Edit tour

Windows Analysis Report
https://na2.docusign.net/signing/emails/v1-7e4338614cd04d838758eb831275322bb8b544f118a24b3fb8d83e44a51689ee

Overview

General Information

Sample URL:	https://na2.docusign.net/signing/emails/v1-7e4338614cd04d838758eb831275322bb8b544f118a24b3fb8d83e44a51689ee
Analysis ID:	1428779
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

System is w10x64

chrome.exe (PID: 2632 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 2120 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=2024,i,15035561699717979938,14526954516782873913,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 5424 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://na2.docusign.net/signing/emails/v1-7e4338614cd04d838758eb831275322bb8b544f118a24b3fb8d83e44a51689ee" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49808 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.6:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.6:49741 version: TLS 1.2

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49808 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ds_arya_wrapper.min.js?f=1 HTTP/1.1Host: a.docusign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://na2.docusign.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGVmNmFiMGFjYTNiOC0wMmVkNWViM2MwYWIzYy0yNjAzMWU1MS0xNDAwMDAtMThlZjZhYjBhY2IxYjUiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogIm5hMi5kb2N1c2lnbi5uZXQiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICIzMDRjY2JkZTI0ZDNiMTVmZmUyZDVkZTMwYzEwZGFiMiJ9fQ%3D%3D&ip=1&_=1713535388374 HTTP/1.1Host: api.mixpanel.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://na2.docusign.netSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://na2.docusign.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGVmNmFiMGFkMDJhZi0wZjYzZjdkNGI3MzdkYS0yNjAzMWU1MS0xNDAwMDAtMThlZjZhYjBhZDEyMTMiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogIm5hMi5kb2N1c2lnbi5uZXQiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICI2MjQ0YmI5ZTMxZGY2ZDhkY2Y4YzQxMzVkZWZlNjQ2MCJ9fQ%3D%3D&ip=1&_=1713535388375 HTTP/1.1Host: api.mixpanel.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://na2.docusign.netSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://na2.docusign.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGVmNmFiMGFkMDJhZi0wZjYzZjdkNGI3MzdkYS0yNjAzMWU1MS0xNDAwMDAtMThlZjZhYjBhZDEyMTMiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogIm5hMi5kb2N1c2lnbi5uZXQiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICI2MjQ0YmI5ZTMxZGY2ZDhkY2Y4YzQxMzVkZWZlNjQ2MCJ9fQ%3D%3D&ip=1&_=1713535388375 HTTP/1.1Host: api.mixpanel.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGVmNmFiMGFjYTNiOC0wMmVkNWViM2MwYWIzYy0yNjAzMWU1MS0xNDAwMDAtMThlZjZhYjBhY2IxYjUiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogIm5hMi5kb2N1c2lnbi5uZXQiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICIzMDRjY2JkZTI0ZDNiMTVmZmUyZDVkZTMwYzEwZGFiMiJ9fQ%3D%3D&ip=1&_=1713535388374 HTTP/1.1Host: api.mixpanel.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com

Source: unknown

DNS traffic detected: queries for: na2.docusign.net

Source: chromecache_113.2.dr	String found in binary or memory: http://dbj.org/dbj/?p=286
Source: chromecache_113.2.dr	String found in binary or memory: http://dean.edwards.name/weblog/2005/10/add-event/
Source: chromecache_113.2.dr	String found in binary or memory: http://documentcloud.github.com/underscore/
Source: chromecache_113.2.dr	String found in binary or memory: http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/
Source: chromecache_113.2.dr	String found in binary or memory: http://mixpanel.com/
Source: chromecache_113.2.dr	String found in binary or memory: http://www.ecma-international.org/ecma-262/5.1/#sec-12.4
Source: chromecache_113.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/DOM/XMLHttpRequest#withCredentials
Source: chromecache_113.2.dr	String found in binary or memory: https://gist.github.com/1930440
Source: chromecache_113.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js/blob/master/json_parse.js
Source: chromecache_96.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_96.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.25.2/LICENSE

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.6:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.6:49741 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@16/113@24/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=2024,i,15035561699717979938,14526954516782873913,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://na2.docusign.net/signing/emails/v1-7e4338614cd04d838758eb831275322bb8b544f118a24b3fb8d83e44a51689ee"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=2024,i,15035561699717979938,14526954516782873913,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
http://dbj.org/dbj/?p=286	0%	URL Reputation	safe
http://dean.edwards.name/weblog/2005/10/add-event/	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
www.google.com	64.233.176.106	true	false	high
api.mixpanel.com	130.211.34.183	true	false	high
fp2e7a.wpc.phicdn.net	192.229.211.108	true	false	unknown
arya-1323461286.us-west-2.elb.amazonaws.com	35.162.217.246	true	false	high
cdn.optimizely.com	unknown	unknown	false	high
a.docusign.com	unknown	unknown	false	high
docucdn-a.akamaihd.net	unknown	unknown	false	high
na2.docusign.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://na2.docusign.net/Signing/?ti=c4e32be37d314cb7a3f1a30f4f3c3fa6	false		high
https://a.docusign.com/ds_arya_wrapper.min.js?f=1	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://developer.mozilla.org/en-US/docs/DOM/XMLHttpRequest#withCredentials	chromecache_113.2.dr	false		high
http://documentcloud.github.com/underscore/	chromecache_113.2.dr	false		high
https://github.com/zloirock/core-js/blob/v3.25.2/LICENSE	chromecache_96.2.dr	false		high
http://www.ecma-international.org/ecma-262/5.1/#sec-12.4	chromecache_113.2.dr	false		high
https://github.com/douglascrockford/JSON-js/blob/master/json_parse.js	chromecache_113.2.dr	false		high
http://dbj.org/dbj/?p=286	chromecache_113.2.dr	false	URL Reputation: safe	unknown
http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/	chromecache_113.2.dr	false		high
https://gist.github.com/1930440	chromecache_113.2.dr	false		high
https://github.com/zloirock/core-js	chromecache_96.2.dr	false		high
http://dean.edwards.name/weblog/2005/10/add-event/	chromecache_113.2.dr	false	URL Reputation: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
35.186.241.51	unknown	United States	15169	GOOGLEUS	false
130.211.34.183	api.mixpanel.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
35.162.217.246	arya-1323461286.us-west-2.elb.amazonaws.com	United States	16509	AMAZON-02US	false
64.233.176.106	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.6
192.168.2.23

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1428779
Start date and time:	2024-04-19 16:02:11 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 24s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://na2.docusign.net/signing/emails/v1-7e4338614cd04d838758eb831275322bb8b544f118a24b3fb8d83e44a51689ee
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@16/113@24/7
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 64.233.177.94, 74.125.136.138, 74.125.136.101, 74.125.136.139, 74.125.136.113, 74.125.136.100, 74.125.136.102, 142.250.9.84, 34.104.35.123, 162.248.185.181, 23.40.207.137, 23.40.207.145, 23.223.44.232, 23.223.44.246, 23.54.200.176, 162.248.185.183, 108.177.122.95, 173.194.219.95, 142.250.9.95, 64.233.185.95, 172.217.215.95, 64.233.177.95, 64.233.176.95, 74.125.138.95, 142.251.15.95, 74.125.136.95, 142.250.105.95, 172.253.124.95, 23.40.205.18, 23.40.205.26, 23.40.205.27, 23.40.205.35, 23.40.205.24, 23.40.205.41, 23.40.205.34, 23.40.205.16, 23.40.205.11, 13.85.23.86, 192.229.211.108, 13.95.31.18, 20.3.187.198, 64.233.176.94, 162.248.185.182, 23.40.205.81, 23.40.205.75, 23.40.205.83, 23.40.205.49
Excluded domains from analysis (whitelisted): na2.docusign.net.akadns.net, slscr.update.microsoft.com, clientservices.googleapis.com, a767.dspw65.akamai.net, e5048.dsca.akamaiedge.net, a1737.b.akamai.net, clients2.google.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, na2-ch.docusign.net.akadns.net, ctldl.windowsupdate.com, www.googleapis.com, docucdn-a.akamaihd.net.edgesuite.net, wu-bg-shim.trafficmanager.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com, cdn.o6.edgekey.net
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
VT rate limit hit for: https://na2.docusign.net/signing/emails/v1-7e4338614cd04d838758eb831275322bb8b544f118a24b3fb8d83e44a51689ee

Simulations

Behavior and APIs

⊘No simulations

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 145 x 60
Category:	dropped
Size (bytes):	5469
Entropy (8bit):	7.404941626697962
Encrypted:	false
SSDEEP:	96:IvklPN/PqPZ8M86x9pOa36SrhE/knsz7BklPN/n:IIFHqPZbx9tKSrhtseFf
MD5:	097D652B65DEC6E954C335739754FC61
SHA1:	83155314927200EC3B9951246D0C1C3B631B088A
SHA-256:	00E709E22EA18FB242C2F41290179522537ABEC841EEF2655D17E02B36CFDC7A
SHA-512:	DE13A4A8CCEC57F7AF23143D55A93AF581D04F6066DF5C0D0B910DEC17EA0EA430621ACD88A25422A5180F37EDAC44A6746051BCE942F8D5E07BF8842A3F08EB
Malicious:	false
Reputation:	low
Preview:	GIF89a..<...............................................................................................................................................................................................!..NETSCAPE2.0.....!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.154911, 2013/10/29-11:47:16 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:6952efb6-7b37-44ad-8f49-fb6d57787754" xmpMM:DocumentID="xmp.did:CC4E39E8547B11E4960B8D7E59B6B241" xmpMM:InstanceID="xmp.iid:CC4E39E7547B11E4960B8D7E59B6B241" xmp:CreatorTool="Adobe Photoshop CC (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:22335ebf-8a2f-43c0-a35d-602b0ebe7cf3" stRef:documentID="xmp.did:695

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 494 x 234
Category:	downloaded
Size (bytes):	9574
Entropy (8bit):	7.853981748801489
Encrypted:	false
SSDEEP:	192:S7yG2Yk15R5aa93shIHylXoXAVKl5/YUm/yvr5dKALSuVdar/6Ht:CWT9PSlXUl5gL8eGj/8CN
MD5:	DBC9BE0A97B22F64BEFE4F4A8EC86C52
SHA1:	A75FDD2D2450F64F8315E1048C2D3E969A05F204
SHA-256:	FA23900008473FAA386A00F4E2D815BE0DB309906F6CDB3C763A6AEEA57C531D
SHA-512:	CBD9D3352810953B66A476D92A80D1799C913951A47B4D5233589F77BD7F376EE16B94DA40A6A0BBFAC235F22D749A05544B8ACE992A55035E6C34C81D3DDC36
Malicious:	false
Reputation:	low
URL:	https://na2.docusign.net/Signing/image.aspx?ti=c4e32be37d314cb7a3f1a30f4f3c3fa6&i=4e2e5fc6-1ede-4c9f-8247-f81a2def532b
Preview:	GIF89a............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.........3..3.33.f3..3..3..3+.3+33+f3+.3+.3+.3U.3U33Uf3U.3U.3U.3..3.33.f3..3..3..3..3.33.f3..3..3..3..3.33.f3.3..3..3..3.33.f3..3..3..f..f.3f.ff..f..f..f+.f+3f+ff+.f+.f+.fU.fU3fUffU.fU.fU.f..f.3f.ff..f..f..f..f.3f.ff..f..f..f..f.3f.ff.f..f..f..f.3f.ff..f..f.......3..f.........+..+3.+f.+..+.+..U..U3.Uf.U..U.U......3..f.............3..f.............3..f............3..f.............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U....3.f.........3.f...........3..f.............3..f..............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.....................!.......,...............H......\....#J.H....3j.... C..I...(S.\...0c.I...8s.....@...J...H.]...P.J.J...X.j........K........ ..c.PUD6..ud.\|.KT..q...,..A.q.F.Gw.......K..`.e..b..s...(.J..].p*...s..I

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (58175)
Category:	downloaded
Size (bytes):	58346
Entropy (8bit):	5.2839657738091335
Encrypted:	false
SSDEEP:	768:zCIPK8ClCqBJCm8+XCiMC3CUIC5CmCECXCwbCpCjCjCPmLgE1tYGtxG7CaCYC6Cu:AR8+JU7mLDtNg
MD5:	09333BF57AF8836D3CA135C4B012C59A
SHA1:	8CFD2EE21A7F99BF239C7FF203729B1A84B77391
SHA-256:	1E79FA97DCFC6CDC0A266D7A38D4DB61E227999785B4A3FFF926ABFDC4631F6F
SHA-512:	D2CA1E46275868A21743EBF22343451017531218965F8F1D3A36391A07075BA7769E1F337756B8FC9DD460ABEF497BD6DE3FE6FFD06307B7A44C272BA6F58EBF
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.5132.js?cs=36825c07c67f2dd22f3b
Preview:	/! For license information please see signing_iframeless_mobile.5132.js.LICENSE.txt /."use strict";(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[5132],{7632:function(t,e,r){r.d(e,{W:function(){return m},U:function(){return b}});var n=r(11504),o=(r(70980),r(21992),r(9052),r(61088),r(47192),r(26456),r(80168),r(85179),r(94976),r(85120),r(31432),r(53224),r(39952),r(27164),r(27632),r(26972),r(74016),r(86672)),i=r(82320),a=r(47601),u=r(25796),c=r(96116);function l(t,e){(null==e\|\|e>t.length)&&(e=t.length);for(var r=0,n=new Array(e);r<e;r++)n[r]=t[r];return n}function f(t,e){var r=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),r.push.apply(r,n)}return r}function s(t){for(var e=1;e<arguments.length;e++){var r=null!=arguments[e]?arguments[e]:{};e%2?f(Object(r),!0).forEach((function(e){d(t,e,r[e])})):Object.getOwnPropertyDescriptors?Object.define

