protectedmail.plainscapital.com Open in urlscan Pro
67.231.157.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protectedmail.plainscapital.com:10020/euweb/digest?ts=1568316900&cmd=editprofile&locale=enus&module=&msg_id=(V_2fbd016bc21d882bcc5bc5c...
Effective URL:
https://protectedmail.plainscapital.com:10020/euweb/login?logout=1
Submission: On September 12 via manual (September 12th 2019, 8:02:59 pm UTC) from US

Summary HTTP 26 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 26 HTTP transactions. The main IP is 67.231.157.72, located in United States and belongs to PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US. The main domain is protectedmail.plainscapital.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on July 8th 2019. Valid for: a year.

This is the only time protectedmail.plainscapital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 21	67.231.157.72 67.231.157.72		22843 (PROOFPOIN...) (PROOFPOINT-ASN-US-EAST - Proofpoint)
26	2

21 67.231.157.72 (United States) 1 redirects

ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US)
PTR: mx0b-001ab001.pphosted.com

protectedmail.plainscapital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	plainscapital.com 1 redirects protectedmail.plainscapital.com	213 KB
26	1

	Domain	Requested by
21	protectedmail.plainscapital.com	1 redirects protectedmail.plainscapital.com
26	1

This site contains links to these domains. Also see Links.

Domain
www.proofpoint.com

Subject Issuer	Validity	Valid
protectedmail.plainscapital.com COMODO RSA Organization Validation Secure Server CA	`2019-07-08` - `2020-07-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://protectedmail.plainscapital.com:10020/euweb/login?logout=1
Frame ID: 30A2D9AB5C189C27C0F4285A6A300821
Requests: 6 HTTP requests in this frame

Frame: https://protectedmail.plainscapital.com:10020/euweb/euweb
Frame ID: EB58A99F599B32285FB1E5C49489DC2A
Requests: 18 HTTP requests in this frame

Frame: https://protectedmail.plainscapital.com:10020/euweb/euweb?cmd=x_requestquarantine&id=0&func=AddMsg&entries=folder%3Dbulk_continue%7Cdir%3DD%7Ccol%3D5%7Climit%3D40%7Corg_limit%3D40%7Coffset%3D0%7Ccalc%3D1%7Csud%3D0%7Csearch%3D0%7Csearchfrom%3D%7Csearchsubject%3D0%7Csearchmaxage%3D0&init=t&eid=0&magic=BKCsRfPDoSbeIg4KPOAnvo9SafJrunN40LG%2520NbHj0g4&i=1568318566111
Frame ID: 1CF709DE6FCB4AD561E6640E1BE0CECA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://protectedmail.plainscapital.com:10020/euweb/digest?ts=1568316900&cmd=editprofile&locale=enus&module=&msg_id=(V_2fb... HTTP 302
https://protectedmail.plainscapital.com:10020/ Page URL
https://protectedmail.plainscapital.com:10020/euweb/login Page URL
https://protectedmail.plainscapital.com:10020/euweb/login?logout=1 Page URL

Page Statistics

26
Requests

77 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

213 kB
Transfer

204 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.proofpoint.com/us/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protectedmail.plainscapital.com:10020/euweb/digest?ts=1568316900&cmd=editprofile&locale=enus&module=&msg_id=(V_2fbd016bc21d882bcc5bc5c2279e)&c=plainscapital_hosted&recipient=lynn.faunce@plainscapital.com&sig=c307dca605a9222c3a6ff0f06b317e5c2fa70792770ece4ae698547d5a159528 HTTP 302
https://protectedmail.plainscapital.com:10020/ Page URL
https://protectedmail.plainscapital.com:10020/euweb/login Page URL
https://protectedmail.plainscapital.com:10020/euweb/login?logout=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://protectedmail.plainscapital.com:10020/euweb/digest?ts=1568316900&cmd=editprofile&locale=enus&module=&msg_id=(V_2fbd016bc21d882bcc5bc5c2279e)&c=plainscapital_hosted&recipient=lynn.faunce@plainscapital.com&sig=c307dca605a9222c3a6ff0f06b317e5c2fa70792770ece4ae698547d5a159528 HTTP 302
https://protectedmail.plainscapital.com:10020/

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
protectedmail.plainscapital.com/
Redirect Chain

https://protectedmail.plainscapital.com:10020/euweb/digest?ts=1568316900&cmd=editprofile&locale=enus&module=&msg_id=(V_2fbd016bc21d882bcc5bc5c2279e)&c=plainscapital_hosted&recipient=lynn.faunce@pla...
https://protectedmail.plainscapital.com:10020/

