Submitted URL: https://na2.docusign.net/Signing/?ti=87808207e77b49588e5e96ce6af6cbf7
Effective URL: https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Submission: On January 11 via manual from US

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions.
The main IP is 162.248.185.48, located in United States and belongs to DOCUS-6-PROD - Docusign, Inc, US. The main domain is na2.docusign.net.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 27th 2018. Valid for: a year.
This is the first time this domain was scanned on urlscan.io!

Verdict: Malicious (Score: 100/100) Show Details

  • urlscan - Score: 100
    phishing
    Phishing against DocuSign (Online)

Domain & IP information

IP Address AS Autonomous System
2 12 162.248.185.48 62856 (DOCUS-6-PROD)
1 2.16.106.105 20940 (AKAMAI-ASN1)
1 35.186.241.51 15169 (GOOGLE)
12 3
Domain
Subdomains
Transfer
12 docusign.net
146 KB
1 mixpanel.com
186 B
1 akamaihd.net
26 KB
12 3
Domain Requested by
12 na2.docusign.net 2 redirects na2.docusign.net
1 api.mixpanel.com docucdn-a.akamaihd.net
1 docucdn-a.akamaihd.net na2.docusign.net
12 3

This site contains links to these domains. Also see Links.

Domain
www.docusign.com
community.docusign.com
Subject / Issuer Validity Valid
na2.docusign.net
DigiCert SHA2 Extended Validation Server CA
2018-06-27 -
2019-06-23
a year
a248.e.akamai.net
DigiCert ECC Secure Server CA
2018-01-23 -
2019-01-19
a year
*.mixpanel.com
RapidSSL RSA CA 2018
2018-01-11 -
2020-05-01
2 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • env /^Mixpanel$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
/Signing
Redirect Chain
  • https://na2.docusign.net/Signing/?ti=87808207e77b49588e5e96ce6af6cbf7
  • https://na2.docusign.net/Signing/?ti=87808207e77b49588e5e96ce6af6cbf7&AspxAutoDetectCookieSupport=1
  • https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
74 KB
20 KB
Document
General
Full URL
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.248.185.48 , United States, ASN62856 (DOCUS-6-PROD - Docusign, Inc, US),
Reverse DNS
na2.docusign.net
Software
/
Resource Hash
1f2b74ac456c4c9e23bb6592b8bea2fa10d6946466312bb886fd22a7b83ee64d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
na2.docusign.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Cookie
AspxAutoDetectCookieSupport=1; ssid=jin4dbxkqwoxzhrwy31iugvn; BIGipDocuSign_NA2_Signing=!x6YfFqVaaJSonduoMoqGkhsS08CBWKQKnbjjqQEK4jrMRe+sYDfFtQjWXezuRCDonv3hiD+chxfUuYw=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
X-Frame-Options
SAMEORIGIN
Content-Security-Policy-Report-Only
script-src https://cdn.janrain.xyz https://d6uon097akywu.cloudfront.net https://www.paypal.com https://js.braintreegateway.com https://assets.braintreegateway.com https://www.paypalobjects.com 'self' 'unsafe-inline' https://docucdn-a.akamaihd.net/ 'unsafe-eval' https://rpxnow.com https://login.docusign.net/ https://ajax.aspnetcdn.com/ https://d29usylhdk1xyu.cloudfront.net/;img-src data: https://docucdn-a.akamaihd.net https://checkout.paypal.com https://assets.braintreegateway.com 'self' https://*.docusign.com https://*.docusign.net https://cdn.janrain.xyz https://docj27ko03fnu.cloudfront.net/ https://d3hmp0045zy3cs.cloudfront.net/;style-src 'self' 'unsafe-inline' https://d3hmp0045zy3cs.cloudfront.net/ https://docucdn-a.akamaihd.net/;font-src 'self' https://* data:; object-src 'self';connect-src https://*.docusign.com https://*.docusign.net https://*.pndsn.com https://www.paypal.com 'self' https://api.mixpanel.com/ https://*.pubnub.com/ https://*.braintreegateway.com https://*.braintree-api.com;media-src 'none'; report-uri /Signing/monitoring/csp/report
Set-Cookie
MemberConsoleMobile=; path=/; secure; HttpOnly BIGipDocuSign_NA2_Signing=!9OA5JGJilqPdv7uoMoqGkhsS08CBWGQI8LYoz5OJZjnd2zgLh5e/XAbRCefFSn5voRDgOJp8q46b/Yg=;path=/;secure;HttpOnly;
X-DocuSign-Node
CH1FE76
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Date
Fri, 11 Jan 2019 18:50:29 GMT
Content-Length
18723
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Content-Encoding
gzip
Connection
Keep-Alive

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Location
/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-AspNetMvc-Version
5.2
X-UA-Compatible
IE=edge
Content-Security-Policy-Report-Only
script-src https://cdn.janrain.xyz https://d6uon097akywu.cloudfront.net https://www.paypal.com https://js.braintreegateway.com https://assets.braintreegateway.com https://www.paypalobjects.com 'self' 'unsafe-inline' https://docucdn-a.akamaihd.net/ 'unsafe-eval' https://rpxnow.com https://login.docusign.net/ https://ajax.aspnetcdn.com/ https://d29usylhdk1xyu.cloudfront.net/;img-src data: https://docucdn-a.akamaihd.net https://checkout.paypal.com https://assets.braintreegateway.com 'self' https://*.docusign.com https://*.docusign.net https://cdn.janrain.xyz https://docj27ko03fnu.cloudfront.net/ https://d3hmp0045zy3cs.cloudfront.net/;style-src 'self' 'unsafe-inline' https://d3hmp0045zy3cs.cloudfront.net/ https://docucdn-a.akamaihd.net/;font-src 'self' https://* data:; object-src 'self';connect-src https://*.docusign.com https://*.docusign.net https://*.pndsn.com https://www.paypal.com 'self' https://api.mixpanel.com/ https://*.pubnub.com/ https://*.braintreegateway.com https://*.braintree-api.com;media-src 'none'; report-uri /Signing/monitoring/csp/report
Set-Cookie
ssid=jin4dbxkqwoxzhrwy31iugvn; path=/; secure; HttpOnly BIGipDocuSign_NA2_Signing=!x6YfFqVaaJSonduoMoqGkhsS08CBWKQKnbjjqQEK4jrMRe+sYDfFtQjWXezuRCDonv3hiD+chxfUuYw=;path=/;secure;HttpOnly;
X-DocuSign-Node
CH1FE76
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Date
Fri, 11 Jan 2019 18:50:29 GMT
Content-Length
185
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Cookie set Framework.css
/Signing/StyleSheets
5 KB
2 KB
Stylesheet
General
Full URL
https://na2.docusign.net/Signing/StyleSheets/Framework.css
Requested by
Host: na2.docusign.net
URL: https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.248.185.48 , United States, ASN62856 (DOCUS-6-PROD - Docusign, Inc, US),
Reverse DNS
na2.docusign.net
Software
/
Resource Hash
0c38645e09f92436078123845ef11736fc6110f848322944b941f649eaa4e9ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
na2.docusign.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Cookie
AspxAutoDetectCookieSupport=1; ssid=jin4dbxkqwoxzhrwy31iugvn; MemberConsoleMobile=; BIGipDocuSign_NA2_Signing=!9OA5JGJilqPdv7uoMoqGkhsS08CBWGQI8LYoz5OJZjnd2zgLh5e/XAbRCefFSn5voRDgOJp8q46b/Yg=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 18:50:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/css
Last-Modified
Sat, 29 Dec 2018 02:18:42 GMT
ETag
"06d4dd11c9fd41:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie
BIGipDocuSign_NA2_Signing=!37MYVG80IGMbwC2oMoqGkhsS08CBWIgj8oD+AAvd26dmovl8vSkvGEFEg32HClBHbPsuPkojWxueBA4=;path=/;secure;HttpOnly;
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
X-DocuSign-Node
CH1FE76
Content-Length
1343
Cookie set font-faces.css?cs=77f1127
/Signing/SigningApp/19.2.1/css
2 KB
973 B
Stylesheet
General
Full URL
https://na2.docusign.net/Signing/SigningApp/19.2.1/css/font-faces.css?cs=77f1127
Requested by
Host: na2.docusign.net
URL: https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.248.185.48 , United States, ASN62856 (DOCUS-6-PROD - Docusign, Inc, US),
Reverse DNS
na2.docusign.net
Software
/
Resource Hash
4770a6ef75d08efa59903f104c5dc18d9bbb4cf9ba25332ebe6ee0dc636badf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
na2.docusign.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Cookie
AspxAutoDetectCookieSupport=1; ssid=jin4dbxkqwoxzhrwy31iugvn; MemberConsoleMobile=; BIGipDocuSign_NA2_Signing=!9OA5JGJilqPdv7uoMoqGkhsS08CBWGQI8LYoz5OJZjnd2zgLh5e/XAbRCefFSn5voRDgOJp8q46b/Yg=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 18:50:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/css
Last-Modified
Sat, 29 Dec 2018 02:11:14 GMT
ETag
"0d46c61b9fd41:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie
BIGipDocuSign_NA2_Signing=!FE0N08dOky7w94OoMoqGkhsS08CBWNo7Rrppu9B3tuwvVbokV1N0jv7YMjD1jggdzfxmXUsRLqzVlIM=;path=/;secure;HttpOnly;
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
X-DocuSign-Node
CH1FE76
Content-Length
320
Cookie set docusign.png
/Signing/Images
7 KB
8 KB
Image
General
Full URL
https://na2.docusign.net/Signing/Images/docusign.png
Requested by
Host: na2.docusign.net
URL: https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.248.185.48 , United States, ASN62856 (DOCUS-6-PROD - Docusign, Inc, US),
Reverse DNS
na2.docusign.net
Software
/
Resource Hash
fa2776137cbda7fb85aaa56be710f14e5d3d18e231756cfbe283a2938e7d6620
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
na2.docusign.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Cookie
AspxAutoDetectCookieSupport=1; ssid=jin4dbxkqwoxzhrwy31iugvn; MemberConsoleMobile=; BIGipDocuSign_NA2_Signing=!9OA5JGJilqPdv7uoMoqGkhsS08CBWGQI8LYoz5OJZjnd2zgLh5e/XAbRCefFSn5voRDgOJp8q46b/Yg=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 18:50:30 GMT
Content-Type
image/png
Last-Modified
Sat, 29 Dec 2018 02:10:44 GMT
ETag
"06a64b41b9fd41:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control
max-age=2592000
Set-Cookie
BIGipDocuSign_NA2_Signing=!Q44eygc+exmycxqoMoqGkhsS08CBWBEQmEWHkjLL1gXTvBuNJ3Jruk/ytZHGZBN1bKP/fiLPpS84J20=;path=/;secure;HttpOnly;
Accept-Ranges
bytes
X-DocuSign-Node
CH1FE76
Content-Length
7635
Cookie set session-expired.png
/Signing/images
9 KB
9 KB
Image
General
Full URL
https://na2.docusign.net/Signing/images/session-expired.png
Requested by
Host: na2.docusign.net
URL: https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.248.185.48 , United States, ASN62856 (DOCUS-6-PROD - Docusign, Inc, US),
Reverse DNS
na2.docusign.net
Software
/
Resource Hash
0ea3f80e09033aa22f607a1eb8bfac1c2d9b8e1fad7307f5ad07283ff77f3a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
na2.docusign.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Cookie
AspxAutoDetectCookieSupport=1; ssid=jin4dbxkqwoxzhrwy31iugvn; MemberConsoleMobile=; BIGipDocuSign_NA2_Signing=!9OA5JGJilqPdv7uoMoqGkhsS08CBWGQI8LYoz5OJZjnd2zgLh5e/XAbRCefFSn5voRDgOJp8q46b/Yg=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 18:50:30 GMT
Content-Type
image/png
Last-Modified
Sat, 29 Dec 2018 02:10:46 GMT
ETag
"09795b51b9fd41:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control
max-age=2592000
Set-Cookie
BIGipDocuSign_NA2_Signing=!uCG/VKPjRxiOIqOoMoqGkhsS08CBWE3XOYWuqH3/gJ8pZ+0kmpPd65GkPJuuxcny8kW58oPXulyLxIk=;path=/;secure;HttpOnly;
Accept-Ranges
bytes
X-DocuSign-Node
CH1FE76
Content-Length
9067
Cookie set arrow.png
/Signing/images
10 KB
10 KB
Image
General
Full URL
https://na2.docusign.net/Signing/images/arrow.png
Requested by
Host: na2.docusign.net
URL: https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.248.185.48 , United States, ASN62856 (DOCUS-6-PROD - Docusign, Inc, US),
Reverse DNS
na2.docusign.net
Software
/
Resource Hash
79c460b054499dde25f108ca03ba80be491fd4ff6177ddb30fe4951389bfda8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
na2.docusign.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Cookie
AspxAutoDetectCookieSupport=1; ssid=jin4dbxkqwoxzhrwy31iugvn; MemberConsoleMobile=; BIGipDocuSign_NA2_Signing=!FE0N08dOky7w94OoMoqGkhsS08CBWNo7Rrppu9B3tuwvVbokV1N0jv7YMjD1jggdzfxmXUsRLqzVlIM=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 18:50:30 GMT
Content-Type
image/png
Last-Modified
Sat, 29 Dec 2018 02:10:44 GMT
ETag
"06a64b41b9fd41:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control
max-age=2592000
Set-Cookie
BIGipDocuSign_NA2_Signing=!iQFOhAxIxtnlUpWoMoqGkhsS08CBWMaxjfjVZ2f5PLl9f1CWscixJr27l8TN46UY1B/9pRjetI7cOmI=;path=/;secure;HttpOnly;
Accept-Ranges
bytes
X-DocuSign-Node
CH1FE76
Content-Length
10013
Cookie set powered_by_docusign_gray.png
/Signing/Images
7 KB
8 KB
Image
General
Full URL
https://na2.docusign.net/Signing/Images/powered_by_docusign_gray.png
Requested by
Host: na2.docusign.net
URL: https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.248.185.48 , United States, ASN62856 (DOCUS-6-PROD - Docusign, Inc, US),
Reverse DNS
na2.docusign.net
Software
/
Resource Hash
27f34113266bf30dc9df0202c3c073d3fe04c36e46eaa5a189f25df1a1d695ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
na2.docusign.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Cookie
AspxAutoDetectCookieSupport=1; ssid=jin4dbxkqwoxzhrwy31iugvn; MemberConsoleMobile=; BIGipDocuSign_NA2_Signing=!FE0N08dOky7w94OoMoqGkhsS08CBWNo7Rrppu9B3tuwvVbokV1N0jv7YMjD1jggdzfxmXUsRLqzVlIM=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 18:50:30 GMT
Content-Type
image/png
Last-Modified
Sat, 29 Dec 2018 02:10:46 GMT
ETag
"09795b51b9fd41:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control
max-age=2592000
Set-Cookie
BIGipDocuSign_NA2_Signing=!qDdhYXiW6S2ZetOoMoqGkhsS08CBWGRxlJVJ1yH5P5jGq+26hEUO6iOwfqpVaZiMzsDBRFzGhPjLPB8=;path=/;secure;HttpOnly;
Accept-Ranges
bytes
X-DocuSign-Node
CH1FE76
Content-Length
7119
Cookie set btn_arrow_u.png
/Signing/Images/controls
3 KB
3 KB
Image
General
Full URL
https://na2.docusign.net/Signing/Images/controls/btn_arrow_u.png
Requested by
Host: na2.docusign.net
URL: https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.248.185.48 , United States, ASN62856 (DOCUS-6-PROD - Docusign, Inc, US),
Reverse DNS
na2.docusign.net
Software
/
Resource Hash
2a5179b8851c8e3dfc77d7dcb33b3963afa037608336d6ae412acaa38ad59d22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
na2.docusign.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Cookie
AspxAutoDetectCookieSupport=1; ssid=jin4dbxkqwoxzhrwy31iugvn; MemberConsoleMobile=; BIGipDocuSign_NA2_Signing=!FE0N08dOky7w94OoMoqGkhsS08CBWNo7Rrppu9B3tuwvVbokV1N0jv7YMjD1jggdzfxmXUsRLqzVlIM=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 18:50:30 GMT
Content-Type
image/png
Last-Modified
Sat, 29 Dec 2018 02:10:44 GMT
ETag
"06a64b41b9fd41:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control
max-age=2592000
Set-Cookie
BIGipDocuSign_NA2_Signing=!U+gvW/PKfaiQsl2oMoqGkhsS08CBWAUV4o7CZQtwOwLIk8WXWA4AlXAI8OkGj1NSRvuhJlvj81y+V/Y=;path=/;secure;HttpOnly;
Accept-Ranges
bytes
X-DocuSign-Node
CH1FE76
Content-Length
2961
Cookie set MavenPro-Bold.woff
/Signing/SigningApp/19.2.1/fonts/maven-pro
33 KB
34 KB
Font
General
Full URL
https://na2.docusign.net/Signing/SigningApp/19.2.1/fonts/maven-pro/MavenPro-Bold.woff
Requested by
Host: na2.docusign.net
URL: https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.248.185.48 , United States, ASN62856 (DOCUS-6-PROD - Docusign, Inc, US),
Reverse DNS
na2.docusign.net
Software
/
Resource Hash
8f6a520a392ff62149e5fc5aa87bfab9b3816cd6010d4d4fca194e8683ca498b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains

Request headers

Pragma
no-cache
Origin
https://na2.docusign.net
Accept-Encoding
gzip, deflate, br
Host
na2.docusign.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://na2.docusign.net/Signing/SigningApp/19.2.1/css/font-faces.css?cs=77f1127
Cookie
AspxAutoDetectCookieSupport=1; ssid=jin4dbxkqwoxzhrwy31iugvn; MemberConsoleMobile=; BIGipDocuSign_NA2_Signing=!FE0N08dOky7w94OoMoqGkhsS08CBWNo7Rrppu9B3tuwvVbokV1N0jv7YMjD1jggdzfxmXUsRLqzVlIM=
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://na2.docusign.net/Signing/SigningApp/19.2.1/css/font-faces.css?cs=77f1127
Origin
https://na2.docusign.net

Response headers

Date
Fri, 11 Jan 2019 18:50:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/font-woff
Last-Modified
Sat, 29 Dec 2018 02:11:14 GMT
ETag
"0d46c61b9fd41:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie
BIGipDocuSign_NA2_Signing=!TU8b4bdR6iD+cHGoMoqGkhsS08CBWMsCAUDwmrXyCBPTukOjtuaPC4SKXlD2zRRLGZc3P/wcf3CRMug=;path=/;secure;HttpOnly;
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
X-DocuSign-Node
CH1FE76
Content-Length
33829
Cookie set HelveticaNeue.woff
/Signing/SigningApp/19.2.1/fonts/helvetica-neue
47 KB
47 KB
Font
General
Full URL
https://na2.docusign.net/Signing/SigningApp/19.2.1/fonts/helvetica-neue/HelveticaNeue.woff
Requested by
Host: na2.docusign.net
URL: https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.248.185.48 , United States, ASN62856 (DOCUS-6-PROD - Docusign, Inc, US),
Reverse DNS
na2.docusign.net
Software
/
Resource Hash
dac5803d6cbe40244dfd39661406239f83e94e86c976e7229a4e35305a9b5efe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains

Request headers

Pragma
no-cache
Origin
https://na2.docusign.net
Accept-Encoding
gzip, deflate, br
Host
na2.docusign.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://na2.docusign.net/Signing/SigningApp/19.2.1/css/font-faces.css?cs=77f1127
Cookie
AspxAutoDetectCookieSupport=1; ssid=jin4dbxkqwoxzhrwy31iugvn; MemberConsoleMobile=; BIGipDocuSign_NA2_Signing=!FE0N08dOky7w94OoMoqGkhsS08CBWNo7Rrppu9B3tuwvVbokV1N0jv7YMjD1jggdzfxmXUsRLqzVlIM=
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://na2.docusign.net/Signing/SigningApp/19.2.1/css/font-faces.css?cs=77f1127
Origin
https://na2.docusign.net

Response headers

Date
Fri, 11 Jan 2019 18:50:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/font-woff
Last-Modified
Sat, 29 Dec 2018 02:11:14 GMT
ETag
"0d46c61b9fd41:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie
BIGipDocuSign_NA2_Signing=!Y75+2mrdvaXqJCOoMoqGkhsS08CBWFUL8haGSpqN4WFKnmmYpLQr1wl9gv9L2FTtFn4/Fbu49JzMKeI=;path=/;secure;HttpOnly;
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
X-DocuSign-Node
CH1FE76
Content-Length
47843
Adblocked mixpanel-2-2-1b.js
docucdn-a.akamaihd.net/v/static
117 KB
26 KB
Script
General
Full URL
https://docucdn-a.akamaihd.net/v/static/mixpanel-2-2-1b.js
Requested by
Host: na2.docusign.net
URL: https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.106.105 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-106-105.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ffa8c6a4ce199bfd9e32b05e0e4dece330c6a577fb3a0e8518291619c658c486
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 18:50:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 May 2018 00:08:49 GMT
Server
Apache
ETag
"ece7a224f69ab2205d90900589ae1d05:1527120741"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26533
Expires
Sat, 11 Jan 2020 18:50:30 GMT
Adblocked ?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTWFjIE9TIFgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiZGl...
api.mixpanel.com/track
57 B
186 B
XHR
General
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTWFjIE9TIFgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiZGlzdGluY3RfaWQiOiAiNjZFNzJENjJFQjYwNEEwNkUxOUJEQTA5MDZEMEI1RjMzNDI4NzA5OSIsIiRpbml0aWFsX3JlZmVycmluZ19kb21haW4iOiAiJGRpcmVjdCIsIm1wX3BhZ2UiOiAibmEyLmRvY3VzaWduLm5ldCIsIm1wX2Jyb3dzZXIiOiAiQ2hyb21lIiwibXBfcGxhdGZvcm0iOiAiTWFjIE9TIFgiLCJ0b2tlbiI6ICIxZjlkOWJmMWRjMTZiOGVlMGRhNzNjYWYzYWQzZGViMSJ9fQ%3D%3D&ip=1&_=1547232630814
Requested by
Host: docucdn-a.akamaihd.net
URL: https://docucdn-a.akamaihd.net/v/static/mixpanel-2-2-1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
125c1d7d81d1c88646d8a6b42c797a6836b12bd0961cec28ddb58a10a9b069c4
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f
Origin
https://na2.docusign.net

Response headers

date
Fri, 11 Jan 2019 18:50:30 GMT
via
1.1 google
server
envoy
content-type
text/plain
status
503
alt-svc
clear
content-length
57
x-envoy-overloaded
true

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://na2.docusign.net/Signing/?ti=87808207e77b49588e5e96ce6af6cbf7
  • https://na2.docusign.net/Signing/?ti=87808207e77b49588e5e96ce6af6cbf7&AspxAutoDetectCookieSupport=1
  • https://na2.docusign.net/Signing/SessionTimeout.aspx?fi=230f89df-896f-418c-81af-7ffb9804b50f

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan - Score: 100

Categories:
phishing

Tags:
phishing

Phishing against: DocuSign (Online)

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| timeInfo function| DSLogEvent boolean| res_IE9_10 boolean| res_IE7 number| minWidthOverride number| minHeightOverride object| g_prevSize function| GetBrowserDimensions function| resize function| IsEnterKey function| IsEnterOrSpaceKey function| init string| bdyId string| formbodyId string| borderId string| headertabsId string| headerId string| footerId string| tiId string| headerContentId string| hldrOutside string| masterIsMobile string| masterIsSafari boolean| leavemastermenuopen function| BtnCancelMD function| ChangeSelectedAccount function| CE function| MasterPageAction function| ChangeSite function| CloseMasterPageMenus function| OpenMasterPageMenu function| LanguageMenuMobileHander function| ShowAccounts function| LogoSizePage function| MasterPageBrowserWidth function| MasterPageScrollLeft function| upgradeClick undefined| pm undefined| bdy object| mixpanel

5 Cookies

Domain/Path Name / Value
na2.docusign.net/ Name: mp_1f9d9bf1dc16b8ee0da73caf3ad3deb1_mixpanel
Value: %7B%22distinct_id%22%3A%20%2266E72D62EB604A06E19BDA0906D0B5F334287099%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
na2.docusign.net/ Name: BIGipDocuSign_NA2_Signing
Value: !U+gvW/PKfaiQsl2oMoqGkhsS08CBWAUV4o7CZQtwOwLIk8WXWA4AlXAI8OkGj1NSRvuhJlvj81y+V/Y=
na2.docusign.net/ Name: MemberConsoleMobile
Value:
na2.docusign.net/ Name: ssid
Value: jin4dbxkqwoxzhrwy31iugvn
na2.docusign.net/ Name: AspxAutoDetectCookieSupport
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block