Report - w1.mssrtv.com/prod/c419f126-b5f4-4562-8369-9ab355ff4bd3/703dddde-60b3-4dc9-857b-f3f3bc581ffe

Report Overview

Submitted URL
w1.mssrtv.com/prod/c419f126-b5f4-4562-8369-9ab355ff4bd3/703dddde-60b3-4dc9-857b-f3f3bc581ffe
IP
52.202.196.44
ASN
#14618 AMAZON-AES
Submitted
2024-05-10 14:12:27
Access
public
Website Title
DocuSign
Final URL
powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Tags
docusign phishing
urlquery detections
Phishing - Docusign

Detections

urlquery
8
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
integrations.api.mailshake.com	unknown	2003-03-25	2018-03-30	2024-04-18	586 B	774 B	3.209.231.252
bit.ly	8194	2008-05-17	2012-05-30	2024-05-09	538 B	870 B	67.199.248.10
na4.docusign.net	39805	1999-06-14	2019-12-02	2024-04-22	602 B	1.1 kB	162.248.184.187
powerforms.docusign.net	125670	1999-06-14	2019-03-07	2023-12-19	4.2 kB	2.6 MB	64.207.218.224
docucdn-a.akamaihd.net	10361	2009-09-14	2014-04-10	2024-05-07	2.6 kB	132 kB	23.36.77.32
na4-app.docusign.net	unknown	1999-06-14	2020-07-10	2024-05-03	614 B	3.5 kB	162.248.184.219
w1.mssrtv.com	unknown	2022-02-26	2022-06-14	2024-03-27	462 B	663 B	52.202.196.44
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-09	338 B	863 B	54.230.218.11

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	powerforms.docusign.net/static/js/2.33610137.chunk.js	2.3 MB	2023-05-03	2024-05-15
Pretty URL powerforms.docusign.net/static/js/2.33610137.chunk.js IP 64.207.218.224 ASN #62856 DOCUS-6-PROD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 12:56:10 Last Seen2024-05-15 21:33:01 Times Seen67 Hash 38590a85ebdfcab48145bc1443c3dc79 05164b398f603044cd0de3f217ff101e73b57cc8 00f50b898e0425fea14e50652cdb0d0cfb8964e741c862b9a106bb9492866b00 Loading...

	powerforms.docusign.net/static/js/main.85a28d98.chunk.js	212 kB	2023-05-03	2024-05-15
Pretty URL powerforms.docusign.net/static/js/main.85a28d98.chunk.js IP 64.207.218.224 ASN #62856 DOCUS-6-PROD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 12:56:10 Last Seen2024-05-15 21:33:01 Times Seen68 Hash 8d8b688a952daafd629cd0ae8495d425 2f46413baae310c77bb1bcd94e1f8ac84e53877b 41cd7109606d6c6daba20a223eee5bb3bbc8db46a8544d0fd6e9560d9c84c38c Loading...

	powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc	1.5 kB	2023-05-03	2024-05-15
Pretty URL powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc IP 64.207.218.224 ASN #62856 DOCUS-6-PROD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-03 12:56:10 Last Seen2024-05-15 21:33:01 Times Seen34 Hash 546319ef95c8bca32e17437ca0c188da 1931ba8962b4b0e73b625a9c778a57d98abfa9f6 6682f365867731f5625da7b8a0e6d1cc5248c530578a4cabab3ed10b3fa2bc3b Loading...