60 B
525 B

355ms
119ms

Document
text/html

67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://protectedmail.plainscapital.com:10020/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

2be3fb1245a242ce9711cc2101db05ee0787077bdc19ec6294a6a88d5f36ce16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: protectedmail.plainscapital.com:10020
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Cookie: PPSAUTH=bfefeac444f6d6a120a57e075b78678f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Date: Thu, 12 Sep 2019 20:02:43 GMT
Server
Last-Modified: Fri, 07 Jun 2019 04:43:55 GMT
ETag: "3c-58ab47a59b8c0"
Accept-Ranges: bytes
Content-Length: 60
Cache-Control: max-age=0
Expires: Thu, 12 Sep 2019 20:02:43 GMT
x-frame-options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 12 Sep 2019 20:02:43 GMT
Server
Set-Cookie: PPSAUTH=bfefeac444f6d6a120a57e075b78678f; path=/; secure; HttpOnly
Location: https://protectedmail.plainscapital.com:10020
Cache-Control: max-age=0
Expires: Thu, 12 Sep 2019 20:02:43 GMT
Content-Length: 229
Connection: close
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK Cookie set login Show response
protectedmail.plainscapital.com/euweb/ 748 B
1 KB 615ms
377ms Document
text/html 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://protectedmail.plainscapital.com:10020/euweb/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

b70ab1dd83c3b05092212ff85199b95b984c7cc771b7b915b89c7bc298863a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: protectedmail.plainscapital.com:10020
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Referer: https://protectedmail.plainscapital.com:10020/
Accept-Encoding: gzip, deflate, br
Cookie: PPSAUTH=bfefeac444f6d6a120a57e075b78678f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://protectedmail.plainscapital.com:10020/

Response headers

Date: Thu, 12 Sep 2019 20:02:44 GMT
Server
pragma: no-cache
Expires: Thu, 1 Jan 1970 00:00:00 UTC
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PPSAUTH=bfefeac444f6d6a120a57e075b78678f; path=/; secure; HttpOnly
x-frame-options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 748
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set euweb Show response
protectedmail.plainscapital.com/euweb/ Frame EB58 14 KB
15 KB 489ms
259ms Document
text/html 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://protectedmail.plainscapital.com:10020/euweb/euweb?

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

b313dc2b0292a527e53bf7fa54897f7d46f0ac94b2d94787092f496caec08ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: protectedmail.plainscapital.com:10020
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Referer: https://protectedmail.plainscapital.com:10020/euweb/login
Accept-Encoding: gzip, deflate, br
Cookie: PPSAUTH=bfefeac444f6d6a120a57e075b78678f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://protectedmail.plainscapital.com:10020/euweb/login

Response headers

Date: Thu, 12 Sep 2019 20:02:44 GMT
Server
pragma: no-cache
Set-Cookie: ppsenduser=YXV0aGVudGljYXRlZD0xO21ldGhvZD1ndWlkO3VzZXJuYW1lPWx5bm4uZmF1bmNlQHBsYWluc2NhcGl0YWwuY29tO21zZ19pZD0oVl8yZmJkMDE2YmMyMWQ4ODJiY2M1YmM1YzIyNzllKTtfU0VTU0lPTl9DVElNRT0xNTY4MzE4NTYzO2V4ZWM9ZWRpdHByb2ZpbGU6O2xvY2FsZT1lbnVzO2NtZD1lZGl0cHJvZmlsZTtfU0VTU0lPTl9FVElNRT0zNjAwO19TRVNTSU9OX0FUSU1FPTE1NjgzMTg1NjQ7X1NFU1NJT05fUkVNT1RFX0FERFI9MTg1LjQ0Ljc2LjgwO19TRVNTSU9OX0lEPWJmZWZlYWM0NDRmNmQ2YTEyMGE1N2UwNzViNzg2NzhmO3VpZD1seW5uLmZhdW5jZUBwbGFpbnNjYXBpdGFsLmNvbTs=;HttpOnly;Secure
Cache-Control: max-age=0
Expires: Thu, 12 Sep 2019 20:02:44 GMT
x-frame-options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 14694
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK empty Show response
protectedmail.plainscapital.com/euweb/ Frame 1CF7 0
371 B 457ms
225ms Document
text/plain 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://protectedmail.plainscapital.com:10020/euweb/empty