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7911)
Category:	downloaded
Size (bytes):	8082
Entropy (8bit):	5.1248929229454605
Encrypted:	false
SSDEEP:	192:14mgl8Oxxm9nN4ipLI64aEfwVFcCO3EKKqUdEKyM9a+VtN6p6jLqysXn:14zl8OxWnNDpLI6nFcCOKbaW5I
MD5:	AD817D1D4C0D802DF20DE16A89E835B5
SHA1:	116D51E9230FFB8A0E1299D09E80941177F78133
SHA-256:	1C48B68786B248DE1B850AB622DD450D5EF69C2E80034B276FA06E6E61BC920E
SHA-512:	7713FC834471C7447F61E19F88ADBE1DBA5F4313467D68636FB07DC2E778F0C00A214CB0F3625411C26CA0E8957BB0986879D4B8FD6EE1FB9F1BE8D07B38B7A1
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.2515.js?cs=a120e40e93e6694c6e19
Preview:	/! For license information please see signing_iframeless_mobile.2515.js.LICENSE.txt /."use strict";(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[2515],{42515:function(e,t,a){a(64900),a(21992),a(5004);var i=a(52856),n=a(37588),o=a.n(n),c=a(41988),d=a(19964),r=a(49268),l=a(7416),s=a(99020),h=a(86672),u=a(13224),g=a(87660),p=a(67712),v=0,f=c.c.extend({tagName:"div",className:"modal",events:{"click .close":"cancelOrClose"},dialogId:null,uri:null,useCache:!0,$lastActiveElement:o()([]),initialize(e){},mapUriData(e){return e},update(e,t){t=t\|\|{},e=e\|\|{};var a=this;function n(e){var t=!!e;if(s.c.envelope){var n=e.resources\|\|{},o=s.c.envelope.resources\|\|{};(e=i.cp.extend({},s.c.envelope,e)).resources=i.cp.extend({},o,n)}t?a.reload(a.mapUriData(e)):a.render(),a.$el.attr("modal-ready","")}"envelope"!==this.uri&&s.c[this.uri]?(n(s.c[this.uri]),t.afterUpdate&&t.afterUpdate()):this.uri&&!s.c[this.uri]?(t.showProgress&&l.c.trigger("progressStarted"),o().getJSON(d.c.generate

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 494 x 234
Category:	dropped
Size (bytes):	9574
Entropy (8bit):	7.853981748801489
Encrypted:	false
SSDEEP:	192:S7yG2Yk15R5aa93shIHylXoXAVKl5/YUm/yvr5dKALSuVdar/6Ht:CWT9PSlXUl5gL8eGj/8CN
MD5:	DBC9BE0A97B22F64BEFE4F4A8EC86C52
SHA1:	A75FDD2D2450F64F8315E1048C2D3E969A05F204
SHA-256:	FA23900008473FAA386A00F4E2D815BE0DB309906F6CDB3C763A6AEEA57C531D
SHA-512:	CBD9D3352810953B66A476D92A80D1799C913951A47B4D5233589F77BD7F376EE16B94DA40A6A0BBFAC235F22D749A05544B8ACE992A55035E6C34C81D3DDC36
Malicious:	false
Reputation:	low
Preview:	GIF89a............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.........3..3.33.f3..3..3..3+.3+33+f3+.3+.3+.3U.3U33Uf3U.3U.3U.3..3.33.f3..3..3..3..3.33.f3..3..3..3..3.33.f3.3..3..3..3.33.f3..3..3..f..f.3f.ff..f..f..f+.f+3f+ff+.f+.f+.fU.fU3fUffU.fU.fU.f..f.3f.ff..f..f..f..f.3f.ff..f..f..f..f.3f.ff.f..f..f..f.3f.ff..f..f.......3..f.........+..+3.+f.+..+.+..U..U3.Uf.U..U.U......3..f.............3..f.............3..f............3..f.............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U....3.f.........3.f...........3..f.............3..f..............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.....................!.......,...............H......\....#J.H....3j.... C..I...(S.\...0c.I...8s.....@...J...H.]...P.J.J...X.j........K........ ..c.PUD6..ud.\|.KT..q...,..A.q.F.Gw.......K..`.e..b..s...(.J..].p*...s..I

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65448)
Category:	downloaded
Size (bytes):	126813
Entropy (8bit):	5.466359793420146
Encrypted:	false
SSDEEP:	1536:EQl6eeIk+lSZlv2HjwIMf9/D0X6e9IhLIbt4AsbZ6WIZWyCYmwyshbaI:D6eeIDlklvegNY2AsbZ6vZWyCYIshbaI
MD5:	0288FC3471A8DD0E6C982C541767674B
SHA1:	1000697CB6D8844BE8C967C9F00EEDCA5B14F2C9
SHA-256:	8B90C98283E93FF94BD1BC062074D3A7C758BE9D91BA380D4E553FE69BF6704D
SHA-512:	7EBFC4F850E7E176A8EE7141BB2199CDABC50851ECE7EE92D7FD0546C0D49C970B52C6A27D8431505AC38D9FFD21872DF6F53EED703BBF84223E39D0A08BFF8F
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.5016.js?cs=ee4f7538a40db92a0097
Preview:	/! For license information please see signing_iframeless_mobile.5016.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[5016],{30096:function(e,t){"use strict";t.c={currentColor:"currentColor",inherit:"inherit",initial:"initial",transparent:"transparent",unset:"unset",white:"#ffffff",whiteTranslucent:"rgba(255,255,255,0.4)",gray1:"#f9f9f9",gray2:"#f4f4f4",gray3:"#e9e9e9",gray4:"#d9d9d9",gray5:"#cccccc",gray6:"#a9a9a9",gray7:"#999999",gray8:"#777777",gray9:"#666666",gray10:"#555555",black:"#333333",gray9_alpha90:"#666666EE",black_alpha50:"#33333380",avatarBackground:"#e8edf7",avatarPlaceholderBackground:"#b8bfcc",badgeOrange:"#cc4c15",badgeTurquoise:"#3d7e8f",commentsDotBlueActive:"rgba(65,134,236,0.8)",commentsDotBlueInActive:"rgba(65,134,236,0.33)",commentJustPosted:"#e7edf8",DocuSignBluePale2:"#e3edf7",DocuSignBluePale:"#c9dcf0",DocuSignBlueDisabled:"#4f8dce",DocuSignBlueLight:"#2875c4",DocuSignBlue:"#005cb9",DocuSignBlueDark:"#004185",DocuSignB

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (631), with no line terminators
Category:	downloaded
Size (bytes):	631
Entropy (8bit):	5.164089399737638
Encrypted:	false
SSDEEP:	12:2QSkMnt0YPhgmQNVGIkTLFMdOGn61CCq4jBAHOYZcQP3rSzD1J9cA:2QSkammQVGr3F4hCZjiuOhPWNJB
MD5:	EA2619963A52D436C6A3ABA89A535453
SHA1:	8527216CAABEEE1D6327906010FE0B997125DF6E
SHA-256:	BAD9B2DE4E0F52A85443867321CA244AF50D9FD24F27CE6FD08545DD729B1022
SHA-512:	B1DEFBC6C76C10CCE36CCE83010BA6A80FADD18EF3B37525997AC2C02968CD28CDBED8E558DA08FD43AD85CFA475D311CC1FB240F3AC246F5A2133F22F547284
Malicious:	false
Reputation:	low
URL:	https://a.docusign.com/ds_arya_wrapper.min.js?f=1
Preview:	(function(){var u=this;!function(n,t,i,f,r,e,o){if("function"==typeof define&&define.amd)return define(o);f&&f[r]?f[r]=o(n,0,!0,f,r,e):u[n]=o(n,0,!0,f,r,e)}("DS_Arya",0,0,u.module,"exports","length",function(t,i,n,f,r,e,o){"use strict";var u={},c=(s(function(){}),s({})),a=s("");function d(n){throw t+"-"+n}function s(n){var t=typeof n;return function(n){return typeof n==t}}function h(n){for(var t in n)u[t]=n[t]}return{i:function(n){i++?d(1):n!==o&&c(n)&&!n[e]?h(n):d(11)},g:function(n,t){return n&&a(n)?t&&t(u[n])\|\|u[n]\|\|!1:t&&t(u)\|\|u\|\|!1}}})}).call(this);;DS_Arya.i({"DS_A":"3c996898-0318-41ee-8026-1a56f12736f8","DS_A_C":""});

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.75
Encrypted:	false
SSDEEP:	3:HFjRn:hRn
MD5:	C9785540787087E135E2E3256D4128E6
SHA1:	41BD40CDDBF7127B59A6D093F72D6EF7AC2E45D4
SHA-256:	ADB38815ED6BC0240FFD0E7299D9CFA5860D5C662C7C2B4DAE11EF97EC951B05
SHA-512:	6B30566B0D5AEA45E318E7FF711E7BD4873933FB61C438B3F3C1ED46D81BF2AA1AB5EAB72EE3E2577E5785DADB479670157A0332AE9775AFD18DA77FAB0005B2
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSEAn3qRtDfMoshxIFDaLAi2s=?alt=proto
Preview:	CgkKBw2iwItrGgA=

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 13780, version 1.0
Category:	downloaded
Size (bytes):	13780
Entropy (8bit):	7.973002703865565
Encrypted:	false
SSDEEP:	384:TNY9PsTenykDcMLHye3cVV4FI7MvH36TYMa:TXwykhLHOM3Ma
MD5:	D2793531447C140874B62B7448EF7191
SHA1:	1CE36AA9C6445DACDFA8B597BD79A34514CC9F60
SHA-256:	2B1A1F78DF06385464750F48AED402C315164D51FD9475E8B5A47D897CF9C084
SHA-512:	33EDD561F46BFEE5D1A9AFA119F8EC6CAD9B9FD6B54FFD25B1862B5AFFFB1B82DB74D2A4AE11B7893D8261E0520EF5B5E5AF21E7D2D39D02BB849B9FDA268DDD
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/olive/17.20.0/fonts/olive-icons.woff
Preview:	wOFF......5......._.........................GSUB.......;...T .%zOS/2...D...A...V6>H.cmap...........P.<..glyf......(v..E.....head.......3...6...hhea...P.......$.?..hmtx...p...J...dU...loca.......4...4CYTHmaxp../........ ....name..0....0...:...Lpost..1@.........+@.x.c`d``.b0`.c`rq..a..I,.c.b`a...<2.1'3=.......i. f....&;.H.x.c`d~.8.....A.i.............X.....4........_..Q.....4#H.....>...x....r.W...@.(.A..s..s..A..%r.ND..g.E.s.6.\|./.{....N.T.[.jfV.......[...S.wt..ok:..L..kk.......O.+...L.......^n...eyU.w.C..G.>..V6u.l....+.x.{...V~..W..cj.1...c..%>...\|..t.;=\|...M.....1...3...a(..c8#.....].a,....&2.g...L.yf0.Y.f.s..\|....\|.F.u).X..V...a-.X..6...la+....v....a/......D3.8.....1.s...r...,.8...h.".....r....&.....r..<.!......o...<.).x....{^..?..._.....?..W..?Y.../.._..?....M.....R..[....4D5CeRT.U..{.........w(.5..+m.]Ki.........=My.....}Ny.T..<..)/.S@y.T..*<..7.....O..]xn(..7...%...T...\|.N.IC..3.j......u.O$...M.=<..Gx^Q...^..F.........O8...u.?<......p....L@..t@

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	996
Entropy (8bit):	7.667690083187348
Encrypted:	false
SSDEEP:	12:6v/78EUMdg6AUGUutzYXPuP8vi3nKS/s8NkTo/P/6iYLGQ3rjWRBZZSNG35wlE31:MAQutzME6Is85nQ3rjyBZZ2lEVza6C81
MD5:	F4B52A4EB3D0CDD585A73EADE7CC734A
SHA1:	00BD17DB2EA7F845910C713CBFF3A6719D59A1EC
SHA-256:	94BACE793EA5F351B65F5B2948BEB949B01FB811274A3F8EB8D52B9719A149BB
SHA-512:	763AF2EADA1D18687D5A4B2BD8323A10D93CC22AE4E78139446D7DDDB617631CE55B695F24D07DF5FAD14B48F0674E56BD031B4DDC50AFCE013F320CF6447EAC
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...P...P............tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Kr.@...S2...l...,\|.T..@\|.N.8.."....... +....T..B..Dw..Z@..W.=.M.{&..?.}.>..vnT..0h.._>..{.w.LR.}.<.tri5l3.U..D.@.....Jjq....=4....m?\|^,..m.>{s.x.\.....j.z.........l.`...8L1..Z.t..@7......<s;.1...N.<:zg>\|....s.vC].....^...P..%..B._. r.....lU.`..7U.e.B..+`.+.Y.....;.Mr.X.aW....lF/....Q..%p.f.@1.e.@...r.>.M.>...K.U...R{..P..T{.&....z".....T.......RZ....Xd...(>@.>..\......@..x.-...l3............M....$r!l.v%.........a....&.../Hr.lU..!...M.m...N&.....bV.......Y...ww..!...}<.. tsNV....."..3....@o..s....;.....c...@..nG. .v4...:.KJ.o>.JX$..r..:.....M.... .,....u.1.."`r.FH..n^....q..Z.<.tB...).6$......f..6..D'op...G...W...vy.t...u?]...,W..."...T.dV....%G...p./E..ie..6..i.!.4.>......^E...I.:......U..2.al.#.@x..VU..1IY....l.E.......l..%....v!l..y[..../.2%..z[...Z..}g.......%..Q,......7.B...B%....6.`\&o....%e.ML..[%....2.}..J%!..bH-C..(..2......zb2..3..+..X.(K.......IEND.B`.

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65446)
Category:	downloaded
Size (bytes):	244668
Entropy (8bit):	4.900275915284097
Encrypted:	false
SSDEEP:	1536:ZPhHcHQsYBocruezGMgGa1xcpMvemTMvU6cTkX+hNtYhBrORhjsxQF6F0hwps3XS:Z0YBzJgd1xcpMvemTMvU6gh+X
MD5:	26AD954ED264E683562C58DC90C531CC
SHA1:	3D3CAD8659C545F6C8DCA4AE4B5AF081CEF5D864
SHA-256:	16BFBF9722DD7066F9FB8FE0FBA433D2CCD4166245A25452489EA11ACFC6F523
SHA-512:	924F3596B4E24888800B91AEFC36BB3DBFC6ACF88D703DA2AA5D1ED269C40F31039E772E579F0FE27D97EEAE5CAFC2FD6AC048A6E2F473A2098DABF191F17535
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.styles.js?cs=8bac6769c554167311d5
Preview:	/! For license information please see signing_iframeless_mobile.styles.js.LICENSE.txt /."use strict";(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[2176],{42396:function(e,t,o){var i=o(55500),a=o.n(i),r=o(2312),n=o.n(r)()(a());n.push([e.id,'.btn .icon,.btn-text{color:#333}img{max-width:none}.dialog.modal-wrap{background:rgba(0,0,0,.5);top:0;left:0;width:100%;height:100%;position:fixed;overflow:auto;outline:0!important;text-align:center;padding:0 2em}.btn,.icon{height:auto}.icon{width:auto;background:0 0;overflow:visible}.mvn-pro{font-family:"Maven Pro","Helvetica Neue",Helvetica,Arial,sans-serif;font-weight:700}.helv,div:not([data-disable-olive-div] ){font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-weight:400}div:not([data-disable-olive-div] ){font-size:13px;line-height:normal;text-rendering:optimizeLegibility}h1,h2,h3,h4{font-family:"Maven Pro","Helvetica Neue",Helvetica,Arial,sans-serif;font-weight:700}h5{font-family:"Helvetica Neue",Helvetica

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65443)
Category:	downloaded
Size (bytes):	174887
Entropy (8bit):	5.2530505649264505
Encrypted:	false
SSDEEP:	3072:4mZpmmZJTmZnkLma4f3m8hqmZJAmaUogmZoOymaU8vQ+dem8hFeh0taEXKXmZJ4f:4mZ0mZxmZkLmawm84mZmmaFgmZkmasm/
MD5:	54738E49588E2E398B94C2454D208F46
SHA1:	386B688A55AC9AD8BF503F797EFC9049149C6C92
SHA-256:	DEEA495C7FE5E07F6BA70C777A960E96D30AB97D61DE25B174A1CF4D5DAA879E
SHA-512:	D3F23520CE7A5E261DF3D18FD28792EBD9359C8EE284481C3033E45988721DBEA129F725DA0B350DEC8722A7629C8DF5493D6B9C37E3266A87975060858ED2C3
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.preloader.js?cs=65b19c22533e45e51f60
Preview:	/! For license information please see signing_iframeless_mobile.preloader.js.LICENSE.txt /."use strict";(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[8316,2232],{24664:function(t,e,r){var n=r(37588),o=r.n(n),i=r(47601),a=r(39136),c=!1;function u(t,e,r){c\|\|o().ajax((0,a.Wy)("monitoring"),{timeout:i.cp.getValue("AppMonitoringRequestTimeout",50),type:"POST",contentType:"application/json",responseType:"json",data:JSON.stringify({EventSource:t,MonitoringProperties:e})}).always((function(){r&&r()}))}e.c={post:u,logEvent:function(t,e,r){u(t,e,r)},stopMonitoring:function(t){i.cp.getValue("SIGN_28925_StopMonitoringCallsAfterEnd",!1)&&"boolean"==typeof t&&(c=t)}}},86264:function(t,e,r){r.d(e,{Qx:function(){return n},C6:function(){return f},sf:function(){return g},Kc:function(){return d}});var n="https://a.docusign.com/f",o=(r(19672),r(53224),r(39952),r(61088),r(47192),r(26456),r(21992),r(80168),r(85179),r(94976),r(85120),r(31432),r(55331),r(25744),r(11056),r(32048),r(2

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (28691)
Category:	downloaded
Size (bytes):	28862
Entropy (8bit):	5.284054821979936
Encrypted:	false
SSDEEP:	768:ENm+ALNAjiPpiiweQ4w71Nnu9Y+37sOJN9aZovLTSJf:uARNPpiiweQ4w71Nnu9Y+3QOJN9aZojc
MD5:	3B74506F59DA529F6BF8FDF4EC64E648
SHA1:	8321BF29181D448B0814B437B9649596ED337A3F
SHA-256:	C8E0F842F09D3BD9C68B92E38C23BD5357BF9C24929B0EBE521FED4E8DBC5D78
SHA-512:	A44DFE6C0413B65432D3962377A720657C7F222FC2B5807D9486A7C334EF0144BD919A063A18B0807EB99C4EC4D82F5F4249D2F552594110BAE0F43C495C94DB
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.9968.js?cs=b6669e0a3d7145ae0247
Preview:	/! For license information please see signing_iframeless_mobile.9968.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[9968],{48048:function(e,t,n){"use strict";n.d(t,{k:function(){return a}});var r=n(21699),o=n(11504),i=n(94664),a=function(){var e=(0,o.useState)((0,i.Et)()\|\|""),t=(0,r.c)(e,2),n=t[0],a=t[1];return(0,o.useEffect)((function(){var e=function(){a(arguments.length>0&&void 0!==arguments[0]?arguments[0]:"")};return(0,i.am)(e),function(){return(0,i.IP)(e)}}),[]),n}},64512:function(e,t,n){"use strict";n.d(t,{Q:function(){return Ce}});var r=n(43516),o=n(23104),i=n(55636),a=n(75090),s=n(62428),f=n.n(s),c=n(11504),u=n(3268),l=n.n(u),p=n(48048),d=n(46356),m=n(83504),v=n(97104);function h(e){if(null==e)return window;if("[object Window]"!==e.toString()){var t=e.ownerDocument;return t&&t.defaultView\|\|window}return e}function y(e){return e instanceof h(e).Element\|\|e instanceof Element}function g(e){return e instanceof h(e).HTMLElement\|\|e instance

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	119869
Entropy (8bit):	4.18401975910281
Encrypted:	false
SSDEEP:	1536:h5nLZxjaZ8x2R3Ud4FqBW92ZgyFqBW9sLBHdyoXwIWc1GO9GwIw6CTq14e7pnvaM:h5LZxjml1GO9xqB7pnva38
MD5:	ECE7A224F69AB2205D90900589AE1D05
SHA1:	3D861B816A5DA892C8A88D5755A5537C036239DE
SHA-256:	FFA8C6A4CE199BFD9E32B05E0E4DECE330C6A577FB3A0E8518291619C658C486
SHA-512:	EEF4BDD54AF95BE42224FFE605BB627293DAEA0C58A50B328ACC8B56040C81FDCB5EC8406F56856FC617A552E4D6DD28BB892467666889D27F03EE8BFCD16D7B
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/v/static/mixpanel-2-2-1b.js
Preview:	/. DocuSign modified version of Mixpanel JS Library v2.2.1. * $initial_referer and $referer have been removed, as not to send any senstive information. * $initial_referring_domain and referring_domain have been retained.. . Mixpanel JS Library v2.2.1. . . * Copyright 2012, Mixpanel, Inc. All Rights Reserved. * http://mixpanel.com/. . Includes portions of Underscore.js. * http://documentcloud.github.com/underscore/. * (c) 2011 Jeremy Ashkenas, DocumentCloud Inc.. * Released under the MIT License.. /..// ==ClosureCompiler==.// @compilation_level ADVANCED_OPTIMIZATIONS.// @output_file_name mixpanel-2.2.min.js.// ==/ClosureCompiler==../.Will export window.mixpanel./../.SIMPLE STYLE GUIDE:..this.x == public function.this._x == internal - only use within this file.this.__x == private - only use within the class..Globals should be all caps./.(function(mixpanel) {. /. * Saved references to long variable names, so that closure compiler can. * minimize file size.. */. var

Chrome Cache Entry: 114

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 200 x 200
Category:	downloaded
Size (bytes):	17425
Entropy (8bit):	7.926019263070381
Encrypted:	false
SSDEEP:	384:z7v19/FDoeEG/lZuz0FFZtLX8hN8ovyhwvbwJClKN4J1s8rA:z7v7/VjEGHcGFDX8JKhwRlKaxE
MD5:	5F32E0AA2C7298B478152B9FD2EBB3D2
SHA1:	69982449E7AE6111779AB2D6FF18A26028381472
SHA-256:	CAEDC368429D6BB35E678AAC43574DAC770F236A55D25FD13BC3A06FB21B1E1A
SHA-512:	E498BBBF4F14143FDA0E316F6BEC19E0A5DD5286DACDCD50DC7D5D67400A797939CE4F016FE37D74A55DD0968922D0959BDDCF1392A010592B86D7BC77DFB4CE
Malicious:	false
Reputation:	low
URL:	https://na2.docusign.net/Signing/image.aspx?i=logo&l=466914ac-2b19-4104-89c1-faa2d23b128d
Preview:	GIF89a............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.........3..3.33.f3..3..3..3+.3+33+f3+.3+.3+.3U.3U33Uf3U.3U.3U.3..3.33.f3..3..3..3..3.33.f3..3..3..3..3.33.f3.3..3..3..3.33.f3..3..3..f..f.3f.ff..f..f..f+.f+3f+ff+.f+.f+.fU.fU3fUffU.fU.fU.f..f.3f.ff..f..f..f..f.3f.ff..f..f..f..f.3f.ff.f..f..f..f.3f.ff..f..f.......3..f.........+..+3.+f.+..+.+..U..U3.Uf.U..U.U......3..f.............3..f.............3..f............3..f.............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U....3.f.........3.f...........3..f.............3..f..............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.....................!.......,...............L_=...",xp .h..A..m.A..'B..O..h.%Z.x.`..CjL.1Z=}....Qf......o.L......#E..}...g.>=&}:U.S.I.>....R.Z.>...#Y.f.2.H.hZ....{..[...n...cC..7b..W..[./...mR.~..5,.r..v3S..Y.[.l..E..o..GO.^.....

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65452)
Category:	downloaded
Size (bytes):	71838
Entropy (8bit):	5.410795269020096
Encrypted:	false
SSDEEP:	1536:1X+6ZQdo7TfBIeaDlMWi8zX8aXHX7mbitdu43:xPiuTfaDLiE7mbqV
MD5:	F9718817AF161D92D76D42FAA7B1C592
SHA1:	C07597E869B66BE593ACB5BE8A27782E26DF61EC
SHA-256:	0FFB1DEA6E22132A6A7B5039EF2A9D530104D66269447C4667C31CFE70F7D948
SHA-512:	E0EEC78DE5FE194AB20EC3B73CD44C170F7A8AEA3E166CAEB3C298BCD672CFD446953CEF1672F6595657E870967AE7095561906CA9D7518FDBEC2FD11248C771
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.js?cs=6fe1c0b1d
Preview:	/! For license information please see signing_iframeless_mobile.js.LICENSE.txt /.!function(){var t,e,r,n,o,i={77548:function(t,e,r){var n=r(22155),o=r(8024),i=TypeError;t.exports=function(t){if(n(t))return t;throw i(o(t)+" is not a function")}},45952:function(t,e,r){var n=r(49112),o=r(8024),i=TypeError;t.exports=function(t){if(n(t))return t;throw i(o(t)+" is not a constructor")}},76960:function(t,e,r){var n=r(22155),o=String,i=TypeError;t.exports=function(t){if("object"==typeof t\|\|n(t))return t;throw i("Can't set "+o(t)+" as a prototype")}},5775:function(t,e,r){var n=r(33280),o=r(7536),i=r(83984).f,a=n("unscopables"),c=Array.prototype;null==c[a]&&i(c,a,{configurable:!0,value:o(null)}),t.exports=function(t){c[a][t]=!0}},27852:function(t,e,r){var n=r(74192),o=TypeError;t.exports=function(t,e){if(n(e,t))return t;throw o("Incorrect invocation")}},35968:function(t,e,r){var n=r(26840),o=String,i=TypeError;t.exports=function(t){if(n(t))return t;throw i(o(t)+" is not an object")}},52688:func

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	169
Entropy (8bit):	4.8436943585630665
Encrypted:	false
SSDEEP:	3:UJXca4MKLFVrWnNCF8YtQRVCL6DlTFPKKKBK1caJC4B/Yp/GCF8YtQRVCL5V:UJXuMKTMS848COFFyKKXaJkZGS848CVV
MD5:	7363E1A92A77C2F6AB0332C9A64CC051
SHA1:	B424892E6298C96B00A63BF7B3244AFC93EFDEAB
SHA-256:	4E640814854B6E878309D5B3ADD69C450D0995CF83617BBFAFBA63EA2043CF2F
SHA-512:	8D2D619DCFD1DB0FDEC275BC59C6627F32C37FF58F46C7E72970591F8CF335D37B7A3E21D1640DD40101511183C82487FE2836763B9FEBDFD60867CFB7511EF6
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing-cdn-failure-reporter.js
Preview:	/! For license information please see signing-cdn-failure-reporter.js.LICENSE.txt /.window.cdnReportFailure();.//# sourceMappingURL=signing-cdn-failure-reporter.js.map

Chrome Cache Entry: 117

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 47748, version 1.0
Category:	downloaded
Size (bytes):	47748
Entropy (8bit):	7.989435227374723
Encrypted:	false
SSDEEP:	768:1yzfdQMQzGg04WTWcg8awnHWLEB6B9xN/F7iGDXCt6R9HlDw90XamA4er:1qeAqcgI2gsN7jXfHls90Xab
MD5:	4A573FAC9111D6ADCB3994983539BD75
SHA1:	69BEBEFE9EDEAC85CC27516DBE0EA176C1C2C25C
SHA-256:	DAC5803D6CBE40244DFD39661406239F83E94E86C976E7229A4E35305A9B5EFE
SHA-512:	6ADF6B31AE697E2CFF767BD613E2F787EBB088749EA5D8263044188EA020336ED1368C9EA9C39A19C70B7D96226B018F50C0E319EED1E6A6DBD9F32BCFA2E064
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/olive/fonts/2.11.0/HelveticaNeueW01-55Roma.woff
Preview:	wOFF........................................LTSH............._gOS/2.......V...`e8..VDMX...l...g....r.z$cmap...............cvt .......F...F.C..fpgm...........b2Msfgasp................glyf..........MlS...hdmx...\|...~...(...vhead.......6...6..1yhhea...4... ...$...Fhmtx...T.......x.h"fkern...L........v.v.loca.......g...\|....maxp...8... ... ....name...X...b........post........... ...2prep..............\x.].1..0.E....l.......z.w..\.....q...)....o+.K)...4...n\Y.....A.J8.%6.4..6[.1.{...f.?.#.?..<...c..sA>Q..g.L......z....N3!x.c`f.e..........................X.@....A_......\|<...........N0.`...3..X.N1(.!...D.4..x...ex...F..?....%.AB:......)..FB..s06V,...m.........d!.....FV..w..Mf'..A......\..-.G.%..G>.J~.....) .Q.P.B...eQ..b...)f.)AqY....%...)%.PZ...,GYY.r...eE*X&..(+SIV...J...Ueu...T.5.!kQ..M-Y...u,.z.......eC..F4..id.4..l...Md3...4..Z.\......-ekZY2?.Z.qlK....H;......h/;:.B.K...eg:..t.]......NW.n.'.e/zX...)..K.....>..}....'.._.t...9..........1D..q.g...09...wF.Q2...c.%.2

