urlscan.io logo urlscan.io
SecurityTrails logo

login.docsign-online.com Open in urlscan Pro
3.216.14.142  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofY...
Effective URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Submission: On February 08 via manual from CA — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 44 HTTP transactions. The main IP is 3.216.14.142, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is login.docsign-online.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 3rd 2024. Valid for: a year.
This is the only time login.docsign-online.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 64.78.56.115 16406 (AS-INTERM...)
29 3.216.14.142 14618 (AMAZON-AES)
3 3.5.11.17 14618 (AMAZON-AES)
1 13.32.23.106 16509 (AMAZON-02)
44 5
Apex Domain
Subdomains		 Transfer
29 docsign-online.com
login.docsign-online.com
56 KB
10 emailprotection.link
url.emailprotection.link — Cisco Umbrella Rank: 141046
400 KB
3 amazonaws.com
tslp.s3.amazonaws.com — Cisco Umbrella Rank: 117377
65 KB
1 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
3 KB
44 4
Domain Requested by
29 login.docsign-online.com url.emailprotection.link
login.docsign-online.com
10 url.emailprotection.link url.emailprotection.link
3 tslp.s3.amazonaws.com login.docsign-online.com
1 d2wy8f7a9ursnm.cloudfront.net login.docsign-online.com
44 4

This site contains no links.

Subject Issuer Validity Valid
*.emailprotection.link
GeoTrust TLS RSA CA G1		 2023-07-10 -
2024-08-09		 a year crt.sh
techsupport-corp.com
Amazon RSA 2048 M03		 2024-01-03 -
2025-02-01		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.docsign-online.com/58d1c5de5c772070?l=39
Frame ID: 839FDC9FB7885B71F65755BB6969A875
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsa... Page URL
  2. https://login.docsign-online.com/58d1c5de5c772070?l=39 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

98 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

524 kB
Transfer

719 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q Page URL
  2. https://login.docsign-online.com/58d1c5de5c772070?l=39 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
url.emailprotection.link/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.78.56.115 Duluth, United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS
intermedia.net
Software
nginx /
Resource Hash
1a40f55653ac868b6808acf93ff93093d3d76aa2066fb6bd63a5861b12723a2e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 08 Feb 2024 10:41:06 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex
new_style.css
url.emailprotection.link/new/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/css/new_style.css
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.78.56.115 Duluth, United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS
intermedia.net
Software
nginx /
Resource Hash
8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 10:41:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 11:04:24 GMT
Server
nginx
ETag
W/"64f70b38-1e80"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
X-Robots-Tag
noindex
new_screenshot.js
url.emailprotection.link/new/js/ 		1 KB
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/js/new_screenshot.js
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.78.56.115 Duluth, United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS
intermedia.net
Software
nginx /
Resource Hash
c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 10:41:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 11:04:24 GMT
Server
nginx
ETag
W/"64f70b38-574"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
X-Robots-Tag
noindex
tooltipster.css
url.emailprotection.link/new/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/css/tooltipster.css
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.78.56.115 Duluth, United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS
intermedia.net
Software
nginx /
Resource Hash
ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 10:41:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 11:04:24 GMT
Server
nginx
ETag
W/"64f70b38-2965"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
X-Robots-Tag
noindex
jquery-1.9.1.js
url.emailprotection.link/new/js/libs/ 		142 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/js/libs/jquery-1.9.1.js
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.78.56.115 Duluth, United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS
intermedia.net
Software
nginx /
Resource Hash
6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 10:41:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 11:04:24 GMT
Server
nginx
ETag
W/"64f70b38-23758"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
X-Robots-Tag
noindex
jquery.tooltipster.min.js
url.emailprotection.link/new/js/libs/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/js/libs/jquery.tooltipster.min.js
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.78.56.115 Duluth, United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS
intermedia.net
Software
nginx /
Resource Hash
e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 10:41:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 11:04:24 GMT
Server
nginx
ETag
W/"64f70b38-43a9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
X-Robots-Tag
noindex
new_scanning.js
url.emailprotection.link/new/js/ 		947 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/js/new_scanning.js
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.78.56.115 Duluth, United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS
intermedia.net
Software
nginx /
Resource Hash
04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 10:41:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 11:04:24 GMT
Server
nginx
ETag
W/"64f70b38-3b3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
X-Robots-Tag
noindex
scanning_70.gif
url.emailprotection.link/new/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://url.emailprotection.link/new/images/scanning_70.gif
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.78.56.115 Duluth, United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS
intermedia.net
Software
nginx /
Resource Hash
b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 10:41:07 GMT
Last-Modified
Tue, 05 Sep 2023 11:04:24 GMT
Server
nginx
ETag
"64f70b38-78dd"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
30941
logo_160_19.svg
url.emailprotection.link/new/images/ 		1 KB
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://url.emailprotection.link/new/images/logo_160_19.svg
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.78.56.115 Duluth, United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS
intermedia.net
Software
nginx /
Resource Hash
7d8d729017c5d5d7e51c687274fb47335f0727eb4efc009adb5f1e2a2c9ad49e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?b9ywl3XrmT1ruyUZnKt1a2lOm7zW7mFr_IN0trxF8MSw3ruH-kOIvg13F0jRHBOAinvhNu-ezsaqIaHlJKv_j4NI1D_DofYvaf3cVMmc7F0wBabJdpFWXR9UnabNEFa-q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 10:41:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 11:04:24 GMT
Server
nginx
ETag
W/"64f70b38-52c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
X-Robots-Tag
noindex
notosans-regular.ttf
url.emailprotection.link/new/fonts/ 		306 KB
306 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/fonts/notosans-regular.ttf
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/css/new_style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.78.56.115 Duluth, United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS
intermedia.net
Software
nginx /
Resource Hash
c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b

