urlscan.io logo urlscan.io
SecurityTrails logo

servpols.com Open in urlscan Pro
188.114.97.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sweedbuy.com/9877680689894321/6430858216/mwhuhwqauvlc
Effective URL: http://servpols.com/postfach/?20230920055542
Submission: On September 20 via manual from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 29 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is servpols.com.
This is the only time servpols.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: targobank (Banking)

Domain & IP information

IP Address AS Autonomous System
2 2 188.114.96.3 13335 (CLOUDFLAR...)
1 1 45.79.163.249 63949 (AKAMAI-LI...)
1 18 188.114.97.3 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 142.250.185.138 15169 (GOOGLE)
2 142.250.185.195 15169 (GOOGLE)
1 104.26.0.100 13335 (CLOUDFLAR...)
4 145.226.174.154 8255 (EURO-INFO...)
2 145.226.174.149 8255 (EURO-INFO...)
29 7
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
sweedbuy.com
servpols.com
1    45.79.163.249 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: rs9-nyc.serverhostgroup.com
sinapicorporate.com
18    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
servpols.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
ajax.googleapis.com
2    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
www.gstatic.com
1    104.26.0.100 (None, )

ASN13335 (CLOUDFLARENET, US)
get.geojs.io
4    145.226.174.154 (France)

ASN8255 (EURO-INFORMATION, FR)
cdnii.e-i.com
2    145.226.174.149 (France)

ASN8255 (EURO-INFORMATION, FR)
PTR: targobank.de
www.targobank.de
Apex Domain
Subdomains		 Transfer
19 servpols.com
servpols.com
397 KB
4 e-i.com
cdnii.e-i.com — Cisco Umbrella Rank: 768387
203 KB
2 targobank.de
www.targobank.de — Cisco Umbrella Rank: 818449
2 KB
2 gstatic.com
www.gstatic.com
18 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
121 KB
1 geojs.io
get.geojs.io — Cisco Umbrella Rank: 18575
683 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 720
83 KB
1 sinapicorporate.com
sinapicorporate.com
269 B
1 sweedbuy.com
sweedbuy.com
450 B
29 9
Domain Requested by
19 servpols.com 2 redirects servpols.com
4 cdnii.e-i.com servpols.com
2 www.targobank.de servpols.com
2 www.gstatic.com servpols.com
2 cdnjs.cloudflare.com servpols.com
1 get.geojs.io servpols.com
1 ajax.googleapis.com servpols.com
1 sinapicorporate.com 1 redirects
1 sweedbuy.com 1 redirects
29 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.e-i.com
GlobalSign RSA OV SSL CA 2018		 2023-06-26 -
2024-07-27		 a year crt.sh
*.targobank.de
GlobalSign RSA OV SSL CA 2018		 2023-05-11 -
2024-06-11		 a year crt.sh

This page contains 2 frames:

Primary Page: http://servpols.com/postfach/?20230920055542
Frame ID: 56E5D6AE3FC802A5CAC273C3CEEC75C2
Requests: 27 HTTP requests in this frame

Frame: http://servpols.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Frame ID: FFC478F568666A261B715A78EBF1231F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://sweedbuy.com/9877680689894321/6430858216/mwhuhwqauvlc HTTP 302
    https://sinapicorporate.com/20230920115543/DS20230920115543 HTTP 302
    https://servpols.com/postfach?20230920055542 HTTP 301
    http://servpols.com/postfach/?20230920055542 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • uikit.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

