quarantine.agreserves.com Open in urlscan Pro
208.84.65.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://quarantine.agreserves.com:10020/euweb/digest?ts=1518794108&cmd=blacklistadd&locale=enUS&module=&msg_id=(V_200f75fd533af6abc648e4...
Effective URL:
https://quarantine.agreserves.com:10020/euweb/login
Submission: On February 16 via api (February 16th 2018, 3:20:59 pm UTC) from US

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 208.84.65.40, located in Sunnyvale, United States and belongs to PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US. The main domain is quarantine.agreserves.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 2nd 2018. Valid for: 3 years.

This is the only time quarantine.agreserves.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 23	208.84.65.40 208.84.65.40		26211 (PROOFPOIN...) (PROOFPOINT-ASN-US-WEST - Proofpoint)
22	1

23 208.84.65.40 (Sunnyvale, United States) 1 redirects

ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US)
PTR: mx0a-0027dd01.pphosted.com

quarantine.agreserves.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	agreserves.com 1 redirects quarantine.agreserves.com	194 KB
22	1

	Domain	Requested by
23	quarantine.agreserves.com	1 redirects quarantine.agreserves.com
22	1

This site contains no links.

Subject Issuer	Validity	Valid
*.agreserves.com DigiCert SHA2 Secure Server CA	`2018-01-02` - `2021-03-07`	3 years	crt.sh

This page contains 3 frames:

Primary Page: https://quarantine.agreserves.com:10020/euweb/login
Frame ID: (3E226D8096F0BE4F10102DE8A7F65F29)
Requests: 2 HTTP requests in this frame

Frame: https://quarantine.agreserves.com:10020/euweb/euweb
Frame ID: (63C01088838A3E3B34F06AA39A4EAD7)
Requests: 18 HTTP requests in this frame

Frame: https://quarantine.agreserves.com:10020/euweb/euweb?cmd=x_requestblocklist&id=1&func=AddToSBList&entries=&init=t&eid=0&magic=%25202B%2520FusgB%252020JnnM8%2520kGPhOymgua5Pm%2520ybh7YQoXX6U&i=1518794451169
Frame ID: (C990DFC86E59BD8FF1EA20CE1C2575D0)
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://quarantine.agreserves.com:10020/euweb/digest?ts=1518794108&cmd=blacklistadd&locale=enUS&module=&msg_id=(V_20... HTTP 302
https://quarantine.agreserves.com:10020/ Page URL
https://quarantine.agreserves.com:10020/euweb/login Page URL

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

193 kB
Transfer

182 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://quarantine.agreserves.com:10020/euweb/digest?ts=1518794108&cmd=blacklistadd&locale=enUS&module=&msg_id=(V_200f75fd533af6abc648e40e7b50)&recipient=Security@agreserves.com&sig=a49d377e58af35a6b48ce4b5b907b5207378e52f9c97745528071e95210b040c HTTP 302
https://quarantine.agreserves.com:10020/ Page URL
https://quarantine.agreserves.com:10020/euweb/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://quarantine.agreserves.com:10020/euweb/digest?ts=1518794108&cmd=blacklistadd&locale=enUS&module=&msg_id=(V_200f75fd533af6abc648e40e7b50)&recipient=Security@agreserves.com&sig=a49d377e58af35a6b48ce4b5b907b5207378e52f9c97745528071e95210b040c HTTP 302
https://quarantine.agreserves.com:10020/

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
quarantine.agreserves.com/
Redirect Chain

https://quarantine.agreserves.com:10020/euweb/digest?ts=1518794108&cmd=blacklistadd&locale=enUS&module=&msg_id=(V_200f75fd533af6abc648e40e7b50)&recipient=Security@agreserves.com&sig=a49d377e58af35a...
https://quarantine.agreserves.com:10020/

60 B
568 B

155ms
155ms

Document
text/html

208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://quarantine.agreserves.com:10020/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

