app.emaildefense.proofpoint.com Open in urlscan Pro
2600:9000:2057:5400:e:88b0:6340:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://emaildefense.proofpoint.com/
Effective URL:
https://app.emaildefense.proofpoint.com/login
Submission: On November 21 via api (November 21st 2020, 12:27:53 am UTC) from US

Summary HTTP 26 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 26 HTTP transactions. The main IP is 2600:9000:2057:5400:e:88b0:6340:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.emaildefense.proofpoint.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 19th 2019. Valid for: 2 years.

This is the only time app.emaildefense.proofpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	3.208.156.84 3.208.156.84	14618 (AMAZON-AES) (AMAZON-AES)
7	2600:9000:205... 2600:9000:2057:5400:e:88b0:6340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	52.85.115.22 52.85.115.22	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
4	54.148.253.15 54.148.253.15	16509 (AMAZON-02) (AMAZON-02)
1	3.226.102.74 3.226.102.74	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
4	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
26	12

2 3.208.156.84 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-156-84.compute-1.amazonaws.com

emaildefense.proofpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2057:5400:e:88b0:6340:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.emaildefense.proofpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.115.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-115-22.hel50.r.cloudfront.net

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.148.253.15 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-253-15.us-west-2.compute.amazonaws.com

auth.emaildefense.proofpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.102.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-102-74.compute-1.amazonaws.com

feature-flags.emaildefense.proofpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	proofpoint.com 2 redirects emaildefense.proofpoint.com app.emaildefense.proofpoint.com auth.emaildefense.proofpoint.com feature-flags.emaildefense.proofpoint.com	1022 KB
4	nr-data.net bam.nr-data.net	878 B
3	gstatic.com fonts.gstatic.com	37 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	newrelic.com js-agent.newrelic.com	13 KB
1	pendo.io cdn.pendo.io	112 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
26	8

	Domain	Requested by
7	app.emaildefense.proofpoint.com	app.emaildefense.proofpoint.com
4	bam.nr-data.net	app.emaildefense.proofpoint.com
4	auth.emaildefense.proofpoint.com	app.emaildefense.proofpoint.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com app.emaildefense.proofpoint.com
2	fonts.googleapis.com	app.emaildefense.proofpoint.com
2	emaildefense.proofpoint.com	2 redirects
1	js-agent.newrelic.com	app.emaildefense.proofpoint.com
1	feature-flags.emaildefense.proofpoint.com	app.emaildefense.proofpoint.com
1	cdn.pendo.io	app.emaildefense.proofpoint.com
1	www.googletagmanager.com	app.emaildefense.proofpoint.com
26	11

This site contains links to these domains. Also see Links.

Domain
www.proofpoint.com
registration.proofpoint.com

Subject Issuer	Validity	Valid
*.emaildefense.proofpoint.com Thawte RSA CA 2018	`2019-07-19` - `2021-08-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-06-04` - `2021-09-02`	2 years	crt.sh
auth-efd.proofpoint.com Thawte RSA CA 2018	`2020-05-05` - `2021-04-02`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-23` - `2021-05-07`	6 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://app.emaildefense.proofpoint.com/login
Frame ID: CCC915B42B17C56FD9E1BFDCF85E29A3
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://emaildefense.proofpoint.com/ HTTP 302
https://emaildefense.proofpoint.com/auth2/ HTTP 302
https://app.emaildefense.proofpoint.com/login Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

26
Requests

100 %
HTTPS

54 %
IPv6

8
Domains

11
Subdomains

12
IPs

2
Countries

1242 kB
Transfer

4661 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.proofpoint.com/us/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://registration.proofpoint.com/termsconditions/
Title: Terms

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://emaildefense.proofpoint.com/ HTTP 302
https://emaildefense.proofpoint.com/auth2/ HTTP 302
https://app.emaildefense.proofpoint.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
app.emaildefense.proofpoint.com/
Redirect Chain

https://emaildefense.proofpoint.com/
https://emaildefense.proofpoint.com/auth2/
https://app.emaildefense.proofpoint.com/login