41 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

824 kB
Transfer

2038 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sweedbuy.com/9877680689894321/6430858216/mwhuhwqauvlc HTTP 302
    https://sinapicorporate.com/20230920115543/DS20230920115543 HTTP 302
    https://servpols.com/postfach?20230920055542 HTTP 301
    http://servpols.com/postfach/?20230920055542 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • http://servpols.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • http://servpols.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
servpols.com/postfach/
Redirect Chain
  • https://sweedbuy.com/9877680689894321/6430858216/mwhuhwqauvlc
  • https://sinapicorporate.com/20230920115543/DS20230920115543
  • https://servpols.com/postfach?20230920055542
  • http://servpols.com/postfach/?20230920055542
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb050cd781c5589bddee0e0ccea2ff40145dc051fa03bcafde3a217116d06ce7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
809931ceee643647-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 20 Sep 2023 09:55:45 GMT
Last-Modified
Fri, 08 Sep 2023 08:21:49 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6si3GtANgikV0j6iK31mBl6PPcfPc73BEvBJtJxW7gZcKWZba6t6fvUFJegR0H9BD0O4Y9SVAAdjmcuuxnWlx%2FCWDM9ib2IwBlRvC7fA7QO%2BJpXbayPwDP7sqwsb7hM%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
809931cc6b014d6a-FRA
content-type
text/html; charset=iso-8859-1
date
Wed, 20 Sep 2023 09:55:44 GMT
location
http://servpols.com/postfach/?20230920055542
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOE4fMMOBGRN1IqIlibVwVgRKjb4JTclkXZIBn9ZPJnyXqVVrd9Yym%2BxmpRgdPane9Q1sC0M02f1O58cahovdjiBO%2Fjt2Es1JhuYMRQ187KrD2CHz1FV5%2BPJHZn6w7Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ei_base.css
servpols.com/postfach/assets/css/ 		735 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://servpols.com/postfach/assets/css/ei_base.css
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af20c5f6b76f74ea13a004f5ccda1af7410d1e8fe18b4650c433fb36bc2d598b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 02 Jun 2023 11:54:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaCFDSjVC0iS4p6BtKnx%2BCTlBAiIvL4hgEeOZHfAgQ2ZmtDCr3d2S8qvi7jtPgsdPVSV778q0Prm%2FhuoVOtZgxSL%2BwghFBjOuiVdSgJz3G28vsIE7xK5Z%2FqdssrJ3Ro%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
809931cfcf7a3647-FRA
alt-svc
h3=":443"; ma=86400
ei_custom_identification.css
servpols.com/postfach/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://servpols.com/postfach/assets/css/ei_custom_identification.css
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1fd426e3ea36f51263e1f3156458d4170fd20ffcc85b5d1cf8736889665e17

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 02 Jun 2023 11:54:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCp3S%2Fxsuu6z7gDIBwVWpV4R61a%2BRMdPYaDKG9cT0yBI7fyIYS0HjwV0GyQSlzA%2BdXu%2BCZaxMTrO8mDho0B9M45jEQmRmp5IxMUgQgE%2BWDN3C4g%2BQ48bArSQh7ONr6c%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
809931d07a0592b1-FRA
alt-svc
h3=":443"; ma=86400
loginpage.css
servpols.com/postfach/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://servpols.com/postfach/assets/css/loginpage.css
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a91284ef94d09c5daa196df7c6fcc33baee63796915fe878b580a0e2aa3dda70