Request headers

Referer
https://url.emailprotection.link/new/css/new_style.css
Origin
https://url.emailprotection.link
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 10:41:07 GMT
Last-Modified
Tue, 05 Sep 2023 11:04:24 GMT
Server
nginx
ETag
"64f70b38-4c738"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
313144
Primary Request 58d1c5de5c772070
login.docsign-online.com/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.docsign-online.com/58d1c5de5c772070?l=39
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/js/new_scanning.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
0f208b0462921db277bafb41ae91ff49037592bb3d1a612347e7f329b9288588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://url.emailprotection.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Feb 2024 10:41:10 GMT
etag
W/"0f208b0462921db277bafb41ae91ff49"
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-host-info
lw-prod-us-i-0b4ddcf70cad9ae74 ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-permitted-cross-domain-policies
none
x-request-id
d1ee1779-bcac-483d-bd85-dfb254e80aec
x-runtime
0.014075
x-xss-protection
1; mode=block
plugin_detect.js
tslp.s3.amazonaws.com/detect/ 		49 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=d1c5dc7720&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.11.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 10:41:11 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
311PN0J3VY8J6VRN
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
b7F+/HwvsbP9d+c4bm1GWq80UDb9qv9Kvn6Ey6NrU63GnjoF1Uk3P1rbdW/7nXmkErBHQQZu6qrpeUTGMnroFg==
docusign-logo-1--3b47d9.png
tslp.s3.amazonaws.com/training/production/314/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tslp.s3.amazonaws.com/training/production/314/docusign-logo-1--3b47d9.png
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.11.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
bf69eb92031a31edf02b42b717b280033c3e6aeb3d7e4506d70538ec2eb8bec4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 10:41:11 GMT
x-amz-version-id
QPiwBLSO34M97nxJlRdKu81O4nqbo1ll
Last-Modified
Mon, 13 Mar 2023 14:53:57 GMT
Server
AmazonS3
x-amz-request-id
311RN8BZ3YF5BBY6
ETag
"36b5a982fa3af5d5d3028a55508f6249"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
15110
x-amz-id-2
H51KawIAh/Esud+c5gGXHcTsThMyuCCVyN9AjOKyNWoRVRBWUi1EPCBSy05mu9dkLri/k/nHy9itp7DL6L+g4w==
training.js
tslp.s3.amazonaws.com/assets/js/ 		352 B
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/assets/js/training.js
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.11.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 10:41:11 GMT
x-amz-version-id
6KvPBARKn9Wl5VW3Hl_LtK2bIq68QrGH
Last-Modified
Fri, 26 Aug 2022 14:07:38 GMT
Server
AmazonS3
x-amz-request-id
311TW5MCS9TE4906
ETag
"029ab28ca3c245dc425e3f3f6599d480"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
352
x-amz-id-2
9nO292nVyJ/w4qe5wEbPq+VY9N7T6MRWcTr3hEByICVCc60Hjkko1SB1+ZAGSMtNXEeb25hCjEBsSMrVqlwQPg==
alt_pixel_click_d1c5dc7720.gif
login.docsign-online.com/ 		0
0
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 04 Feb 2024 08:35:29 GMT
Content-Encoding
gzip
Via
1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-version-id
null
X-Amz-Cf-Pop
FRA56-C2
Age
353143
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2962
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
ETag
"6103bb5e4ec6141e19e1100caafc780c"
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
X-Amz-Cf-Id
nRgdbd0D9Gd6DzucntZ6cEJJswDCauqGU-KDiXKBfKUdPTsrv77gSQ==
jquery.min.js
login.docsign-online.com/assets/ajax/libs/jquery/1.9.1/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.docsign-online.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2024 14:01:59 GMT
server
ThreatSim-Web-Server
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
all.js
login.docsign-online.com/assets/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.docsign-online.com/assets/all.js?g=d1c5dc7720
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2024 14:02:01 GMT
server
ThreatSim-Web-Server
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
content-length
7191
expires
Thu, 31 Dec 2037 23:55:55 GMT
bg.png
login.docsign-online.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/bg.png
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
ff15ee304b9fa684507d889a5a342f7c89116739b04b0a160be65e0a63718f0f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-runtime
0.000948
date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