2be3fb1245a242ce9711cc2101db05ee0787077bdc19ec6294a6a88d5f36ce16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection: keep-alive
Accept-Encoding: gzip, deflate
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Host: quarantine.agreserves.com:10020
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Nov 2017 02:12:59 GMT
Server
ETag: "302808-3c-55e74bdea00c0"
x-frame-options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 60
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Feb 2018 15:20:49 GMT

Redirect headers

Date: Fri, 16 Feb 2018 15:20:47 GMT
Server
Content-Type: text/html; charset=iso-8859-1
Location: https://quarantine.agreserves.com:10020
Set-Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465; path=/; secure; HttpOnly
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 223
Expires: Fri, 16 Feb 2018 15:20:47 GMT

GET
H/1.1 200
OK Primary Request Cookie set login Show response
quarantine.agreserves.com/euweb/ 748 B
1 KB 220ms
206ms Document
text/html 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://quarantine.agreserves.com:10020/euweb/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

b70ab1dd83c3b05092212ff85199b95b984c7cc771b7b915b89c7bc298863a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: https://quarantine.agreserves.com:10020/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 16 Feb 2018 15:20:49 GMT
X-Content-Type-Options: nosniff
Server
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html; charset=UTF-8
Set-Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465; path=/; secure; HttpOnly
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 748
X-XSS-Protection: 1; mode=block
Expires: Thu, 1 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK Cookie set euweb Show response
quarantine.agreserves.com/euweb/ Frame (63C 14 KB
15 KB 276ms
276ms Document
text/html 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://quarantine.agreserves.com:10020/euweb/euweb?

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

a0822d5d991bbc8f746d4f49f65c187f8819eec58d439180e28285d95094474c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/login
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: https://quarantine.agreserves.com:10020/euweb/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 16 Feb 2018 15:20:49 GMT
X-Content-Type-Options: nosniff
Server
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html; charset=UTF-8
Set-Cookie: ppsenduser=X1NFU1NJT05fRVRJTUU9MzYwMDtfU0VTU0lPTl9JRD1hNTdlZWZjN2Y0NGMxMGExZDcyYjJmOWVhNjFiMzQ2NTt1aWQ9U2VjdXJpdHlAYWdyZXNlcnZlcy5jb207Y21kPWJsYWNrbGlzdGFkZDtsb2NhbGU9ZW5VUzthdXRoZW50aWNhdGVkPTE7X1NFU1NJT05fUkVNT1RFX0FERFI9MTQ4LjI1MS40NS4yNTQ7dXNlcm5hbWU9U2VjdXJpdHlAYWdyZXNlcnZlcy5jb207X1NFU1NJT05fQ1RJTUU9MTUxODc5NDQ0ODtfU0VTU0lPTl9BVElNRT0xNTE4Nzk0NDQ5O21zZ19pZD0oVl8yMDBmNzVmZDUzM2FmNmFiYzY0OGU0MGU3YjUwKTttZXRob2Q9Z3VpZDtleGVjPWJsYWNrbGlzdGFkZDo7;HttpOnly;Secure
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 14605
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Feb 2018 15:20:49 GMT

GET
H/1.1 200
OK stylesheet
quarantine.agreserves.com/euweb/ Frame (63C 8 KB
9 KB 276ms
275ms Stylesheet
text/css 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://quarantine.agreserves.com:10020/euweb/stylesheet?templateid=0&v=8.9.2

