www.docusign.net
Open in
urlscan Pro
162.248.184.179
Public Scan
Submitted URL: https://mail.turing.com/api/analytics?ti=d554d536f06a156d824003d0c664b257c1ebe0746f5c636f01cb954c5f0c4b684821ae3ba8e679c...
Effective URL: https://www.docusign.net/Signing/Error.aspx?e=022719f2-12ba-4443-8b18-e227908f58c3&scope=66e9599e-8913-4520-8c27-cd0fd240...
Submission: On April 19 via manual from US — Scanned from DE
Effective URL: https://www.docusign.net/Signing/Error.aspx?e=022719f2-12ba-4443-8b18-e227908f58c3&scope=66e9599e-8913-4520-8c27-cd0fd240...
Submission: On April 19 via manual from US — Scanned from DE
Summary
This website contacted 10 IPs
in 4 countries
across 10 domains to perform 42 HTTP transactions.
The main IP is 162.248.184.179, located in
United States and
belongs to DOCUS-6-PROD, US.
The main domain is www.docusign.net.
The Cisco Umbrella rank of the primary domain is 46282.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on May 19th 2022. Valid for: a year.
This is the only time www.docusign.net was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on May 19th 2022. Valid for: a year.
This is the only time www.docusign.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 34.149.197.1 34.149.197.1 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 157.7.107.78 157.7.107.78 | 7506 (INTERQ GM...) (INTERQ GMO Internet) | |
| 22 | 152.199.23.37 152.199.23.37 | 15133 (EDGECAST) (EDGECAST) | |
| 2 | 2620:1ec:a92:... 2620:1ec:a92::156 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2603:1020:a01... 2603:1020:a01:4::1b | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 1 | 2603:1026:c0d... 2603:1026:c0d:77::2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2603:1026:c0d... 2603:1026:c0d:34::2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2a02:26f0:350... 2a02:26f0:3500:c::5c7b:683d | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 2 14 | 162.248.184.179 162.248.184.179 | 62856 (DOCUS-6-PROD) (DOCUS-6-PROD) | |
| 1 | 2.21.20.198 2.21.20.198 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 35.186.241.51 35.186.241.51 | 15169 (GOOGLE) (GOOGLE) | |
| 42 | 10 |
1
34.149.197.1
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 1.197.149.34.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 1.197.149.34.bc.googleusercontent.com
| mail.turing.com |
1
157.7.107.78
(Japan)
ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 157-7-107-78.virt.lolipop.jp
ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 157-7-107-78.virt.lolipop.jp
| dent-worker.com |
2
2620:1ec:a92::156
(United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| www.office.com | |
| www.microsoft365.com |
1
2603:1020:a01:4::1b
(Zurich, Switzerland)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| webshell.suite.office.com |
1
2603:1026:c0d:77::2
(Frankfurt am Main, Germany)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| outlook.office365.com |
1
2603:1026:c0d:34::2
(Frankfurt am Main, Germany)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| outlook.office.com |
1
2a02:26f0:3500:c::5c7b:683d
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| res-1.cdn.office.net |
1
2.21.20.198
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-198.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-198.deploy.static.akamaitechnologies.com
| docucdn-a.akamaihd.net |
1
35.186.241.51
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
| api.mixpanel.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 22 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 2612 |
374 KB |
| 14 |
docusign.net
2 redirects
www.docusign.net — Cisco Umbrella Rank: 46282 |
196 KB |
| 3 |
office.com
www.office.com — Cisco Umbrella Rank: 5232 webshell.suite.office.com — Cisco Umbrella Rank: 1153 outlook.office.com — Cisco Umbrella Rank: 145 |
4 KB |
| 1 |
mixpanel.com
api.mixpanel.com — Cisco Umbrella Rank: 990 |
346 B |
| 1 |
akamaihd.net