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 02 Jun 2023 11:54:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPjTfDcQe7EvnUKpDySNeHEYf6oS2Eg%2FwIBi5BElc0SflfmS%2FsrEne%2BHisfbgp1qT7FjhjmuHs8rZlmXMB8f02z%2BUAzVNm745qT221fBfTuQSFKqueqE1W3eLtHEWTI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
809931d088ba3647-FRA
alt-svc
h3=":443"; ma=86400
waiting.css
servpols.com/postfach/assets/css/ 		940 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://servpols.com/postfach/assets/css/waiting.css
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f60a75108028d760d57b08e5690dbfb6b404ba06e9ff668abc3f9cc99f6952e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 02 Jun 2023 11:54:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQNsm4rN5r%2BN%2FccjYYIgoKdwaxPF7yfWrNAUDTNqHNfAoaJE6Fid6klioTVGb%2FKvihZZiP7qshDre8k3RAIZ8u31GDQ6Aj67tcHuHuKeqK5eByBIlKWYnG6vb3hWCPE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
809931d11a7392b1-FRA
alt-svc
h3=":443"; ma=86400
uikit.js
cdnjs.cloudflare.com/ajax/libs/uikit/3.2.0/js/ 		334 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/uikit/3.2.0/js/uikit.js
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03b5861a76d3d1fd0e6075905645aa5fa1907591d90e2f08b1b0ffbbe1506957
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://servpols.com/
Origin
http://servpols.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 09:55:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
19738695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53583
last-modified
Mon, 04 May 2020 16:17:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04015-5372b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOuPcBQnnH70XjRE%2BgZtDjOVxbC4iQaV7NuV4uCx8lOWOPlkbnH4uZyRvk8ELk0bguOCJgpWExOkEfdzC2uIjkKHAWDBbYRdKCa2e2c6K5%2BU0VCbdSgXhRHC9wVYiuFJuUtKAMDc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809931d1dbb0382c-FRA
expires
Mon, 09 Sep 2024 09:55:45 GMT
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		274 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.js
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://servpols.com/
Origin
http://servpols.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 09:55:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7705353
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
69049
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-4472c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yilfpgstFlU9NW%2FH1NIl9CfdjYTL3bTVDT465mf4FMhFvK2OMn9Y74EmvryIEX9ESZTL5XnoLErWZvFuBbslw85GT%2FUkeuG%2FC1KxZLkfntiIoc532%2B35GUwA35mqFxKpu9elYtuz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809931d1dbb1382c-FRA
expires
Mon, 09 Sep 2024 09:55:45 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 02:16:23 GMT
x-content-type-options
nosniff
age
27562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Sep 2024 02:16:23 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.7.1/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.7.1/firebase-app.js
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
e376b4d5b71d75bf9e226e642dda173dec49b7c47d74a4ed38f0f7309152950e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:44:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6965
x-xss-protection
0
last-modified
Thu, 08 Jul 2021 20:23:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 05:44:40 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/8.7.1/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.7.1/firebase-analytics.js
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
d404e01916636d8c76f737079392a2da123cf83c60ad3da1fc6fe44241db4e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 13:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10768
x-xss-protection
0
last-modified
Thu, 08 Jul 2021 20:23:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Sep 2024 13:22:07 GMT
antiboot.js
servpols.com/postfach/assets/js/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://servpols.com/postfach/assets/js/antiboot.js
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faecc94423b6f1681ebd73286a0aa99e43cec755048d0b2fe6dd2e1d786dd5fb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 25 Aug 2023 18:13:31 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0wsv4P6qbfsb8BFPVtUc%2FNPkGTydBRndc53mhRFeyBwu5RFoArO8%2Fe2yMc%2FWKiNjVh7g%2BbEjx6lziggGcGflb%2Feit2RhdFPXWlUy5Dl55N8uYLjY0DLgLhicOBaTWQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
809931d129853647-FRA
alt-svc
h3=":443"; ma=86400
country.js
servpols.com/postfach/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://servpols.com/postfach/assets/js/country.js
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8269c15773d6f1d9dd269858f9745279aa778f4b595266ff18d14470e3048b3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 25 Aug 2023 18:14:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RE4C4%2B6D28CXhBhiGSe4r%2BhJuiH%2B1J0M2BJy1bbJwUOvOb%2FF3UN2MrWrtNPgKEjLwH9%2FUAK%2BXeXxvAdx13ok74vq%2B%2FRqPVsIzuLHadrRgN1ptQzQJCn1yv62kd%2BsQrk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
809931d1aafa92b1-FRA
alt-svc
h3=":443"; ma=86400
auth.js
servpols.com/postfach/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://servpols.com/postfach/assets/js/auth.js
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd06e05cb33c09a18fd5c171b34227047688a936099600ed197da59eb0514ff7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 25 Aug 2023 18:14:29 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMpM2ojcnrBS1RQIEw5ThhWU1ndtkJGitIRGrQk5GdtdjeEdKbHtzWiLoMfwYtqH%2Fbu9t7ACcpstIs%2FIif4%2BQ5YsDqqfYpfkdqUCQOpwOBB7wJUdkXdtShnariHw2Ks%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
809931d1aa783647-FRA
alt-svc
h3=":443"; ma=86400
jquery.waiting.js
servpols.com/postfach/assets/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://servpols.com/postfach/assets/js/jquery.waiting.js
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a86fc33ab36847f01b5b62e2139c4a7a9b1aea06969d19bfc7837f88a64af43

