URL: https://inbox.proofpoint.com/securemail/Main.html
Submission: On June 17 via api from CH

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 27 HTTP transactions. The main IP is 67.231.154.166, located in United States and belongs to PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US. The main domain is inbox.proofpoint.com.
TLS certificate: Issued by Thawte RSA CA 2018 on September 12th 2018. Valid for: a year.
This is the only time inbox.proofpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 67.231.154.166 22843 (PROOFPOIN...)
2 2a00:1450:400... 15169 (GOOGLE)
1 209.197.3.15 20446 (HIGHWINDS3)
3 67.231.146.94 26211 (PROOFPOIN...)
27 5
Domain Requested by
21 inbox.proofpoint.com inbox.proofpoint.com
3 enduserauth.proofpoint.com enduserauth.proofpoint.com
2 fonts.googleapis.com inbox.proofpoint.com
1 maxcdn.bootstrapcdn.com inbox.proofpoint.com
27 4

This site contains links to these domains. Also see Links.

Domain
registration.proofpoint.com
Subject Issuer Validity Valid
inbox.proofpoint.com
Thawte RSA CA 2018
2018-09-12 -
2019-08-07
a year crt.sh
*.googleapis.com
Google Internet Authority G3
2019-06-11 -
2019-09-03
3 months crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA
2018-10-03 -
2019-10-12
a year crt.sh
auth.proofpoint.com
Thawte RSA CA 2018
2018-09-03 -
2019-09-03
a year crt.sh

This page contains 2 frames:

Primary Page: https://inbox.proofpoint.com/securemail/Main.html
Frame ID: A0165207E3E8DFB3C3B5852D0DEB6B56
Requests: 26 HTTP requests in this frame

Frame: https://enduserauth.proofpoint.com/v1/token/refreshscript
Frame ID: BCC52569EE3EF096C2ECDDD344E184A0
Requests: 3 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /swfobject.*\.js/i

Page Statistics

27
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

589 kB
Transfer

1527 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Main.html
inbox.proofpoint.com/securemail/
1 KB
875 B
Document
General
Full URL
https://inbox.proofpoint.com/securemail/Main.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
a4aa1e5fefaadbc0dcd9460710aa84c53cf7e86cb52b871ad23393400b96671c

Request headers

:method
GET
:authority
inbox.proofpoint.com
:scheme
https
:path
/securemail/Main.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:14 GMT
cache-control
max-age=0, must-revalidate
expires
Fri, 30 Oct 1998 14:19:41 GMT
content-type
text/html
vary
Accept-Encoding, User-Agent
content-encoding
gzip
content-length
685
css
fonts.googleapis.com/
1 KB
480 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,700
Requested by
Host: inbox.proofpoint.com
URL: https://inbox.proofpoint.com/securemail/Main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
41c743751cd6ec65a2ba2f2a60bf82b2c73bf208a648859bed04668a60fee791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 17 Jun 2019 20:21:14 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 17 Jun 2019 20:21:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 17 Jun 2019 20:21:14 GMT
css
fonts.googleapis.com/
8 KB
751 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700
Requested by
Host: inbox.proofpoint.com
URL: https://inbox.proofpoint.com/securemail/Main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7a28b61939506438c4c858f7718da69f098d3f9a289c2f77ae99e303be14596d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 17 Jun 2019 20:21:14 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 17 Jun 2019 20:21:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 17 Jun 2019 20:21:14 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: inbox.proofpoint.com
URL: https://inbox.proofpoint.com/securemail/Main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Jun 2019 20:21:14 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
access-control-allow-origin
*
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
5041
securemail.nocache.js
inbox.proofpoint.com/securemail/
11 KB
5 KB
Script
General
Full URL
https://inbox.proofpoint.com/securemail/securemail.nocache.js
Requested by
Host: inbox.proofpoint.com
URL: https://inbox.proofpoint.com/securemail/Main.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
ed9a19ed111903335ab0a9e73caef76a42df6e3918e9e1a34b4743a85892f1bd

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:14 GMT
content-encoding
gzip
cache-control
max-age=0, must-revalidate
content-type
application/javascript
vary
Accept-Encoding, User-Agent
expires
Fri, 30 Oct 1998 14:19:41 GMT
bootstrap-3.3.2.min.cache.css
inbox.proofpoint.com/securemail/css/
114 KB
19 KB
Stylesheet
General
Full URL
https://inbox.proofpoint.com/securemail/css/bootstrap-3.3.2.min.cache.css
Requested by
Host: inbox.proofpoint.com
URL: https://inbox.proofpoint.com/securemail/securemail.nocache.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:15 GMT
cache-control
max-age=31536000, must-revalidate
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/css
font-awesome-4.3.0.min.cache.css
inbox.proofpoint.com/securemail/css/
23 KB
5 KB
Stylesheet
General
Full URL
https://inbox.proofpoint.com/securemail/css/font-awesome-4.3.0.min.cache.css
Requested by
Host: inbox.proofpoint.com
URL: https://inbox.proofpoint.com/securemail/securemail.nocache.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:15 GMT
cache-control
max-age=31536000, must-revalidate
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/css
bootstrap-slider-4.5.6.min.cache.css
inbox.proofpoint.com/securemail/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://inbox.proofpoint.com/securemail/css/bootstrap-slider-4.5.6.min.cache.css
Requested by
Host: inbox.proofpoint.com
URL: https://inbox.proofpoint.com/securemail/securemail.nocache.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
3110ef4b122cb6e230acbda2b2a556c31f2056751c4fee2ef55eca6561b7a8ef