x-request-id
72a2b53b-ab5a-4817-a8ba-ef766bffdbe9
browser_post
login.docsign-online.com/secure/ 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.docsign-online.com/secure/browser_post
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
75713113-4cfa-443d-a83c-95177ef91b57
x-runtime
0.006466
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding, Accept
x-frame-options
SAMEORIGIN
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
926a0aec-78aa-4fbb-a2de-c37f80d4592d
x-runtime
0.002639
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
549f6abc-fae4-4607-82b1-c18b92429be2
x-runtime
0.002250
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
5a7eafc8-2112-4d5e-aa95-3391f4a856c5
x-runtime
0.001872
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
8782d80a-4082-4064-9004-4d52cbf18d22
x-runtime
0.002372
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20browser_version%20%3D%20120&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
95a8d974-039f-455d-8c30-d7cb442f2f5a
x-runtime
0.002468
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
2cf9e6e2-5023-4baf-9319-f49061fc5d74
x-runtime
0.002539
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
f69f9d61-bcb5-4736-a0b6-037d14803a84
x-runtime
0.002629
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
8e253459-c350-45c0-a8df-e3dbe883fb5c
x-runtime
0.002551
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
bc65437d-56fe-4e78-925a-b518138749cc
x-runtime
0.007136
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
eee7e2c0-84d0-42e7-b111-ee48bf4bd994
x-runtime
0.001698
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
77ed9a8e-2295-4fc9-9271-f1ccc963c9fd
x-runtime
0.001664
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
c44c512f-8669-45d7-bcf5-2f4a814704e1
x-runtime
0.001493
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
d647db6e-c14f-48e2-8e21-6297eecf91c5
x-runtime
0.002021
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
3d392f2f-645f-4ac9-803f-c081fb4ff16f
x-runtime
0.002273
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
c098c19d-3ca1-4627-9d63-b35063b0f57b
x-runtime
0.003066
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=Skipping%20java%20detection&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
1b07b185-b437-405e-8c88-e778d05beb82
x-runtime
0.001819
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=Skipping%20flash%20detection&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
b39c60e5-1ea5-4d9f-9807-0d017ac2952a
x-runtime
0.001347
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=Skipping%20pdf%20detection&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
53e11645-244c-471b-b692-c6a9183b66b0
x-runtime
0.001850
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=Skipping%20quicktime%20detection&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
55365932-f3db-4ff9-8739-c076261792eb
x-runtime
0.001283
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=Skipping%20RealPlayer%20detection&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
0b96b3e7-a4a0-4ecd-87e9-04c94c6ba7d9
x-runtime
0.002829
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=Skipping%20Silverlight%20detection&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
76caf683-77aa-42f4-bbe4-59fa2cda8985
x-runtime
0.004951
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
78e327ea-4220-4823-92c9-bdabc1b33844
x-runtime
0.001520
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=redirect_url%20is%20undefined&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
4342055f-a529-4900-9f16-5140df4ff98d
x-runtime
0.002311
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
login.docsign-online.com/ 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.docsign-online.com/trace?id=d1c5dc7720&msg=browser_post_successful&correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36
Requested by
Host: login.docsign-online.com
URL: https://login.docsign-online.com/58d1c5de5c772070?l=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.14.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-14-142.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.docsign-online.com/58d1c5de5c772070?l=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
04c7a335-155b-4473-aa1c-526c81e3ec06
x-runtime
0.001275
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.docsign-online.com
URL
https://login.docsign-online.com:49153/alt_pixel_click_d1c5dc7720.gif?correlation_id=33119be3-b818-431b-bf51-a2dedebeaf36

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| PluginDetect object| detector boolean| do_not_detect_java boolean| do_not_detect_flash boolean| do_not_detect_pdf boolean| do_not_detect_quicktime boolean| do_not_detect_realplayer boolean| do_not_detect_silverlight boolean| do_not_detect_wmp object| Bugsnag function| $ function| jQuery object| plugin_detector boolean| console_debug string| guid boolean| test_mode string| tracking_id string| correlation_id string| base_post_url object| BrowserDetect object| $_GET undefined| regex undefined| items undefined| last function| log_error function| log_to_console function| log_message boolean| fingerprinted function| strip function| secureSubmitWithGuid function| secureSubmit function| findUsername function| checkPassword function| secureLogAndRedirect function| sendFingerprint function| imageSender function| sendIndividually function| loadAllInfo object| local_addresses function| redirector function| rewriteLinks function| isFormValid

2 Cookies

Domain/Path Name / Value
login.docsign-online.com/ Name: EXFILGUID
Value: d1c5dc7720
login.docsign-online.com/ Name: link_clicked_d1c5dc7720
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://login.docsign-online.com/bg.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2wy8f7a9ursnm.cloudfront.net
login.docsign-online.com
tslp.s3.amazonaws.com
url.emailprotection.link
login.docsign-online.com
13.32.23.106
3.216.14.142
3.5.11.17
64.78.56.115
04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c
0f208b0462921db277bafb41ae91ff49037592bb3d1a612347e7f329b9288588
1a40f55653ac868b6808acf93ff93093d3d76aa2066fb6bd63a5861b12723a2e
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964
7d8d729017c5d5d7e51c687274fb47335f0727eb4efc009adb5f1e2a2c9ad49e
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9
8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8
bf69eb92031a31edf02b42b717b280033c3e6aeb3d7e4506d70538ec2eb8bec4
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b
c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592
ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86
e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff15ee304b9fa684507d889a5a342f7c89116739b04b0a160be65e0a63718f0f