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 25 Aug 2023 18:15:10 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gwddyEzrasxv4jx9hzT2virYCQVxND6dTqZVzPTF%2BtbvGlbIeDdkUX0AaUsBM3HgvMPm9UQ2JUZXUX0M0okAMasNnz%2F9byAfOov578lTUWZ2OKZ7xvZTB%2BxJEhgeC0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
809931d1ba544dbb-FRA
alt-svc
h3=":443"; ma=86400
validation.js
servpols.com/postfach/assets/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://servpols.com/postfach/assets/js/validation.js
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad5ffda5cb870d165f52baad443adae062bfbf48c3580739a7e1fa753370578

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 08 Sep 2023 08:19:23 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoK7VMB0P%2Fy4HuBjh6Ls9Cp9rQjyHkfq%2FfN3wklKPZhf5iplJZAVTpODGr7RgegyDFTvhse4vnjIedqse2%2BVJKMj8nFsB5sdvRnKglAb0jLuDiyV81OJqzsczuntXZ4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
809931d1bfa568e9-FRA
alt-svc
h3=":443"; ma=86400
logo.svg
servpols.com/postfach/assets/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://servpols.com/postfach/assets/img/logo.svg
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
475d4aa3fbc311d30979535bec5e9922dec32caf59661567bf507235122a1015