25 KB
10 KB

898ms
864ms

Document
text/html

2600:9000:2057:5400:e:88b0:6340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.emaildefense.proofpoint.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5400:e:88b0:6340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b92ca956e0e4cac94a74450f09a1817b90d31357cbdcb620913fbc90e0bc87ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: app.emaildefense.proofpoint.com
:scheme: https
:path: /login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sess_expire=1605932856
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html
date: Sat, 21 Nov 2020 00:27:38 GMT
last-modified: Thu, 19 Nov 2020 21:08:35 GMT
etag: W/"c9f0977e8d21f0ad31848379c63ec8da"
x-amz-server-side-encryption: AES256
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-amz-version-id: y3G0FhRwIL5HKBAc9sFl19MjHdARKo_f
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
feature-policy: geolocation none; midi none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: -XGUJLSj20PWcjJIrYEUXqAu78G84JjHUkQBaf1LRMbVz4xpDK1ROg==

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Sat, 21 Nov 2020 00:27:36 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://app.emaildefense.proofpoint.com/login
Pragma: no-cache
Set-Cookie: sess_expire=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ sess_expire=1605932856; path=/; domain=.emaildefense.proofpoint.com; secure
Strict-Transport-Security: max-age=63072000; preload; includeSubdomains
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Content-Length: 0
Connection: keep-alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 54ms
32ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-86078902-4

Requested by

Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47e8a8f973280b19608c53444e1d1a7414eac100df448e3d6840d891c8fa34fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 00:27:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38704
x-xss-protection: 0
last-modified: Sat, 21 Nov 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 21 Nov 2020 00:27:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
774 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

56e4953af5c01ed820d5e5dc430e77234a87e8d019c38fda46f9f3593cd05e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 23:46:58 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Sat, 21 Nov 2020 00:27:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 21 Nov 2020 00:27:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
645 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Mono&display=swap

Requested by

Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab5f6957f62e41a1d99a3534746627fbf38aa9a6a442d994aecece4dea143682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 23:03:36 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Sat, 21 Nov 2020 00:27:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 21 Nov 2020 00:27:37 GMT

GET
H2 200 2.1b167382.chunk.css
app.emaildefense.proofpoint.com/static/css/ 146 KB
22 KB 19ms
17ms Stylesheet
text/css 2600:9000:2057:5400:e:88b0:6340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.emaildefense.proofpoint.com/static/css/2.1b167382.chunk.css

Requested by

Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5400:e:88b0:6340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6e6e41bd06e09d2cc3ae98d2695f352e8a8b3331435b4125a9b18ae0c18ecaac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 15:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Nov 2020 21:08:28 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"c8453037f77e6ae8fdd742accbcb7abd"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-version-id: zzSF20rx1quYdusOfQMK7ZNLSMtvIDO1
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
feature-policy: geolocation none; midi none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none;
content-security-policy: upgrade-insecure-requests;
x-amz-cf-pop: FRA6-C1
content-type: text/css
x-amz-cf-id: _7EPgRn2d1r9H8klhO4eujx7_NDZLnKmk6ifHOu2y3pSHD9BSkRu9A==

GET
H2 200 main.777261b9.chunk.css
app.emaildefense.proofpoint.com/static/css/ 15 KB
4 KB 13ms
12ms Stylesheet
text/css 2600:9000:2057:5400:e:88b0:6340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.emaildefense.proofpoint.com/static/css/main.777261b9.chunk.css

Requested by

Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5400:e:88b0:6340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

629bac8fc2947ab6d3249952045b74e640f06c0f9fa5709edc3c78951914cfd0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 06:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64759
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Nov 2020 21:08:29 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"e109cc735ade3df34a61eb2a21d30038"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-version-id: P87.KovVl0yUZscCu7UWyZdTF2vPHN24
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
feature-policy: geolocation none; midi none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none;
content-security-policy: upgrade-insecure-requests;
x-amz-cf-pop: FRA6-C1
content-type: text/css
x-amz-cf-id: tI6r2dv0vSdEoFRMZrbC7zMkisNeOZ4ogD3-MUfsFQzFthnBzi4K_w==

GET
H2 200 2.1402df45.chunk.js Show response
app.emaildefense.proofpoint.com/static/js/ 3 MB
771 KB 20ms
18ms Script
application/javascript 2600:9000:2057:5400:e:88b0:6340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.emaildefense.proofpoint.com/static/js/2.1402df45.chunk.js

Requested by

Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5400:e:88b0:6340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fc2eecaf63e5f8bc3d76e38a89b455936c2c328928ff745ec30d52e52fd2a797