HTTP Transactions (18)

URL IP Response Size

w1.mssrtv.com/prod/c419f126-b5f4-4562-8369-9ab355ff4bd3/703dddde-60b3-4dc9-857b-f3f3bc581ffe

52.202.196.44

332 B

URL User Request GET
w1.mssrtv.com/prod/c419f126-b5f4-4562-8369-9ab355ff4bd3/703dddde-60b3-4dc9-857b-f3f3bc581ffe
IP
52.202.196.44:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text, with very long lines (332), with no line terminators
Size
332 B (332 bytes)
Hash
e0d11f0beab00aba210cd731d1758d00
bdfe46a62528779e82bbd00e8f8800fa8d3f9285
e20775fb547ab8777d196eb3351f26271b130156d4980f65c96d3205b8d302f2

HTTP Headers

GET /prod/c419f126-b5f4-4562-8369-9ab355ff4bd3/703dddde-60b3-4dc9-857b-f3f3bc581ffe HTTP/1.1
Host: w1.mssrtv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Fri, 10 May 2024 14:12:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 332
Connection: keep-alive
X-Powered-By: Express
Location: https://integrations.api.mailshake.com/beacon/click?emailID=c419f126-b5f4-4562-8369-9ab355ff4bd3&linkID=703dddde-60b3-4dc9-857b-f3f3bc581ffe
Vary: Accept

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a9b6dfd0be018936154541dd60f0adbe
126318fc7cfe23f889a3d69b0f85626aa5e8af04
d7dd5d62c9c60ac42652e6cfcea368056576a59b798d04155adca5e8b38694be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 14:12:01 GMT
Server: ECAcc (amb/6A94)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SsMnv7ZAgx19QK6lNELgWhyCUMrqNKxU7hBXq-PgDtWFdX1nOT-lwA==

integrations.api.mailshake.com/beacon/click?emailID=c419f126-b5f4-4562-8369-9ab355ff4bd3&linkID=703dddde-60b3-4dc9-857b-f3f3bc581ffe

3.209.231.252

302 Found

228 B

URL User Request GET HTTP/2
integrations.api.mailshake.com/beacon/click?emailID=c419f126-b5f4-4562-8369-9ab355ff4bd3&linkID=703dddde-60b3-4dc9-857b-f3f3bc581ffe
IP
3.209.231.252:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subject*.api.mailshake.com
Fingerprint75:B7:24:C0:B3:B0:B6:40:61:C1:BC:7E:61:F0:5D:57:FD:62:3C:1F
ValidityWed, 03 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with no line terminators
Size
228 B (228 bytes)
Hash
370be4d6172e4e4b282e6ac4b2e274bb
0f55dd722dcfeb5101960b29addafd71876e7d9c
98be58566781dbc63867fa1ec3e4580fd5889256e933e99a2af03febe9c6e8d3

HTTP Headers

GET /beacon/click?emailID=c419f126-b5f4-4562-8369-9ab355ff4bd3&linkID=703dddde-60b3-4dc9-857b-f3f3bc581ffe HTTP/1.1
Host: integrations.api.mailshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 14:12:01 GMT
content-type: text/html; charset=utf-8
content-length: 228
location: https://bit.ly/DoubletreebyHiltonOrlandoatSeaWorld?msID=703dddde-60b3-4dc9-857b-f3f3bc581ffe
vary: Origin, Accept, Accept-Encoding
access-control-allow-credentials: true
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
content-security-policy: default-src 'self'
permissions-policy: camera=(), geolocation=(), microphone=()
X-Firefox-Spdy: h2

bit.ly/DoubletreebyHiltonOrlandoatSeaWorld?msID=703dddde-60b3-4dc9-857b-f3f3bc581ffe

67.199.248.10

301 Moved Permanently

255 B

URL User Request GET HTTP/2
bit.ly/DoubletreebyHiltonOrlandoatSeaWorld?msID=703dddde-60b3-4dc9-857b-f3f3bc581ffe
IP
67.199.248.10:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerDigiCert Inc
Subjectbit.ly
FingerprintC0:83:8F:43:A4:CB:4B:A1:33:DB:0B:F1:CD:DA:BF:1B:37:8F:B4:17
ValidityMon, 06 May 2024 00:00:00 GMT - Tue, 06 May 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
255 B (255 bytes)
Hash
a30a88bdc5b2eb84e2a76111d974c9d3
b4737e3df1f23bf6a5aca3fc13636bcd9b1945ff
a1c06cd17c4497151c3b147fd71756306fafd1e11f390678edba89138efbdbc5

