloudfront
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: tY7oZ5RvT3hf8L1z4A9MsupzKGMyYVD_N0V7KMhuJXIuUev8K5DGvg==

GET
H/1.1 200
OK adrum-ext.js Show response
posmank.tk/knab/bestanden/ 47 KB
16 KB 27ms
25ms Script
application/javascript 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/adrum-ext.js
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 40541e8ed3b52bdbcb04285bf23b63c8591f42ada9eb734176c4d52b95f8833b

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Nov 2019 13:33:40 GMT
Server: nginx
ETag: W/"5dd29db4-bd14"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK adrum.js Show response
posmank.tk/knab/bestanden/ 44 KB
15 KB 76ms
41ms Script
application/javascript 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/adrum.js
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 143792fd8477dbd941d3aa8147a7915af6276fa62c3cb9dca22808bdc465c535

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Nov 2019 13:33:40 GMT
Server: nginx
ETag: W/"5dd29db4-af8d"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK plx.check.js Show response
posmank.tk/knab/bestanden/ 365 B
707 B 64ms
29ms Script
application/javascript 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/plx.check.js
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 5bda493f98caa6ea8a8038b7b323124e5f9fcddfbc44d45aae2118bb32bda441

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Last-Modified: Mon, 18 Nov 2019 13:33:44 GMT
Server: nginx
ETag: "5dd29db8-16d"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 365
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK styles-rem.css
posmank.tk/knab/bestanden/ 345 KB
55 KB 67ms
40ms Stylesheet
text/css 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/styles-rem.css
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 5869d9800fdf85c468c49647f7050f8504825f94cdd00ff4114703f83bdacef9

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Nov 2019 13:33:45 GMT
Server: nginx
ETag: W/"5dd29db9-563ab"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK require.js Show response
posmank.tk/knab/bestanden/ 16 KB
7 KB 64ms
29ms Script
application/javascript 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/require.js
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 7313d82b5a9200d170d5ee84370dbac3ddbb1d9ecf06ac52d3c3c73da4c2c7e6

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Nov 2019 13:33:44 GMT
Server: nginx
ETag: W/"5dd29db8-4155"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK requireconfig.js Show response
posmank.tk/knab/bestanden/ 1 MB
391 KB 67ms
60ms Script
application/javascript 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/requireconfig.js
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 0df4d0b066edb87c81cbb486e46c323d00d7b6b05032790e004c06582bad1ff5

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Nov 2019 13:33:46 GMT
Server: nginx
ETag: W/"5dd29dba-13b884"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK angular-locale_nl.js Show response
posmank.tk/knab/bestanden/ 3 KB
1 KB 85ms
83ms Script
application/javascript 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/angular-locale_nl.js
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 48c5781ab64a0e938c97dec01089992b3dffba5b6f8ddb49fc115a65377aefa3

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Nov 2019 13:33:41 GMT
Server: nginx
ETag: W/"5dd29db5-ab4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main_002.js Show response
posmank.tk/knab/bestanden/ 859 B
773 B 65ms
64ms Script
application/javascript 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/main_002.js
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: f304f39835db5c92b379d4cc69bb9f05e27c548d783a90b093ece6567e9f8f56

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Nov 2019 13:33:43 GMT
Server: nginx
ETag: W/"5dd29db7-35b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.js Show response
posmank.tk/knab/bestanden/ 9 KB
3 KB 66ms
65ms Script
application/javascript 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/main.js
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 9c9759bb69db429853815b641b7243e05a8ee724526d54810888fe5a7e418674

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Nov 2019 13:33:43 GMT
Server: nginx
ETag: W/"5dd29db7-24f3"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logon-qr.js Show response
posmank.tk/knab/bestanden/ 923 B
718 B 66ms
65ms Script
application/javascript 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/logon-qr.js
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 0c7b78e9f2fd983d978fff4450143136913bbbfecd3e1b2591d97ec87e4d191b

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Nov 2019 13:33:43 GMT
Server: nginx
ETag: W/"5dd29db7-39b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK cardreader_login_new.png
posmank.tk/knab/bestanden/ 33 KB
33 KB 115ms
30ms Image
image/png 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posmank.tk/knab/bestanden/cardreader_login_new.png
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 5f22536b6914480a46b07a9b3bc0bf8894f2d53dc2f7686de2c0bfade33f85b1