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 07:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Nov 2020 21:08:29 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"04b6c31fc07071c1e0a1a84d1fbcfcff"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-version-id: 8nO1sxkFG1jn8Ldx57MFY_py05hEna93
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
feature-policy: geolocation none; midi none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none;
content-security-policy: upgrade-insecure-requests;
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: K6kIb49XqnGx8o68vMpsy8iY5uXYLKpOZHOTWpTg2Tr2vN37VD6j3w==

GET
H2 200 main.45aef231.chunk.js Show response
app.emaildefense.proofpoint.com/static/js/ 862 KB
207 KB 40ms
39ms Script
application/javascript 2600:9000:2057:5400:e:88b0:6340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.emaildefense.proofpoint.com/static/js/main.45aef231.chunk.js

Requested by

Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5400:e:88b0:6340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b92714e97984a7ab5b438185f76bec56ecc45db4df82120e56472fb414f9364d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 06:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64759
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Nov 2020 21:08:29 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"efc407d4448e1b2651460b8c3d6a81aa"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-version-id: c2Ow3oeY.cmMZHig47TiF3CVmv3hYzrX
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
feature-policy: geolocation none; midi none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none;
content-security-policy: upgrade-insecure-requests;
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: KboeEFZ1_vgBbrWSrS1jeLlqvpmz6fCd7pMinbStBa-b-cHvChUFQQ==

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/10960b08-0751-4adb-5acd-f7933aac8b1e/ 352 KB
112 KB 562ms
437ms Script
application/javascript 52.85.115.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/10960b08-0751-4adb-5acd-f7933aac8b1e/pendo.js
Requested by: Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-22.hel50.r.cloudfront.net
Software: UploadServer /
Resource Hash: fe5e456da87433be1b184e2867d5e2904ae8d13508373cb97826392d5322d627

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 21 Nov 2020 00:27:37 GMT
Content-Encoding: gzip
Content-Type: application/javascript
X-Amz-Cf-Pop: HEL50-C2
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Fri, 20 Nov 2020 16:07:51 GMT
Server: UploadServer
ETag: "72c4a5b04cabe2eb91b5e296be080619"
Vary: Accept-Encoding
x-goog-hash: crc32c=I7LChw==, md5=csSlsEyr4uuRteKWvggGGQ==
x-goog-generation: 1605888471487983
Via: 1.1 3f6ea9dc2daf7899e40c190c4d465fd1.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 113349
Accept-Ranges: bytes
X-GUploader-UploadID: ABg5-UysGmIJLyXjBcadAr8R-_o1JE21QfBhOQhjpybEZ2oK6dJr1z6FcxP0LvFogmVc9oaTIXZ30LlbrCq4tLAzwcM
X-Amz-Cf-Id: 1tXKgyUv79kKcNwYdrbOXFNyP6KKrs-vTPj0TshBeM8nldt8kl534w==
Expires: Sat, 21 Nov 2020 00:35:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-86078902-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4309
date: Fri, 20 Nov 2020 23:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sat, 21 Nov 2020 01:15:48 GMT

OPTIONS
H2 200 verify
auth.emaildefense.proofpoint.com/v1/session/ 0
0 615ms
194ms Other 54.148.253.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.emaildefense.proofpoint.com/v1/session/verify

Protocol

Server

54.148.253.15 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-253-15.us-west-2.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-csrf-token
Origin: https://app.emaildefense.proofpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 21 Nov 2020 00:27:38 GMT
content-length: 0
x-powered-by: Express
x-correlation-id: 4ee3b3e9-2687-46e4-8e88-51ceb44bbdf7
access-control-allow-origin: https://app.emaildefense.proofpoint.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Accept,Content-Type,X-CSRF-Token
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 feature_flags Show response
feature-flags.emaildefense.proofpoint.com/ 520 B
732 B 837ms
607ms XHR
application/json 3.226.102.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://feature-flags.emaildefense.proofpoint.com/feature_flags
Requested by: Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.102.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-102-74.compute-1.amazonaws.com
Software: /
Resource Hash: 27fda9993412ff63a93ee6ac1fb4a20de8c16b1fc1aedbbdd32a0e782eca3587

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 21 Nov 2020 00:27:38 GMT
x-amzn-requestid: 0cfb1186-7cef-4f30-9b89-4e5245f89ce0
x-amz-apigw-id: WVPHDGJboAMF64g=
x-amzn-trace-id: Root=1-5fb85ef9-6def173245dab3326d7fc119;Sampled=0
content-length: 520
content-type: application/json