HTTP Headers

GET /DoubletreebyHiltonOrlandoatSeaWorld?msID=703dddde-60b3-4dc9-857b-f3f3bc581ffe HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 10 May 2024 14:12:01 GMT
content-type: text/html; charset=utf-8
content-length: 255
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://na4.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=0d26b0cc-3b5b-480e-a52e-75fa4547938c&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&v=2
referrer-policy: unsafe-url
set-cookie: _bit=o4aec1-b5eef8f30b907ab8d7-00i; Domain=bit.ly; Expires=Wed, 06 Nov 2024 14:12:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

na4.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=0d26b0cc-3b5b-480e-a52e-75fa4547938c&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&v=2

162.248.184.187

302 Found

290 B

URL User Request GET HTTP/1.1
na4.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=0d26b0cc-3b5b-480e-a52e-75fa4547938c&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&v=2
IP
162.248.184.187:443
ASN
#62856 DOCUS-6-PROD

Certificate
IssuerDigiCert Inc
Subjectna4.docusign.net
Fingerprint18:E9:E0:12:D0:CD:5E:CE:CB:AA:CD:E4:B1:5A:3F:A7:00:E2:F1:B1
ValidityWed, 01 Nov 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
290 B (290 bytes)
Hash
2d1d7d5c94fa1d7f1024662fb906311c
4839fadd12e93dfee8d000d30dbf1cb477e8f014
2af71d4a380a63d6ec2473e14854d8d140a1ed815ddbfeda07788e69692841df

HTTP Headers

GET /Member/PowerFormSigning.aspx?PowerFormId=0d26b0cc-3b5b-480e-a52e-75fa4547938c&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&v=2 HTTP/1.1
Host: na4.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Location: https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: pvm=SE4FE11_8841; path=/; secure; HttpOnly; SameSite=None
ASP.NET_SessionId=lllt0po2dlptj0e5hzldgua0; path=/; secure; HttpOnly; SameSite=None
__AntiXsrfMemberToken=e84b1595f3f647e3becff5344124f05a; path=/; secure; HttpOnly; SameSite=None
BIGipDocuSign_NA4=!FtRZ10T/8wCzTOm7IZ73o+v3qY2ncjxqmxxLjaWytcZgwKICzbstxAajxAjhs0rYGZZK9+hKQvjAHg==; path=/; Httponly; Secure
X-DocuSign-Node: SE4FE11
Date: Fri, 10 May 2024 14:12:01 GMT
Content-Length: 290

powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc

64.207.218.224

200 OK

2.6 kB

URL User Request GET HTTP/1.1
powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
IP
64.207.218.224:443
ASN
#62856 DOCUS-6-PROD

Certificate
IssuerDigiCert Inc
Subject*.docusign.net
Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA
ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (2602), with no line terminators
Size
2.6 kB (2602 bytes)
Hash
3ae465686ff2d6d05f02a9515ea37b5b
c5672d235cd18bd0e7fe618239ea679ab827fee4
aeb37e1e1a0390c1761878c3000279d880cfb896b28ee6a096255c44d6d99449

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Docusign

HTTP Headers

GET /0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Express
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html; charset=utf-8
Content-Length: 2602
ETag: W/"a2a-xWctI1zRi9Dn/mGCOepnmrgn/uQ"
Date: Fri, 10 May 2024 14:12:03 GMT
Connection: keep-alive

powerforms.docusign.net/style.css

64.207.218.224

200 OK

1.7 kB

URL GET HTTP/1.1
powerforms.docusign.net/style.css
IP
64.207.218.224:443
ASN
#62856 DOCUS-6-PROD

Requested by
https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Certificate
IssuerDigiCert Inc
Subject*.docusign.net
Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA
ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT

File type
ASCII text
Size
1.7 kB (1672 bytes)
Hash
6d4780f4a04aa9439ec82773ebae5b96
189f4fe014f093e4fa1679983795d31f8c5d7c46
4c6c5a8a261ea27dea417a9063b4f38e49fe21dc888647fe19ad6972bcb70bd0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Docusign