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: protectedmail.plainscapital.com:10020
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Referer: https://protectedmail.plainscapital.com:10020/euweb/login
Accept-Encoding: gzip, deflate, br
Cookie: PPSAUTH=bfefeac444f6d6a120a57e075b78678f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://protectedmail.plainscapital.com:10020/euweb/login

Response headers

Date: Thu, 12 Sep 2019 20:02:44 GMT
Server
Cache-Control: max-age=0
Expires: Thu, 12 Sep 2019 20:02:44 GMT
x-frame-options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 0
Connection: close
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK stylesheet
protectedmail.plainscapital.com/euweb/ Frame EB58 8 KB
9 KB 534ms
307ms Stylesheet
text/css 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://protectedmail.plainscapital.com:10020/euweb/stylesheet?templateid=0&v=8.12.4

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

f415bbbc5dd792d29875a4e2deefd791fc04bc09ce4a0fe723c74d89934ec9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:45 GMT
X-Content-Type-Options: nosniff
Server
x-frame-options: SAMEORIGIN
Connection: close
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Oct 2019 20:02:45 GMT

GET
H/1.1 200
OK ppsmenu.js Show response
protectedmail.plainscapital.com/js/ Frame EB58 14 KB
14 KB 357ms
125ms Script
application/javascript 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://protectedmail.plainscapital.com:10020/js/ppsmenu.js?v=8.12.4

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

0e2257abb63920fb594af9628430fdfb8725fcbc4beda34d55f37bb884a3e2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Jun 2019 04:44:21 GMT
Server
ETag: "3612-58ab47be67340"
x-frame-options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: public, max-age=1550001
Connection: close
Accept-Ranges: bytes
Content-Length: 13842
X-XSS-Protection: 1; mode=block
Expires: Thu, 12 Sep 2019 20:02:45 GMT

GET
H/1.1 200
OK pps_app.js Show response
protectedmail.plainscapital.com/script/ Frame EB58 137 KB
138 KB 375ms
137ms Script
application/javascript 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://protectedmail.plainscapital.com:10020/script/pps_app.js?v=8.12.4

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

09fc09de1a8225c202d06696e096b59e2b82503da0b8dabee44af1d31936e21e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Jun 2019 04:43:54 GMT
Server
ETag: "224da-58ab47a4a7680"
x-frame-options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: public, max-age=1550002
Connection: close
Accept-Ranges: bytes
Content-Length: 140506
X-XSS-Protection: 1; mode=block
Expires: Thu, 12 Sep 2019 20:02:45 GMT

GET logo
protectedmail.plainscapital.com/euweb/ Frame EB58 0
0

GET
H/1.1 200
OK euweb
protectedmail.plainscapital.com/euweb/ Frame 1CF7 157 B
529 B 444ms
213ms Document
text/html 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://protectedmail.plainscapital.com:10020/euweb/euweb?cmd=x_requestquarantine&id=0&func=AddMsg&entries=folder%3Dbulk_continue%7Cdir%3DD%7Ccol%3D5%7Climit%3D40%7Corg_limit%3D40%7Coffset%3D0%7Ccalc%3D1%7Csud%3D0%7Csearch%3D0%7Csearchfrom%3D%7Csearchsubject%3D0%7Csearchmaxage%3D0&init=t&eid=0&magic=BKCsRfPDoSbeIg4KPOAnvo9SafJrunN40LG%2520NbHj0g4&i=1568318566111

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/script/pps_app.js?v=8.12.4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: protectedmail.plainscapital.com:10020
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Response headers

Date: Thu, 12 Sep 2019 20:02:46 GMT
Server
Cache-Control: max-age=0
Expires: Thu, 12 Sep 2019 20:02:46 GMT
x-frame-options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 157
Connection: close
Content-Type: text/html; charset=UTF-8

GET folderopen.gif
protectedmail.plainscapital.com/images/ Frame EB58 0
0

GET folderclose.gif
protectedmail.plainscapital.com/images/ Frame EB58 0
0

GET sblist.gif
protectedmail.plainscapital.com/images/ Frame EB58 0
0

GET menu_generic.gif
protectedmail.plainscapital.com/images/ Frame EB58 0
0

GET rr16.gif
protectedmail.plainscapital.com/images/ Frame EB58 0
0

GET
H/1.1 200
OK r16.gif
protectedmail.plainscapital.com/images/ Frame EB58 968 B
1 KB 376ms
146ms Image
image/gif 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://protectedmail.plainscapital.com:10020/images/r16.gif