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:46 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 02 Jun 2023 11:54:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ri7rJgDEJtDih1DQu4%2B7O6bCFsV%2Fi3rNNl9TBysh2f%2FIGK1wwYFERnpcwmtPccBQEw7KXwpkdEDv53T4qMtVoeDNXFV7mjNr64nK%2FDb2jDjyGudeC7z4EfUGPBBmbnQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
809931d298e468e9-FRA
alt-svc
h3=":443"; ma=86400
targobank_icon_white.svg
servpols.com/postfach/assets/img/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://servpols.com/postfach/assets/img/targobank_icon_white.svg
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:47 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7OcTfb32cUAtLmLoIWeaWBC%2BBo5i88alhEHexkmyzaijgRh5BLpbi4V1PZ4Y9AUHWHNPJIERPjw1grXeZtzM9D28%2FOURmoUTdRoKNgqoToxoiruLbExJmuvEnsXvuw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=iso-8859-1
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
809931d2abcd4dbb-FRA
alt-svc
h3=":443"; ma=86400
country.json
get.geojs.io/v1/ip/ 		77 B
683 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/country.json
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/assets/js/country.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
302bd7d73b6afcfa4946ea0e524627bde1d86561fccf67a009080afeabdc73da
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 09:55:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
0a8876beb550e3dd49c90c71e832d4a0-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ijdSQ%2BasA9uAP8Nw6BnmpCkJ2vmgQf%2BHvdlnZa3PJPaqvLEWhTzxAlWFU5qDPk1v20Pjo93dtxGXTwu91j9f%2B4wPAeZpKvKSfbfg09r8OSqAfCTn6mlm2tvRv1EiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
809931d4a80018b9-FRA
targobank_icon_white.svg
cdnii.e-i.com/INGR/sd/targobank_de_2019/0.105.37/de/images/css/perso/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnii.e-i.com/INGR/sd/targobank_de_2019/0.105.37/de/images/css/perso/targobank_icon_white.svg
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/assets/css/ei_custom_identification.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.226.174.154 , France, ASN8255 (EURO-INFORMATION, FR),
Reverse DNS
Software
eiws /
Resource Hash
cfefc3d1e1fd30433488f4faf720e638f0567faeee99cec325f7fb726f40db66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Mon, 17 Apr 2023 12:53:39 GMT
Server
eiws
ETag
"54f-5f987ae04bac0-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=3456000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=50
Expires
Mon, 30 Oct 2023 09:55:45 GMT
circular--400--normal.woff2
cdnii.e-i.com/INGR/sd/targobank_de_2019/0.105.37/commun/fonts/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnii.e-i.com/INGR/sd/targobank_de_2019/0.105.37/commun/fonts/circular--400--normal.woff2
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/assets/css/ei_base.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.226.174.154 , France, ASN8255 (EURO-INFORMATION, FR),
Reverse DNS
Software
eiws /
Resource Hash
754235af94ace68ec407cdbdbcaab45f4baf868f32feb3ec0bca57adbc0c9193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://servpols.com/
Origin
http://servpols.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Mon, 17 Apr 2023 12:53:39 GMT
Server
eiws
ETag
"eab8-5f987ae04bac0"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=3456000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=50
Content-Length
60088
Expires
Mon, 30 Oct 2023 09:55:45 GMT
icon-check.svg
www.targobank.de/de/html/svg/ 		614 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.targobank.de/de/html/svg/icon-check.svg
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/assets/css/loginpage.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.226.174.149 , France, ASN8255 (EURO-INFORMATION, FR),
Reverse DNS
targobank.de
Software
eiws /
Resource Hash
5a33fcbf0f406c9e9e767d66a1f43462b8391ffb8e8aaf8de53248a1510e37aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.targoversicherung.de;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' www.targoversicherung.de;
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 25 Feb 2020 14:42:14 GMT
Server
eiws
ETag
"266-59f677e5c9d80-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/svg+xml
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=50
service_online-sicherheit.jpg
servpols.com/postfach/assets/img/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://servpols.com/postfach/assets/img/service_online-sicherheit.jpg
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45f2967a362f767a414c279f114b8f6bd293f3ab07d3753fe9abdd4080408c1a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:47 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 02 Jun 2023 11:54:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHECXhaMPH2qUygLgBtKSDuRtIJ9QVdz5KQVYL%2BWgyxjEDBRIRroX4YvTlztJsAe7Jisp6VYlkeVUDAEz%2FToZgpHhYwZx3d9yyS2LL0Z8D74%2FeOiAOZupQD8xK%2BVqUU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
809931d2cbed92b1-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
75529
icon-accordion-arrow-down-white.svg
www.targobank.de/de/html/svg/ 		622 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.targobank.de/de/html/svg/icon-accordion-arrow-down-white.svg
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/assets/css/loginpage.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.226.174.149 , France, ASN8255 (EURO-INFORMATION, FR),
Reverse DNS
targobank.de
Software
eiws /
Resource Hash
29091caa6f2374957c15476e14ef16bedead97eac46bf90fa6c55f371331fe99
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.targoversicherung.de;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' www.targoversicherung.de;
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 25 Feb 2020 14:42:13 GMT
Server
eiws
ETag
"26e-59f677e4d5b40-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/svg+xml
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=50
tan-verfahren.jpg
servpols.com/postfach/assets/img/ 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://servpols.com/postfach/assets/img/tan-verfahren.jpg
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbd961c93397bc450f406fc284d8dfe569c39a5cdcbb04c6c847d6e57de60c47