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Last-Modified: Mon, 18 Nov 2019 13:33:41 GMT
Server: nginx
ETag: "5dd29db5-835e"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 33630
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK blob-login-2.svg
posmank.tk/knab/bestanden/ 1 KB
1 KB 17ms
16ms Image
image/svg+xml 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posmank.tk/knab/bestanden/blob-login-2.svg
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 5928c97026def18dc5daf9a9543788354c8c13ef4fc9c18adb9d8625cb1dba5d

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Nov 2019 13:33:41 GMT
Server: nginx
ETag: W/"5dd29db5-54a"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK frame.htm Show response
posmank.tk/knab/bestanden/ Frame 0AB2 2 KB
1 KB 83ms
17ms Document
text/html 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/frame.htm
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 27720a263808fcf09f7abb2fafe4d05340199c33ef390a6df92c53bfe15e41d5

Request headers

Host: posmank.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: nested-navigate
Referer: https://posmank.tk/knab/
Accept-Encoding: gzip, deflate, br
Cookie: PHPSESSID=gshldsp70na26cuulqmm9crb24
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://posmank.tk/knab/

Response headers

Server: nginx
Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Type: text/html
Last-Modified: Mon, 18 Nov 2019 13:33:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"5dd29db5-7c5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

GET
H/1.1 404
Not Found loader.gif
posmank.tk/knab/bestanden/ 1 KB
1 KB 20ms
19ms Image
text/html 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posmank.tk/knab/bestanden/loader.gif
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 9d418fcb2239a92e192051b2df41c79a443070ac3cc50152584f6cb2f691c9d1

Request headers

Referer: https://posmank.tk/knab/bestanden/styles-rem.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Nov 2019 21:45:22 GMT
Server: nginx
ETag: W/"57d-59791bf854342"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60

GET
H/1.1 200
OK intro_bold.woff2
posmank.tk/knab/bestanden/ 20 KB
20 KB 72ms
28ms Font
application/octet-stream 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/intro_bold.woff2
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 27f71debda1c93697ba870a3c534f3c35cd19b7be19ff87d212b0a95fad740b2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://posmank.tk/knab/bestanden/styles-rem.css
Origin: https://posmank.tk

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Last-Modified: Mon, 18 Nov 2019 13:33:42 GMT
Server: nginx
ETag: "4fb8-5979eff040949"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 20408

GET
H/1.1 200
OK photos-loginscreen_05_2.png
posmank.tk/knab/bestanden/ 36 KB
37 KB 43ms
17ms Image
image/png 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posmank.tk/knab/bestanden/photos-loginscreen_05_2.png
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: d8fdc34c97e5bc4bca88fc56f60a770119a523dba93b527de4ce660b71a9218d

Request headers

Referer: https://posmank.tk/knab/bestanden/styles-rem.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Last-Modified: Mon, 18 Nov 2019 13:33:43 GMT
Server: nginx
ETag: "5dd29db7-91a4"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 37284
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK pt_sans-web-regular-webfont.woff2
posmank.tk/knab/bestanden/ 24 KB
24 KB 68ms
24ms Font
application/octet-stream 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/pt_sans-web-regular-webfont.woff2
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 969df28933cad5c85b94bc2014bfb4228a5e4f6dc46394a179b7f2978a124de7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://posmank.tk/knab/bestanden/styles-rem.css
Origin: https://posmank.tk

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Last-Modified: Mon, 18 Nov 2019 13:33:44 GMT
Server: nginx
ETag: "5f60-5979eff20b915"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 24416

GET
H/1.1 200
OK Knab-Icon-Font.ttf
posmank.tk/knab/bestanden/ 47 KB
48 KB 65ms
21ms Font
application/octet-stream 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/Knab-Icon-Font.ttf?afekzh
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 0e3f6c05e2edb7230294f77acdca9952b5423417f861c5f17bed8de462840171

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://posmank.tk/knab/bestanden/styles-rem.css
Origin: https://posmank.tk

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Last-Modified: Mon, 18 Nov 2019 13:33:43 GMT
Server: nginx
ETag: "5dd29db7-bcc8"
Content-Type: application/octet-stream
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 48328
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK pt_sans-web-bold-webfont.woff2
posmank.tk/knab/bestanden/ 24 KB
25 KB 79ms
36ms Font
application/octet-stream 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/pt_sans-web-bold-webfont.woff2
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 4475aa0cb79a663b402f491a265fa958a4746e40289ac536e79d136ffd94a7b3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://posmank.tk/knab/bestanden/styles-rem.css
Origin: https://posmank.tk

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Last-Modified: Mon, 18 Nov 2019 13:33:44 GMT
Server: nginx
ETag: "6170-5979eff1f4214"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 24944