HTTP Headers

GET /style.css HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 25 Aug 2022 23:30:00 GMT
ETag: W/"688-182d75750c0"
Content-Type: text/css; charset=UTF-8
Content-Length: 1672
Date: Fri, 10 May 2024 14:12:03 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains

powerforms.docusign.net/static/css/main.70a50682.chunk.css

64.207.218.224

200 OK

2.0 kB

URL GET HTTP/1.1
powerforms.docusign.net/static/css/main.70a50682.chunk.css
IP
64.207.218.224:443
ASN
#62856 DOCUS-6-PROD

Requested by
https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Certificate
IssuerDigiCert Inc
Subject*.docusign.net
Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA
ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1945)
Size
2.0 kB (1997 bytes)
Hash
29624b52f014f3c76f1da93fc85a3ae8
7d653eef61fb50fce9e5ccdc37f0273270970b43
1e55f6e561fb482bc984782f7a8cc2b12f751658a7768940422bbbf039d9cd05

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Docusign

HTTP Headers

GET /static/css/main.70a50682.chunk.css HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 25 Aug 2022 23:30:00 GMT
ETag: W/"7cd-182d75750c0"
Content-Type: text/css; charset=UTF-8
Content-Length: 1997
Date: Fri, 10 May 2024 14:12:03 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains

powerforms.docusign.net/static/js/main.85a28d98.chunk.js

64.207.218.224

200 OK

212 kB

URL GET HTTP/1.1
powerforms.docusign.net/static/js/main.85a28d98.chunk.js
IP
64.207.218.224:443
ASN
#62856 DOCUS-6-PROD

Requested by
https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Certificate
IssuerDigiCert Inc
Subject*.docusign.net
Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA
ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
212 kB (212365 bytes)
Hash
8d8b688a952daafd629cd0ae8495d425
2f46413baae310c77bb1bcd94e1f8ac84e53877b
41cd7109606d6c6daba20a223eee5bb3bbc8db46a8544d0fd6e9560d9c84c38c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Docusign

HTTP Headers

GET /static/js/main.85a28d98.chunk.js HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 25 Aug 2022 23:30:00 GMT
ETag: W/"33d8d-182d75750c0"
Content-Type: application/javascript; charset=UTF-8
Content-Length: 212365
Date: Fri, 10 May 2024 14:12:03 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains

docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/favicon.ico

23.36.77.32

200 OK

7.4 kB

URL GET HTTP/2
docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/favicon.ico
IP
23.36.77.32:443
ASN
#20940 Akamai International B.V.

Requested by
https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel
Size
7.4 kB (7405 bytes)
Hash
888e04d5d5ff290d47bf73787f1e0bfc
c8edc4b60bb909c025b908f4adbeea557581687c
387483b8c9fb9f677e0d72d066945675540fe417e6e6c70baa9c013cb8fc88cd

HTTP Headers

GET /olive/images/2.15.0/favicons/favicon.ico HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/x-icon
etag: "888e04d5d5ff290d47bf73787f1e0bfc:1584027770.848895"
last-modified: Thu, 12 Mar 2020 15:40:31 GMT
server: AkamaiNetStorage
content-length: 7405
cache-control: max-age=29339983
date: Fri, 10 May 2024 14:12:05 GMT
x-content-type-options: nosniff
X-Firefox-Spdy: h2

powerforms.docusign.net/static/js/2.33610137.chunk.js

64.207.218.224

200 OK

2.3 MB

URL GET HTTP/1.1
powerforms.docusign.net/static/js/2.33610137.chunk.js
IP
64.207.218.224:443
ASN
#62856 DOCUS-6-PROD