GET
H2 200 proofpoint-logo-black.3a867ee6.svg
app.emaildefense.proofpoint.com/static/media/ 3 KB
2 KB 10ms
10ms Image
image/svg+xml 2600:9000:2057:5400:e:88b0:6340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.emaildefense.proofpoint.com/static/media/proofpoint-logo-black.3a867ee6.svg

Requested by

Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5400:e:88b0:6340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c6b2ade473206df3cd650ca730f4d0397b70e22749d5f479f34b30deb21c4342

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 15:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33532
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Nov 2020 21:08:29 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"3a867ee6806bb57d204c2878fc31b601"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-version-id: ahh4qH95vSqGsY0ddzH_vP5Fs8of1g_9
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
feature-policy: geolocation none; midi none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none;
content-security-policy: upgrade-insecure-requests;
x-amz-cf-pop: FRA6-C1
content-type: image/svg+xml
x-amz-cf-id: uuxDK8-zFIy95C3gKi9GIw09gcAPddazTNsdB7L-39AJEX5OYjiyKg==

GET
H2 401 verify Show response
auth.emaildefense.proofpoint.com/v1/session/ 61 B
376 B 565ms
192ms XHR
application/json 54.148.253.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.emaildefense.proofpoint.com/v1/session/verify

Requested by

Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.148.253.15 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-253-15.us-west-2.compute.amazonaws.com

Software

/ Express

Resource Hash

e18684f368e0507d4bcc467c5c0a949eb96e6edde87c8db5e77f8f6dd3426ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://app.emaildefense.proofpoint.com/login
X-CSRF-Token: y2w5ithvi0000000000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 00:27:38 GMT
x-correlation-id: c2b46699-6691-4459-8176-31381cbd8c9d
x-powered-by: Express
etag: W/"3d-UzmL+GQkoy8Gc85h7UNb5JhlBR4"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.emaildefense.proofpoint.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 61

GET
H2 200 L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW-AJi8SJQt.woff
fonts.gstatic.com/s/robotomono/v12/ 15 KB
15 KB 6ms
6ms Font
font/woff 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v12/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW-AJi8SJQt.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561592b91ee0231080e62a5f40f52bc55124655643af516a33eeaf29b76e1574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://app.emaildefense.proofpoint.com
Referer: https://fonts.googleapis.com/css?family=Roboto+Mono&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 16:50:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jul 2020 19:15:46 GMT
server: sffe
age: 27448
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
expires: Sat, 20 Nov 2021 16:50:09 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
398 B 46ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1733740511&t=pageview&_s=1&dl=https%3A%2F%2Fapp.emaildefense.proofpoint.com%2Flogin&ul=en-us&de=UTF-8&dt=Email%20Fraud%20Defense&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=20167138&gjid=285242095&cid=448461826.1605918458&tid=UA-86078902-4&_gid=303607012.1605918458&_r=1&gtm=2oub41&z=1950224402

Requested by

Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 00:27:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.emaildefense.proofpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-spa-1123.min.js Show response
js-agent.newrelic.com/ 34 KB
13 KB 64ms
21ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1123.min.js
Requested by: Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6c380163cfb4ec488d8231f891ae8deaa8d82ae8c18ba3a6d6a3b2168b3d1ef

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 00:27:37 GMT
content-encoding: gzip
x-amz-request-id: 1MFY5MFY8HCTCV7W
x-cache: HIT
content-length: 12987
x-amz-id-2: vaNOBq8nlYFOTwkrihzWkpEUpGsXQ3RcpWG9UB1KaMynmZBogu1ftffhmhYkK2M3tMT9GwtJAkk=
x-served-by: cache-hhn4034-HHN
last-modified: Fri, 22 Mar 2019 14:06:17 GMT
server: AmazonS3
x-timer: S1605918458.949666,VS0,VE0
etag: "73372dea50ae4e01a4e1d2f2b5cd5e6a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 133