GET
H/1.1 404
Not Found requireconfig.js
posmank.tk/Personal/Scripts/br/ 0
0 19ms
19ms Script
text/html 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/Personal/Scripts/br/requireconfig.js?v=0.1.0.551
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/bestanden/require.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Nov 2019 21:45:22 GMT
Server: nginx
ETag: W/"57d-59791bf854342"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60

GET
H/1.1 200
OK analytics.js Show response
posmank.tk/knab/bestanden/frame_data/ Frame 0AB2 43 KB
18 KB 23ms
23ms Script
application/javascript 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/frame_data/analytics.js
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/bestanden/frame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Request headers

Referer: https://posmank.tk/knab/bestanden/frame.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Nov 2019 13:33:47 GMT
Server: nginx
ETag: W/"5dd29dbb-adb6"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK gtm.js Show response
posmank.tk/knab/bestanden/frame_data/ Frame 0AB2 75 KB
26 KB 27ms
26ms Script
application/javascript 45.153.184.169
MVPS https://www....

General

Check archive.org

Show headers Download Go to

Full URL: https://posmank.tk/knab/bestanden/frame_data/gtm.js
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/bestanden/frame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.153.184.169 , Bulgaria, ASN202448 (MVPS https://www.mvps.net, EU),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: fd4a6a71d1bbe92117058c6151ed70d0bc15ca7e621e4a9db9d444fcc4b8340c

Request headers

Referer: https://posmank.tk/knab/bestanden/frame.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Nov 2019 13:33:47 GMT
Server: nginx
ETag: W/"5dd29dbb-12aa4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 0AB2 76 KB
25 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TM75DJK

Requested by

Host: posmank.tk
URL: https://posmank.tk/knab/bestanden/frame.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ca2315d0359e71588ae233c1db7de24777a818e6e44b2efbbed93d49c91429a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://posmank.tk/knab/bestanden/frame.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 09:40:49 GMT
content-encoding: br
last-modified: Wed, 20 Nov 2019 09:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 25826
x-xss-protection: 0
expires: Wed, 20 Nov 2019 09:40:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 0AB2 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TM75DJK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posmank.tk/knab/bestanden/frame.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4032
date: Wed, 20 Nov 2019 08:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 20 Nov 2019 10:33:37 GMT

GET
H2

200

ga-audiences
www.google.de/ads/ Frame 0AB2
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1488227606&t=pageview&_s=1&dl=https%3A%2F%2Fposmank.tk%2Fknab%2Fbestanden%2Fframe.htm&dp=%2Finloggen&ul=en-us&de=UTF-8&sd=24-bit&sr=160...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30995594-5&cid=192053949.1574242850&jid=1613518037&_gid=1485365369.1574242850&gjid=1838368937&_v=j79&z=205122388
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30995594-5&cid=192053949.1574242850&jid=1613518037&_v=j79&z=205122388
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30995594-5&cid=192053949.1574242850&jid=1613518037&_v=j79&z=205122388&slf_rd=1&random=540308011

42 B
109 B

28ms
28ms

Image
image/gif

2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30995594-5&cid=192053949.1574242850&jid=1613518037&_v=j79&z=205122388&slf_rd=1&random=540308011

Requested by

Host: posmank.tk
URL: https://posmank.tk/knab/bestanden/frame.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posmank.tk/knab/bestanden/frame.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Nov 2019 09:40:49 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Nov 2019 09:40:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30995594-5&cid=192053949.1574242850&jid=1613518037&_v=j79&z=205122388&slf_rd=1&random=540308011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adrum-ext.e2cb5463010d357205cea2144c54cf70.js Show response
eum.knab.nl/ 47 KB
16 KB 139ms
62ms Script
application/javascript 212.113.82.189
CEGEKA-HASSELT

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.knab.nl/adrum-ext.e2cb5463010d357205cea2144c54cf70.js
Requested by: Host: posmank.tk
URL: https://posmank.tk/knab/bestanden/adrum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.113.82.189 , Ascension Island, ASN9166 (CEGEKA-HASSELT, BE),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 40541e8ed3b52bdbcb04285bf23b63c8591f42ada9eb734176c4d52b95f8833b

Request headers

Referer: https://posmank.tk/knab/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 09:40:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Dec 2017 13:26:46 GMT
Server: Microsoft-IIS/8.5
ETag: "02f4b18372d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 16070