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:15 GMT
cache-control
max-age=31536000, must-revalidate
content-encoding
gzip
content-length
1564
vary
Accept-Encoding, User-Agent
content-type
text/css
summernote-0.6.2.min.cache.css
inbox.proofpoint.com/securemail/css/
10 KB
2 KB
Stylesheet
General
Full URL
https://inbox.proofpoint.com/securemail/css/summernote-0.6.2.min.cache.css
Requested by
Host: inbox.proofpoint.com
URL: https://inbox.proofpoint.com/securemail/securemail.nocache.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
7e092184b64ad1ceecf8afc3680823258f71b18b7a8c83006adc3f1746f4394d

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:15 GMT
cache-control
max-age=31536000, must-revalidate
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/css
EC90688597299A8093627553C4CBF76F.cache.js
inbox.proofpoint.com/securemail/
1 MB
395 KB
Script
General
Full URL
https://inbox.proofpoint.com/securemail/EC90688597299A8093627553C4CBF76F.cache.js
Requested by
Host: inbox.proofpoint.com
URL: https://inbox.proofpoint.com/securemail/securemail.nocache.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
86c20f8b2559b9247b00c390ee1f11d79b0f481327a80eb0c78591fce02989da

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:15 GMT
cache-control
max-age=31536000, must-revalidate
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
application/javascript
externalAuthUrl
inbox.proofpoint.com/v3/service/
34 B
244 B
XHR
General
Full URL
https://inbox.proofpoint.com/v3/service/externalAuthUrl
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
50b83cd23774778ce040829a4ce6f81e5253b012a02a3e5a048f9bdb94af78ba

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Mon, 17 Jun 2019 20:21:15 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/plain
status
200
cache-control
max-age=0, must-revalidate
content-length
54
expires
Fri, 30 Oct 1998 14:19:41 GMT
whoami
inbox.proofpoint.com/v2/
0
148 B
XHR
General
Full URL
https://inbox.proofpoint.com/v2/whoami?detail=true
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

status
401
www-authenticate
Bearer realm="Proofpoint"
x-proofpoint-saml-oath-bridge-location
https://secureshare.proofpoint.com
content-length
0
content-type
text/plain
swfupload.js
inbox.proofpoint.com/securemail/swfupload/
38 KB
10 KB
Script
General
Full URL
https://inbox.proofpoint.com/securemail/swfupload/swfupload.js
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
7c8573e1a18db2385f7d423f450048b3acd7e84bf8986d135d8fffa34b0a36f0

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:15 GMT
content-encoding
gzip
cache-control
max-age=0, must-revalidate
content-type
application/javascript
vary
Accept-Encoding, User-Agent
expires
Fri, 30 Oct 1998 14:19:41 GMT
swfobject.js
inbox.proofpoint.com/securemail/swfobject/
10 KB
4 KB
Script
General
Full URL
https://inbox.proofpoint.com/securemail/swfobject/swfobject.js
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:15 GMT
content-encoding
gzip
cache-control
max-age=0, must-revalidate
content-type
application/javascript
vary
Accept-Encoding, User-Agent
expires
Fri, 30 Oct 1998 14:19:41 GMT
webUIConfig
inbox.proofpoint.com/v1/
248 B
414 B
XHR
General
Full URL
https://inbox.proofpoint.com/v1/webUIConfig
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
631a9ee4de9997c2671acdb85cde30f811feaf2b42c580ff61119cfa01880e8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Mon, 17 Jun 2019 20:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding, User-Agent
content-type
application/json
status
200
cache-control
max-age=0, must-revalidate
content-length
185
expires
Fri, 30 Oct 1998 14:19:41 GMT
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
510d67bffee988fc636a2e21f4d8b337324460071b21da11dc4ac046fd9e9b9f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
SourceSansPro-Regular-webfont.woff
inbox.proofpoint.com/securemail/styles/sourcesans/
16 KB
16 KB
Font
General
Full URL
https://inbox.proofpoint.com/securemail/styles/sourcesans/SourceSansPro-Regular-webfont.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
a9d026f4bd2a0f56ab6cdf5c43749d869ff9d1168404c20a57e19757717b18c9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://inbox.proofpoint.com/securemail/Main.html
Origin
https://inbox.proofpoint.com