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

91dcd288b1ec27d24709cf2e2ae28e03ed4b3d4d756e570cc7693c198ba4fb84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:52 GMT
Server
ETag: "3c8-50a0f96a90600"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: close
Accept-Ranges: bytes
Content-Length: 968
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Oct 2019 20:02:46 GMT

GET
H/1.1 200
OK f16.gif
protectedmail.plainscapital.com/images/ Frame EB58 970 B
1 KB 368ms
132ms Image
image/gif 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://protectedmail.plainscapital.com:10020/images/f16.gif

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

e1d86bb79937c391d14301fb2adc925cf3f618971ede992ffb8b948ecd1056cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:51 GMT
Server
ETag: "3ca-50a0f9699c3c0"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: close
Accept-Ranges: bytes
Content-Length: 970
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Oct 2019 20:02:46 GMT

GET
H/1.1 200
OK spacer.gif
protectedmail.plainscapital.com/images/ Frame EB58 49 B
513 B 812ms
132ms Image
image/gif 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://protectedmail.plainscapital.com:10020/images/spacer.gif

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:51 GMT
Server
ETag: "31-50a0f9699c3c0"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: close
Accept-Ranges: bytes
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Oct 2019 20:02:46 GMT

GET
H/1.1 200
OK search.gif
protectedmail.plainscapital.com/images/ Frame EB58 915 B
1 KB 725ms
119ms Image
image/gif 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://protectedmail.plainscapital.com:10020/images/search.gif

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:53 GMT
Server
ETag: "393-50a0f96b84840"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: close
Accept-Ranges: bytes
Content-Length: 915
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Oct 2019 20:02:46 GMT

GET
H/1.1 200
OK options2.gif
protectedmail.plainscapital.com/images/ Frame EB58 617 B
1 KB 391ms
167ms Image
image/gif 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://protectedmail.plainscapital.com:10020/images/options2.gif

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

6fedf8e29b634e22fdd6d0587eed90efbe537dc5853c2ff4119b957a6922276d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:52 GMT
Server
ETag: "269-50a0f96a90600"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: close
Accept-Ranges: bytes
Content-Length: 617
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Oct 2019 20:02:46 GMT

GET
H/1.1 200
OK btndown.gif
protectedmail.plainscapital.com/images/ Frame EB58 833 B
1 KB 758ms
130ms Image
image/gif 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://protectedmail.plainscapital.com:10020/images/btndown.gif

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:54 GMT
Server
ETag: "341-50a0f96c78a80"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: close
Accept-Ranges: bytes
Content-Length: 833
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Oct 2019 20:02:46 GMT

GET
H/1.1 200
OK gendigest.gif
protectedmail.plainscapital.com/images/ Frame EB58 182 B
647 B 746ms
124ms Image
image/gif 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://protectedmail.plainscapital.com:10020/images/gendigest.gif

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:52 GMT
Server
ETag: "b6-50a0f96a90600"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: close
Accept-Ranges: bytes
Content-Length: 182
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Oct 2019 20:02:46 GMT

GET
H/1.1 200
OK refresh.gif
protectedmail.plainscapital.com/images/ Frame EB58 348 B
814 B 392ms
168ms Image
image/gif 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://protectedmail.plainscapital.com:10020/images/refresh.gif

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

c0f97db49d1436da4c7946270434b0650988477481acee0acfd975c32ca22bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:52 GMT
Server
ETag: "15c-50a0f96a90600"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: close
Accept-Ranges: bytes
Content-Length: 348
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Oct 2019 20:02:46 GMT

GET
H/1.1 200
OK Primary Request Cookie set login Show response
protectedmail.plainscapital.com/euweb/ 5 KB
6 KB 400ms
247ms Document
text/html 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://protectedmail.plainscapital.com:10020/euweb/login?logout=1

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/script/pps_app.js?v=8.12.4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

d86b83e1ad67ea05a60eec46c405417fe773766e1f29cb92e162af376ce4ecb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: protectedmail.plainscapital.com:10020
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://protectedmail.plainscapital.com:10020/euweb/euweb?