Chrome Cache Entry: 118

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65440)
Category:	downloaded
Size (bytes):	920715
Entropy (8bit):	5.330956593851639
Encrypted:	false
SSDEEP:	6144:teh3lbCUVfJvr/t9ZxhVuO6U/3CMTCgUtOAEN88tc52FK0s:mlbCgNTmENtFK0s
MD5:	989E0734903E88BD11A2F87224A25417
SHA1:	8AB4FA9597D8F00ADD77A06CBC0A92D4840D189C
SHA-256:	C17E9F34C0FE1A3B1157C59AB69A1193C9D50906CF4827BA50261E152AA595E0
SHA-512:	028DA092C81F8F00EE3501A78B061611FC83A7B81CBDCC3DDC66E9228A6D7B612005F27B76EF0D9915E4D43980FE173192BDEC0C493DFFE866C86D89191F77FA
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.backbone-app.js?cs=e7c9df7fb0be52f728b3
Preview:	/! For license information please see signing_iframeless_mobile.backbone-app.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[7576,284],{83392:function(e,t,n){var a=n(13624);e.exports=(a.default\|\|a).template({compiler:[8,">= 4.3.0"],main:function(e,t,n,a,l){var i,o=null!=t?t:e.nullContext\|\|{},r=e.hooks.helperMissing,s=e.escapeExpression,c="function",u=e.lookupProperty\|\|function(e,t){if(Object.prototype.hasOwnProperty.call(e,t))return e[t]};return'<div id="simple-verify-dialog" class="modal-wrap dialog" data-qa="simple-dialog"><div class="modal-content" role="dialog" aria-labelledby="simple-verify-dialog-title" aria-describedby="simple-verify-dialog-content"><button type="button" class="icon icon-times x-close close" data-action="canceled"><span class="btn-label">'+s((u(n,"$")\|\|t&&u(t,"$")\|\|r).call(o,"DocuSign_Close",{name:"$",hash:{},data:l,loc:{start:{line:1,column:322},end:{line:1,column:344}}}))+'</span></button><div class="header"><h1 id="si

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8936)
Category:	downloaded
Size (bytes):	9107
Entropy (8bit):	5.247064050525186
Encrypted:	false
SSDEEP:	192:s4fvN2CpxMEbGTZzHJQbfqOf6yMBhVkdD69BQjRHAIY:s4YCL1egbCOf6yMBhVIY
MD5:	2F6FDE4CBA3AD9A1F287620FD833AE0D
SHA1:	97138C2E1807F1FEEE542723532130C9C06A7364
SHA-256:	51DDA176EF6DCC935F425A488A1FF2200B8DAF1A1A30DA1A6EC9EAAA5A5E3ED7
SHA-512:	F86352F570AE3E7AF1336EDDAFCCA22715BC41D992A9B116A7838E4059618476BAB921F3D98A52E7522107C610CEB201EE4E37D255E1DBE0FFE8B706D7922687
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.6615.js?cs=915b3f1e2784fd00ebb7
Preview:	/! For license information please see signing_iframeless_mobile.6615.js.LICENSE.txt /."use strict";(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[6615],{41548:function(e,t,i){i(61088),i(53224),i(39952),i(27164),i(27632),i(26972),i(74016);var s=i(54888),n=i.n(s),a=i(52856);function o(e,t){(null==t\|\|t>e.length)&&(t=e.length);for(var i=0,s=new Array(t);i<t;i++)s[i]=e[i];return s}function r(e,t,i){var s,o=(i=i\|\|{})._isSideEffect,r=null===(s=this.computed)\|\|void 0===s?void 0:s[e],d=r&&this.computed[e].set,u={};return r&&(u=a.cp.extend({useTwoWayBinding:!0,useModel:this},this.computedDefaults)),o\|\|!r?n().Model.prototype.set.call(this,e,t,i):d?d.call(this,t,i):u.useTwoWayBinding&&g.call(this,e,t,i),this}function d(e,t){var i,s,n=(t=t\|\|{}).useModel\|\|this,a=t.useAttribute,r=t.useAttributes;return a?e=a:null!=r&&r.length&&(e=(i=r,s=1,function(e){if(Array.isArray(e))return e}(i)\|\|function(e,t){var i=null==e?null:"undefined"!=typeof Symbol&&e[Symbol.iterator]\|\|e["@@iterat

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (30982)
Category:	downloaded
Size (bytes):	31157
Entropy (8bit):	5.239795383411035
Encrypted:	false
SSDEEP:	768:gyo3xcGSQWQ0UGUEQsF8h6m9qW6A4MzK7n8CutA2q0d2KP6LJgRMVUWFgHmbOfvI:gvSQWQ0UGUEQsFy6m9qW6A4MzK7n8CuO
MD5:	BE691A15672DCB9C9EE784716E37BD4C
SHA1:	88ECF813BA6E08B7464F37D52AD7FB7299B7D17A
SHA-256:	1A476B931DF6FE5B443FAAC0630AEC30E590F42965044615299160D94A60A7F2
SHA-512:	18F4B020B4E176D1F1BA125A2322424C07671C864D7AE063DF67395BC3C422C0CA16B88E2EC944634E23C87A9CF9EB188F916C2904CA81461EEE6FEFCE2228A0
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.4024.js?cs=83209d00511a872dd3d3
Preview:	/! For license information please see signing_iframeless_mobile.4024.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[4024],{93184:function(e,t,n){var i,o;"undefined"!=typeof self&&self,i=function(){"function"!=typeof Promise&&function(t){function n(e,t){return function(){e.apply(t,arguments)}}function i(e){if("object"!=typeof this)throw new TypeError("Promises must be constructed via new");if("function"!=typeof e)throw new TypeError("not a function");this._state=null,this._value=null,this._deferreds=[],c(e,n(r,this),n(a,this))}function o(e){var t=this;return null===this._state?void this._deferreds.push(e):void p((function(){var n=t._state?e.onFulfilled:e.onRejected;if(null!==n){var i;try{i=n(t._value)}catch(t){return void e.reject(t)}e.resolve(i)}else(t._state?e.resolve:e.reject)(t._value)}))}function r(e){try{if(e===this)throw new TypeError("A promise cannot be resolved with itself.");if(e&&("object"==typeof e\|\|"function"==typeof e)){var t=e.t

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 47748, version 1.0
Category:	downloaded
Size (bytes):	47748
Entropy (8bit):	7.989435227374723
Encrypted:	false
SSDEEP:	768:1yzfdQMQzGg04WTWcg8awnHWLEB6B9xN/F7iGDXCt6R9HlDw90XamA4er:1qeAqcgI2gsN7jXfHls90Xab
MD5:	4A573FAC9111D6ADCB3994983539BD75
SHA1:	69BEBEFE9EDEAC85CC27516DBE0EA176C1C2C25C
SHA-256:	DAC5803D6CBE40244DFD39661406239F83E94E86C976E7229A4E35305A9B5EFE
SHA-512:	6ADF6B31AE697E2CFF767BD613E2F787EBB088749EA5D8263044188EA020336ED1368C9EA9C39A19C70B7D96226B018F50C0E319EED1E6A6DBD9F32BCFA2E064
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/olive/17.20.0/fonts/HelveticaNeueW01-55Roma.woff
Preview:	wOFF........................................LTSH............._gOS/2.......V...`e8..VDMX...l...g....r.z$cmap...............cvt .......F...F.C..fpgm...........b2Msfgasp................glyf..........MlS...hdmx...\|...~...(...vhead.......6...6..1yhhea...4... ...$...Fhmtx...T.......x.h"fkern...L........v.v.loca.......g...\|....maxp...8... ... ....name...X...b........post........... ...2prep..............\x.].1..0.E....l.......z.w..\.....q...)....o+.K)...4...n\Y.....A.J8.%6.4..6[.1.{...f.?.#.?..<...c..sA>Q..g.L......z....N3!x.c`f.e..........................X.@....A_......\|<...........N0.`...3..X.N1(.!...D.4..x...ex...F..?....%.AB:......)..FB..s06V,...m.........d!.....FV..w..Mf'..A......\..-.G.%..G>.J~.....) .Q.P.B...eQ..b...)f.)AqY....%...)%.PZ...,GYY.r...eE*X&..(+SIV...J...Ueu...T.5.!kQ..M-Y...u,.z.......eC..F4..id.4..l...Md3...4..Z.\......-ekZY2?.Z.qlK....H;......h/;:.B.K...eg:..t.]......NW.n.'.e/zX...)..K.....>..}....'.._.t...9..........1D..q.g...09...wF.Q2...c.%.2

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 44 x 44
Category:	downloaded
Size (bytes):	3745
Entropy (8bit):	7.319238994753888
Encrypted:	false
SSDEEP:	48:Hu2/EvnLJnOcLJ3JK/L8GlRq8weMpUVCvoIhy7bEhCcmR687yHxl:Nklla/Jnq8vkNhjolyRl
MD5:	DEBD77E543E64173837073B5751ABB08
SHA1:	71577CA453893F08A57A63953B836E8198D878AF
SHA-256:	ECDF09E611F9FC3875113D06E39110DE786C9A46BB7F596F7F8AFEE1C0D75A3D
SHA-512:	0FB269F547FFB69E59448FA4E9E234DC4E9B381D5336947C12113D7A1DEC71A7D9EC4F6B2841C032EA1E3FB6E68328D34C1EE1B94761171E523AFBFA962280F2
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/imgs/loader.gif
Preview:	GIF89a,.,..2.+++RRRCCCTTT---LLLiii###SSS777@@@EEE888666KKK&&&NNN333%%%<<<000......>>>QQQ(((bbb......WWW...999,,,.................tttuuu$$$...zzzXXXmmm......UUU"""..........................................!..NETSCAPE2.0.....!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.154911, 2013/10/29-11:47:16 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:6952efb6-7b37-44ad-8f49-fb6d57787754" xmpMM:DocumentID="xmp.did:CC4E39EC547B11E4960B8D7E59B6B241" xmpMM:InstanceID="xmp.iid:CC4E39EB547B11E4960B8D7E59B6B241" xmp:CreatorTool="Adobe Photoshop CC (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6189959b-1072-4052-a607-820f04aae975" stRef:documentID="xmp.did:695

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	257
Entropy (8bit):	4.936853809456331
Encrypted:	false
SSDEEP:	6:tnrwdhC/i3mc4sl5RIFnzrnUg3QxUn3voPt0Bd+5IABcL0n:trwdU/i3vqZ/nnGevR2RBcL+
MD5:	6E132855B6DDD5C7A1FA7DAD2C9FE964
SHA1:	0342D3665682749F7C312B8B1EE6A169FA4C68C5
SHA-256:	06DADA60F95EF29D2483D66D0412FF1EE698503F7E29DAE26403F6C5E071507F
SHA-512:	F3314BB8BFC2D262F98FAE116DC50A38BDB2A6AD2D6950BD42BBA43457A934B68894AD8C0952E7C2286E31433185DA1424CAC3048CE47AB0B2A0338C14210761
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/olive/17.20.0/img/mobile-web/mw-comments-24x24.svg
Preview:	<svg width="24" height="24" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg">. <path d="M13.36 15H20V4H4v11h5v3.114L13.36 15zM4 2h16c1.105 0 2 .895 2 2v11c0 1.105-.895 2-2 2h-6l-7 5v-5H4c-1.105 0-2-.895-2-2V4c0-1.105.895-2 2-2z" fill="#333"/>.</svg>.

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 228 x 234
Category:	downloaded
Size (bytes):	4248
Entropy (8bit):	7.5813594394257215
Encrypted:	false
SSDEEP:	96:tWU+uyG2H2tDb8Ba8N2vwcl1aLewEK2gmRm1BY82GQvgP:t7yG2W5b8B/24zLaK2gmedQ4P
MD5:	9F2E17B1A3A99C9D94E3FF82DD2AF341
SHA1:	25B20595E3D684A041F343672E043FCEA248B25A
SHA-256:	1860B1FBE187873D719CF45A9A02E32C942AFDE30077E55165855CCCBBF22CF1
SHA-512:	B61EEE4115C7AE6CD8FC234DE857989E3230FBED389CFC9FE04D0635453372225FC35E7A2348C1FC065897EDCD92A49A2B871A54138429C68BF0F165B5AC2C58
Malicious:	false
Reputation:	low
URL:	https://na2.docusign.net/Signing/image.aspx?ti=c4e32be37d314cb7a3f1a30f4f3c3fa6&i=de59de79-a630-4387-b2b3-92b319f090e6
Preview:	GIF89a............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.........3..3.33.f3..3..3..3+.3+33+f3+.3+.3+.3U.3U33Uf3U.3U.3U.3..3.33.f3..3..3..3..3.33.f3..3..3..3..3.33.f3.3..3..3..3.33.f3..3..3..f..f.3f.ff..f..f..f+.f+3f+ff+.f+.f+.fU.fU3fUffU.fU.fU.f..f.3f.ff..f..f..f..f.3f.ff..f..f..f..f.3f.ff.f..f..f..f.3f.ff..f..f.......3..f.........+..+3.+f.+..+.+..U..U3.Uf.U..U.U......3..f.............3..f.............3..f............3..f.............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U....3.f.........3.f...........3..f.............3..f..............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.....................!.......,...............H......*\....#J.H....3j.... C..I...(S.\...0c.I...8s.....@.>d....G-@.G.)...J.).U.....j4../.ru. TB]c....Ve.d.......xI.........dz4.)..B.......U[po..T.m..e....]<....i%......