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:15 GMT
content-encoding
gzip
cache-control
max-age=0, must-revalidate
content-type
application/octet-stream
vary
Accept-Encoding, User-Agent
expires
Fri, 30 Oct 1998 14:19:41 GMT
whoami
inbox.proofpoint.com/v2/
0
148 B
XHR
General
Full URL
https://inbox.proofpoint.com/v2/whoami?detail=true
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

status
401
www-authenticate
Bearer realm="Proofpoint"
x-proofpoint-saml-oath-bridge-location
https://secureshare.proofpoint.com
content-length
0
content-type
text/plain
refreshscript
enduserauth.proofpoint.com/v1/token/ Frame BCC5
704 B
475 B
Document
General
Full URL
https://enduserauth.proofpoint.com/v1/token/refreshscript
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.146.94 , United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),
Reverse DNS
Software
/
Resource Hash
4409b36426ae57e05af3cd1a54c6ee1104ec00b920e3c2bc6443e6278e0a93d5

Request headers

:method
GET
:authority
enduserauth.proofpoint.com
:scheme
https
:path
/v1/token/refreshscript
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://inbox.proofpoint.com/securemail/Main.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://inbox.proofpoint.com/securemail/Main.html

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:16 GMT
content-type
text/html
vary
Accept-Encoding, User-Agent
content-encoding
gzip
content-length
352
whoami
inbox.proofpoint.com/v2/
0
148 B
XHR
General
Full URL
https://inbox.proofpoint.com/v2/whoami?detail=true
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

status
401
www-authenticate
Bearer realm="Proofpoint"
x-proofpoint-saml-oath-bridge-location
https://secureshare.proofpoint.com
content-length
0
content-type
text/plain
whoami
inbox.proofpoint.com/v2/
0
148 B
XHR
General
Full URL
https://inbox.proofpoint.com/v2/whoami?detail=true
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

status
401
www-authenticate
Bearer realm="Proofpoint"
x-proofpoint-saml-oath-bridge-location
https://secureshare.proofpoint.com
content-length
0
content-type
text/plain
whoami
inbox.proofpoint.com/v2/
0
148 B
XHR
General
Full URL
https://inbox.proofpoint.com/v2/whoami?detail=true
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

status
401
www-authenticate
Bearer realm="Proofpoint"
x-proofpoint-saml-oath-bridge-location
https://secureshare.proofpoint.com
content-length
0
content-type
text/plain
whoami
inbox.proofpoint.com/v2/
0
148 B
XHR
General
Full URL
https://inbox.proofpoint.com/v2/whoami?detail=true
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://inbox.proofpoint.com/securemail/Main.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

status
401
www-authenticate
Bearer realm="Proofpoint"
x-proofpoint-saml-oath-bridge-location
https://secureshare.proofpoint.com
content-length
0
content-type
text/plain
jquery.min.1.11.1.js
enduserauth.proofpoint.com/v1/token/javascript/ Frame BCC5
94 KB
33 KB
Script
General
Full URL
https://enduserauth.proofpoint.com/v1/token/javascript/jquery.min.1.11.1.js
Requested by
Host: enduserauth.proofpoint.com
URL: https://enduserauth.proofpoint.com/v1/token/refreshscript
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.146.94 , United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),
Reverse DNS
Software
/
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://enduserauth.proofpoint.com/v1/token/refreshscript
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:16 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/javascript
SourceSansPro-Bold-webfont.woff
inbox.proofpoint.com/securemail/styles/sourcesans/
16 KB
16 KB
Font
General
Full URL
https://inbox.proofpoint.com/securemail/styles/sourcesans/SourceSansPro-Bold-webfont.woff
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
87b781066043fee95b8d4132eb85b187058cf2deb9fd8a85bc8efbd201c313ee

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://inbox.proofpoint.com/securemail/Main.html
Origin
https://inbox.proofpoint.com

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:16 GMT
content-encoding
gzip
cache-control
max-age=0, must-revalidate
content-type
application/octet-stream
vary
Accept-Encoding, User-Agent
expires
Fri, 30 Oct 1998 14:19:41 GMT
fontawesome-webfont.woff2
inbox.proofpoint.com/securemail/fonts/
55 KB
56 KB
Font
General
Full URL
https://inbox.proofpoint.com/securemail/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://inbox.proofpoint.com/securemail/css/font-awesome-4.3.0.min.cache.css
Origin
https://inbox.proofpoint.com

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:16 GMT
content-encoding
gzip
cache-control
max-age=0, must-revalidate
content-type
application/octet-stream
vary
Accept-Encoding, User-Agent
expires
Fri, 30 Oct 1998 14:19:41 GMT
SourceSansPro-Semibold-webfont.woff
inbox.proofpoint.com/securemail/styles/sourcesans/
16 KB
16 KB
Font
General
Full URL
https://inbox.proofpoint.com/securemail/styles/sourcesans/SourceSansPro-Semibold-webfont.woff
Requested by
Host:
URL: securemail-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.154.166 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),
Reverse DNS
inbox.gslb.proofpoint.com
Software
/
Resource Hash
c25ebd2ffe492a11dd8b14f75fe3c0038e6d896ebe38a8a8e9c9fd5f06bce952

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://inbox.proofpoint.com/securemail/Main.html
Origin
https://inbox.proofpoint.com

Response headers

status
200
date
Mon, 17 Jun 2019 20:21:16 GMT
content-encoding
gzip
cache-control
max-age=0, must-revalidate
content-type
application/octet-stream
vary
Accept-Encoding, User-Agent
expires
Fri, 30 Oct 1998 14:19:41 GMT
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ecb4f502219c73e52736c74ac4ef18fbfbae6fb453a1abda25bd3c0fa8d282a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
refreshtoken
enduserauth.proofpoint.com/v1/token/ Frame BCC5
261 B
602 B
XHR
General
Full URL
https://enduserauth.proofpoint.com/v1/token/refreshtoken?_=1560802876976
Requested by
Host: enduserauth.proofpoint.com
URL: https://enduserauth.proofpoint.com/v1/token/javascript/jquery.min.1.11.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.231.146.94 , United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),
Reverse DNS
Software
/
Resource Hash
a25a4ae941036a0e699e8ba41d48d2c9701be2348ce1fde362f5203bc0377829

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://enduserauth.proofpoint.com/v1/token/refreshscript
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
401
date
Mon, 17 Jun 2019 20:21:17 GMT
cache-control
must-revalidate,no-cache,no-store
www-authenticate
Bearer realm="Proofpoint"
content-length
261
content-type
text/html;charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| securemail object| __gwt_activeModules function| __gwt_getMetaProperty function| __gwt_isKnownPropertyValue string| __gwt_Locale object| __gwt_stylesLoaded function| $ function| jQuery object| jQuery111207639659447571305 function| Slider function| GwtPotentialElementShim function| SWFUpload object| swfobject

1 Cookies

Domain/Path Name / Value
inbox.proofpoint.com/securemail Name: pp-login-marker
Value: c4435d1d-3859-4f0f-8ada-b2a1af667dd6

1 Console Messages

Source Level URL
Text
console-api error URL: https://enduserauth.proofpoint.com/v1/token/refreshscript(Line 19)
Message:
failed to refresh auth cookie

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

enduserauth.proofpoint.com
fonts.googleapis.com
inbox.proofpoint.com
maxcdn.bootstrapcdn.com
209.197.3.15
2a00:1450:4001:816::200a
67.231.146.94
67.231.154.166
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
3110ef4b122cb6e230acbda2b2a556c31f2056751c4fee2ef55eca6561b7a8ef
41c743751cd6ec65a2ba2f2a60bf82b2c73bf208a648859bed04668a60fee791
4409b36426ae57e05af3cd1a54c6ee1104ec00b920e3c2bc6443e6278e0a93d5
50b83cd23774778ce040829a4ce6f81e5253b012a02a3e5a048f9bdb94af78ba
510d67bffee988fc636a2e21f4d8b337324460071b21da11dc4ac046fd9e9b9f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
631a9ee4de9997c2671acdb85cde30f811feaf2b42c580ff61119cfa01880e8e
6ecb4f502219c73e52736c74ac4ef18fbfbae6fb453a1abda25bd3c0fa8d282a
7a28b61939506438c4c858f7718da69f098d3f9a289c2f77ae99e303be14596d
7c8573e1a18db2385f7d423f450048b3acd7e84bf8986d135d8fffa34b0a36f0
7e092184b64ad1ceecf8afc3680823258f71b18b7a8c83006adc3f1746f4394d
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
86c20f8b2559b9247b00c390ee1f11d79b0f481327a80eb0c78591fce02989da
87b781066043fee95b8d4132eb85b187058cf2deb9fd8a85bc8efbd201c313ee
a25a4ae941036a0e699e8ba41d48d2c9701be2348ce1fde362f5203bc0377829
a4aa1e5fefaadbc0dcd9460710aa84c53cf7e86cb52b871ad23393400b96671c
a9d026f4bd2a0f56ab6cdf5c43749d869ff9d1168404c20a57e19757717b18c9
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
c25ebd2ffe492a11dd8b14f75fe3c0038e6d896ebe38a8a8e9c9fd5f06bce952
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9a19ed111903335ab0a9e73caef76a42df6e3918e9e1a34b4743a85892f1bd