docucdn-a.akamaihd.net — Cisco Umbrella Rank: 27398 |
26 KB |
| 1 |
microsoft365.com
www.microsoft365.com — Cisco Umbrella Rank: 17786 |
993 B |
| 1 |
office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 1610 |
81 KB |
| 1 |
office365.com
1 redirects
outlook.office365.com — Cisco Umbrella Rank: 82 |
3 KB |
| 1 |
dent-worker.com
dent-worker.com |
26 KB |
| 1 |
turing.com
1 redirects
mail.turing.com |
242 B |
| 42 | 10 |
| Domain | Requested by | |
|---|---|---|
| 22 | aadcdn.msftauth.net |
dent-worker.com
|
| 14 | www.docusign.net |
2 redirects
www.docusign.net
|
| 1 | api.mixpanel.com |
docucdn-a.akamaihd.net
|
| 1 | docucdn-a.akamaihd.net |
www.docusign.net
|
| 1 | www.microsoft365.com |
www.office.com
|
| 1 | res-1.cdn.office.net |
webshell.suite.office.com
|
| 1 | outlook.office.com |
dent-worker.com
|
| 1 | outlook.office365.com | 1 redirects |
| 1 | webshell.suite.office.com |
dent-worker.com
|
| 1 | www.office.com |
dent-worker.com
|
| 1 | dent-worker.com | |
| 1 | mail.turing.com | 1 redirects |
| 42 | 12 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.docusign.de |
| www.docusign.com |
| support.docusign.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| dent-worker.com R3 |
2023-04-17 - 2023-07-16 |
3 months | crt.sh |
| aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-01-31 - 2024-01-31 |
a year | crt.sh |
| portal.office.com Microsoft Azure TLS Issuing CA 02 |
2022-08-29 - 2023-08-24 |
a year | crt.sh |
| webshell.suite.office.com Microsoft Azure TLS Issuing CA 05 |
2022-09-29 - 2023-09-24 |
a year | crt.sh |
| outlook.com DigiCert Cloud Services CA-1 |
2022-07-26 - 2023-07-25 |
a year | crt.sh |
| *.res.outlook.com DigiCert SHA2 Secure Server CA |
2023-04-17 - 2024-04-17 |
a year | crt.sh |
| www.docusign.net DigiCert SHA2 Extended Validation Server CA |
2022-05-19 - 2023-06-19 |
a year | crt.sh |
| a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-28 - 2023-06-30 |
a year | crt.sh |
| *.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2023-02-13 - 2024-03-15 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://www.docusign.net/Signing/Error.aspx?e=022719f2-12ba-4443-8b18-e227908f58c3&scope=66e9599e-8913-4520-8c27-cd0fd24068ba
Frame ID: 6194A93A0473EB2AE2AAD208A6BACC6A
Requests: 38 HTTP requests in this frame
Frame:
https://www.office.com/logout?sid=21ff726d-b079-425d-ad71-dc21ccc6386f
Frame ID: 0ABF602FD8B398188F99788BB6EA36D6
Requests: 1 HTTP requests in this frame
Frame:
https://webshell.suite.office.com/iframe/TokenFactoryIframe/Logout?sid=21ff726d-b079-425d-ad71-dc21ccc6386f
Frame ID: DC5B66E1D4A5429268A5016C9947DB08
Requests: 2 HTTP requests in this frame
Frame:
https://outlook.office.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=21ff726d-b079-425d-ad71-dc21ccc6386f&pngSites=none
Frame ID: 474B92E3F56BE2B8C226F084161556CF
Requests: 1 HTTP requests in this frame
Frame:
https://www.microsoft365.com/logout?sid=21ff726d-b079-425d-ad71-dc21ccc6386f&from=logout
Frame ID: 2BF896AC1EB68CB9180A4A6D889F802D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
E-Mail-Link abgelaufenPage URL History Show full URLs
-
https://mail.turing.com/api/analytics?ti=d554d536f06a156d824003d0c664b257c1ebe0746f5c636f01cb954c5f0...
HTTP 302
https://dent-worker.com/auth//78376352////ricardo.castro@grupochamberlain.com?id=com.google.android.... Page URL
-
https://www.docusign.net/Signing/EmailStart.aspx?a=258dc9da-8a63-4c9b-8862-60e98a12fe60&acct=ac39...
HTTP 302
https://www.docusign.net/Signing/EmailStart.aspx?a=258dc9da-8a63-4c9b-8862-60e98a12fe60&acct=ac39... Page URL
-
https://www.docusign.net/Signing/EmailStart.aspx?a=258dc9da-8a63-4c9b-8862-60e98a12fe60&acct=ac39...
HTTP 302
https://www.docusign.net/Signing/Error.aspx?e=022719f2-12ba-4443-8b18-e227908f58c3&scope=66e9599e-891... Page URL
Detected technologies
Microsoft ASP.NET
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.aspx?(?:$|\?)