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, CFF, length 33752, version 0.0
Category:	downloaded
Size (bytes):	33752
Entropy (8bit):	7.984139047245452
Encrypted:	false
SSDEEP:	768:8VyJ64rZFHKtB7wvkAKE0/40pQeOSHKOfITzE1SRSgyTAIW4l8:mbeZJOSvkFB/40p/HKOfI8gyTAcC
MD5:	4DE7535F6F5DF8D5437C21C068DDB0EC
SHA1:	3553204B4624CA41CF1C4F3BD9B37D8C968CBA23
SHA-256:	8F6A520A392FF62149E5FC5AA87BFAB9B3816CD6010D4D4FCA194E8683CA498B
SHA-512:	E2A9B45F69BD1CBCF0D5F3710BECFACF6A28AF0A9FD034262F6AF4803628DADCE4C2FCC385758F88130AB68D362F3694ED786D0971CF7FD7E8FAF6CD1C2860DE
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/olive/fonts/2.11.0/maven_pro_bold.woff
Preview:	wOFFOTTO...........x........................CFF ......Om......FFTM...h........Z...GDEF..T........ ....GPOS..TH..-....DiP}7GSUB..T(... ... l.t.OS/2.......H...`...Ccmap.......\|....#G..head...0...3...6....hhea...d... ...$.U.>hmtx.......Q...X.Xl7maxp..............P.name.......4....N...post........... .j.fx.c`d```d8...l<..W.n...8..2.F.../..)...:..&.(..v...x.c`d``../........g.2.EP.5.......P.....x.c`b.......u..1...<.f........p...).,fP`P...._....N.u05..X.@r.L.GP..x.m.1O.A.....(...XL...K....+.[...-..@.A....6..K...e#.x..\|.......^.p..PzV...s...=7q.O..z..+.xn.R=Q.....m.Y.......s..><........6n..c.lq@..klPC.....!".,AJ.`N.e.&.L....F..7g..&..w<.J...P..M-..@.Q.Kz.yn.)dRg...B..J...v:....gR.vFC..N.2....PF0..=.)V.,..{..LY.g"...;9..]p..2n!f....IW67..a.%.mO..-......iXax.c```f.`..F..8..1..,..........P..a)........L..(.(H).)().)X).QTz..........@....1.AU.+H(.UZBU2.................n...}.`...V=X.`.I...Q8.z....#..A.L.,.l...\.<.\|...B.".b...R.2.r...J..j...Z.:.z...F.&.f...V.6.v...N...n...

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23649)
Category:	downloaded
Size (bytes):	23820
Entropy (8bit):	5.3264795696156755
Encrypted:	false
SSDEEP:	384:P46A89tRtqdKdQ0DE6ppGvbJLxLb07z6D3:n59PtqdKBDE6px7z6D3
MD5:	AF4725803A1C4CD80ACB7A7C4A81110B
SHA1:	6DAF5742828ABC0560F7B8661B986DE42ABF8306
SHA-256:	F3D8E97FF1BB6EDC836D0788B5A78AFCA4860386B248DF4B4BC32AB63E72B339
SHA-512:	17EE249C9BF3098F3A7C55AA186237620F47B8F72EF1BB0A9AAB8839DB90E85C3930581AB08E38D57D43C284565734621A1214D67DBF065FEBB9E41544E53132
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.7868.js?cs=fcaa93b2cf7a598002ad
Preview:	/! For license information please see signing_iframeless_mobile.7868.js.LICENSE.txt /."use strict";(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[7868],{48475:function(e,t,o){o.d(t,{O:function(){return oe}});var r=o(43516),n=o(75090),a=o(7384),i=o.n(a),l=o(11504),d=o(3268),c=o.n(d),p=o(96168),s=o(55636),f=o(55456),u=o(95132),b=o(46356),v=o(64512),x=o(54464),m=o(23e3),g=o(17752),h=o(81352),w=o(62472),y=o(18552),k=o(19813),C=o(6592),E=o.n(C),S=o(58320),A=o(23524),R=o(44280),z=o(35716),B={base:e=>{var t,o=e.props,r=e.tokens,n=!(null==o\|\|!o.disableArrow),a=!(null==o\|\|!o.preventOverflow),i=!n&&!a;return{default:{popover:{zIndex:A.c.Callout},wrap:{backgroundColor:r.modal.backgroundColor,borderRadius:"2px",boxShadow:E()(t="0 0 0 1px ".concat(r.modal.borderColor,", ")).call(t,r.elevation.low),color:S.c.black,display:"block",position:"relative","&::before":i&&{border:"solid transparent",borderWidth:"11px",content:'""',display:"block",pointerEvents:"none",position:"abso

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65448)
Category:	downloaded
Size (bytes):	532425
Entropy (8bit):	5.331105827814599
Encrypted:	false
SSDEEP:	6144:F1xIlzUUqLQ5vaoE3RHaUQUU42KVtLW0355aVt0AdVnUDSu:JIIQvaoMRHaUQUU42StLW03vaVt0nSu
MD5:	37D3E81979D1329C9A17C16C6C0B4AC4
SHA1:	41E07AD3EB64E807A658302390C5A57E52377F3D
SHA-256:	3071863E3EBDA01F1931DB48BDA4B572070BD4982DD57EB14440A6AAA4C73D59
SHA-512:	915F18BDCD5741D1CF4D6F5DF4B34B5A831070B7996DD7C0578BE6869D1DB3B55954819A028F39C2F7261D6E346B2A6F721F77F3C8917332AFE8EE2C649AA27F
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.6672.js?cs=3d0b8e54911681e6964f
Preview:	/! For license information please see signing_iframeless_mobile.6672.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[6672],{64400:function(e,t,n){var r=n(13624);e.exports=(r.default\|\|r).template({1:function(e,t,n,r,i){var a,o,s=null!=t?t:e.nullContext\|\|{},c=e.hooks.helperMissing,l="function",u=e.escapeExpression,d=e.lookupProperty\|\|function(e,t){if(Object.prototype.hasOwnProperty.call(e,t))return e[t]};return" <"+u(typeof(o=null!=(o=d(n,"htmlTag")\|\|(null!=t?d(t,"htmlTag"):t))?o:c)===l?o.call(s,{name:"htmlTag",hash:{},data:i,loc:{start:{line:3,column:3},end:{line:3,column:14}}}):o)+'\n class="pdf-ua_'+u(typeof(o=null!=(o=d(n,"tag")\|\|(null!=t?d(t,"tag"):t))?o:c)===l?o.call(s,{name:"tag",hash:{},data:i,loc:{start:{line:4,column:18},end:{line:4,column:25}}}):o)+"_"+u(typeof(o=null!=(o=d(n,"pathString")\|\|(null!=t?d(t,"pathString"):t))?o:c)===l?o.call(s,{name:"pathString",hash:{},data:i,loc:{start:{line:4,column:26},end:{line:4,column:40}}}):o)+"

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	20
Entropy (8bit):	3.921928094887362
Encrypted:	false
SSDEEP:	3:acDan:zDan
MD5:	1000A6CAF7299F030F5C73974CCD617E
SHA1:	44C1943894BE0A43D5F1176C085F82A9CF75DAAA
SHA-256:	BB107868145E022BC860243BF8E7144DB9F5350D02F73F9EF56F70C3B89A2BEB
SHA-512:	5864B198DC92823E2F166D2F594BF37B28F53CC0786D4680EB47B3B91D8C3ED831C446AF833EBF5E43A2F03336B8EBE17DDAC57AF5B03F835DE7F15FC551D294
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/signing/cdn-reporter.js
Preview:	window.cdnReport();

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (65448)
Category:	downloaded
Size (bytes):	71940
Entropy (8bit):	5.352908945557062
Encrypted:	false
SSDEEP:	1536:2Yu+DzDjUHBRJp/u1VR0jnKqlTrSEUELt1Wq:zPDzDjUHBRJpm1QKqDd1Wq
MD5:	9B77D503E6E40B9EC40CC05068C4F6B0
SHA1:	668F210D30FBA706D71DD19421D466F672E68C5E
SHA-256:	8B30012277A5A52D32AE45130E38012A651A981186DA78CFFB19918F24FDBEEE
SHA-512:	80E3DAF6FB04471EFF087CFE59DBE54E50AFB292F55C0A2895DA1F2600E7121B0F6D05D3D6DDF779E15BFFFE5AB25609B0F1DDE68470282230DAC27E38E28FC7
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.1684.js?cs=173085af0a809e111632
Preview:	/! For license information please see signing_iframeless_mobile.1684.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[1684],{39840:function(e,t,n){var r=n(13624);e.exports=(r.default\|\|r).template({1:function(e,t,n,r,i){var o=e.lookupProperty\|\|function(e,t){if(Object.prototype.hasOwnProperty.call(e,t))return e[t]};return" "+e.escapeExpression((o(n,"getResource")\|\|t&&o(t,"getResource")\|\|e.hooks.helperMissing).call(null!=t?t:e.nullContext\|\|{},"DocuSign_NotarizeError",{name:"getResource",hash:{},data:i,loc:{start:{line:1,column:57},end:{line:1,column:97}}}))+" "},3:function(e,t,n,r,i){var o=e.lookupProperty\|\|function(e,t){if(Object.prototype.hasOwnProperty.call(e,t))return e[t]};return" "+e.escapeExpression((o(n,"getResource")\|\|t&&o(t,"getResource")\|\|e.hooks.helperMissing).call(null!=t?t:e.nullContext\|\|{},"DocuSign_NotarizeWarning",{name:"getResource",hash:{},data:i,loc:{start:{line:1,column:107},end:{line:1,column:149}}}))+" "},5:function(e,t,n,r,i

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13242)
Category:	downloaded
Size (bytes):	13413
Entropy (8bit):	5.36942249645651
Encrypted:	false
SSDEEP:	192:44M9CbStMeZuexE2AQ//Uj9h0iP7qedbI7hkubejxhlgXUODCkhqlhCRzXaDXbDX:44KCKM9y//Uj92edMhJel2G7l8RDWXbr
MD5:	AA0BB38D201D9EB7E5C9E0EA4BE80792
SHA1:	6AD2F44B704F8EA79718CDBA081DBD414A6637D6
SHA-256:	2CA01F23E5683592F3302C68137A8475CD0ABE3FE9D0AED5E501F93A2DA44D70
SHA-512:	084D5732D01C56D5F029B7EBCD0D124239F8522CC9438D792E6C0FF225F7BDDFB44F3C9109068C7398FF8141344548151B260AADE35F5BBAE7A9B24E916A2C70
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.9184.js?cs=f210df034c60505a2820
Preview:	/! For license information please see signing_iframeless_mobile.9184.js.LICENSE.txt /."use strict";(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[9184],{52800:function(e,r,a){a.d(r,{K:function(){return b}});var t=a(43516),n=a(75090),i=(a(11504),a(3268)),d=a.n(i),o=a(46356),l=a(3723),s=a(17752),c=a(23104),p={base:e=>{var r=e.tokens,a=e.props;return{default:{wrap:(0,c.c)((0,c.c)({},r.typography.detailSmall),{},{display:"error"===a.kind?"flex":void 0,margin:0,padding:0,svg:{fill:"currentColor",marginInlineEnd:"8px"}})},helper:{wrap:{color:r.text.subtleColor}},error:{wrap:{color:r.text.errorColor}},disabled:{cursor:"not-allowed",opacity:r.form.disabledOpacity}}}},u=a(40848),f=["children","disabled","id","kind"],m=["error","helper"];function b(e){var r=e.children,a=e.disabled,i=void 0!==a&&a,d=e.id,c=e.kind,m=void 0===c?"helper":c,b=(0,n.c)(e,f),x=(0,s.G)(p,{children:r,id:d,kind:m}),h="error"===m&&(0,u.jsx)(l._,{kind:"pebbleError"}),v=[x.default.wrap,x[m].wrap,i&&x

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65448)
Category:	downloaded
Size (bytes):	159159
Entropy (8bit):	5.284191137326956
Encrypted:	false
SSDEEP:	3072:1B4kZbGYVg4O9PjIlf37KiNrnznkWX+c4d3Y5vyhCduEZYOgGS+z:MkZbGYVg4cPSf7rI0+c45YcGSY
MD5:	F1CACFF1D8C524865D21895836550E24
SHA1:	F7B969BEF44A15869B7C9C0ECBCDB01FD424B9DB
SHA-256:	A383FA595672D1684EB03453B4048919765D46507A9D5B44459D93A9CF9D53A3
SHA-512:	73E1D10A5B82E1E82B51D9D52027C38AB18C84F9F8677E9B9CA2F8F8939CAAB443FA14D512A4595C317B6081882BB6F8DF95528A7DA7AD1A5C67FB77950C6932
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.7848.js?cs=4cdde76379d301ca016f
Preview:	/! For license information please see signing_iframeless_mobile.7848.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[7848],{19320:function(t){for(var n=self.crypto\|\|self.msCrypto,e="-_",a=36;a--;)e+=a.toString(36);for(a=36;a---10;)e+=a.toString(36).toUpperCase();t.exports=function(t){var o="",r=n.getRandomValues(new Uint8Array(t\|\|21));for(a=t\|\|21;a--;)o+=e[63&r[a]];return o}},89560:function(t,n,e){"use strict";e.d(n,{ks:function(){return Li},cz:function(){return zi},OA:function(){return Bi}}),"undefined"==typeof Proxy&&(self.Proxy=function t(){!function(t,n){if(!(t instanceof n))throw new TypeError("Cannot call a class as a function")}(this,t)});var a=e(10131),o=e(96732);function r(){var t;return r=a?o(t=a).call(t):function(t){for(var n=1;n<arguments.length;n++){var e=arguments[n];for(var a in e)Object.prototype.hasOwnProperty.call(e,a)&&(t[a]=e[a])}return t},r.apply(this,arguments)}var i=e(432),s=e(20264),c=e(19800);function l(t,n){if(null==t)