GET
H/1.1 200
OK 4b7a74eb40 Show response
bam.nr-data.net/1/ 57 B
275 B 437ms
109ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/4b7a74eb40?a=187969867&sa=1&v=1123.df1c7f8&t=Unnamed%20Transaction&rst=2256&ref=https://app.emaildefense.proofpoint.com/login&be=1838&fe=2177&dc=1845&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1605918455716,%22n%22:0,%22f%22:576,%22dn%22:577,%22dne%22:593,%22c%22:593,%22s%22:598,%22ce%22:611,%22rq%22:611,%22rp%22:1475,%22rpe%22:1553,%22dl%22:1478,%22di%22:1845,%22ds%22:1845,%22de%22:1845,%22dc%22:2177,%22l%22:2177,%22le%22:2178%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

POST
H/1.1 200
OK 4b7a74eb40 Show response
bam.nr-data.net/resources/1/ 36 B
231 B 115ms
114ms XHR
text/plain 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/4b7a74eb40?a=187969867&sa=1&v=1123.df1c7f8&t=Unnamed%20Transaction&rst=2696&ref=https://app.emaildefense.proofpoint.com/login&st=1605918455716
Requested by: Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 5c42db21b3c8da6c3cfdb6ee4bfa3b5ca2388c5bc25885170659769cabb0a09f

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://app.emaildefense.proofpoint.com
Access-Control-Allow-Credentials: true
Content-Length: 36
Content-Type: text/plain; charset=ISO-8859-1

OPTIONS
H2 200 verify
auth.emaildefense.proofpoint.com/v1/session/ 0
0 191ms
191ms Other 54.148.253.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.emaildefense.proofpoint.com/v1/session/verify

Protocol

Server

54.148.253.15 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-253-15.us-west-2.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-csrf-token
Origin: https://app.emaildefense.proofpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 21 Nov 2020 00:27:38 GMT
content-length: 0
x-powered-by: Express
x-correlation-id: 917d0acc-a8af-4432-bcdb-6734481cd33b
access-control-allow-origin: https://app.emaildefense.proofpoint.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: Accept,Content-Type,X-CSRF-Token
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 35ms
20ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://app.emaildefense.proofpoint.com
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 11:20:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 479223
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Mon, 15 Nov 2021 11:20:35 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://app.emaildefense.proofpoint.com
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:20:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 306422
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Wed, 17 Nov 2021 11:20:36 GMT

GET
H2 200 proofpoint-logo-white.86918314.svg
app.emaildefense.proofpoint.com/static/media/ 5 KB
3 KB 13ms
13ms Image
image/svg+xml 2600:9000:2057:5400:e:88b0:6340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.emaildefense.proofpoint.com/static/media/proofpoint-logo-white.86918314.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5400:e:88b0:6340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2a710c6972c7c3845408238a4a7a3844a4267329e50d3176d0251699ba48ce53

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 06:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Nov 2020 21:08:29 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"86918314ae64a528b69068482b86b6b9"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-version-id: M0KDECYSfFyk94ewT5jBNyyroFi3O2hC
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
feature-policy: geolocation none; midi none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none;
content-security-policy: upgrade-insecure-requests;
x-amz-cf-pop: FRA6-C1
content-type: image/svg+xml
x-amz-cf-id: tXXWIgCuckr4fbOnRNgsTAdVCOetz5qOB7cgzNekvhr7jZdXsPnZRw==

GET
H2 401 verify Show response
auth.emaildefense.proofpoint.com/v1/session/ 61 B
375 B 192ms
192ms XHR
application/json 54.148.253.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.emaildefense.proofpoint.com/v1/session/verify

Requested by

Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.148.253.15 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-253-15.us-west-2.compute.amazonaws.com

Software

/ Express

Resource Hash

e18684f368e0507d4bcc467c5c0a949eb96e6edde87c8db5e77f8f6dd3426ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://app.emaildefense.proofpoint.com/login
X-CSRF-Token: ige26oou80000000000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 00:27:39 GMT
x-correlation-id: 9f62da15-529b-4051-9fc9-2e8134e3b533
x-powered-by: Express
etag: W/"3d-UzmL+GQkoy8Gc85h7UNb5JhlBR4"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.emaildefense.proofpoint.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 61

POST
H/1.1 200
OK 4b7a74eb40 Show response
bam.nr-data.net/events/1/ 24 B
198 B 110ms
110ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/4b7a74eb40?a=187969867&sa=1&v=1123.df1c7f8&t=Unnamed%20Transaction&rst=3463&ref=https://app.emaildefense.proofpoint.com/login
Requested by: Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://app.emaildefense.proofpoint.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

