protectedmail.plainscapital.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 67.231.157.72, located in United States and belongs to PROOFPOINT-ASN-US-EAST, US. The main domain is protectedmail.plainscapital.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on February 27th 2023. Valid for: a year.

This is the only time protectedmail.plainscapital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 5	67.231.157.72 67.231.157.72		22843 (PROOFPOIN...) (PROOFPOINT-ASN-US-EAST)
4	1

5 67.231.157.72 (United States) 1 redirects

ASN22843 (PROOFPOINT-ASN-US-EAST, US)
PTR: mx0b-001ab001.pphosted.com

protectedmail.plainscapital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	plainscapital.com 1 redirects protectedmail.plainscapital.com	27 KB
4	1

	Domain	Requested by
5	protectedmail.plainscapital.com	1 redirects protectedmail.plainscapital.com
4	1

This site contains links to these domains. Also see Links.

Domain
www.proofpoint.com

Subject Issuer	Validity	Valid
protectedmail.plainscapital.com COMODO RSA Organization Validation Secure Server CA	`2023-02-27` - `2024-02-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://protectedmail.plainscapital.com:10020/euweb/login?logout=3
Frame ID: 47EF43AF13A083B2878B3AA9110BA143
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Proofpoint Protection Server

Page URL History Show full URLs

https://protectedmail.plainscapital.com:10020/euweb/digest?ts=1568316900&cmd=editprofile&locale=enus&module&msg_id=%28V_2f... HTTP 302
https://protectedmail.plainscapital.com:10020/euweb/login?logout=3 Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

27 kB
Transfer

25 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.proofpoint.com/us/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protectedmail.plainscapital.com:10020/euweb/digest?ts=1568316900&cmd=editprofile&locale=enus&module&msg_id=%28V_2fbd016bc21d882bcc5bc5c2279e%29&c=plainscapital_hosted&recipient=lynn.faunce%40plainscapital.com&sig=c307dca605a9222c3a6ff0f06b317e5c2fa70792770ece4ae698547d5a159528 HTTP 302
https://protectedmail.plainscapital.com:10020/euweb/login?logout=3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
protectedmail.plainscapital.com/euweb/
Redirect Chain

https://protectedmail.plainscapital.com:10020/euweb/digest?ts=1568316900&cmd=editprofile&locale=enus&module&msg_id=%28V_2fbd016bc21d882bcc5bc5c2279e%29&c=plainscapital_hosted&recipient=lynn.faunce%...
https://protectedmail.plainscapital.com:10020/euweb/login?logout=3

5 KB
6 KB

3929ms
3702ms

Document
text/html

67.231.157.72
PROOFPOINT-ASN-US...

General

Check archive.org

Show headers Download Go to

Full URL

https://protectedmail.plainscapital.com:10020/euweb/login?logout=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST, US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

/

Resource Hash

89154f9a9c89c88de65b57d9a068e3871cac6701e9636ff554e1a8eaf65bd055

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, max-age=0;
Connection: close
Content-Length: 5507
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'
Content-Type: text/html; charset=UTF-8
Date: Wed, 15 Mar 2023 11:42:43 GMT
Expect-CT: max-age=86400, enforce
Expires: Tue, 12 Oct 2021 23:59:59 UTC
Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
pragma: no-cache

Redirect headers

Cache-Control: max-age=0
Connection: close
Content-Length: 250
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 15 Mar 2023 11:42:41 GMT
Expires: Wed, 15 Mar 2023 11:42:41 GMT
Location: https://protectedmail.plainscapital.com:10020/euweb/login?logout=3
Server
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK stylesheet
protectedmail.plainscapital.com/euweb/ 8 KB
9 KB 4936ms
4718ms Stylesheet
text/css 67.231.157.72
PROOFPOINT-ASN-US...

General

Check archive.org

Show headers Download Go to

Full URL

https://protectedmail.plainscapital.com:10020/euweb/stylesheet?templateid=0&v=

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/login?logout=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST, US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

/

Resource Hash

f415bbbc5dd792d29875a4e2deefd791fc04bc09ce4a0fe723c74d89934ec9f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protectedmail.plainscapital.com:10020/euweb/login?logout=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 11:42:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'
Server
Expect-CT: max-age=86400, enforce
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: close
X-XSS-Protection: 1; mode=block
Expires: Fri, 14 Apr 2023 11:42:47 GMT

GET
H/1.1 200
OK authenticate.gif
protectedmail.plainscapital.com/images/ 3 KB
4 KB 358ms
140ms Image
image/gif 67.231.157.72
PROOFPOINT-ASN-US...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://protectedmail.plainscapital.com:10020/images/authenticate.gif

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/login?logout=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST, US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

/

Resource Hash

93b30f310da6ab00c6429468f677e631db2a7c904bc476fec2066a66babbf121

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protectedmail.plainscapital.com:10020/euweb/login?logout=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 11:42:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'
Connection: close
Content-Length: 3576
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 13 Dec 2014 02:15:55 GMT
Server
ETag: "df8-50a0f96d6ccc0"
Expect-CT: max-age=86400, enforce
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public, max-age=1550000
Accept-Ranges: bytes
Expires: Fri, 14 Apr 2023 11:42:47 GMT

GET
H/1.1 200
OK logo
protectedmail.plainscapital.com/euweb/ 8 KB
8 KB 2386ms
2163ms Image
image/png 67.231.157.72
PROOFPOINT-ASN-US...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://protectedmail.plainscapital.com:10020/euweb/logo?templateid=0&i=0&v=

Requested by

Host: protectedmail.plainscapital.com
URL: https://protectedmail.plainscapital.com:10020/euweb/login?logout=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.231.157.72 , United States, ASN22843 (PROOFPOINT-ASN-US-EAST, US),

Reverse DNS

mx0b-001ab001.pphosted.com

Software

/

Resource Hash

456fbb944e2897955ce02501f5a9fb270c9a95db1170b3d9baea612ae955ee3a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protectedmail.plainscapital.com:10020/euweb/login?logout=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 11:42:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'
Server
Expect-CT: max-age=86400, enforce
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=0
Connection: close
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Mar 2023 11:42:48 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			protectedmail.plainscapital.com/	1969-12-31 23:59:59	Name: PPSAUTH Value: 90764113a148642ff463c38dfb450541

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

protectedmail.plainscapital.com
67.231.157.72
456fbb944e2897955ce02501f5a9fb270c9a95db1170b3d9baea612ae955ee3a
89154f9a9c89c88de65b57d9a068e3871cac6701e9636ff554e1a8eaf65bd055
93b30f310da6ab00c6429468f677e631db2a7c904bc476fec2066a66babbf121
f415bbbc5dd792d29875a4e2deefd791fc04bc09ce4a0fe723c74d89934ec9f5

protectedmail.plainscapital.com Open in urlscan Pro 67.231.157.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

27 kBTransfer

25 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

protectedmail.plainscapital.com Open in urlscan Pro
67.231.157.72 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

27 kB
Transfer

25 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions