| integrations.api.mailshake.com/beacon/click?emailID=198e96f7-5270-4264-a6e0-b7eb66be5294&linkID=91df8daf-06ad-4675-a2c7-cef98797982c | 52.201.20.214 | 302 Found | 234 B |
URL User Request GET HTTP/2integrations.api.mailshake.com/beacon/click?emailID=198e96f7-5270-4264-a6e0-b7eb66be5294&linkID=91df8daf-06ad-4675-a2c7-cef98797982c IP52.201.20.214:443
CertificateIssuerAmazon Subject*.api.mailshake.com Fingerprint75:B7:24:C0:B3:B0:B6:40:61:C1:BC:7E:61:F0:5D:57:FD:62:3C:1F ValidityWed, 03 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT
File typeHTML document, ASCII text, with no line terminators Hashd30a149695a00e1e70d32727c858534a 6c1ca5ec24e8630657b29fd3cf23eff0aac67914 2659d4be90c513b919fa9e846be83155d0b52a17e60ad467e9feef8cd5307eb2
GET /beacon/click?emailID=198e96f7-5270-4264-a6e0-b7eb66be5294&linkID=91df8daf-06ad-4675-a2c7-cef98797982c HTTP/1.1
Host: integrations.api.mailshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 19 Apr 2024 13:52:11 GMT
content-type: text/html; charset=utf-8
content-length: 234
location: https://bit.ly/CourtyardByMarriottCharlotteCityCenter?msID=91df8daf-06ad-4675-a2c7-cef98797982c
vary: Origin, Accept, Accept-Encoding
access-control-allow-credentials: true
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
content-security-policy: default-src 'self'
permissions-policy: camera=(), geolocation=(), microphone=()
X-Firefox-Spdy: h2
|
|
| bit.ly/CourtyardByMarriottCharlotteCityCenter?msID=91df8daf-06ad-4675-a2c7-cef98797982c | 67.199.248.10 | 301 Moved Permanently | 255 B |
URL User Request GET HTTP/2bit.ly/CourtyardByMarriottCharlotteCityCenter?msID=91df8daf-06ad-4675-a2c7-cef98797982c IP67.199.248.10:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerDigiCert Inc Subjectbit.ly FingerprintA2:9E:97:EA:E4:51:06:C6:7B:BF:11:55:77:67:F5:8F:E5:7A:F7:0A ValidityFri, 12 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash6575f2a6d1f0b04f50cc26a5bfdcbf45 e3e12388cd2a843d57b186beead86fd91020ea75 cc7e34b40a70f1e95843cb977c5b3be0469db6be9c28a0ceda4a57af1ea30d6d
GET /CourtyardByMarriottCharlotteCityCenter?msID=91df8daf-06ad-4675-a2c7-cef98797982c HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 19 Apr 2024 13:52:11 GMT
content-type: text/html; charset=utf-8
content-length: 255
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://na4.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=dd16b412-28a4-4cba-a2ad-ca0d9024abf6&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&v=2
referrer-policy: unsafe-url
set-cookie: _bit=o3jdQb-d0c988c22efc06f77a-00f; Domain=bit.ly; Expires=Wed, 16 Oct 2024 13:52:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| na4.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=dd16b412-28a4-4cba-a2ad-ca0d9024abf6&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&v=2 | 162.248.184.187 | 302 Found | 290 B |
URL User Request GET HTTP/1.1na4.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=dd16b412-28a4-4cba-a2ad-ca0d9024abf6&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&v=2 IP162.248.184.187:443
CertificateIssuerDigiCert Inc Subjectna4.docusign.net Fingerprint18:E9:E0:12:D0:CD:5E:CE:CB:AA:CD:E4:B1:5A:3F:A7:00:E2:F1:B1 ValidityWed, 01 Nov 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashb4bcfafe4fb189d7396cd63c121ea26f 35a37cb3519faa0e454b1259a39424b58deeab3b 4644efe2ee14b16412d004b424fb0d959c54b3f3890ac9b722c18a430d6470ed
GET /Member/PowerFormSigning.aspx?PowerFormId=dd16b412-28a4-4cba-a2ad-ca0d9024abf6&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&v=2 HTTP/1.1
Host: na4.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Location: https://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: pvm=SE5FE34_8842; path=/; secure; HttpOnly; SameSite=None
ASP.NET_SessionId=ou03zjtxyzvhbxu5doxz5e3v; path=/; secure; HttpOnly; SameSite=None
__AntiXsrfMemberToken=313ce272da914d66868c851c22e59a9a; path=/; secure; HttpOnly; SameSite=None
BIGipDocuSign_NA4=!8dZzi/TZ7PQOoHm7IZ73o+v3qY2ncoimU5Um0BMdFx/GX3HP5QNSeASIjxn/vyqn00+YmFa4Mhwo2g==; path=/; Httponly; Secure
X-DocuSign-Node: SE5FE34
Date: Fri, 19 Apr 2024 13:52:11 GMT
Content-Length: 290
|
|
| powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc | 64.207.216.225 | 200 OK | 2.6 kB |
URL User Request GET HTTP/1.1powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc IP64.207.216.225:443
CertificateIssuerDigiCert Inc Subject*.docusign.net Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (2602), with no line terminators Hash3ae465686ff2d6d05f02a9515ea37b5b c5672d235cd18bd0e7fe618239ea679ab827fee4 aeb37e1e1a0390c1761878c3000279d880cfb896b28ee6a096255c44d6d99449
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Powered-By: Express
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html; charset=utf-8
Content-Length: 2602
ETag: W/"a2a-xWctI1zRi9Dn/mGCOepnmrgn/uQ"
Date: Fri, 19 Apr 2024 13:52:12 GMT
Connection: keep-alive
|
|
| powerforms.docusign.net/style.css | 64.207.216.225 | 200 OK | 1.7 kB |
URL GET HTTP/1.1powerforms.docusign.net/style.css IP64.207.216.225:443
Requested byhttps://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc CertificateIssuerDigiCert Inc Subject*.docusign.net Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT
Hash6d4780f4a04aa9439ec82773ebae5b96 189f4fe014f093e4fa1679983795d31f8c5d7c46 4c6c5a8a261ea27dea417a9063b4f38e49fe21dc888647fe19ad6972bcb70bd0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /style.css HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 25 Aug 2022 23:30:00 GMT
ETag: W/"688-182d75750c0"
Content-Type: text/css; charset=UTF-8
Content-Length: 1672
Date: Fri, 19 Apr 2024 13:52:13 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
|
|
| powerforms.docusign.net/static/css/main.70a50682.chunk.css | 64.207.216.225 | 200 OK | 2.0 kB |
URL GET HTTP/1.1powerforms.docusign.net/static/css/main.70a50682.chunk.css IP64.207.216.225:443
Requested byhttps://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc CertificateIssuerDigiCert Inc Subject*.docusign.net Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (1945) Hash29624b52f014f3c76f1da93fc85a3ae8 7d653eef61fb50fce9e5ccdc37f0273270970b43 1e55f6e561fb482bc984782f7a8cc2b12f751658a7768940422bbbf039d9cd05
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /static/css/main.70a50682.chunk.css HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 25 Aug 2022 23:30:00 GMT
ETag: W/"7cd-182d75750c0"
Content-Type: text/css; charset=UTF-8
Content-Length: 1997
Date: Fri, 19 Apr 2024 13:52:13 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
|
|
| powerforms.docusign.net/static/js/main.85a28d98.chunk.js | 64.207.216.225 | 200 OK | 212 kB |
URL GET HTTP/1.1powerforms.docusign.net/static/js/main.85a28d98.chunk.js IP64.207.216.225:443
Requested byhttps://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc CertificateIssuerDigiCert Inc Subject*.docusign.net Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size212 kB (212365 bytes) Hash8d8b688a952daafd629cd0ae8495d425 2f46413baae310c77bb1bcd94e1f8ac84e53877b 41cd7109606d6c6daba20a223eee5bb3bbc8db46a8544d0fd6e9560d9c84c38c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /static/js/main.85a28d98.chunk.js HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 25 Aug 2022 23:30:00 GMT
ETag: W/"33d8d-182d75750c0"
Content-Type: application/javascript; charset=UTF-8
Content-Length: 212365
Date: Fri, 19 Apr 2024 13:52:13 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
|
|
| docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/favicon.ico | 23.36.77.32 | 200 OK | 7.4 kB |
URL GET HTTP/2docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/favicon.ico IP23.36.77.32:443 ASN#20940 Akamai International B.V.
Requested byhttps://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeMS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel Hash888e04d5d5ff290d47bf73787f1e0bfc c8edc4b60bb909c025b908f4adbeea557581687c 387483b8c9fb9f677e0d72d066945675540fe417e6e6c70baa9c013cb8fc88cd
GET /olive/images/2.15.0/favicons/favicon.ico HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/x-icon
etag: "888e04d5d5ff290d47bf73787f1e0bfc:1584027770.848895"
last-modified: Thu, 12 Mar 2020 15:40:31 GMT
server: AkamaiNetStorage
content-length: 7405
cache-control: max-age=31155558
date: Fri, 19 Apr 2024 13:52:15 GMT
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| powerforms.docusign.net/static/js/2.33610137.chunk.js | 64.207.216.225 | 200 OK | 2.3 MB |
URL GET HTTP/1.1powerforms.docusign.net/static/js/2.33610137.chunk.js IP64.207.216.225:443
Requested byhttps://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc CertificateIssuerDigiCert Inc Subject*.docusign.net Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65462) Size2.3 MB (2338783 bytes) Hash38590a85ebdfcab48145bc1443c3dc79 05164b398f603044cd0de3f217ff101e73b57cc8 00f50b898e0425fea14e50652cdb0d0cfb8964e741c862b9a106bb9492866b00
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /static/js/2.33610137.chunk.js HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 25 Aug 2022 23:30:00 GMT
ETag: W/"23afdf-182d75750c0"
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2338783
Date: Fri, 19 Apr 2024 13:52:13 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
|
|
| docucdn-a.akamaihd.net/olive/images/2.47.0/logo-docusign-sans-black.png | 23.36.77.32 | | 3.1 kB |
URL GET docucdn-a.akamaihd.net/olive/images/2.47.0/logo-docusign-sans-black.png IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Requested byhttps://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typePNG image data, 231 x 76, 8-bit/color RGBA, non-interlaced Hash551db2e58442b160f940506cb51de094 ee85625772693aa7ede777271e6cd96f24187a81 ef7d1cc9c5e0baf6181a991336e02f30e6c1cdbb47cd1f18dc53a14c4443f659
GET /olive/images/2.47.0/logo-docusign-sans-black.png HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "551db2e58442b160f940506cb51de094:1660684741.204379"
last-modified: Fri, 12 Aug 2022 19:56:41 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31043877
date: Fri, 19 Apr 2024 13:52:20 GMT
content-length: 3143
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| powerforms.docusign.net/log | 64.207.216.225 | 200 OK | 2 B |
URL POST HTTP/1.1powerforms.docusign.net/log IP64.207.216.225:443
Requested byhttps://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc CertificateIssuerDigiCert Inc Subject*.docusign.net Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
POST /log HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Content-Type: application/json
Content-Length: 889
Origin: https://powerforms.docusign.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Powered-By: Express
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/plain; charset=utf-8
Content-Length: 2
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Date: Fri, 19 Apr 2024 13:52:20 GMT
Connection: keep-alive
|
|
| na4-app.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=dd16b412-28a4-4cba-a2ad-ca0d9024abf6&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc | 162.248.184.220 | 200 OK | 2.8 kB |
URL GET HTTP/1.1na4-app.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=dd16b412-28a4-4cba-a2ad-ca0d9024abf6&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc IP162.248.184.220:443
Requested byhttps://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc CertificateIssuerDigiCert Inc Subject*.docusign.net Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT
Hashd6b7f419b345a28c2bc84a544156579f 5f618fbe2878aa94825da95f023b39e0017ef642 99f9e3160b7559ceb6b0477eb26ca5e39a0328754c51a6fd8f578539d2760ed8
GET /Member/PowerFormSigning.aspx?PowerFormId=dd16b412-28a4-4cba-a2ad-ca0d9024abf6&env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc HTTP/1.1
Host: na4-app.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://powerforms.docusign.net/
Origin: https://powerforms.docusign.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://powerforms.docusign.net
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: pvm=SE5FE26_8842; path=/; secure; HttpOnly; SameSite=None
ASP.NET_SessionId=a3e4nkizp2wg44edzynv05b3; path=/; secure; HttpOnly; SameSite=None
__AntiXsrfMemberToken=d718bb12aefe467e89b92bfcc816735b; path=/; secure; HttpOnly; SameSite=None
MemberConsoleMobile=; path=/; secure; HttpOnly; SameSite=None
X-DocuSign-Node: SE5FE26
Date: Fri, 19 Apr 2024 13:52:20 GMT
Content-Length: 2784
|
|
| docucdn-a.akamaihd.net/olive/fonts/2.8.0/maven_pro_bold.woff | 23.36.77.32 | 200 OK | 34 kB |
URL GET HTTP/2docucdn-a.akamaihd.net/olive/fonts/2.8.0/maven_pro_bold.woff IP23.36.77.32:443 ASN#20940 Akamai International B.V.
Requested byhttps://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeWeb Open Font Format, CFF, length 33752, version 0.0 Hash4de7535f6f5df8d5437c21c068ddb0ec 3553204b4624ca41cf1c4f3bd9b37d8c968cba23 8f6a520a392ff62149e5fc5aa87bfab9b3816cd6010d4d4fca194e8683ca498b
GET /olive/fonts/2.8.0/maven_pro_bold.woff HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://powerforms.docusign.net
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff
etag: "4de7535f6f5df8d5437c21c068ddb0ec:1603842502.445065"
last-modified: Tue, 27 Oct 2020 20:30:25 GMT
server: AkamaiNetStorage
content-length: 33752
cache-control: max-age=31433067
date: Fri, 19 Apr 2024 13:52:21 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| docucdn-a.akamaihd.net/olive/fonts/2.8.0/HelveticaNeueW01-75Bold.woff | 23.36.77.32 | 200 OK | 38 kB |
URL GET HTTP/2docucdn-a.akamaihd.net/olive/fonts/2.8.0/HelveticaNeueW01-75Bold.woff IP23.36.77.32:443 ASN#20940 Akamai International B.V.
Requested byhttps://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 37560, version 1.0 Hashb9d0556a2c620a939d54c63be3df6c6c 97968884d4c5a93c46ab1334ce9e9156c694ea4d 90973db3f26fe86b648ec735f3183b44902e5cedf2b1a042402bac39da70404f
GET /olive/fonts/2.8.0/HelveticaNeueW01-75Bold.woff HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://powerforms.docusign.net
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff
etag: "b9d0556a2c620a939d54c63be3df6c6c:1603842491.763499"
last-modified: Tue, 27 Oct 2020 20:30:25 GMT
server: AkamaiNetStorage
content-length: 37560
cache-control: max-age=31433415
date: Fri, 19 Apr 2024 13:52:21 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| docucdn-a.akamaihd.net/olive/fonts/2.8.0/HelveticaNeueW01-55Roma.woff | 23.36.77.32 | 200 OK | 48 kB |
URL GET HTTP/2docucdn-a.akamaihd.net/olive/fonts/2.8.0/HelveticaNeueW01-55Roma.woff IP23.36.77.32:443 ASN#20940 Akamai International B.V.
Requested byhttps://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 47748, version 1.0 Hash4a573fac9111d6adcb3994983539bd75 69bebefe9edeac85cc27516dbe0ea176c1c2c25c dac5803d6cbe40244dfd39661406239f83e94e86c976e7229a4e35305a9b5efe
GET /olive/fonts/2.8.0/HelveticaNeueW01-55Roma.woff HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://powerforms.docusign.net
DNT: 1
Connection: keep-alive
Referer: https://powerforms.docusign.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff
etag: "4a573fac9111d6adcb3994983539bd75:1603842490.434411"
last-modified: Tue, 27 Oct 2020 20:30:25 GMT
server: AkamaiNetStorage
content-length: 47748
cache-control: max-age=31085221
date: Fri, 19 Apr 2024 13:52:21 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| powerforms.docusign.net/log | 64.207.216.225 | 200 OK | 2 B |
URL POST HTTP/1.1powerforms.docusign.net/log IP64.207.216.225:443
Requested byhttps://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc CertificateIssuerDigiCert Inc Subject*.docusign.net Fingerprint93:E3:50:6D:65:F8:53:B1:58:B8:C8:EB:FC:06:95:AB:57:5B:4D:AA ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 25 Feb 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
POST /log HTTP/1.1
Host: powerforms.docusign.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://powerforms.docusign.net/dd16b412-28a4-4cba-a2ad-ca0d9024abf6?env=na4&acct=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc&accountId=0aa4ef87-5f7c-4b27-a3af-99b8b2f690dc
Content-Type: application/json
Content-Length: 735
Origin: https://powerforms.docusign.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Powered-By: Express
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/plain; charset=utf-8
Content-Length: 2
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Date: Fri, 19 Apr 2024 13:52:21 GMT
Connection: keep-alive
|
|