Mixpanel
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- api\.mixpanel\.com/track
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://www.docusign.de/unternehmen/agb
Title: Nutzungsbedingungen
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
URL: https://www.docusign.com/support
Title: Support
Title: Support
Search URL Search Domain Scan URL
URL: https://support.docusign.com/s/
Title: Feedback
Title: Feedback
Search URL Search Domain Scan URL
URL: https://www.docusign.de/unternehmen/datenschutz
Title: Datenschutzrichtlinie
Title: Datenschutzrichtlinie
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://mail.turing.com/api/analytics?ti=d554d536f06a156d824003d0c664b257c1ebe0746f5c636f01cb954c5f0c4b684821ae3ba8e679c9e7728c86aa69b0b0eed472c96393f62a0c431339782e0ac4d40f4a8cad32476fff07a90a24abc253eae29ade09a4a164d68248967df03bc0b5257f664b57a390cc3682f8eca1aefd040988f60d0b6f829267aae6229c4d&rd=https%3A%2F%2Fdent-worker.com%2Fauth%2F%2F78376352%2F%2F%2F%2Fricardo.castro%40grupochamberlain.com%3Fid%3Dcom.google.android.apps.youtube.music
HTTP 302
https://dent-worker.com/auth//78376352////ricardo.castro@grupochamberlain.com?id=com.google.android.apps.youtube.music Page URL
-
https://www.docusign.net/Signing/EmailStart.aspx?a=258dc9da-8a63-4c9b-8862-60e98a12fe60&acct=ac39411a-9793-43b6-b0e0-70e853e1843b&er=d2369ab9-b1b1-4151-8001-ffd72898e62d
HTTP 302
https://www.docusign.net/Signing/EmailStart.aspx?a=258dc9da-8a63-4c9b-8862-60e98a12fe60&acct=ac39411a-9793-43b6-b0e0-70e853e1843b&er=d2369ab9-b1b1-4151-8001-ffd72898e62d&AspxAutoDetectCookieSupport=1 Page URL
-
https://www.docusign.net/Signing/EmailStart.aspx?a=258dc9da-8a63-4c9b-8862-60e98a12fe60&acct=ac39411a-9793-43b6-b0e0-70e853e1843b&er=d2369ab9-b1b1-4151-8001-ffd72898e62d&AspxAutoDetectCookieSupport=1&persistent_auth_token=no_client_token
HTTP 302
https://www.docusign.net/Signing/Error.aspx?e=022719f2-12ba-4443-8b18-e227908f58c3&scope=66e9599e-8913-4520-8c27-cd0fd24068ba Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://mail.turing.com/api/analytics?ti=d554d536f06a156d824003d0c664b257c1ebe0746f5c636f01cb954c5f0c4b684821ae3ba8e679c9e7728c86aa69b0b0eed472c96393f62a0c431339782e0ac4d40f4a8cad32476fff07a90a24abc253eae29ade09a4a164d68248967df03bc0b5257f664b57a390cc3682f8eca1aefd040988f60d0b6f829267aae6229c4d&rd=https%3A%2F%2Fdent-worker.com%2Fauth%2F%2F78376352%2F%2F%2F%2Fricardo.castro%40grupochamberlain.com%3Fid%3Dcom.google.android.apps.youtube.music HTTP 302
- https://dent-worker.com/auth//78376352////ricardo.castro@grupochamberlain.com?id=com.google.android.apps.youtube.music
- https://outlook.office365.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=21ff726d-b079-425d-ad71-dc21ccc6386f HTTP 302
- https://outlook.office.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=21ff726d-b079-425d-ad71-dc21ccc6386f&pngSites=none
- https://www.docusign.net/Signing/EmailStart.aspx?a=258dc9da-8a63-4c9b-8862-60e98a12fe60&acct=ac39411a-9793-43b6-b0e0-70e853e1843b&er=d2369ab9-b1b1-4151-8001-ffd72898e62d HTTP 302
- https://www.docusign.net/Signing/EmailStart.aspx?a=258dc9da-8a63-4c9b-8862-60e98a12fe60&acct=ac39411a-9793-43b6-b0e0-70e853e1843b&er=d2369ab9-b1b1-4151-8001-ffd72898e62d&AspxAutoDetectCookieSupport=1
42 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
ricardo.castro@grupochamberlain.com
dent-worker.com/auth//78376352//// Redirect Chain
|
84 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
108 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
117 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aad.login.min_kx1da7l2dz6nhe9kugk19a2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
178 KB 44 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
microsoft_logo.png
aadcdn.msftauth.net/ests/2.1/content/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
0 1 KB |
Other
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2_7916a894ebde7d29c2cc29b267f1299f.jpg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
0 17 KB |
Other
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
microsoft_logo.png
aadcdn.msftauth.net/ests/2.1/content/images/ |
0 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
work_account_1963c6b1926b773986f53f844ce4c32e.png
aadcdn.msftauth.net/shared/1.0/content/images/ |
0 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
personal_account_0f72b5950600f24e7f9a604b186f3945.png
aadcdn.msftauth.net/shared/1.0/content/images/ |
0 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 40 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aad.login.min_kx1da7l2dz6nhe9kugk19a2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 44 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logout
www.office.com/ Frame 0ABF |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Logout
webshell.suite.office.com/iframe/TokenFactoryIframe/ Frame DC5B |
416 B 934 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logoff.aspx
outlook.office.com/owa/auth/ Frame 474B Redirect Chain
|
263 B 2 KB |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
987 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2_7916a894ebde7d29c2cc29b267f1299f.jpg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
suiteux.shell.msaltokenfactoryiframe.46c7c961ee4d424936d8.js
res-1.cdn.office.net/shellux/ Frame DC5B |
415 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logout
www.microsoft365.com/ Frame 2BF8 |
1 KB 993 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
0 1 KB |
Other
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2_7916a894ebde7d29c2cc29b267f1299f.jpg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
0 17 KB |
Other
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
microsoft_logo.png
aadcdn.msftauth.net/ests/2.1/content/images/ |
0 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
work_account_1963c6b1926b773986f53f844ce4c32e.png
aadcdn.msftauth.net/shared/1.0/content/images/ |
0 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
personal_account_0f72b5950600f24e7f9a604b186f3945.png
aadcdn.msftauth.net/shared/1.0/content/images/ |
0 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 40 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aad.login.min_kx1da7l2dz6nhe9kugk19a2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 44 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
EmailStart.aspx
www.docusign.net/Signing/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
Error.aspx
www.docusign.net/Signing/ Redirect Chain
|
69 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Framework.css
www.docusign.net/Signing/StyleSheets/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-faces.css
www.docusign.net/Signing/SigningApp/latest/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ErrorExpired.css
www.docusign.net/Signing/StyleSheetsDev/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo_docusign_new_white.png
www.docusign.net/Signing/Images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
linkExpired.png
www.docusign.net/Signing/Images/linkExpired/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
btn_arrow_u.png
www.docusign.net/Signing/Images/controls/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.12.3.min.js
www.docusign.net/Signing/client_scripts/jQuery/ |
95 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mixpanel-2-2-1b.js
docucdn-a.akamaihd.net/v/static/ |
117 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HelveticaNeue.woff
www.docusign.net/Signing/SigningApp/latest/fonts/helvetica-neue/ |
47 KB 47 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HelveticaNeue-Bold.woff
www.docusign.net/Signing/SigningApp/latest/fonts/helvetica-neue/ |
37 KB 37 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
MavenPro-Bold.woff
www.docusign.net/Signing/SigningApp/latest/fonts/maven-pro/ |
33 KB 33 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
api.mixpanel.com/track/ |