Requested by
https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Certificate
IssuerDigiCert Inc
Subject*.docusign.net
Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA
ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65462)
Size
2.3 MB (2338783 bytes)
Hash
38590a85ebdfcab48145bc1443c3dc79
05164b398f603044cd0de3f217ff101e73b57cc8
00f50b898e0425fea14e50652cdb0d0cfb8964e741c862b9a106bb9492866b00

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Docusign

HTTP Headers

GET /static/js/2.33610137.chunk.js HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 25 Aug 2022 23:30:00 GMT
ETag: W/"23afdf-182d75750c0"
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2338783
Date: Fri, 10 May 2024 14:12:03 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains

docucdn-a.akamaihd.net/olive/images/2.47.0/logo-docusign-sans-black.png

23.36.77.32

3.1 kB

URL GET
docucdn-a.akamaihd.net/olive/images/2.47.0/logo-docusign-sans-black.png
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

Requested by
https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
PNG image data, 231 x 76, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3143 bytes)
Hash
551db2e58442b160f940506cb51de094
ee85625772693aa7ede777271e6cd96f24187a81
ef7d1cc9c5e0baf6181a991336e02f30e6c1cdbb47cd1f18dc53a14c4443f659

HTTP Headers

GET /olive/images/2.47.0/logo-docusign-sans-black.png HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "551db2e58442b160f940506cb51de094:1660684741.204379"
last-modified: Fri, 12 Aug 2022 19:56:41 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=30770892
date: Fri, 10 May 2024 14:12:09 GMT
content-length: 3143
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2

powerforms.docusign.net/log

64.207.218.224

200 OK

2 B

URL POST HTTP/1.1
powerforms.docusign.net/log
IP
64.207.218.224:443
ASN
#62856 DOCUS-6-PROD

Requested by
https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Certificate
IssuerDigiCert Inc
Subject*.docusign.net
Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA
ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Docusign

HTTP Headers

POST /log HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Content-Type: application/json
Content-Length: 889
Origin: https://powerforms.docusign.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Express
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/plain; charset=utf-8
Content-Length: 2
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Date: Fri, 10 May 2024 14:12:09 GMT
Connection: keep-alive

na4-app.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=0d26b0cc-3b5b-480e-a52e-75fa4547938c&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc

162.248.184.219

200 OK

2.8 kB

URL GET HTTP/1.1
na4-app.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=0d26b0cc-3b5b-480e-a52e-75fa4547938c&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
IP
162.248.184.219:443
ASN
#62856 DOCUS-6-PROD

Requested by
https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Certificate
IssuerDigiCert Inc
Subject*.docusign.net
Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA
ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT

File type
JSON text data
Size
2.8 kB (2784 bytes)
Hash
d6b7f419b345a28c2bc84a544156579f
5f618fbe2878aa94825da95f023b39e0017ef642
99f9e3160b7559ceb6b0477eb26ca5e39a0328754c51a6fd8f578539d2760ed8

HTTP Headers

GET /Member/PowerFormSigning.aspx?PowerFormId=0d26b0cc-3b5b-480e-a52e-75fa4547938c&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc HTTP/1.1
Host: na4-app.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://powerforms.docusign.net/
Origin: https://powerforms.docusign.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://powerforms.docusign.net
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: pvm=SE4FE28_8841; path=/; secure; HttpOnly; SameSite=None
ASP.NET_SessionId=3jk3gqfu1c3pkuopcxg0yfmt; path=/; secure; HttpOnly; SameSite=None
__AntiXsrfMemberToken=a0e65619d513417c8b7ac5c35108ffa6; path=/; secure; HttpOnly; SameSite=None
MemberConsoleMobile=; path=/; secure; HttpOnly; SameSite=None
X-DocuSign-Node: SE4FE28
Date: Fri, 10 May 2024 14:12:10 GMT
Content-Length: 2784

powerforms.docusign.net/log

64.207.218.224

200 OK

2 B

URL POST HTTP/1.1
powerforms.docusign.net/log
IP
64.207.218.224:443
ASN
#62856 DOCUS-6-PROD

Requested by
https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Certificate
IssuerDigiCert Inc
Subject*.docusign.net
Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA
ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Docusign

