Submitted URL: https://00228901.pphosted.com:10020/euweb/digest?ts=1557929346&cmd=view&locale=enus&module=spam&msg_id=(V_287407b7ab897768c716edba75...
Effective URL: https://00228901.pphosted.com:10020/euweb/login
Submission: On May 15 via api from US

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 148.163.159.184, located in United States and belongs to PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US. The main domain is 00228901.pphosted.com.
TLS certificate: Issued by Thawte RSA CA 2018 on August 13th 2018. Valid for: 2 years.
This is the only time 00228901.pphosted.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 148.163.159.184 22843 (PROOFPOIN...)
5 1
Apex Domain
Subdomains
Transfer
6 pphosted.com
00228901.pphosted.com
22 KB
5 1
Domain Requested by
6 00228901.pphosted.com 1 redirects 00228901.pphosted.com
5 1

This site contains links to these domains. Also see Links.

Domain
www.proofpoint.com
Subject Issuer Validity Valid
*.pphosted.com
Thawte RSA CA 2018
2018-08-13 -
2020-08-06
2 years crt.sh

This page contains 1 frames:

Primary Page: https://00228901.pphosted.com:10020/euweb/login
Frame ID: 55FD654629717C8195C4622ACE1D6E9F
Requests: 5 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://00228901.pphosted.com:10020/euweb/digest?ts=1557929346&cmd=view&locale=enus&module=spam&msg_id=(V_287407... HTTP 302
    https://00228901.pphosted.com:10020/ Page URL
  2. https://00228901.pphosted.com:10020/euweb/login Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

22 kB
Transfer

19 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://00228901.pphosted.com:10020/euweb/digest?ts=1557929346&cmd=view&locale=enus&module=spam&msg_id=(V_287407b7ab897768c716edba755dNkFiMnpYYlJGaTA1YjJ6VjdEMW1YTFhOZ3VPSXVoQzc=)&c=newbalance_hosted&recipient=Jon.Cook@newbalance.com&account=jon.cook@newbalance.com&sig=e84ba9ed744d80bf461701f42597fa7db7f6832a2a1237c60f19f81e70c457e6 HTTP 302
    https://00228901.pphosted.com:10020/ Page URL
  2. https://00228901.pphosted.com:10020/euweb/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://00228901.pphosted.com:10020/euweb/digest?ts=1557929346&cmd=view&locale=enus&module=spam&msg_id=(V_287407b7ab897768c716edba755dNkFiMnpYYlJGaTA1YjJ6VjdEMW1YTFhOZ3VPSXVoQzc=)&c=newbalance_hosted&recipient=Jon.Cook@newbalance.com&account=jon.cook@newbalance.com&sig=e84ba9ed744d80bf461701f42597fa7db7f6832a2a1237c60f19f81e70c457e6 HTTP 302
  • https://00228901.pphosted.com:10020/

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
00228901.pphosted.com/
Redirect Chain
  • https://00228901.pphosted.com:10020/euweb/digest?ts=1557929346&cmd=view&locale=enus&module=spam&msg_id=(V_287407b7ab897768c716edba755dNkFiMnpYYlJGaTA1YjJ6VjdEMW1YTFhOZ3VPSXVoQzc=)&c=newbalance_host...
  • https://00228901.pphosted.com:10020/
60 B
568 B
Document
General
Full URL
https://00228901.pphosted.com:10020/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.163.159.184 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
mx0b-00228901.pphosted.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
00228901.pphosted.com:10020
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Cookie
PPSAUTH=eadcac8ccf2f231c9d12df796823a6c4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 14:40:08 GMT
Server
Last-Modified
Wed, 24 Apr 2019 00:17:44 GMT
ETag
"820e7a-3c-5873ba1631a00"
Accept-Ranges
bytes
Content-Length
60
Cache-Control
max-age=0
Expires
Wed, 15 May 2019 14:40:08 GMT
x-frame-options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 15 May 2019 14:40:08 GMT
Server
Set-Cookie
PPSAUTH=eadcac8ccf2f231c9d12df796823a6c4; path=/; secure; HttpOnly
Location
https://00228901.pphosted.com:10020
Cache-Control
max-age=0
Expires
Wed, 15 May 2019 14:40:08 GMT
Content-Length
219
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
Primary Request Cookie set login
00228901.pphosted.com/euweb/
5 KB
6 KB
Document
General
Full URL
https://00228901.pphosted.com:10020/euweb/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.163.159.184 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
mx0b-00228901.pphosted.com
Software
/
Resource Hash
b0d53e11bb9f1b45810c61c6e71b35dfabfddea912af0d3d2faa537cd8cb2dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
00228901.pphosted.com:10020
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://00228901.pphosted.com:10020/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://00228901.pphosted.com:10020/

Response headers

Date
Wed, 15 May 2019 14:40:08 GMT
Server
pragma
no-cache
Expires
Thu, 1 Jan 1970 00:00:00 UTC
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie
PPSAUTH=986b8c1a6e6f84052bc57e0bd7d4d791; path=/; secure; HttpOnly
x-frame-options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
5267
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
stylesheet
00228901.pphosted.com/euweb/
8 KB
9 KB
Stylesheet
General
Full URL
https://00228901.pphosted.com:10020/euweb/stylesheet?templateid=0&v=
Requested by
Host: 00228901.pphosted.com
URL: https://00228901.pphosted.com:10020/euweb/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.163.159.184 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
mx0b-00228901.pphosted.com
Software
/
Resource Hash
28d5b3ab33057f0bbe64af19777e073b9047548ebaa5769538019c2d6a0a065d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://00228901.pphosted.com:10020/euweb/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 14:40:08 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
x-frame-options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
X-XSS-Protection
1; mode=block
Expires
Fri, 14 Jun 2019 14:40:08 GMT
authenticate.gif
00228901.pphosted.com/images/
3 KB
4 KB
Image
General
Full URL
https://00228901.pphosted.com:10020/images/authenticate.gif
Requested by
Host: 00228901.pphosted.com
URL: https://00228901.pphosted.com:10020/euweb/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.163.159.184 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
mx0b-00228901.pphosted.com
Software
/
Resource Hash
93b30f310da6ab00c6429468f677e631db2a7c904bc476fec2066a66babbf121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://00228901.pphosted.com:10020/euweb/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 14:40:08 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 13 Dec 2014 02:15:55 GMT
Server
x-frame-options
SAMEORIGIN
ETag
"820cba-df8-50a0f96d6ccc0"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif
Cache-Control
public, max-age=1550000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3576
X-XSS-Protection
1; mode=block
Expires
Fri, 14 Jun 2019 14:40:08 GMT
logo
00228901.pphosted.com/euweb/
2 KB
3 KB
Image
General
Full URL
https://00228901.pphosted.com:10020/euweb/logo?templateid=0&i=0&v=
Requested by
Host: 00228901.pphosted.com
URL: https://00228901.pphosted.com:10020/euweb/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.163.159.184 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
mx0b-00228901.pphosted.com
Software
/
Resource Hash
194c92ed23422340b22802a63a8519d32a743522feed769aef90f323c236b261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://00228901.pphosted.com:10020/euweb/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 14:40:09 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
x-frame-options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
X-XSS-Protection
1; mode=block
Expires
Fri, 14 Jun 2019 14:40:09 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| getElement function| onChangeUsername function| onChangePassword function| clearError function| setError function| setFocus function| onInit function| getUsername function| setUsername

1 Cookies

Domain/Path Name / Value
00228901.pphosted.com/ Name: PPSAUTH
Value: 986b8c1a6e6f84052bc57e0bd7d4d791

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block