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	29480
Entropy (8bit):	5.096884644489562
Encrypted:	false
SSDEEP:	384:V2aDjE5+4bQbYqafCuOGV6bhebZb2bAbntfCrsUw6we3fJVGy:X4CJqCxBp
MD5:	E5600279938AB5FD3D877E2DD30021FC
SHA1:	1C00B775BF6DF9C3A2C4D16C3DD87F44E989662A
SHA-256:	1AF04A32AC0EE0174D14E67FD1BBE759BBF5FE8CE0622605B2661EAEF4D07DCA
SHA-512:	A83E76A619ABDE492C7C04B98F5B9F61849BB6681DD6BE9CE6390F1D877016DB4D9276424F634ED1B81CB22124556A94B802610F589D7727C644FEAF37D674BA
Malicious:	false
Reputation:	low
URL:	https://cdn.optimizely.com/datafiles/TbNUKk2WA8BzXGs1sj3K8.json
Preview:	{"accountId": "275532918", "projectId": "20084925044", "revision": "2218", "attributes": [{"id": "20186401010", "key": "isBranded"}, {"id": "20195597153", "key": "isCompletedEmailNotificationEnabled"}, {"id": "20203483991", "key": "isMobile"}, {"id": "20205312882", "key": "isUserAccounted"}, {"id": "20207234882", "key": "language"}, {"id": "20207630262", "key": "country"}, {"id": "20218952064", "key": "isLastSigner"}, {"id": "20330146452", "key": "browser"}, {"id": "20330792890", "key": "environment"}, {"id": "20644900025", "key": "ds_a"}, {"id": "21121790361", "key": "IPAddress"}, {"id": "23060870973", "key": "senderAccountId"}, {"id": "23767381356", "key": "branded"}, {"id": "28244570321", "key": "recipientEmailDomain"}, {"id": "28335080019", "key": "site"}], "audiences": [{"name": "Force Enabled PSP Sender Accounts - Prod", "conditions": "[\"and\", [\"or\", [\"or\", {\"match\": \"exact\", \"name\": \"senderAccountId\", \"type\": \"custom_attribute\", \"value\": \"1d647807-efdb-46c6-

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	326
Entropy (8bit):	6.860674885804344
Encrypted:	false
SSDEEP:	6:6v/lhPe/6TsR/rnMXvFGVAkFjqYCm8BQ5XIYDg/jruT0l8pgVy6EybrNcVp:6v/7m/6Ts/rnAF4nFWF5BQWdae82yXys
MD5:	AFE00DB89CE086B91A541C227EDBF136
SHA1:	961B2EE6FB39C4D515BDC49EC1BA688B0916F104
SHA-256:	E11827C678AF8519E702F364E525AC34509CAD49F8D839677E089949EDDA060E
SHA-512:	85F265A917E83BA92FEDB2152FBFADA273FCFF2937A85B080641307FD2E61D0138493162883E016796C9F68062A01D79DA60F546EFC2CB1FB4078760EB3451F0
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR................a....pHYs.................sRGB.........gAMA......a.....IDATx.....0...Uq...UP.\|..v.K.>.O`.$.[.B....'pvJ}..B..P.h...I.!.rs.%.$....O"r!.I.m....J..........U.. ..F[.....j4<...6.b6.T!x..Y..]..;._.,..........K.F..b.~.$..M.......M....,...i....*.z...x8."C.r.{.2~.~........x...B.G.6.....IEND.B`.

Chrome Cache Entry: 134

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (61862)
Category:	downloaded
Size (bytes):	145323
Entropy (8bit):	5.784271222111901
Encrypted:	false
SSDEEP:	1536:ZpHG/Rh5pzxH2geiqIkB5ifgG111gGOEeACyFMkgdfQYBLz9e:fYRzpzxH20qM+kgdfK
MD5:	897848EE1FD41F8041DEAF2588FEDC58
SHA1:	776FEEF7C1B9CFA7236BCD25798AA7E48A7A4550
SHA-256:	92B44C79CAAEE8FB028A53468447CB6D06CAA26E06B65CEE588FAC46440ECF1D
SHA-512:	F26BC2FE06D88717D53CE3E5742E564E54BC1AD3CEB6F5DA6B73A15CE6AF0C096F379875AC60F33E450B5089DB877865C5502CC2F0AD6290BC24A0609892D9E9
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.6376.js?cs=63674c328fb9bb475436
Preview:	/! For license information please see signing_iframeless_mobile.6376.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[6376],{85632:function(e,a,t){"use strict";t.d(a,{s:function(){return j}});var r=t(11504),n=t(89520),i=t(89560),o=t(55456),s=t(34088),d=t(53032),l=t(62472),c=t(66608),u=t(30096).c.white,m="rgba(25, 24, 35, 0.15)",y="1px solid ".concat(m),p={left:0,bottom:0,right:0,borderTop:y,boxShadow:"0px -32px 64px 0 ".concat(m)},_={top:0,bottom:0,left:0,borderRight:y,boxShadow:"32px 0px 64px 0 ".concat(m)},v={top:0,bottom:0,right:0,borderLeft:y,boxShadow:"32px 0px 64px 0 ".concat(m)},f={boxShadow:"none"},h=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"left",a={label:"REVEAL_CONTAINER",backgroundColor:u,position:"fixed",overflow:arguments.length>1&&void 0!==arguments[1]?arguments[1]:"hidden",zIndex:800},t=!(arguments.length>2?arguments[2]:void 0)&&f,r="bottom"===e?p:"right"===e?v:_;return(0,n.c)((0,n.c)((0,n.c)({},a),

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 200 x 200
Category:	dropped
Size (bytes):	17425
Entropy (8bit):	7.926019263070381
Encrypted:	false
SSDEEP:	384:z7v19/FDoeEG/lZuz0FFZtLX8hN8ovyhwvbwJClKN4J1s8rA:z7v7/VjEGHcGFDX8JKhwRlKaxE
MD5:	5F32E0AA2C7298B478152B9FD2EBB3D2
SHA1:	69982449E7AE6111779AB2D6FF18A26028381472
SHA-256:	CAEDC368429D6BB35E678AAC43574DAC770F236A55D25FD13BC3A06FB21B1E1A
SHA-512:	E498BBBF4F14143FDA0E316F6BEC19E0A5DD5286DACDCD50DC7D5D67400A797939CE4F016FE37D74A55DD0968922D0959BDDCF1392A010592B86D7BC77DFB4CE
Malicious:	false
Reputation:	low
Preview:	GIF89a............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.........3..3.33.f3..3..3..3+.3+33+f3+.3+.3+.3U.3U33Uf3U.3U.3U.3..3.33.f3..3..3..3..3.33.f3..3..3..3..3.33.f3.3..3..3..3.33.f3..3..3..f..f.3f.ff..f..f..f+.f+3f+ff+.f+.f+.fU.fU3fUffU.fU.fU.f..f.3f.ff..f..f..f..f.3f.ff..f..f..f..f.3f.ff.f..f..f..f.3f.ff..f..f.......3..f.........+..+3.+f.+..+.+..U..U3.Uf.U..U.U......3..f.............3..f.............3..f............3..f.............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U....3.f.........3.f...........3..f.............3..f..............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.....................!.......,...............L_=...",xp .h..A..m.A..'B..O..h.%Z.x.`..CjL.1Z=}....Qf......o.L......#E..}...g.>=&}:U.S.I.>....R.Z.>...#Y.f.2.H.hZ....{..[...n...cC..7b..W..[./...mR.~..5,.r..v3S..Y.[.l..E..o..GO.^.....

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	downloaded
Size (bytes):	136176
Entropy (8bit):	5.178493842753391
Encrypted:	false
SSDEEP:	1536:8prIg2sdtEyE4aoo/Iy4onqRmn4r4B52zqdiq85fhdsbPvLKaSlMaQLp9jj:AtcqoIzqdiqcsRSlMzn
MD5:	190913587E7767A800817CBD88CF0B8B
SHA1:	457AD10EFCF996E378EF76631CDAACCBAFB8CFAE
SHA-256:	1A284295679AE0E8C918509B99A454FAED71E7B313551A6BDC7A30C92AC50495
SHA-512:	4195F37F9083543E3252CDC78BB246B2369E603D92B51571AD11207BCB09E2BFF7E5B973988554C1A46538177E88AF34B0B97AF03315D90BC720D82F542F6BDA
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.olive.js?cs=9667a7c2007c8b4b5b0c
Preview:	/! For license information please see signing_iframeless_mobile.olive.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[3784],{83788:function(e){e.exports=function(e){function t(i){if(n[i])return n[i].exports;var o=n[i]={exports:{},id:i,loaded:!1};return e[i].call(o.exports,o,o.exports,t),o.loaded=!0,o.exports}var n={};return t.m=e,t.c=n,t.p="/",t(0)}([function(e,t,n){"use strict";n(1),n(2),n(3);var i=n(76);i.keys().forEach((function(e){i(e)}))},function(e,t,n){"use strict";!function(e,t){e.config={closePopoverOnEsc:!0,closePopoverOnClickAnywhere:!0,debug:!1,isAutoInitEnabled:!0},e.version="17.20.0",e.KEYS={tab:9,enter:13,esc:27,left:37,up:38,right:39,down:40},e.l10n={close:"Close",characterLimit:"{{REMAINING}} (maximum {{MAX}} characters)"},e.init=function(e){var t=[],n={add:function(e){return t.push(e),n},run:function(){var e;for(e=0;e<t.length;e++)t[e]();return n},afterLoad:function(){e.config.isAutoInitEnabled&&e.init.run(),e.util.polyfillFle

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	29480
Entropy (8bit):	5.096884644489562
Encrypted:	false
SSDEEP:	384:V2aDjE5+4bQbYqafCuOGV6bhebZb2bAbntfCrsUw6we3fJVGy:X4CJqCxBp
MD5:	E5600279938AB5FD3D877E2DD30021FC
SHA1:	1C00B775BF6DF9C3A2C4D16C3DD87F44E989662A
SHA-256:	1AF04A32AC0EE0174D14E67FD1BBE759BBF5FE8CE0622605B2661EAEF4D07DCA
SHA-512:	A83E76A619ABDE492C7C04B98F5B9F61849BB6681DD6BE9CE6390F1D877016DB4D9276424F634ED1B81CB22124556A94B802610F589D7727C644FEAF37D674BA
Malicious:	false
Reputation:	low
Preview:	{"accountId": "275532918", "projectId": "20084925044", "revision": "2218", "attributes": [{"id": "20186401010", "key": "isBranded"}, {"id": "20195597153", "key": "isCompletedEmailNotificationEnabled"}, {"id": "20203483991", "key": "isMobile"}, {"id": "20205312882", "key": "isUserAccounted"}, {"id": "20207234882", "key": "language"}, {"id": "20207630262", "key": "country"}, {"id": "20218952064", "key": "isLastSigner"}, {"id": "20330146452", "key": "browser"}, {"id": "20330792890", "key": "environment"}, {"id": "20644900025", "key": "ds_a"}, {"id": "21121790361", "key": "IPAddress"}, {"id": "23060870973", "key": "senderAccountId"}, {"id": "23767381356", "key": "branded"}, {"id": "28244570321", "key": "recipientEmailDomain"}, {"id": "28335080019", "key": "site"}], "audiences": [{"name": "Force Enabled PSP Sender Accounts - Prod", "conditions": "[\"and\", [\"or\", [\"or\", {\"match\": \"exact\", \"name\": \"senderAccountId\", \"type\": \"custom_attribute\", \"value\": \"1d647807-efdb-46c6-

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11789)
Category:	downloaded
Size (bytes):	11958
Entropy (8bit):	5.249045828990391
Encrypted:	false
SSDEEP:	192:64mNpeWrlCKqPmMAA+LhGHaqnzsxtQSfq2+IGVkyLeNM7MS8n0vuCbc1cqoa:64m3rEb+D0ctQSh+IGVvqMTn21cna
MD5:	BAD9DC30565F2862AA4367FA48FD43FD
SHA1:	EBD42C26150D4F9D08D62A38BF5E2B2FB0B4FD32
SHA-256:	F82ED28D3D41C8F4E2C6A1623896FA76A363A4A87835C97AAE750549B055E417
SHA-512:	D5226B1A6E9C47327A6AD81F16906AEFCD8564AD16B9E19F339D20DA00250AF16B634824E81C62371FB9F5FF510F3252AFC57AB6792323A7482F74181DCB4C2A
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.884.js?cs=66acf70d0cf11f54b351
Preview:	/! For license information please see signing_iframeless_mobile.884.js.LICENSE.txt /."use strict";(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[884],{70884:function(e,t,r){r(61088),r(47192),r(26456),r(21992),r(80168),r(85179),r(94976),r(85120),r(31432),r(12084),r(55331),r(25744),r(11056),r(32048),r(27164),r(53224),r(19672),r(39952),r(71088),r(84204);var n=r(95132),o=r(70572),i=r(78068),a=["SearchExperience"];function c(){c=function(){return e};var e={},t=Object.prototype,r=t.hasOwnProperty,n=Object.defineProperty\|\|function(e,t,r){e[t]=r.value},o="function"==typeof Symbol?Symbol:{},i=o.iterator\|\|"@@iterator",a=o.asyncIterator\|\|"@@asyncIterator",s=o.toStringTag\|\|"@@toStringTag";function u(e,t,r){return Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}),e[t]}try{u({},"")}catch(e){u=function(e,t,r){return e[t]=r}}function l(e,t,r,o){var i=t&&t.prototype instanceof p?t:p,a=Object.create(i.prototype),c=new S(o\|\|[]);return n(a,"_invoke",{

Chrome Cache Entry: 139

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.137537511266052
Encrypted:	false
SSDEEP:	3:hdLUnnBRn:hdLUBRn
MD5:	15773BD842174B268631A9B454013EE2
SHA1:	732BE8BB4EF5B7E645CC32E4E00908637AF40410
SHA-256:	D813A1BAA5CA5A75513228489D66F71C2A4CA4FAB71EAD1544008D148C8D6C3D
SHA-512:	4B94EA6CF5C3CD7AB8E99EE92DBF6614B100C2E3999B2D6C12649AADF554AF8F16FE342CA082D5B76B9106598F9775D295BB7E93AA277575EE3146B3D9489935
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSFwnLstEuCR194xIFDf7GfnYSBQ2iwItr?alt=proto
Preview:	ChIKBw3+xn52GgAKBw2iwItrGgA=

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	257
Entropy (8bit):	4.936853809456331
Encrypted:	false
SSDEEP:	6:tnrwdhC/i3mc4sl5RIFnzrnUg3QxUn3voPt0Bd+5IABcL0n:trwdU/i3vqZ/nnGevR2RBcL+
MD5:	6E132855B6DDD5C7A1FA7DAD2C9FE964
SHA1:	0342D3665682749F7C312B8B1EE6A169FA4C68C5
SHA-256:	06DADA60F95EF29D2483D66D0412FF1EE698503F7E29DAE26403F6C5E071507F
SHA-512:	F3314BB8BFC2D262F98FAE116DC50A38BDB2A6AD2D6950BD42BBA43457A934B68894AD8C0952E7C2286E31433185DA1424CAC3048CE47AB0B2A0338C14210761
Malicious:	false
Reputation:	low
Preview:	<svg width="24" height="24" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg">. <path d="M13.36 15H20V4H4v11h5v3.114L13.36 15zM4 2h16c1.105 0 2 .895 2 2v11c0 1.105-.895 2-2 2h-6l-7 5v-5H4c-1.105 0-2-.895-2-2V4c0-1.105.895-2 2-2z" fill="#333"/>.</svg>.