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

f415bbbc5dd792d29875a4e2deefd791fc04bc09ce4a0fe723c74d89934ec9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: ppsenduser=X1NFU1NJT05fRVRJTUU9MzYwMDtfU0VTU0lPTl9JRD1hNTdlZWZjN2Y0NGMxMGExZDcyYjJmOWVhNjFiMzQ2NTt1aWQ9U2VjdXJpdHlAYWdyZXNlcnZlcy5jb207Y21kPWJsYWNrbGlzdGFkZDtsb2NhbGU9ZW5VUzthdXRoZW50aWNhdGVkPTE7X1NFU1NJT05fUkVNT1RFX0FERFI9MTQ4LjI1MS40NS4yNTQ7dXNlcm5hbWU9U2VjdXJpdHlAYWdyZXNlcnZlcy5jb207X1NFU1NJT05fQ1RJTUU9MTUxODc5NDQ0ODtfU0VTU0lPTl9BVElNRT0xNTE4Nzk0NDQ5O21zZ19pZD0oVl8yMDBmNzVmZDUzM2FmNmFiYzY0OGU0MGU3YjUwKTttZXRob2Q9Z3VpZDtleGVjPWJsYWNrbGlzdGFkZDo7; PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:49 GMT
X-Content-Type-Options: nosniff
Server
x-frame-options: SAMEORIGIN
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Keep-Alive: timeout=5, max=96
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:49 GMT

GET
H/1.1 200
OK ppsmenu.js Show response
quarantine.agreserves.com/js/ Frame (63C 14 KB
14 KB 234ms
155ms Script
application/javascript 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://quarantine.agreserves.com:10020/js/ppsmenu.js?v=8.9.2

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

0e2257abb63920fb594af9628430fdfb8725fcbc4beda34d55f37bb884a3e2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Nov 2017 02:13:02 GMT
Server
ETag: "320314-3612-55e74be17c780"
x-frame-options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: public, max-age=1550001
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 13842
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Feb 2018 15:20:49 GMT

GET
H/1.1 200
OK pps_app.js Show response
quarantine.agreserves.com/script/ Frame (63C 133 KB
134 KB 499ms
194ms Script
application/javascript 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://quarantine.agreserves.com:10020/script/pps_app.js?v=8.9.2

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

26648f2b537f476750986d35b458084702195a80842fe292584dbc38c4b81ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Nov 2017 02:12:59 GMT
Server
ETag: "302555-215ef-55e74bdea00c0"
x-frame-options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: public, max-age=1550002
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 136687
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Feb 2018 15:20:50 GMT

GET
H/1.1 200
OK logo
quarantine.agreserves.com/euweb/ Frame (63C 3 KB
3 KB 1284ms
979ms Image
image/png 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/euweb/logo?templateid=0&i=0&v=8.9.2

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

8cbb0826392f1cdcbf374b7ca7be769eede7b4cf326e6ed0033e51563cfe43d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: ppsenduser=X1NFU1NJT05fRVRJTUU9MzYwMDtfU0VTU0lPTl9JRD1hNTdlZWZjN2Y0NGMxMGExZDcyYjJmOWVhNjFiMzQ2NTt1aWQ9U2VjdXJpdHlAYWdyZXNlcnZlcy5jb207Y21kPWJsYWNrbGlzdGFkZDtsb2NhbGU9ZW5VUzthdXRoZW50aWNhdGVkPTE7X1NFU1NJT05fUkVNT1RFX0FERFI9MTQ4LjI1MS40NS4yNTQ7dXNlcm5hbWU9U2VjdXJpdHlAYWdyZXNlcnZlcy5jb207X1NFU1NJT05fQ1RJTUU9MTUxODc5NDQ0ODtfU0VTU0lPTl9BVElNRT0xNTE4Nzk0NDQ5O21zZ19pZD0oVl8yMDBmNzVmZDUzM2FmNmFiYzY0OGU0MGU3YjUwKTttZXRob2Q9Z3VpZDtleGVjPWJsYWNrbGlzdGFkZDo7; PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:50 GMT
X-Content-Type-Options: nosniff
Server
x-frame-options: SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=0
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Keep-Alive: timeout=5, max=100
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Feb 2018 15:20:50 GMT

GET
H/1.1 200
OK empty Show response
quarantine.agreserves.com/euweb/ Frame (C99 0
408 B 509ms
201ms Document
text/plain 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://quarantine.agreserves.com:10020/euweb/empty