POST
H/1.1 200
OK adrum Show response
eum.knab.nl/eumcollector/beacons/browser/v1/EUM-AAB-AUY/ 0
331 B 111ms
43ms XHR
text/html 212.113.82.189
CEGEKA-HASSELT

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.knab.nl/eumcollector/beacons/browser/v1/EUM-AAB-AUY/adrum
Requested by: Host: eum.knab.nl
URL: https://eum.knab.nl/adrum-ext.e2cb5463010d357205cea2144c54cf70.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.113.82.189 , Ascension Island, ASN9166 (CEGEKA-HASSELT, BE),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posmank.tk/knab/
Origin: https://posmank.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Nov 2019 09:40:50 GMT
X-Powered-By: ARR/3.0
Vary: *
Content-Type: text/html
Access-Control-Allow-Origin: *
AppD-Request-Id: 258d76c02b7acd66
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Content-Length: 0
Expires: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Knab (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.posmank.tk/	1970-01-19 05:17:22	Name: _gat_UA-30995594-5 Value: 1
.posmank.tk/	1970-01-19 22:48:34	Name: _ga Value: GA1.2.192053949.1574242850
.posmank.tk/	1970-01-19 05:18:49	Name: _gid Value: GA1.2.1485365369.1574242850
posmank.tk/	1969-12-31 23:59:59	Name: PHPSESSID Value: gshldsp70na26cuulqmm9crb24

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bernjonnas.shortcm.li
eum.knab.nl
posmank.tk
stats.g.doubleclick.net
um.lk
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
212.113.82.189
2600:9000:20eb:e400:15:f434:4640:93a1
2606:4700:30::6818:72f9
2a00:1450:4001:800::2003
2a00:1450:4001:808::200e
2a00:1450:4001:817::2004
2a00:1450:4001:821::2008
2a00:1450:400c:c00::9d
45.153.184.169
0c7b78e9f2fd983d978fff4450143136913bbbfecd3e1b2591d97ec87e4d191b
0df4d0b066edb87c81cbb486e46c323d00d7b6b05032790e004c06582bad1ff5
0e3f6c05e2edb7230294f77acdca9952b5423417f861c5f17bed8de462840171
143792fd8477dbd941d3aa8147a7915af6276fa62c3cb9dca22808bdc465c535
27720a263808fcf09f7abb2fafe4d05340199c33ef390a6df92c53bfe15e41d5
27f71debda1c93697ba870a3c534f3c35cd19b7be19ff87d212b0a95fad740b2
40541e8ed3b52bdbcb04285bf23b63c8591f42ada9eb734176c4d52b95f8833b
4475aa0cb79a663b402f491a265fa958a4746e40289ac536e79d136ffd94a7b3
48c5781ab64a0e938c97dec01089992b3dffba5b6f8ddb49fc115a65377aefa3
5869d9800fdf85c468c49647f7050f8504825f94cdd00ff4114703f83bdacef9
5928c97026def18dc5daf9a9543788354c8c13ef4fc9c18adb9d8625cb1dba5d
5bda493f98caa6ea8a8038b7b323124e5f9fcddfbc44d45aae2118bb32bda441
5f22536b6914480a46b07a9b3bc0bf8894f2d53dc2f7686de2c0bfade33f85b1
7313d82b5a9200d170d5ee84370dbac3ddbb1d9ecf06ac52d3c3c73da4c2c7e6
7ca2315d0359e71588ae233c1db7de24777a818e6e44b2efbbed93d49c91429a
969df28933cad5c85b94bc2014bfb4228a5e4f6dc46394a179b7f2978a124de7
9c9759bb69db429853815b641b7243e05a8ee724526d54810888fe5a7e418674
9d418fcb2239a92e192051b2df41c79a443070ac3cc50152584f6cb2f691c9d1
ba942e11bd4abd1e8410f4cf7a7d8f3c503f610975481f47c15280892ec6d886
d8fdc34c97e5bc4bca88fc56f60a770119a523dba93b527de4ce660b71a9218d
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f304f39835db5c92b379d4cc69bb9f05e27c548d783a90b093ece6567e9f8f56
fd4a6a71d1bbe92117058c6151ed70d0bc15ca7e621e4a9db9d444fcc4b8340c

posmank.tk Open in urlscan Pro 45.153.184.169 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

78 %IPv6

9 Domains

9 Subdomains

5 IPs

5 Countries

791 kBTransfer

2235 kBSize

4 Cookies

17 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

posmank.tk Open in urlscan Pro
45.153.184.169 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

5
IPs

5
Countries

791 kB
Transfer

2235 kB
Size

4
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!