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	3728
Entropy (8bit):	4.718277261919778
Encrypted:	false
SSDEEP:	96:JvfEcg0UqvMcOAvXa4zwjo0HtedznCOpKpFWgot:5Ecg04cXvXa4f0Y4p0
MD5:	EC396047518A7FEF11D53D1B4F6BE65B
SHA1:	E3BEC4CDAF5567641517A23019ADBFA2328B0A7F
SHA-256:	8F77CFC832517C619BC1B8D82A6A478EE18D97442B4C78B006B0286CEC91E1A8
SHA-512:	34AD62B5CC5EE5C950F340D65800102AE1CD06D34D24A611E7AC2CB9F23308AC96AC669D3B226C258DC6F862D985030EC3D5BB29609ECFEDF34E14F8F48529EB
Malicious:	false
Reputation:	low
Preview:	<?xml version="1.0" encoding="utf-8"?>. Generator: Adobe Illustrator 28.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->.<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px".. viewBox="0 0 1200 241.4" style="enable-background:new 0 0 1200 241.4;" xml:space="preserve">.<style type="text/css">...st0{fill:#4C00FF;}...st1{fill:#FF5252;}.</style>.<g>..<g>...<g>....<path d="M1169.2,109.7v78.7h-28.9v-73.5c0-17.9-7.7-27.9-22.7-27.9s-24.9,10.5-27.7,28.1c-0.8,4.2-1,10.7-1,24.4v48.8H1060v-125.....h25.6c0.1,1.1,0.7,12.3,0.7,13c0,0.9,1.1,1.4,1.8,0.8c10.6-8.4,22.3-16.2,38.6-16.2C1153.5,60.9,1169.2,79,1169.2,109.7z"/>....<path d="M1013.4,63.4l-0.9,14.3c-0.1,0.9-1.2,1.4-1.8,0.8c-3.5-3.3-16.4-17.5-38.3-17.5c-31.4,0-54.5,27.1-54.5,63.9l0,0.....c0,37.3,22.9,64.5,54.5,64.5c21.1,0,34-13.7,36.4-16.7c0.7-0.8,2-0.3,2,0.7c-0.3,3.8-0.8,13.3-4,21.4c-4,10.2-13,19.7-31.1,19.7.....c-14.9,0-28.1-5.7-40.6-17.9L920,217.3c13.7,15.5,35

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 145 x 60
Category:	downloaded
Size (bytes):	5469
Entropy (8bit):	7.404941626697962
Encrypted:	false
SSDEEP:	96:IvklPN/PqPZ8M86x9pOa36SrhE/knsz7BklPN/n:IIFHqPZbx9tKSrhtseFf
MD5:	097D652B65DEC6E954C335739754FC61
SHA1:	83155314927200EC3B9951246D0C1C3B631B088A
SHA-256:	00E709E22EA18FB242C2F41290179522537ABEC841EEF2655D17E02B36CFDC7A
SHA-512:	DE13A4A8CCEC57F7AF23143D55A93AF581D04F6066DF5C0D0B910DEC17EA0EA430621ACD88A25422A5180F37EDAC44A6746051BCE942F8D5E07BF8842A3F08EB
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/imgs/transparentLoader.gif
Preview:	GIF89a..<...............................................................................................................................................................................................!..NETSCAPE2.0.....!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.154911, 2013/10/29-11:47:16 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:6952efb6-7b37-44ad-8f49-fb6d57787754" xmpMM:DocumentID="xmp.did:CC4E39E8547B11E4960B8D7E59B6B241" xmpMM:InstanceID="xmp.iid:CC4E39E7547B11E4960B8D7E59B6B241" xmp:CreatorTool="Adobe Photoshop CC (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:22335ebf-8a2f-43c0-a35d-602b0ebe7cf3" stRef:documentID="xmp.did:695

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (34237)
Category:	downloaded
Size (bytes):	34408
Entropy (8bit):	5.321866492184854
Encrypted:	false
SSDEEP:	768:PCaTUQmC6snH2OC8CRy+LUtcEb+1rv+PUtcEh+dFcuSCmx:lmCX1thQLtbV
MD5:	F856B3D4370812023CBDAF061A941EF6
SHA1:	AAAE0E7B14A73D805A4C46821FADB5EB051E7E39
SHA-256:	01E118A62A7C5E11D435A84C6310FDDB4C794B4F494EDE00F43BBF31BA7CADA1
SHA-512:	A6AF1DFCCA7E07D3430B69FE51F7779B4BF092BAA6A8510371FC783CF0360341F70A7242B7D5C9D8FCF328AF96ED8F9F34DBA4201803F07BFBF4B0B8ACB3A096
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.4464.js?cs=4ab3b353e5891c2ecc9e
Preview:	/! For license information please see signing_iframeless_mobile.4464.js.LICENSE.txt /."use strict";(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[4464],{41416:function(e,t,r){r.d(t,{y:function(){return j},Q:function(){return I}}),r(61088),r(53224),r(39952),r(27164),r(27632),r(26972),r(74016);var n=r(11504),o=r(65512),a=r(94070),i=r(86160),c=r(94956),u=(r(85179),r(21992),r(94976),r(85120),r(79800),r(73656),r(94107),r(49896),r(86832),r(38252),r(47240),r(52288),r(15396),r(82480),r(21952),r(55036),r(54736),r(32520),r(57768),r(54068),r(17368),r(9624),r(71088),r(84204),r(37588)),l=r.n(u),s=r(56212),h=r(25796),f=r(57792),p=r(7416),d=r(8328),v=r(49099),y=r(47601);function m(e,t){return function(e){if(Array.isArray(e))return e}(e)\|\|function(e,t){var r=null==e?null:"undefined"!=typeof Symbol&&e[Symbol.iterator]\|\|e["@@iterator"];if(null!=r){var n,o,a,i,c=[],u=!0,l=!1;try{if(a=(r=r.call(e)).next,0===t){if(Object(r)!==r)return;u=!1}else for(;!(u=(n=a.call(r)).done)&&(c.pus

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21484)
Category:	downloaded
Size (bytes):	21667
Entropy (8bit):	5.480072094899249
Encrypted:	false
SSDEEP:	384:24ciemBvtrwK/Xmubx+OQ/xfjLOmwazYdvfg0XD6jtxujYy8ptBj:8Fm9tr/2ubx+OsZy9asgQ+txujqptBj
MD5:	A317CC5DA2D4CA558A374A505F86F4A0
SHA1:	781E4EE418AA11E00959C0B4203A3D87A98A20D4
SHA-256:	916A2619BC6275416FCA1476BD0ABC2BDCE1F24821CA7E3576380E15D0F13259
SHA-512:	2E627A1AB6B36B73CC465AEF7DA2C376199CB584A9AE90F567EB551C6BEF006942BD814A6CD85844BFB9A70A298473C8DFA3EC3AE545DFD3072A2C562FB5EE16
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.optimizely.js?cs=c7d76e3ff78852b62b0c
Preview:	/! For license information please see signing_iframeless_mobile.optimizely.js.LICENSE.txt /."use strict";(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[7716],{40480:function(t,e,r){r.d(e,{AB:function(){return o},AJ:function(){return f},CK:function(){return u},CU:function(){return n},ET:function(){return p},GM:function(){return a},G_:function(){return b},If:function(){return w},KM:function(){return d},MD:function(){return v},OO:function(){return _},Ou:function(){return m},UX:function(){return c},Wm:function(){return h},Y9:function(){return C},YR:function(){return S},_m:function(){return g},cL:function(){return y},cr:function(){return x},cz:function(){return i},kx:function(){return s},nT:function(){return l}});var n="POST SIGN - ACCOUNTED - LOGIN",i="POST SIGN - ACCOUNTED - Failed to Load",o="Save A Copy - Close Dialog",a="Save A Copy - Create Account",s="Save A Copy - Create Account Failure",c="Save A Copy - Download - Combined PDF",u="Save A Copy - Download -

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (16717)
Category:	downloaded
Size (bytes):	16888
Entropy (8bit):	5.304225071053587
Encrypted:	false
SSDEEP:	384:t4mz5ybTgZTyTyEmsUJURmJqhpny/Ay82JrHGw3+euhJ21Z7gnf87CQNmc/37:D5uTgZTy+ERUmAMhYHfHjg2r7gSV37
MD5:	92D61B50E00F80FC75A8C22CA4C0B43B
SHA1:	C060D52D62B7517A891BDD80E1ABD803C1C51D21
SHA-256:	04C9B5B71035630AF29F27E44B2B055F98FA280A7F3530FD4C4E2031569E2603
SHA-512:	5D5C609EF2DF373A0C214D3DC2FC64BE0C5806E2FA7AD7C861FE654C1DAAE0FCEEDA74ABBB9810197F6EDCEDBE10ADEED9234E14FD657212887168E1DF1B84BA
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.2120.js?cs=4a36ae26f13c80e35384
Preview:	/! For license information please see signing_iframeless_mobile.2120.js.LICENSE.txt /."use strict";(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[2120],{2120:function(e,t,s){s(12084),s(27632),s(75300),s(9624),s(74016),s(57768),s(54068);var n=s(37588),i=s.n(n),r=s(49268),o=s(47601);t.c=function(e,t,s){var n,a,l,u=e.ss\|\|{},p=/^\s+/,h=/\s+$/,c=/[xy]/g,d=/.(\/\|\\)/,f=/.[.]/,_=/[\t\r\n]/g,g=Object.prototype.toString.call(e.HTMLElement).indexOf("Constructor")>0,m=t.createElement("input");return m.type="file",n="multiple"in m&&"undefined"!=typeof File&&void 0!==(new XMLHttpRequest).upload,u.obj2string=function(e,t){var s=[];for(var n in e)if(Object.prototype.hasOwnProperty.call(e,n)){var i=t?t+"["+n+"]":n,r=e[n];s.push("object"==typeof r?u.obj2string(r,i):encodeURIComponent(i)+"="+encodeURIComponent(r))}return s.join("&")},u.extendObj=function(e,t){for(var s in t)Object.prototype.hasOwnProperty.call(t,s)&&(e[s]=t[s])},u.contains=function(e,t){for(var s=e.length;s--

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	996
Entropy (8bit):	7.667690083187348
Encrypted:	false
SSDEEP:	12:6v/78EUMdg6AUGUutzYXPuP8vi3nKS/s8NkTo/P/6iYLGQ3rjWRBZZSNG35wlE31:MAQutzME6Is85nQ3rjyBZZ2lEVza6C81
MD5:	F4B52A4EB3D0CDD585A73EADE7CC734A
SHA1:	00BD17DB2EA7F845910C713CBFF3A6719D59A1EC
SHA-256:	94BACE793EA5F351B65F5B2948BEB949B01FB811274A3F8EB8D52B9719A149BB
SHA-512:	763AF2EADA1D18687D5A4B2BD8323A10D93CC22AE4E78139446D7DDDB617631CE55B695F24D07DF5FAD14B48F0674E56BD031B4DDC50AFCE013F320CF6447EAC
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/imgs/icon_avatar.png
Preview:	.PNG........IHDR...P...P............tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Kr.@...S2...l...,\|.T..@\|.N.8.."....... +....T..B..Dw..Z@..W.=.M.{&..?.}.>..vnT..0h.._>..{.w.LR.}.<.tri5l3.U..D.@.....Jjq....=4....m?\|^,..m.>{s.x.\.....j.z.........l.`...8L1..Z.t..@7......<s;.1...N.<:zg>\|....s.vC].....^...P..%..B._. r.....lU.`..7U.e.B..+`.+.Y.....;.Mr.X.aW....lF/....Q..%p.f.@1.e.@...r.>.M.>...K.U...R{..P..T{.&....z".....T.......RZ....Xd...(>@.>..\......@..x.-...l3............M....$r!l.v%.........a....&.../Hr.lU..!...M.m...N&.....bV.......Y...ww..!...}<.. tsNV....."..3....@o..s....;.....c...@..nG. .v4...:.KJ.o>.JX$..r..:.....M.... .,....u.1.."`r.FH..n^....q..Z.<.tB...).6$......f..6..D'op...G...W...vy.t...u?]...,W..."...T.dV....%G...p./E..ie..6..i.!.4.>......^E...I.:......U..2.al.#.@x..VU..1IY....l.E.......l..%....v!l..y[..../.2%..z[...Z..}g.......%..Q,......7.B...B%....6.`\&o....%e.ML..[%....2.}..J%!..bH-C..(..2......zb2..3..+..X.(K.......IEND.B`.