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/login
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: https://quarantine.agreserves.com:10020/euweb/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:49 GMT
X-Content-Type-Options: nosniff
Server
x-frame-options: SAMEORIGIN
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Keep-Alive: timeout=5, max=100
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Feb 2018 15:20:49 GMT

GET
H/1.1 200
OK foldersafelist.gif
quarantine.agreserves.com/images/ Frame (63C 1 KB
2 KB 156ms
155ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/foldersafelist.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

2efbe687bceb8459c6be02b782204c3a35bc6ff7cdd8577e0051e04fbd23dc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:52 GMT
Server
ETag: "3204b5-406-50a0f96a90600"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1030
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

GET
H/1.1 200
OK folderblocklist.gif
quarantine.agreserves.com/images/ Frame (63C 1 KB
1 KB 156ms
155ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/folderblocklist.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

26a861aa2c3cc0dc4ac04482d520b44cb9f1a3e10506ea32c201b5178bfc9f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:53 GMT
Server
ETag: "320584-401-50a0f96b84840"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1025
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

GET
H/1.1 200
OK sblist.gif
quarantine.agreserves.com/images/ Frame (63C 1 KB
2 KB 155ms
154ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/sblist.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

850c24e8aa95eacb76a579cfc9f6e4d034be8a907d0f5ecab8799d4082c328fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:53 GMT
Server
ETag: "32059e-583-50a0f96b84840"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1411
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

GET
H/1.1 200
OK menu_generic.gif
quarantine.agreserves.com/images/ Frame (63C 1 KB
2 KB 160ms
159ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/menu_generic.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

2ec131791c5fcdeb4667a766ae4cdcc6effdfb9ac605ceacd92b251f7a11c6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:52 GMT
Server
ETag: "32052c-53e-50a0f96a90600"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1342
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

GET
H/1.1 200
OK spacer.gif
quarantine.agreserves.com/images/ Frame (63C 49 B
556 B 615ms
154ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/spacer.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:51 GMT
Server
ETag: "32047a-31-50a0f9699c3c0"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

GET
H/1.1 200
OK new.gif
quarantine.agreserves.com/images/ Frame (63C 594 B
1 KB 450ms
154ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/new.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

0c3acab52ea551f87d1dfe76e555925604a7435dcf17830324ede74dc27be79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:55 GMT
Server
ETag: "320685-252-50a0f96d6ccc0"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 594
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

GET
H/1.1 200
OK edit3.gif
quarantine.agreserves.com/images/ Frame (63C 697 B
1 KB 496ms
156ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/edit3.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

777eb0340e4033d08ac0d8daea40bfd03cb0308e1dff9da94a82378e63a59f2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:51 GMT
Server
ETag: "320477-2b9-50a0f9699c3c0"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 697
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

GET
H/1.1 200
OK delete.gif
quarantine.agreserves.com/images/ Frame (63C 555 B
1 KB 495ms
197ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/delete.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

11016fb5cb395b3325b84691bf8353638571071c7e2b20a6823e2d84f7b0ee6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:53 GMT
Server
ETag: "3205ba-22b-50a0f96b84840"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 555
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

GET
H/1.1 200
OK options2.gif
quarantine.agreserves.com/images/ Frame (63C 617 B
1 KB 450ms
154ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/options2.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

6fedf8e29b634e22fdd6d0587eed90efbe537dc5853c2ff4119b957a6922276d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:52 GMT
Server
ETag: "3204f6-269-50a0f96a90600"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 617
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

GET
H/1.1 200
OK btndown.gif
quarantine.agreserves.com/images/ Frame (63C 833 B
1 KB 604ms
154ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/btndown.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

5f1c733f41e1d65a65cace4d0c8f2d74f3a17a4d9e60c1ff427a72288f0807b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:54 GMT
Server
ETag: "320648-341-50a0f96c78a80"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 833
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