1 B 346 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| timeInfo function| DSLogEvent function| $ function| jQuery boolean| res_IE9_10 boolean| res_IE7 string| bdyId string| formbodyId string| borderId string| headertabsId string| headerId string| footerId string| tiId string| headerContentId string| hldrOutside string| masterIsMobile string| masterIsSafari boolean| leavemastermenuopen function| BtnCancelMD function| ChangeSelectedAccount function| CE function| MasterPageAction function| ChangeSite function| CloseMasterPageMenus function| OpenMasterPageMenu function| LanguageMenuMobileHander function| ShowAccounts function| LogoSizePage function| MasterPageBrowserWidth function| MasterPageScrollLeft function| upgradeClick object| mixpanel function| GoBack13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.office.com/ | Name: OH.SID Value: ec9c9c18-3207-453f-8dee-9ed61766fa78 |
|
| www.office.com/ | Name: OH.DCAffinity Value: OH-weu |
|
| www.office.com/ | Name: OH.FLID Value: b5b0f003-5fac-4381-bb16-8ffc69466a04 |
|
| www.microsoft365.com/ | Name: OH.SID Value: ef8c02fe-4c85-48a9-b90b-b7234b3efa17 |
|
| www.microsoft365.com/ | Name: OH.DCAffinity Value: OH-weu |
|
| www.microsoft365.com/ | Name: OH.FLID Value: 184a1549-3ad9-45e9-ba53-6038c7acbbd3 |
|
| www.docusign.net/ | Name: pv Value: SE103FE61_8812 |
|
| www.docusign.net/ | Name: AspxAutoDetectCookieSupport Value: 1 |
|
| www.docusign.net/ | Name: ssid Value: 4b1ublxqr4dnukxurfce2abd |
|
| www.docusign.net/ | Name: MemberConsoleMobile Value: |
|
| www.docusign.net/ | Name: DSSessionAttributes Value: EnvelopeId:022719f2-12ba-4443-8b18-e227908f58c3,SenderAccountId:e1a50535-2532-4341-a510-0fc130a62c75,RecipientAccountId:ac39411a-9793-43b6-b0e0-70e853e1843b,RecipientId:d2369ab9-b1b1-4151-8001-ffd72898e62d |
|
| www.docusign.net/ | Name: mp_304ccbde24d3b15ffe2d5de30c10dab2_mixpanel Value: %7B%22distinct_id%22%3A%20%22174906F00C596FBF07B26426176D60B8F4EC041F%22%2C%22%24initial_referring_domain%22%3A%20%22www.docusign.net%22%7D |
|
| www.docusign.net/ | Name: BIGipServerpool_SE2_NA1_Web Value: !IRpeodBxYlV2s9CYx8H2Xk1KNuzRSSx86Xk5d44XrQ3oiI9dWft7COg2RZMvsHWeL81sCG/QIyUNlvw= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
api.mixpanel.com
dent-worker.com
docucdn-a.akamaihd.net
mail.turing.com
outlook.office.com
outlook.office365.com
res-1.cdn.office.net
webshell.suite.office.com
www.docusign.net
www.microsoft365.com
www.office.com
152.199.23.37
157.7.107.78
162.248.184.179
2.21.20.198
2603:1020:a01:4::1b
2603:1026:c0d:34::2
2603:1026:c0d:77::2
2620:1ec:a92::156
2a02:26f0:3500:c::5c7b:683d
34.149.197.1
35.186.241.51
1f9b1ad181249325ab2481168c846d2b955cb0ebedc7968d64d37eb53194789b
2a5179b8851c8e3dfc77d7dcb33b3963afa037608336d6ae412acaa38ad59d22
2f186cdfa13b6ca51f69d44bac8a7d5b69e1d5409a68d21f5768a87c6dfdb3a1
4946fcf019e50cf850a0344e45b3a8f93d5ead5e1dade33695025ef732913af1
585c15f044d19a1f0a1ba994b70992ce92e30cfd9443bab663d3f17b13d69708
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ad1ad65fa56e4154d943099b98bcf6d8dd59df30f637f1088b2c228bb5a5c79
7b864a0849a80059486f0b024b5b72a98628825f8134c6158efdcc83c01a7935
7c97e32c638ae612be0d5e5217ed6f894c6988c10c9e2ea6d12625c779849da8
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
8f6a520a392ff62149e5fc5aa87bfab9b3816cd6010d4d4fca194e8683ca498b
90973db3f26fe86b648ec735f3183b44902e5cedf2b1a042402bac39da70404f
9537f00ca371747a97a2acca388f7b2379a7fa7c59bde18c3d2621c0de8de492
9d00ab4d752684d01e41bbbf09ff339ee20a693da8bb93000e527914f2abed4c
a00f7ed35be5bfea9cbbdcbeca07f536d9db6fb6391ca55ad38790eecb01ffeb
a3190b931ac98d0dc177ba30a2937fc64e973f3e693cabaeadf8e34965957141
a54e96f6389599aae4ff2abf078008e16057de4dab4f40c758e5121ee916f0ed
af94583adcbe8c39717c70eabfb0a098635151ed3c66975c0190f5be89677e85
cdfa2c94a06fa985649f2853a1d1bc2c64cd1b487b5eb6ebb2dcfaaea5de2fb9
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
dac5803d6cbe40244dfd39661406239f83e94e86c976e7229a4e35305a9b5efe
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd5eb91a05ef65653a6e9c4ddb60482ee93ad2994c1925cd2b7a310e7bdcc73
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
ff2a6fd9f9b72c4d8292fd00f48d8be351ffa3f81c0a25d0a4ed5d5296092765
ffa8c6a4ce199bfd9e32b05e0e4dece330c6a577fb3a0e8518291619c658c486