Response headers

Date: Thu, 12 Sep 2019 20:02:46 GMT
Server
pragma: no-cache
Expires: Thu, 1 Jan 1970 00:00:00 UTC
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PPSAUTH=447a8069b95d08117e532148ce13c159; path=/; secure; HttpOnly
x-frame-options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 5292
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK stylesheet
protectedmail.plainscapital.com/euweb/ 8 KB
9 KB 327ms
203ms Stylesheet
text/css 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to

Full URL

https://protectedmail.plainscapital.com:10020/euweb/stylesheet?templateid=0&v=

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/login?logout=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

f415bbbc5dd792d29875a4e2deefd791fc04bc09ce4a0fe723c74d89934ec9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/login?logout=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:47 GMT
X-Content-Type-Options: nosniff
Server
x-frame-options: SAMEORIGIN
Connection: close
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Oct 2019 20:02:47 GMT

GET
H/1.1 200
OK authenticate.gif
protectedmail.plainscapital.com/images/ 3 KB
4 KB 253ms
123ms Image
image/gif 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://protectedmail.plainscapital.com:10020/images/authenticate.gif

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/login?logout=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

93b30f310da6ab00c6429468f677e631db2a7c904bc476fec2066a66babbf121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/login?logout=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Dec 2014 02:15:55 GMT
Server
ETag: "df8-50a0f96d6ccc0"
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Connection: close
Accept-Ranges: bytes
Content-Length: 3576
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Oct 2019 20:02:47 GMT

GET
H/1.1 200
OK logo
protectedmail.plainscapital.com/euweb/ 8 KB
8 KB 1538ms
1384ms Image
image/png 67.231.157.72
Proofpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://protectedmail.plainscapital.com:10020/euweb/logo?templateid=0&i=0&v=

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/login?logout=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST - Proofpoint, Inc., US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

Resource Hash

456fbb944e2897955ce02501f5a9fb270c9a95db1170b3d9baea612ae955ee3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://protectedmail.plainscapital.com:10020/euweb/login?logout=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Sep 2019 20:02:47 GMT
X-Content-Type-Options: nosniff
Server
x-frame-options: SAMEORIGIN
Connection: close
Content-Type: image/png
Cache-Control: max-age=0
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
Expires: Thu, 12 Sep 2019 20:02:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/logo?templateid=0&i=0&v=8.12.4

Domain: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/images/folderopen.gif

Domain: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/images/folderclose.gif

Domain: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/images/sblist.gif

Domain: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/images/menu_generic.gif

Domain: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/images/rr16.gif

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			protectedmail.plainscapital.com/	1969-12-31 23:59:59	Name: PPSAUTH Value: 447a8069b95d08117e532148ce13c159

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

protectedmail.plainscapital.com
protectedmail.plainscapital.com
67.231.157.72
09fc09de1a8225c202d06696e096b59e2b82503da0b8dabee44af1d31936e21e
0e2257abb63920fb594af9628430fdfb8725fcbc4beda34d55f37bb884a3e2f1
2be3fb1245a242ce9711cc2101db05ee0787077bdc19ec6294a6a88d5f36ce16
456fbb944e2897955ce02501f5a9fb270c9a95db1170b3d9baea612ae955ee3a
6fedf8e29b634e22fdd6d0587eed90efbe537dc5853c2ff4119b957a6922276d
91dcd288b1ec27d24709cf2e2ae28e03ed4b3d4d756e570cc7693c198ba4fb84
93b30f310da6ab00c6429468f677e631db2a7c904bc476fec2066a66babbf121
b313dc2b0292a527e53bf7fa54897f7d46f0ac94b2d94787092f496caec08ce5
b70ab1dd83c3b05092212ff85199b95b984c7cc771b7b915b89c7bc298863a1b
c0f97db49d1436da4c7946270434b0650988477481acee0acfd975c32ca22bdf
d86b83e1ad67ea05a60eec46c405417fe773766e1f29cb92e162af376ce4ecb8
e1d86bb79937c391d14301fb2adc925cf3f618971ede992ffb8b948ecd1056cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f415bbbc5dd792d29875a4e2deefd791fc04bc09ce4a0fe723c74d89934ec9f5

protectedmail.plainscapital.com Open in urlscan Pro 67.231.157.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

26 Requests

77 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

213 kBTransfer

204 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

protectedmail.plainscapital.com Open in urlscan Pro
67.231.157.72 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

77 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

213 kB
Transfer

204 kB
Size

1
Cookies

26 HTTP transactions
0 data transactions