GET
H/1.1 200
OK gendigest.gif
quarantine.agreserves.com/images/ Frame (63C 182 B
690 B 555ms
154ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/gendigest.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

10c08cbfc7dc0360f77b9b9e47e82de7edd147b6288b5b0091d380909cab17f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:52 GMT
Server
ETag: "3204f3-b6-50a0f96a90600"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 182
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

GET
H/1.1 200
OK refresh.gif
quarantine.agreserves.com/images/ Frame (63C 348 B
857 B 489ms
156ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/refresh.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

c0f97db49d1436da4c7946270434b0650988477481acee0acfd975c32ca22bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:52 GMT
Server
ETag: "32053f-15c-50a0f96a90600"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 348
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

GET
H/1.1 200
OK euweb Show response
quarantine.agreserves.com/euweb/ Frame (C99 637 B
1 KB 399ms
396ms Document
text/html 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://quarantine.agreserves.com:10020/euweb/euweb?cmd=x_requestblocklist&id=1&func=AddToSBList&entries=&init=t&eid=0&magic=%25202B%2520FusgB%252020JnnM8%2520kGPhOymgua5Pm%2520ybh7YQoXX6U&i=1518794451169

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/script/pps_app.js?v=8.9.2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

62a4d7bc07dd97f248676df595ef62fdafb7d70556eebce6a02bf640d4286d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/empty
Cookie: ppsenduser=X1NFU1NJT05fRVRJTUU9MzYwMDtfU0VTU0lPTl9JRD1hNTdlZWZjN2Y0NGMxMGExZDcyYjJmOWVhNjFiMzQ2NTt1aWQ9U2VjdXJpdHlAYWdyZXNlcnZlcy5jb207Y21kPWJsYWNrbGlzdGFkZDtsb2NhbGU9ZW5VUzthdXRoZW50aWNhdGVkPTE7X1NFU1NJT05fUkVNT1RFX0FERFI9MTQ4LjI1MS40NS4yNTQ7dXNlcm5hbWU9U2VjdXJpdHlAYWdyZXNlcnZlcy5jb207X1NFU1NJT05fQ1RJTUU9MTUxODc5NDQ0ODtfU0VTU0lPTl9BVElNRT0xNTE4Nzk0NDQ5O21zZ19pZD0oVl8yMDBmNzVmZDUzM2FmNmFiYzY0OGU0MGU3YjUwKTttZXRob2Q9Z3VpZDtleGVjPWJsYWNrbGlzdGFkZDo7; PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: https://quarantine.agreserves.com:10020/euweb/empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
X-Content-Type-Options: nosniff
Server
x-frame-options: SAMEORIGIN
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Keep-Alive: timeout=5, max=99
Content-Length: 637
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Feb 2018 15:20:51 GMT

GET
H/1.1 200
OK sortup.gif
quarantine.agreserves.com/images/ Frame (63C 67 B
574 B 154ms
154ms Image
image/gif 208.84.65.40
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quarantine.agreserves.com:10020/images/sortup.gif

Requested by

Host: quarantine.agreserves.com
URL: https://quarantine.agreserves.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.84.65.40 Sunnyvale, United States, ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US),