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:48 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 02 Jun 2023 11:54:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWGDD6PHBxk8nb1TAc%2BBZOx0wEk%2BeGZtHLWk1NmoACjRgbFM5Kb%2FNZuTw8FtKk4QCdwo9%2BdNc%2Bt0oI%2FT7c9w%2FrfrlKdzxf8mYaZ7Ki9%2B%2BFylOX1g4aQIIVgAg7TH%2BwM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
809931d2cc183647-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
179517
banking-app-620x450.jpg
servpols.com/postfach/assets/img/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://servpols.com/postfach/assets/img/banking-app-620x450.jpg
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64cd2352fc23c91fe8c05fd696ec62486e5383ca1fe8b67a7aa896a3c624434f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://servpols.com/postfach/?20230920055542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:48 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 02 Jun 2023 11:54:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mr5jDI4rpOlFb%2BgiJvNzuvkr2Aj%2BWj37td66akpYpyGQ05MjWXqimTGDuIc3jgWwdkEBCbYsQ5l2xdOXT2fK4s6y9%2FvTdvcspKZHPL2eKblnXDwnmTPwZx5jmudfDBI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
809931d2cfa8690f-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
32159
circular--700--normal.woff2
cdnii.e-i.com/INGR/sd/targobank_de_2019/0.105.37/commun/fonts/ 		66 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnii.e-i.com/INGR/sd/targobank_de_2019/0.105.37/commun/fonts/circular--700--normal.woff2
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/assets/css/ei_base.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.226.174.154 , France, ASN8255 (EURO-INFORMATION, FR),
Reverse DNS
Software
eiws /
Resource Hash
1aa3edd533940d94c1e417143713e5aaf22c2d269b0a205d611b770c6bb092c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://servpols.com/
Origin
http://servpols.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Mon, 17 Apr 2023 12:53:39 GMT
Server
eiws
ETag
"1090c-5f987ae04bac0"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=3456000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=50
Content-Length
67852
Expires
Mon, 30 Oct 2023 09:55:45 GMT
fts_picto.woff2
cdnii.e-i.com/INGR/sd/targobank_de_2019/0.105.37/commun/fonts/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnii.e-i.com/INGR/sd/targobank_de_2019/0.105.37/commun/fonts/fts_picto.woff2
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/assets/css/ei_base.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.226.174.154 , France, ASN8255 (EURO-INFORMATION, FR),
Reverse DNS
Software
eiws /
Resource Hash
a5850616e81a1083429e862600597db59b3a5114291eae884ab2f9a7847dedc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://servpols.com/
Origin
http://servpols.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Mon, 17 Apr 2023 12:53:39 GMT
Server
eiws
ETag
"13038-5f987ae04bac0"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=3456000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=50
Content-Length
77880
Expires
Mon, 30 Oct 2023 09:55:45 GMT
main.js
servpols.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/ Frame FFC4
Redirect Chain
  • http://servpols.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • http://servpols.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://servpols.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Requested by
Host: servpols.com
URL: http://servpols.com/postfach/?20230920055542
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f1c1e5ea358c2934442a5aa965c2336b5b631afcfbe7946ca6328817a2891b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FmZiSabgsvKcqNLx2FKHZv6BxkQ46m6X18nMXyne5h%2BNBU68ko3BgRTL3FxXHAP7nf4wXpx8FsF8mYTMllKiwLgRaYdI5km%2B2ZUQdaeszeYyGf1ebDvJ9VACtv2Bfk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, public
Connection
keep-alive
CF-RAY
809931d33f490859-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
content-encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8wtZrjc6QrI%2Bm5GZGawt6nNCkb1WeCjTxQF2MHhoKrFZRorBPYnceX2r2fP40Jq88tlxMm%2Fo18dH%2BYbBUf5D6YF7kbCAlEBzh%2F7z%2BrcEF2Q%2F1pfc1IzSZmYGUSZP3c%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
cache-control
max-age=300, public
Connection
keep-alive
CF-RAY
809931d2fef00859-FRA
alt-svc
h3=":443"; ma=86400
809931ceee643647
servpols.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame FFC4 		0
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://servpols.com/cdn-cgi/challenge-platform/h/b/jsd/r/809931ceee643647
Requested by
Host: servpols.com
URL: http://servpols.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Sep 2023 09:55:45 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xV%2FK7%2BNJgtcATy5X8pf6daoRgXClgEzSNjWzRWteViUzRCiqpN8lPqLCWCJnAIIRK8IOG3i%2FPNolMQr5JZyIf6L%2FDBM50GBqX6svMPZ49PXM%2BT1l1VUqbXMhfsVwRXk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
809931d3d86e0859-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: targobank (Banking)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| UIkit function| $ function| jQuery object| firebase function| _0x3de411 function| _0x5c0073 function| _0x3f4c14 function| _0x4150 function| _0x54bb14 function| fetchip function| badip object| fruits function| _0x2fd6 function| containsAny function| loadFileAndPrintToConsole function| botAgent function| getUrlParameter function| _0xb8aa84 function| _0x9394 function| display_access_denied_error function| allow_whitelist_countries function| _0x2c9c function| _0xd52c52 function| _0x1602 function| _0x28223d function| _0x180705 function| _0x22e680 function| _0x15fb function| _0x5aa0fd function| _0x1280 function| _0xc685 function| _0x2e04de function| _0x474be0 function| _0x4ad54f function| _0x20ac6f function| _0x6f8a43 function| _0x2dc0 function| showsms function| isIdentOk number| countlog function| sendmeForm number| countsms function| _0x2769 function| sendsms function| _0x86e067 boolean| isMobile object| revealPasswordButton

