www.boxcryptor.com Open in urlscan Pro
136.243.125.201  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.boxcryptor.com/de/blog/post/phishing/	129 KB 21 KB	138ms 106ms	Document text/html	136.243.125.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.boxcryptor.com/de/blog/post/phishing/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.125.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS danzig.secomba.com Software nginx / Resource Hash b00b984b3b0e8d44c2ecfa063d120bb1319b72be0f836ff86aba3f99b8f8b128 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host www.boxcryptor.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Sec-Fetch-User ?1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Sec-Fetch-Mode navigate Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Sec-Fetch-User ?1 Response headers Server nginx Date Mon, 18 Nov 2019 19:50:09 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Content-Language de ETag W/"20223-148MrAfduEDhnY9xQOnusXMAVoI" Vary Accept-Encoding Content-Encoding gzip Strict-Transport-Security max-age=63072000; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block Referrer-Policy no-referrer-when-downgrade X-Balancer danzig
GET H/1.1	200 OK	assets-df8b382177be930d06801ff1c9724616.css www.boxcryptor.com/	125 KB 20 KB	6ms 6ms	Stylesheet text/css	136.243.125.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.boxcryptor.com/assets-df8b382177be930d06801ff1c9724616.css Requested by Host: www.boxcryptor.com URL: https://www.boxcryptor.com/de/blog/post/phishing/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.125.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS danzig.secomba.com Software nginx / Resource Hash 2dc75534806ebcbf11da7a9be4ddfd76821fb6d5924aca0ba22df08a14495ceb Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.boxcryptor.com/de/blog/post/phishing/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Mon, 18 Nov 2019 19:50:09 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Connection keep-alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer-when-downgrade Last-Modified Tue, 12 Nov 2019 09:07:11 GMT Server nginx X-Frame-Options SAMEORIGIN ETag W/"1f569-16e5edde618" Vary Accept-Encoding Strict-Transport-Security max-age=63072000; preload; Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 Accept-Ranges bytes X-Balancer danzig
GET H2	200	Boxcryptor_logo.png images.ctfassets.net/9ijwdiuuvngh/4mT0YkZGCc4C2soIwmemu2/9ebd9bac055498b9e344682ceb654e79/	8 KB 8 KB	26ms 8ms	Image image/png	2600:9000:2156:6600:12:94b3:c380:93a1 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/9ijwdiuuvngh/4mT0YkZGCc4C2soIwmemu2/9ebd9bac055498b9e344682ceb654e79/Boxcryptor_logo.png Requested by Host: www.boxcryptor.com URL: https://www.boxcryptor.com/de/blog/post/phishing/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:6600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software Contentful Images API / Resource Hash e941930f4e913334e45e6f62b98eef4da26803f169682d6ed1ba8ad940a3e0b4 Request headers Referer https://www.boxcryptor.com/de/blog/post/phishing/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Sat, 28 Sep 2019 03:23:03 GMT via 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront) server Contentful Images API age 655920 etag "775ac5f67cb1b5adbb586ff22c1215cc" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=31536000 x-amz-cf-pop FRA50-C1 access-control-allow-origin * content-length 7749 x-amz-cf-id PfHY2Um1Mfn3hXi2UrpkhBj2MDwnzmK9-9jkFIEiAUQdSyZSLm-vLQ==
GET H2	200	2-1___Phishing_Header_Boxcryptor.png images.ctfassets.net/9ijwdiuuvngh/1G81Bwxp5SecECeEw4e4w6/a4c3200f283f11824d09d882ebf2c359/	78 KB 78 KB	29ms 12ms	Image image/png	2600:9000:2156:6600:12:94b3:c380:93a1 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/9ijwdiuuvngh/1G81Bwxp5SecECeEw4e4w6/a4c3200f283f11824d09d882ebf2c359/2-1___Phishing_Header_Boxcryptor.png Requested by Host: www.boxcryptor.com URL: https://www.boxcryptor.com/de/blog/post/phishing/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:6600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software Contentful Images API / Resource Hash bf81168ba8fc468b3cb3122331569e95a02c269e50f7b32e1f17b11b7f2ce399 Request headers Referer https://www.boxcryptor.com/de/blog/post/phishing/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Mon, 11 Nov 2019 14:53:11 GMT via 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront) server Contentful Images API x-amz-cf-pop FRA50-C1 etag "a453df516d9577175134b30588283de5" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=31536000 access-control-allow-origin * content-length 79636 x-amz-cf-id YkfrDz9ZewwY3ElLSDf02Lgempuv8rx7WlOvXjO22J8jRRl1t6_3TA==
GET H2	200	Lisa_Figas.jpg images.ctfassets.net/9ijwdiuuvngh/6OYX8iqVvUmEooKKM6KKKc/4f3713d19a8cd745986e24610d195ad3/	11 KB 11 KB	10ms 9ms	Image image/jpeg	2600:9000:2156:6600:12:94b3:c380:93a1 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/9ijwdiuuvngh/6OYX8iqVvUmEooKKM6KKKc/4f3713d19a8cd745986e24610d195ad3/Lisa_Figas.jpg?w=150 Requested by Host: www.boxcryptor.com URL: https://www.boxcryptor.com/de/blog/post/phishing/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:6600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software Contentful Images API / Resource Hash 6071d26949d0a016e98742783580e602ed6e634e823de26d9729902719d8a60d Request headers Referer https://www.boxcryptor.com/de/blog/post/phishing/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 17 Sep 2019 07:47:11 GMT via 1.1 varnish, 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront) server Contentful Images API x-amz-cf-pop FRA50-C1 etag "d78595526a4321c973951a9f7e4a3eed" x-cache Hit from cloudfront content-type image/jpeg status 200 cache-control max-age=31536000 access-control-allow-origin * content-length 10861 x-amz-cf-id lSfgvRDIEhMDsuuSxs00m4d4MMOE9H5e0XiWv3sSQKX2-tDdGEpbMQ==
GET H2	200	dropbox-premier-partner_20180322.png images.ctfassets.net/9ijwdiuuvngh/3nJgY0kpvq6qCYgi4wk2sc/5179ac23aac2abf696bcd008068ad31c/	13 KB 14 KB	9ms 8ms	Image image/png	2600:9000:2156:6600:12:94b3:c380:93a1 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/9ijwdiuuvngh/3nJgY0kpvq6qCYgi4wk2sc/5179ac23aac2abf696bcd008068ad31c/dropbox-premier-partner_20180322.png Requested by Host: www.boxcryptor.com URL: https://www.boxcryptor.com/de/blog/post/phishing/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:6600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software Contentful Images API / Resource Hash 4e18d9d8af3bf14f34edd4364352805f5d9467527d6fae247cfa556dcbb69beb Request headers Referer https://www.boxcryptor.com/de/blog/post/phishing/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Thu, 30 May 2019 00:31:03 GMT via 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront) server Contentful Images API age 14930347 etag "01ecf2ce6f39f9a0bd9a84de59ec0d83" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=31536000 x-amz-cf-pop FRA50-C1 access-control-allow-origin * content-length 13780 x-amz-cf-id topfpPoaTT9-7i6p95i3wfV2xl_RUuWFMQPw0978XXp3u4HWm78JaA==
GET H/1.1	200 OK	bundle-9cba5e6bfc68258ab87a.js Show response www.boxcryptor.com/	2 MB 578 KB	11ms 10ms	Script application/javascript	136.243.125.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.boxcryptor.com/bundle-9cba5e6bfc68258ab87a.js Requested by Host: www.boxcryptor.com URL: https://www.boxcryptor.com/de/blog/post/phishing/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.125.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS danzig.secomba.com Software nginx / Resource Hash 3daa5755e2e407f9c4211e62048070aa6e4a8fdb9d6d3349c7000aed3aac7ada Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.boxcryptor.com/de/blog/post/phishing/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Mon, 18 Nov 2019 19:50:09 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Connection keep-alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer-when-downgrade Last-Modified Tue, 12 Nov 2019 09:07:11 GMT Server nginx X-Frame-Options SAMEORIGIN ETag W/"21f09e-16e5edde618" Vary Accept-Encoding Strict-Transport-Security max-age=63072000; preload; Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Accept-Ranges bytes X-Balancer danzig
GET H/1.1	200 OK	oldbrowser-9cba5e6bfc68258ab87a.js Show response www.boxcryptor.com/	31 KB 12 KB	19ms 19ms	Script application/javascript	136.243.125.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.boxcryptor.com/oldbrowser-9cba5e6bfc68258ab87a.js Requested by Host: www.boxcryptor.com URL: https://www.boxcryptor.com/de/blog/post/phishing/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.125.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS danzig.secomba.com Software nginx / Resource Hash 922b52656a64d58fa92edd63f4ca48ad00988866ea0e2f137cd430bab6602315 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.boxcryptor.com/de/blog/post/phishing/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Mon, 18 Nov 2019 19:50:09 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Connection keep-alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer-when-downgrade Last-Modified Tue, 12 Nov 2019 09:07:11 GMT Server nginx X-Frame-Options SAMEORIGIN ETag W/"7d8b-16e5edde618" Vary Accept-Encoding Strict-Transport-Security max-age=63072000; preload; Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Accept-Ranges bytes X-Balancer danzig
GET H/1.1	200 OK	assets-9cba5e6bfc68258ab87a.js Show response www.boxcryptor.com/	103 KB 18 KB	22ms 21ms	Script application/javascript	136.243.125.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.boxcryptor.com/assets-9cba5e6bfc68258ab87a.js Requested by Host: www.boxcryptor.com URL: https://www.boxcryptor.com/de/blog/post/phishing/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.125.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS danzig.secomba.com Software nginx / Resource Hash bb5037a399ea002c864bc52927a90a5d68f659e4f6d81143f81c1b6505f294d4 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.boxcryptor.com/de/blog/post/phishing/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Mon, 18 Nov 2019 19:50:09 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Connection keep-alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer-when-downgrade Last-Modified Tue, 12 Nov 2019 09:07:11 GMT Server nginx X-Frame-Options SAMEORIGIN ETag W/"19afd-16e5edde618" Vary Accept-Encoding Strict-Transport-Security max-age=63072000; preload; Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Accept-Ranges bytes X-Balancer danzig
GET H/1.1	200 OK	ca41c456ce6ba8dcffc9a7272a199283.woff2 www.boxcryptor.com/	19 KB 19 KB	19ms 17ms	Font application/font-woff2	136.243.125.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.boxcryptor.com/ca41c456ce6ba8dcffc9a7272a199283.woff2 Requested by Host: www.boxcryptor.com URL: https://www.boxcryptor.com/de/blog/post/phishing/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.125.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS danzig.secomba.com Software nginx / Resource Hash 468f87ca7a0cf5529eb96f6ed5c5fb253e0be79e9a8412c6d367a91e6eb7bb64 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://www.boxcryptor.com/assets-df8b382177be930d06801ff1c9724616.css Origin https://www.boxcryptor.com Response headers Date Mon, 18 Nov 2019 19:50:09 GMT Strict-Transport-Security max-age=63072000; preload; Referrer-Policy no-referrer-when-downgrade Last-Modified Tue, 12 Nov 2019 09:07:11 GMT Server nginx ETag W/"4ad4-16e5edde618" X-Frame-Options SAMEORIGIN Content-Type application/font-woff2 Cache-Control public, max-age=0 X-Content-Type-Options nosniff Connection keep-alive Accept-Ranges bytes X-Balancer danzig Content-Length 19156 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	5b4c987e2ff385d9d6e8a415599ae3f9.woff2 www.boxcryptor.com/	19 KB 20 KB	16ms 15ms	Font application/font-woff2	136.243.125.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.boxcryptor.com/5b4c987e2ff385d9d6e8a415599ae3f9.woff2 Requested by Host: www.boxcryptor.com URL: https://www.boxcryptor.com/de/blog/post/phishing/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.125.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS danzig.secomba.com Software nginx / Resource Hash 848e3ddf8d07c81ebc0ee309dfc63a60b0b970d46857911c5f2e78487825a3e3 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://www.boxcryptor.com/assets-df8b382177be930d06801ff1c9724616.css Origin https://www.boxcryptor.com Response headers Date Mon, 18 Nov 2019 19:50:09 GMT Strict-Transport-Security max-age=63072000; preload; Referrer-Policy no-referrer-when-downgrade Last-Modified Tue, 12 Nov 2019 09:07:11 GMT Server nginx ETag W/"4d04-16e5edde618" X-Frame-Options SAMEORIGIN Content-Type application/font-woff2 Cache-Control public, max-age=0 X-Content-Type-Options nosniff Connection keep-alive Accept-Ranges bytes X-Balancer danzig Content-Length 19716 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	b54352122f9e4640b004dcd7a02563f6.woff2 www.boxcryptor.com/	19 KB 20 KB	17ms 15ms	Font application/font-woff2	136.243.125.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.boxcryptor.com/b54352122f9e4640b004dcd7a02563f6.woff2 Requested by Host: www.boxcryptor.com URL: https://www.boxcryptor.com/de/blog/post/phishing/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.125.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS danzig.secomba.com Software nginx / Resource Hash d10ff7ad5c1f3ce5c6ad2b17ef06f8a0515628d04a00178bc6bdefc23d8ba94b Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://www.boxcryptor.com/assets-df8b382177be930d06801ff1c9724616.css Origin https://www.boxcryptor.com Response headers Date Mon, 18 Nov 2019 19:50:09 GMT Strict-Transport-Security max-age=63072000; preload; Referrer-Policy no-referrer-when-downgrade Last-Modified Tue, 12 Nov 2019 09:07:11 GMT Server nginx ETag W/"4d7c-16e5edde618" X-Frame-Options SAMEORIGIN Content-Type application/font-woff2 Cache-Control public, max-age=0 X-Content-Type-Options nosniff Connection keep-alive Accept-Ranges bytes X-Balancer danzig Content-Length 19836 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	30ced7debe8bb0974c7d094bde9894e4.woff2 www.boxcryptor.com/	7 KB 8 KB	17ms 12ms	Font application/font-woff2	136.243.125.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.boxcryptor.com/30ced7debe8bb0974c7d094bde9894e4.woff2 Requested by Host: www.boxcryptor.com URL: https://www.boxcryptor.com/de/blog/post/phishing/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.125.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS danzig.secomba.com Software nginx / Resource Hash f3608a06a0db658474e65c0ebde3921cf7461dbb5b8aede01bcd8f26eab0ac9f Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://www.boxcryptor.com/assets-df8b382177be930d06801ff1c9724616.css Origin https://www.boxcryptor.com Response headers Date Mon, 18 Nov 2019 19:50:09 GMT Strict-Transport-Security max-age=63072000; preload; Referrer-Policy no-referrer-when-downgrade Last-Modified Tue, 12 Nov 2019 09:07:11 GMT Server nginx ETag W/"1c10-16e5edde618" X-Frame-Options SAMEORIGIN Content-Type application/font-woff2 Cache-Control public, max-age=0 X-Content-Type-Options nosniff Connection keep-alive Accept-Ranges bytes X-Balancer danzig Content-Length 7184 X-XSS-Protection 1; mode=block
GET H2	200	collect www.google-analytics.com/r/	35 B 101 B	14ms 13ms	Image image/gif	2a00:1450:4001:81b::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j44&aip=1&a=330248682&t=pageview&_s=1&dl=https%3A%2F%2Fwww.boxcryptor.com%2Fde%2Fblog%2Fpost%2Fphishing%2F&dp=%2Fde%2Fblog%2Fpost%2Fphishing%2F&ul=en-us&de=UTF-8&dt=Anleitung%20in%205%20Schritten%3A%20Phishing-E-Mails%20erkennen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&fl=6.0%20r21&_u=yGAACEABN~&jid=233947425&cid=541865704.1574106610&tid=UA-21157428-1&_r=1&z=593582952 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.boxcryptor.com/de/blog/post/phishing/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers pragma no-cache date Mon, 18 Nov 2019 19:50:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __CSS__ object| __INITIAL_STATE__ string| __BASENAME__ object| __APOLLO_STATE__ function| webpackJsonp object| regeneratorRuntime function| removeDotPrefix function| normalizePath function| countPathComponents function| ga object| gaplugins object| __algolia object| __COMMON-ERRORS-TYPES__ function| setImmediate function| clearImmediate object| Prism object| __core-js_shared__ object| componentHandler function| MaterialButton function| MaterialCheckbox function| MaterialIconToggle function| MaterialMenu function| MaterialProgress function| MaterialRadio function| MaterialSlider function| MaterialSnackbar function| MaterialSpinner function| MaterialSwitch function| MaterialTabs function| MaterialTextfield function| MaterialTooltip function| MaterialLayout function| MaterialLayoutTab function| MaterialDataTable function| MaterialRipple string| GoogleAnalyticsObject number| _ga object| gaGlobal object| gaData

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.boxcryptor.com/	1970-01-19 05:15:07	Name: _gat Value: 1
			.boxcryptor.com/	1970-01-19 22:31:54	Name: !#!_ga!#!GA1.2.541865704.1574106610 Value:
			.boxcryptor.com/	1970-01-19 22:46:18	Name: _ga Value: GA1.2.541865704.1574106610

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images.ctfassets.net
www.boxcryptor.com
www.google-analytics.com
136.243.125.201
2600:9000:2156:6600:12:94b3:c380:93a1
2a00:1450:4001:81b::200e
2dc75534806ebcbf11da7a9be4ddfd76821fb6d5924aca0ba22df08a14495ceb
3daa5755e2e407f9c4211e62048070aa6e4a8fdb9d6d3349c7000aed3aac7ada
468f87ca7a0cf5529eb96f6ed5c5fb253e0be79e9a8412c6d367a91e6eb7bb64
4e18d9d8af3bf14f34edd4364352805f5d9467527d6fae247cfa556dcbb69beb
6071d26949d0a016e98742783580e602ed6e634e823de26d9729902719d8a60d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848e3ddf8d07c81ebc0ee309dfc63a60b0b970d46857911c5f2e78487825a3e3
922b52656a64d58fa92edd63f4ca48ad00988866ea0e2f137cd430bab6602315
b00b984b3b0e8d44c2ecfa063d120bb1319b72be0f836ff86aba3f99b8f8b128
bb5037a399ea002c864bc52927a90a5d68f659e4f6d81143f81c1b6505f294d4
bf81168ba8fc468b3cb3122331569e95a02c269e50f7b32e1f17b11b7f2ce399
d10ff7ad5c1f3ce5c6ad2b17ef06f8a0515628d04a00178bc6bdefc23d8ba94b
e941930f4e913334e45e6f62b98eef4da26803f169682d6ed1ba8ad940a3e0b4
f3608a06a0db658474e65c0ebde3921cf7461dbb5b8aede01bcd8f26eab0ac9f