Reverse DNS

mx0a-0027dd01.pphosted.com

Software

Resource Hash

13009355018b8669b55ad4e1268cfb285d9ab4328535e887db47cc0caceff124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: quarantine.agreserves.com:10020
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
Cookie: PPSAUTH=a57eefc7f44c10a1d72b2f9ea61b3465
Connection: keep-alive
Cache-Control: no-cache
Referer: https://quarantine.agreserves.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 16 Feb 2018 15:20:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:51 GMT
Server
ETag: "32045f-43-50a0f9699c3c0"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 67
X-XSS-Protection: 1; mode=block
Expires: Sun, 18 Mar 2018 15:20:51 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			quarantine.agreserves.com/	1969-12-31 23:59:59	Name: PPSAUTH Value: a57eefc7f44c10a1d72b2f9ea61b3465
			quarantine.agreserves.com/euweb	1969-12-31 23:59:59	Name: ppsenduser Value: X1NFU1NJT05fRVRJTUU9MzYwMDtfU0VTU0lPTl9JRD1hNTdlZWZjN2Y0NGMxMGExZDcyYjJmOWVhNjFiMzQ2NTt1aWQ9U2VjdXJpdHlAYWdyZXNlcnZlcy5jb207Y21kPWJsYWNrbGlzdGFkZDtsb2NhbGU9ZW5VUzthdXRoZW50aWNhdGVkPTE7X1NFU1NJT05fUkVNT1RFX0FERFI9MTQ4LjI1MS40NS4yNTQ7dXNlcm5hbWU9U2VjdXJpdHlAYWdyZXNlcnZlcy5jb207X1NFU1NJT05fQ1RJTUU9MTUxODc5NDQ0ODtfU0VTU0lPTl9BVElNRT0xNTE4Nzk0NDQ5O21zZ19pZD0oVl8yMDBmNzVmZDUzM2FmNmFiYzY0OGU0MGU3YjUwKTttZXRob2Q9Z3VpZDtleGVjPWJsYWNrbGlzdGFkZDo7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

quarantine.agreserves.com
208.84.65.40
0c3acab52ea551f87d1dfe76e555925604a7435dcf17830324ede74dc27be79c
0e2257abb63920fb594af9628430fdfb8725fcbc4beda34d55f37bb884a3e2f1
10c08cbfc7dc0360f77b9b9e47e82de7edd147b6288b5b0091d380909cab17f8
11016fb5cb395b3325b84691bf8353638571071c7e2b20a6823e2d84f7b0ee6c
13009355018b8669b55ad4e1268cfb285d9ab4328535e887db47cc0caceff124
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
26648f2b537f476750986d35b458084702195a80842fe292584dbc38c4b81ab7
26a861aa2c3cc0dc4ac04482d520b44cb9f1a3e10506ea32c201b5178bfc9f27
2be3fb1245a242ce9711cc2101db05ee0787077bdc19ec6294a6a88d5f36ce16
2ec131791c5fcdeb4667a766ae4cdcc6effdfb9ac605ceacd92b251f7a11c6ed
2efbe687bceb8459c6be02b782204c3a35bc6ff7cdd8577e0051e04fbd23dc72
5f1c733f41e1d65a65cace4d0c8f2d74f3a17a4d9e60c1ff427a72288f0807b4
62a4d7bc07dd97f248676df595ef62fdafb7d70556eebce6a02bf640d4286d99
6fedf8e29b634e22fdd6d0587eed90efbe537dc5853c2ff4119b957a6922276d
777eb0340e4033d08ac0d8daea40bfd03cb0308e1dff9da94a82378e63a59f2f
850c24e8aa95eacb76a579cfc9f6e4d034be8a907d0f5ecab8799d4082c328fa
8cbb0826392f1cdcbf374b7ca7be769eede7b4cf326e6ed0033e51563cfe43d0
a0822d5d991bbc8f746d4f49f65c187f8819eec58d439180e28285d95094474c
b70ab1dd83c3b05092212ff85199b95b984c7cc771b7b915b89c7bc298863a1b
c0f97db49d1436da4c7946270434b0650988477481acee0acfd975c32ca22bdf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f415bbbc5dd792d29875a4e2deefd791fc04bc09ce4a0fe723c74d89934ec9f5

quarantine.agreserves.com Open in urlscan Pro 208.84.65.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

193 kBTransfer

182 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

quarantine.agreserves.com Open in urlscan Pro
208.84.65.40 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

193 kB
Transfer

182 kB
Size

2
Cookies

22 HTTP transactions
0 data transactions