HTTP Headers

POST /log HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Content-Type: application/json
Content-Length: 735
Origin: https://powerforms.docusign.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Powered-By: Express
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/plain; charset=utf-8
Content-Length: 2
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Date: Fri, 10 May 2024 14:12:10 GMT
Connection: keep-alive

docucdn-a.akamaihd.net/olive/fonts/2.8.0/maven_pro_bold.woff

23.36.77.32

200 OK

34 kB

URL GET HTTP/2
docucdn-a.akamaihd.net/olive/fonts/2.8.0/maven_pro_bold.woff
IP
23.36.77.32:443
ASN
#20940 Akamai International B.V.

Requested by
https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
Web Open Font Format, CFF, length 33752, version 0.0
Size
34 kB (33752 bytes)
Hash
4de7535f6f5df8d5437c21c068ddb0ec
3553204b4624ca41cf1c4f3bd9b37d8c968cba23
8f6a520a392ff62149e5fc5aa87bfab9b3816cd6010d4d4fca194e8683ca498b

HTTP Headers

GET /olive/fonts/2.8.0/maven_pro_bold.woff HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://powerforms.docusign.net
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff
etag: "4de7535f6f5df8d5437c21c068ddb0ec:1603842502.445065"
last-modified: Tue, 27 Oct 2020 20:30:25 GMT
server: AkamaiNetStorage
content-length: 33752
cache-control: max-age=29434118
date: Fri, 10 May 2024 14:12:10 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2

docucdn-a.akamaihd.net/olive/fonts/2.8.0/HelveticaNeueW01-55Roma.woff

23.36.77.32

200 OK

48 kB

URL GET HTTP/2
docucdn-a.akamaihd.net/olive/fonts/2.8.0/HelveticaNeueW01-55Roma.woff
IP
23.36.77.32:443
ASN
#20940 Akamai International B.V.

Requested by
https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 47748, version 1.0
Size
48 kB (47748 bytes)
Hash
4a573fac9111d6adcb3994983539bd75
69bebefe9edeac85cc27516dbe0ea176c1c2c25c
dac5803d6cbe40244dfd39661406239f83e94e86c976e7229a4e35305a9b5efe

HTTP Headers

GET /olive/fonts/2.8.0/HelveticaNeueW01-55Roma.woff HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://powerforms.docusign.net
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff
etag: "4a573fac9111d6adcb3994983539bd75:1603842490.434411"
last-modified: Tue, 27 Oct 2020 20:30:25 GMT
server: AkamaiNetStorage
content-length: 47748
cache-control: max-age=29269596
date: Fri, 10 May 2024 14:12:10 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2

docucdn-a.akamaihd.net/olive/fonts/2.8.0/HelveticaNeueW01-75Bold.woff

23.36.77.32

200 OK

38 kB

URL GET HTTP/2
docucdn-a.akamaihd.net/olive/fonts/2.8.0/HelveticaNeueW01-75Bold.woff
IP
23.36.77.32:443
ASN
#20940 Akamai International B.V.

Requested by
https://powerforms.docusign.net/0d26b0cc-3b5b-480e-a52e-75fa4547938c?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 37560, version 1.0
Size
38 kB (37560 bytes)
Hash
b9d0556a2c620a939d54c63be3df6c6c
97968884d4c5a93c46ab1334ce9e9156c694ea4d
90973db3f26fe86b648ec735f3183b44902e5cedf2b1a042402bac39da70404f

HTTP Headers

GET /olive/fonts/2.8.0/HelveticaNeueW01-75Bold.woff HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://powerforms.docusign.net
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff
etag: "b9d0556a2c620a939d54c63be3df6c6c:1603842491.763499"
last-modified: Tue, 27 Oct 2020 20:30:25 GMT
server: AkamaiNetStorage
content-length: 37560
cache-control: max-age=30478071
date: Fri, 10 May 2024 14:12:10 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL User Request GET

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP