app.emaildefense.proofpoint.com
Open in
urlscan Pro
2600:9000:2057:5400:e:88b0:6340:93a1
Public Scan
Effective URL: https://app.emaildefense.proofpoint.com/login
Submission: On November 21 via api from US
Summary
TLS certificate: Issued by Thawte RSA CA 2018 on July 19th 2019. Valid for: 2 years.
This is the only time app.emaildefense.proofpoint.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 3.208.156.84 3.208.156.84 | 14618 (AMAZON-AES) (AMAZON-AES) | |
7 | 2600:9000:205... 2600:9000:2057:5400:e:88b0:6340:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.85.115.22 52.85.115.22 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:824::200e | 15169 (GOOGLE) (GOOGLE) | |
4 | 54.148.253.15 54.148.253.15 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 3.226.102.74 3.226.102.74 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:819::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.114.110 151.101.114.110 | 54113 (FASTLY) (FASTLY) | |
4 | 162.247.242.20 162.247.242.20 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
2 | 2a00:1450:400... 2a00:1450:4001:815::2003 | 15169 (GOOGLE) (GOOGLE) | |
26 | 12 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-156-84.compute-1.amazonaws.com
emaildefense.proofpoint.com |
ASN16509 (AMAZON-02, US)
app.emaildefense.proofpoint.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-85-115-22.hel50.r.cloudfront.net
cdn.pendo.io |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-253-15.us-west-2.compute.amazonaws.com
auth.emaildefense.proofpoint.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-102-74.compute-1.amazonaws.com
feature-flags.emaildefense.proofpoint.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
proofpoint.com
2 redirects
emaildefense.proofpoint.com app.emaildefense.proofpoint.com auth.emaildefense.proofpoint.com feature-flags.emaildefense.proofpoint.com |
1022 KB |
4 |
nr-data.net
bam.nr-data.net |
878 B |
3 |
gstatic.com
fonts.gstatic.com |
37 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
newrelic.com
js-agent.newrelic.com |
13 KB |
1 |
pendo.io
cdn.pendo.io |
112 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
38 KB |
26 | 8 |
Domain | Requested by | |
---|---|---|
7 | app.emaildefense.proofpoint.com |
app.emaildefense.proofpoint.com
|
4 | bam.nr-data.net |
app.emaildefense.proofpoint.com
|
4 | auth.emaildefense.proofpoint.com |
app.emaildefense.proofpoint.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
app.emaildefense.proofpoint.com |
2 | fonts.googleapis.com |
app.emaildefense.proofpoint.com
|
2 | emaildefense.proofpoint.com | 2 redirects |
1 | js-agent.newrelic.com |
app.emaildefense.proofpoint.com
|
1 | feature-flags.emaildefense.proofpoint.com |
app.emaildefense.proofpoint.com
|
1 | cdn.pendo.io |
app.emaildefense.proofpoint.com
|
1 | www.googletagmanager.com |
app.emaildefense.proofpoint.com
|
26 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.proofpoint.com |
registration.proofpoint.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.emaildefense.proofpoint.com Thawte RSA CA 2018 |
2019-07-19 - 2021-08-01 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA |
2019-06-04 - 2021-09-02 |
2 years | crt.sh |
auth-efd.proofpoint.com Thawte RSA CA 2018 |
2020-05-05 - 2021-04-02 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-10-23 - 2021-05-07 |
6 months | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://app.emaildefense.proofpoint.com/login
Frame ID: CCC915B42B17C56FD9E1BFDCF85E29A3
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://emaildefense.proofpoint.com/
HTTP 302
https://emaildefense.proofpoint.com/auth2/ HTTP 302
https://app.emaildefense.proofpoint.com/login Page URL
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://emaildefense.proofpoint.com/
HTTP 302
https://emaildefense.proofpoint.com/auth2/ HTTP 302
https://app.emaildefense.proofpoint.com/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
app.emaildefense.proofpoint.com/ Redirect Chain
|
25 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
96 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 774 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 645 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.1b167382.chunk.css
app.emaildefense.proofpoint.com/static/css/ |
146 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.777261b9.chunk.css
app.emaildefense.proofpoint.com/static/css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.1402df45.chunk.js
app.emaildefense.proofpoint.com/static/js/ |
3 MB 771 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.45aef231.chunk.js
app.emaildefense.proofpoint.com/static/js/ |
862 KB 207 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pendo.js
cdn.pendo.io/agent/static/10960b08-0751-4adb-5acd-f7933aac8b1e/ |
352 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
verify
auth.emaildefense.proofpoint.com/v1/session/ |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feature_flags
feature-flags.emaildefense.proofpoint.com/ |
520 B 732 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proofpoint-logo-black.3a867ee6.svg
app.emaildefense.proofpoint.com/static/media/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verify
auth.emaildefense.proofpoint.com/v1/session/ |
61 B 376 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW-AJi8SJQt.woff
fonts.gstatic.com/s/robotomono/v12/ |
15 KB 15 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
1 B 398 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-spa-1123.min.js
js-agent.newrelic.com/ |
34 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4b7a74eb40
bam.nr-data.net/1/ |
57 B 275 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
4b7a74eb40
bam.nr-data.net/resources/1/ |
36 B 231 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
verify
auth.emaildefense.proofpoint.com/v1/session/ |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proofpoint-logo-white.86918314.svg
app.emaildefense.proofpoint.com/static/media/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verify
auth.emaildefense.proofpoint.com/v1/session/ |
61 B 375 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
4b7a74eb40
bam.nr-data.net/events/1/ |
24 B 198 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
4b7a74eb40
bam.nr-data.net/resources/1/ |
0 174 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| initializeNewRelic function| gtag object| dataLayer function| initializePendo object| pendo object| webpackJsonpmetis object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| regeneratorRuntime object| NREUM object| newrelic function| __nr_require object| gaplugins object| gaGlobal object| gaData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.proofpoint.com/ | Name: _gid Value: GA1.2.303607012.1605918458 |
|
.proofpoint.com/ | Name: _ga Value: GA1.2.448461826.1605918458 |
|
.proofpoint.com/ | Name: _gat_gtag_UA_86078902_4 Value: 1 |
|
.emaildefense.proofpoint.com/ | Name: heimdall_csrf Value: y2w5ithvi0000000000 |
|
.emaildefense.proofpoint.com/ | Name: sess_expire Value: 1605932856 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.emaildefense.proofpoint.com
auth.emaildefense.proofpoint.com
bam.nr-data.net
cdn.pendo.io
emaildefense.proofpoint.com
feature-flags.emaildefense.proofpoint.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
www.google-analytics.com
www.googletagmanager.com
151.101.114.110
162.247.242.20
2600:9000:2057:5400:e:88b0:6340:93a1
2a00:1450:4001:806::2008
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2003
2a00:1450:4001:819::2003
2a00:1450:4001:824::200e
3.208.156.84
3.226.102.74
52.85.115.22
54.148.253.15
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
27fda9993412ff63a93ee6ac1fb4a20de8c16b1fc1aedbbdd32a0e782eca3587
2a710c6972c7c3845408238a4a7a3844a4267329e50d3176d0251699ba48ce53
47e8a8f973280b19608c53444e1d1a7414eac100df448e3d6840d891c8fa34fc
561592b91ee0231080e62a5f40f52bc55124655643af516a33eeaf29b76e1574
56e4953af5c01ed820d5e5dc430e77234a87e8d019c38fda46f9f3593cd05e0f
5c42db21b3c8da6c3cfdb6ee4bfa3b5ca2388c5bc25885170659769cabb0a09f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
629bac8fc2947ab6d3249952045b74e640f06c0f9fa5709edc3c78951914cfd0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6e41bd06e09d2cc3ae98d2695f352e8a8b3331435b4125a9b18ae0c18ecaac
a6c380163cfb4ec488d8231f891ae8deaa8d82ae8c18ba3a6d6a3b2168b3d1ef
ab5f6957f62e41a1d99a3534746627fbf38aa9a6a442d994aecece4dea143682
b92714e97984a7ab5b438185f76bec56ecc45db4df82120e56472fb414f9364d
b92ca956e0e4cac94a74450f09a1817b90d31357cbdcb620913fbc90e0bc87ea
c6b2ade473206df3cd650ca730f4d0397b70e22749d5f479f34b30deb21c4342
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
e18684f368e0507d4bcc467c5c0a949eb96e6edde87c8db5e77f8f6dd3426ccd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
fc2eecaf63e5f8bc3d76e38a89b455936c2c328928ff745ec30d52e52fd2a797
fe5e456da87433be1b184e2867d5e2904ae8d13508373cb97826392d5322d627