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: http://servpols.com/postfach/assets/img/targobank_icon_white.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnii.e-i.com
cdnjs.cloudflare.com
get.geojs.io
servpols.com
sinapicorporate.com
sweedbuy.com
www.gstatic.com
www.targobank.de
104.17.25.14
104.26.0.100
142.250.185.138
142.250.185.195
145.226.174.149
145.226.174.154
188.114.96.3
188.114.97.3
45.79.163.249
03b5861a76d3d1fd0e6075905645aa5fa1907591d90e2f08b1b0ffbbe1506957
1a86fc33ab36847f01b5b62e2139c4a7a9b1aea06969d19bfc7837f88a64af43
1aa3edd533940d94c1e417143713e5aaf22c2d269b0a205d611b770c6bb092c6
29091caa6f2374957c15476e14ef16bedead97eac46bf90fa6c55f371331fe99
302bd7d73b6afcfa4946ea0e524627bde1d86561fccf67a009080afeabdc73da
3f1c1e5ea358c2934442a5aa965c2336b5b631afcfbe7946ca6328817a2891b2
45f2967a362f767a414c279f114b8f6bd293f3ab07d3753fe9abdd4080408c1a
475d4aa3fbc311d30979535bec5e9922dec32caf59661567bf507235122a1015
5a33fcbf0f406c9e9e767d66a1f43462b8391ffb8e8aaf8de53248a1510e37aa
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
64cd2352fc23c91fe8c05fd696ec62486e5383ca1fe8b67a7aa896a3c624434f
754235af94ace68ec407cdbdbcaab45f4baf868f32feb3ec0bca57adbc0c9193
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8ad5ffda5cb870d165f52baad443adae062bfbf48c3580739a7e1fa753370578
a5850616e81a1083429e862600597db59b3a5114291eae884ab2f9a7847dedc2
a91284ef94d09c5daa196df7c6fcc33baee63796915fe878b580a0e2aa3dda70
af20c5f6b76f74ea13a004f5ccda1af7410d1e8fe18b4650c433fb36bc2d598b
bb050cd781c5589bddee0e0ccea2ff40145dc051fa03bcafde3a217116d06ce7
bbd961c93397bc450f406fc284d8dfe569c39a5cdcbb04c6c847d6e57de60c47
cfefc3d1e1fd30433488f4faf720e638f0567faeee99cec325f7fb726f40db66
d404e01916636d8c76f737079392a2da123cf83c60ad3da1fc6fe44241db4e8b
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e376b4d5b71d75bf9e226e642dda173dec49b7c47d74a4ed38f0f7309152950e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1fd426e3ea36f51263e1f3156458d4170fd20ffcc85b5d1cf8736889665e17
f60a75108028d760d57b08e5690dbfb6b404ba06e9ff668abc3f9cc99f6952e4
f8269c15773d6f1d9dd269858f9745279aa778f4b595266ff18d14470e3048b3
faecc94423b6f1681ebd73286a0aa99e43cec755048d0b2fe6dd2e1d786dd5fb
fd06e05cb33c09a18fd5c171b34227047688a936099600ed197da59eb0514ff7