POST
H/1.1 200
OK 4b7a74eb40 Show response
bam.nr-data.net/resources/1/ 0
174 B 131ms
131ms XHR
text/plain 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/4b7a74eb40?a=187969867&sa=1&v=1123.df1c7f8&t=Unnamed%20Transaction&rst=12698&ref=https://app.emaildefense.proofpoint.com/login&st=1605918455716&ptid=6097bbfc-0001-b91a-e056-0175e8330270
Requested by: Host: app.emaildefense.proofpoint.com
URL: https://app.emaildefense.proofpoint.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.emaildefense.proofpoint.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://app.emaildefense.proofpoint.com
Access-Control-Allow-Credentials: true
Content-Length: 0
Content-Type: text/plain

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.proofpoint.com/	1970-01-19 14:06:44	Name: _gid Value: GA1.2.303607012.1605918458
.proofpoint.com/	1970-01-20 07:36:30	Name: _ga Value: GA1.2.448461826.1605918458
.proofpoint.com/	1970-01-19 14:05:18	Name: _gat_gtag_UA_86078902_4 Value: 1
.emaildefense.proofpoint.com/	1969-12-31 23:59:59	Name: heimdall_csrf Value: y2w5ithvi0000000000
.emaildefense.proofpoint.com/	1969-12-31 23:59:59	Name: sess_expire Value: 1605932856

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.emaildefense.proofpoint.com
auth.emaildefense.proofpoint.com
bam.nr-data.net
cdn.pendo.io
emaildefense.proofpoint.com
feature-flags.emaildefense.proofpoint.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
www.google-analytics.com
www.googletagmanager.com
151.101.114.110
162.247.242.20
2600:9000:2057:5400:e:88b0:6340:93a1
2a00:1450:4001:806::2008
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2003
2a00:1450:4001:819::2003
2a00:1450:4001:824::200e
3.208.156.84
3.226.102.74
52.85.115.22
54.148.253.15
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
27fda9993412ff63a93ee6ac1fb4a20de8c16b1fc1aedbbdd32a0e782eca3587
2a710c6972c7c3845408238a4a7a3844a4267329e50d3176d0251699ba48ce53
47e8a8f973280b19608c53444e1d1a7414eac100df448e3d6840d891c8fa34fc
561592b91ee0231080e62a5f40f52bc55124655643af516a33eeaf29b76e1574
56e4953af5c01ed820d5e5dc430e77234a87e8d019c38fda46f9f3593cd05e0f
5c42db21b3c8da6c3cfdb6ee4bfa3b5ca2388c5bc25885170659769cabb0a09f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
629bac8fc2947ab6d3249952045b74e640f06c0f9fa5709edc3c78951914cfd0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6e41bd06e09d2cc3ae98d2695f352e8a8b3331435b4125a9b18ae0c18ecaac
a6c380163cfb4ec488d8231f891ae8deaa8d82ae8c18ba3a6d6a3b2168b3d1ef
ab5f6957f62e41a1d99a3534746627fbf38aa9a6a442d994aecece4dea143682
b92714e97984a7ab5b438185f76bec56ecc45db4df82120e56472fb414f9364d
b92ca956e0e4cac94a74450f09a1817b90d31357cbdcb620913fbc90e0bc87ea
c6b2ade473206df3cd650ca730f4d0397b70e22749d5f479f34b30deb21c4342
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
e18684f368e0507d4bcc467c5c0a949eb96e6edde87c8db5e77f8f6dd3426ccd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
fc2eecaf63e5f8bc3d76e38a89b455936c2c328928ff745ec30d52e52fd2a797
fe5e456da87433be1b184e2867d5e2904ae8d13508373cb97826392d5322d627

app.emaildefense.proofpoint.com Open in urlscan Pro 2600:9000:2057:5400:e:88b0:6340:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

54 %IPv6

8 Domains

11 Subdomains

12 IPs

2 Countries

1242 kBTransfer

4661 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

app.emaildefense.proofpoint.com Open in urlscan Pro
2600:9000:2057:5400:e:88b0:6340:93a1 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

54 %
IPv6

8
Domains

11
Subdomains

12
IPs

2
Countries

1242 kB
Transfer

4661 kB
Size

5
Cookies

26 HTTP transactions
0 data transactions