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65443)
Category:	downloaded
Size (bytes):	267097
Entropy (8bit):	5.342903862707273
Encrypted:	false
SSDEEP:	3072:8wcftEVixYTxYQRYYNqAkgBjQgGAmrRTcoaacbfkzLkFyX00p:8UU+TxYQRYMdSTqYUzA
MD5:	EE4DB06ED4862663B9E84888B1449BB3
SHA1:	868557B6051BAA0448C0757A41E13CC214DB673D
SHA-256:	7252C0CB7D8378D4FE778844672D11818FED42A4DE3517D226C659237DA87E2A
SHA-512:	156C9403541B0E149FDF5DC68DFB7D875D8598F5C904512A2BDB3FC230304D50FB9E8DB30C4DF75E282F6B33C58A38AD31CA3528AAE6C2C0259F9C54D3C92D97
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.react-app.js?cs=44f8b8155b9edcd9ac92
Preview:	/! For license information please see signing_iframeless_mobile.react-app.js.LICENSE.txt /."use strict";(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[536,2676],{20672:function(e,t,r){r.r(t),r.d(t,{fetchAccessToken:function(){return S},fetchAccessTokenWithMultipleOrigins:function(){return v},postAuthError:function(){return w},postMessageEventTypes:function(){return O}}),r(12084);var n=r(37588),o=r.n(n),i=(r(47192),r(26456),r(21992),r(80168),{disabled:"disabled",noAllowedOrigins:"noAllowedOrigins",invalidOrigin:"invalidOrigin",invalidTimeout:"invalidTimeout",timeout:"timeout",invalidAccessToken:"invalidAccessToken",postMessagingFailed:"postMessagingFailed"}),a={notaryAuth:"notaryAuth",notaryAccessToken:"notaryAccessToken",notaryAuthError:"notaryAuthError"},l=i,c=a,s=r(47601),u=r(99020),d=c,f=l,p=(r(35312),r(18580),r(73992),r(9624),r(53224),r(39952),function(e,t){var r=function(r){if(0===r.origin.toUpperCase().indexOf(e.toUpperCase())&&(null==(o=r.data)?void 0:o

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 44 x 44
Category:	dropped
Size (bytes):	3745
Entropy (8bit):	7.319238994753888
Encrypted:	false
SSDEEP:	48:Hu2/EvnLJnOcLJ3JK/L8GlRq8weMpUVCvoIhy7bEhCcmR687yHxl:Nklla/Jnq8vkNhjolyRl
MD5:	DEBD77E543E64173837073B5751ABB08
SHA1:	71577CA453893F08A57A63953B836E8198D878AF
SHA-256:	ECDF09E611F9FC3875113D06E39110DE786C9A46BB7F596F7F8AFEE1C0D75A3D
SHA-512:	0FB269F547FFB69E59448FA4E9E234DC4E9B381D5336947C12113D7A1DEC71A7D9EC4F6B2841C032EA1E3FB6E68328D34C1EE1B94761171E523AFBFA962280F2
Malicious:	false
Reputation:	low
Preview:	GIF89a,.,..2.+++RRRCCCTTT---LLLiii###SSS777@@@EEE888666KKK&&&NNN333%%%<<<000......>>>QQQ(((bbb......WWW...999,,,.................tttuuu$$$...zzzXXXmmm......UUU"""..........................................!..NETSCAPE2.0.....!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.154911, 2013/10/29-11:47:16 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:6952efb6-7b37-44ad-8f49-fb6d57787754" xmpMM:DocumentID="xmp.did:CC4E39EC547B11E4960B8D7E59B6B241" xmpMM:InstanceID="xmp.iid:CC4E39EB547B11E4960B8D7E59B6B241" xmp:CreatorTool="Adobe Photoshop CC (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6189959b-1072-4052-a607-820f04aae975" stRef:documentID="xmp.did:695

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	326
Entropy (8bit):	6.860674885804344
Encrypted:	false
SSDEEP:	6:6v/lhPe/6TsR/rnMXvFGVAkFjqYCm8BQ5XIYDg/jruT0l8pgVy6EybrNcVp:6v/7m/6Ts/rnAF4nFWF5BQWdae82yXys
MD5:	AFE00DB89CE086B91A541C227EDBF136
SHA1:	961B2EE6FB39C4D515BDC49EC1BA688B0916F104
SHA-256:	E11827C678AF8519E702F364E525AC34509CAD49F8D839677E089949EDDA060E
SHA-512:	85F265A917E83BA92FEDB2152FBFADA273FCFF2937A85B080641307FD2E61D0138493162883E016796C9F68062A01D79DA60F546EFC2CB1FB4078760EB3451F0
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/olive/images/2.63.0/global-assets/ds-icons-favicon-default-16x16.png
Preview:	.PNG........IHDR................a....pHYs.................sRGB.........gAMA......a.....IDATx.....0...Uq...UP.\|..v.K.>.O`.$.[.B....'pvJ}..B..P.h...I.!.rs.%.$....O"r!.I.m....J..........U.. ..F[.....j4<...6.b6.T!x..Y..]..;._.,..........K.F..b.~.$..M.......M....,...i....*.z...x8."C.r.{.2~.~........x...B.G.6.....IEND.B`.

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	23
Entropy (8bit):	2.9140163035068447
Encrypted:	false
SSDEEP:	3:fzjS9:fC
MD5:	84100B349395F367D41A8B44D0020355
SHA1:	676BB250F143F6C863C58C79B4CA1ABF7312DF00
SHA-256:	5EAE3F71BE133111621E17FEE9DC04578D885A74EAF4D40AAC9634B7DB4B5459
SHA-512:	ED8456F12F188F50E15D845B240AA62195709005505A59CB5A6033C139D902DF4D504873B80E7156D79358AC901A779DBD3CA6C0010BF16D5FE18C77385081CE
Malicious:	false
Reputation:	low
Preview:	<success>true</success>

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 37560, version 1.0
Category:	downloaded
Size (bytes):	37560
Entropy (8bit):	7.986336222628645
Encrypted:	false
SSDEEP:	768:LFg7GVJ6kU5VXtwAmsgqioep+spJaIKsuo+e4dc+csTfC/DuRD6rSNN:Gxp3SnsGDdEIZmxTq/Du6sN
MD5:	B9D0556A2C620A939D54C63BE3DF6C6C
SHA1:	97968884D4C5A93C46AB1334CE9E9156C694EA4D
SHA-256:	90973DB3F26FE86B648EC735F3183B44902E5CEDF2B1A042402BAC39DA70404F
SHA-512:	37B59878D38EC5E9CEFB9877E53D616696FE430298CE4F26D61DBBD7402F2867554E25DBD78BA95C445BC145EA469895BE43E2BD30C1906B8D27D8AF14E84EDA
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/olive/fonts/2.11.0/HelveticaNeueW01-75Bold.woff
Preview:	wOFF..............=4........................LTSH............F.jOS/2...8...V...`e<..VDMX.......m....sPz.cmap...............cvt .......>...>....fpgm...........b2Msfgasp................glyf......m'...h/z..hdmx..u@.......(..'.head.......6...6..2.hhea....... ...$...Ghmtx...(.......x.j..kern...$.......<...loca.............i.vmaxp....... ... ....name.......e.......post........... ...2prep... ............x.5.!..0.....6.....y......"d...H8.....;...vg."3.v../..^.,...m...c.d[.N5.. ..x...xSH...I....H...g.,(.....[J.80.#.a...M<.......n.....)..}J.F.qc_1N....iD?....x.c`f.a.........................9X.@....A_......\|<...........N0.g...3..X.N1(.!...J.h..x...c`.....w.....m.p..m..k..Zm............@..#..N..N...d...$3.Yf!.."..ld....s....IN..\27.e....4.O.'.,@.Y.....,....E(".RT....P...%dIJ.R...)m...,KYY.r.<.e.X...(+QIV..T...J...Ue5...2..T.5.!kQS...Cm...ud=.....R_6.....a#...4.Mh,...biFS.f...eKZX...R...lMk.FF.6..me{.......`Qt...L'..+]d7.Z$..&{.]....EO.^.A.z.....+.....@.9..r...

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (21884)
Category:	downloaded
Size (bytes):	22060
Entropy (8bit):	5.426943259559083
Encrypted:	false
SSDEEP:	384:P4U/+ScvO7ADufhz3ZpBmo+2b8l3WOHctYfZcqUW8RXRfX0v3:mWd/pwoFW/fZcqX8xpEv3
MD5:	19213DF8CB6E0979F497A613B1CC7A59
SHA1:	5B90E1344E06909F47097CCDD8AC3722F603838F
SHA-256:	3AD05702AB7044779F0E22A42DFFE1C0BFEB546D27D06F1ED7D8A1E19FC1199B
SHA-512:	B4B264AFF64B61C079D2AE01E6B18998B3D763A7ECFA800F6BCD788476BFCD8555185AF9D31A7107CEA2DCA2FE65279F16B76B2E1E3AA0D61FD183A06ED46E6F
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.9368.js?cs=32e361ef9d9a180a8d84
Preview:	/! For license information please see signing_iframeless_mobile.9368.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[9368],{20072:function(e,t,r){var n=r(49924),s=r(10152),i=r(95032),a=Array,o=Math.max;e.exports=function(e,t,r){for(var u=s(e),h=n(t,u),f=n(void 0===r?u:r,u),c=a(o(f-h,0)),l=0;h<f;h++,l++)i(c,l,e[h]);return c.length=l,c}},47972:function(e,t,r){var n=r(20072),s=Math.floor,i=function(e,t){var r=e.length,u=s(r/2);return r<8?a(e,t):o(e,i(n(e,0,u),t),i(n(e,u),t),t)},a=function(e,t){for(var r,n,s=e.length,i=1;i<s;){for(n=i,r=e[i];n&&t(e[n-1],r)>0;)e[n]=e[--n];n!==i++&&(e[n]=r)}return e},o=function(e,t,r,n){for(var s=t.length,i=r.length,a=0,o=0;a<s\|\|o<i;)e[a+o]=a<s&&o<i?n(t[a],r[o])<=0?t[a++]:r[o++]:a<s?t[a++]:r[o++];return e};e.exports=i},99584:function(e,t,r){"use strict";var n=r(376),s=r(49352),i=r(79132),a=r(40996),o=r(13008),u=r(17928),h=r(30008),f=r(58648),c=r(88048),l=Object.assign,p=Object.defineProperty,g=s([].concat);e.exports=

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (62117)
Category:	downloaded
Size (bytes):	62288
Entropy (8bit):	5.395524706323823
Encrypted:	false
SSDEEP:	768:hOFraWRpFAMtWBAgMhGtcL88WCa0Gd116D1vGDUGBW3dbHlA2FU:hArUuWBQhGmLvGd116D1vG4GoFU
MD5:	C709560D3A5E7FB5EA2EE45F31453DCA
SHA1:	7D56654E25D9A216117EB758AB90B940DB312314
SHA-256:	7D7C3910597ADF79BAF8293816032988178BFB27D64BF354E74693A04D037A13
SHA-512:	37D7796A7D5DAC65B95A29031D84EE5353F3D815BDDB5E2C3EF97D8F6EFA9B98147A40B993D0A22C9FA46D95D6BFA96487C22FDA920B5899FD7DFF7BBD8CD033
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.1392.js?cs=d0d987af42e2df2619e2
Preview:	/! For license information please see signing_iframeless_mobile.1392.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[1392],{55328:function(e,t,n){"use strict";n.d(t,{U:function(){return o}});var o=function(){return"undefined"!=typeof window&&"documentMode"in window.document}},95240:function(e,t,n){"use strict";n.d(t,{a:function(){return i},y:function(){return a}});var o=n(60488),r=n.n(o),i=["[contenteditable]",'[tabindex]:not([tabindex="-1"])',"details","embed","iframe","a[href]","audio[controls]","img[usemap]",'menu[type="toolbar"]',"object[usemap]","video[controls]","button:not([disabled])",'input:not([disabled]):not([type="hidden"])',"select:not([disabled])","textarea:not([disabled])"].join(", "),a=function(e){return r()(e.querySelectorAll(i))}},53032:function(e,t,n){"use strict";n.d(t,{M7:function(){return s},Oy:function(){return g},W6:function(){return p},YL:function(){return c},e6:function(){return f},g3:function(){return a},iM:function

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65438)
Category:	downloaded
Size (bytes):	107648
Entropy (8bit):	5.528209838976464
Encrypted:	false
SSDEEP:	768:xkgk+IVmSCSlJZ8Q7h3pkNsB1iVVvtbKTTmNavmcHVlLvLAu1X6G84+MdgUSAyWy:oVHpn4E1iImNa931PLq3pm13m9
MD5:	D33ABE3CC710444C881B2D0FEE913295
SHA1:	5DFF05D6B8DC622A5DE015404914615297686CA3
SHA-256:	09E7A8624D5D7B86B70D2AEE5654981D211AD556AE50BF37B2D68949950A6DA5
SHA-512:	17A9A5B0238149A9654C3EEDAF662EE8EB32953402C8351870E8669F2D3EDC60EBDA3B1F9C0ACB14ECA7E10EB730CCB7FCD6690F03C45C7394CAE646C42E7932
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.optimizely-sdk.js?cs=f5eda4cf8fddb37fad1e
Preview:	/! For license information please see signing_iframeless_mobile.optimizely-sdk.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[4596],{84364:function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0});var n=r(31100),i=function(){function e(){this.errorCount=0}return e.prototype.getDelay=function(){return 0===this.errorCount?0:1e3n.BACKOFF_BASE_WAIT_SECONDS_BY_ERROR_COUNT[Math.min(n.BACKOFF_BASE_WAIT_SECONDS_BY_ERROR_COUNT.length-1,this.errorCount)]+Math.round(1e3Math.random())},e.prototype.countError=function(){this.errorCount<n.BACKOFF_BASE_WAIT_SECONDS_BY_ERROR_COUNT.length-1&&this.errorCount++},e.prototype.reset=function(){this.errorCount=0},e}();t.default=i},55096:function(e,t,r){"use strict";var n,i=this&&this.__extends\|\|(n=function(e,t){return n=Object.setPrototypeOf\|\|{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}\|\|function(e,t){for(var r in t)t.hasOwnProperty(r)&&(e[r]=t[r])},n(e,t)},function(e,t){functio

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (16384)
Category:	downloaded
Size (bytes):	16553
Entropy (8bit):	5.490728623101971
Encrypted:	false
SSDEEP:	384:k4RRB3XWYREQc2tKcLqcuskVoMrpESpJDArKO3Ara9d6r8Io7WdSmJY/jw:/RBnWYrkiJudVoMrpESDw3KInIBd6w
MD5:	676B998BBCAC362E1190838CF49DBEF3
SHA1:	5097FAA88E3C7F857C9B804B378AB9390E7E90EE
SHA-256:	1B4FC92A2F81310CD2811027E11316633AAB180E8FBF67727A3B4975FD726796
SHA-512:	D55E4C5E4D50DC326275CE07AA7FFB66EE24B7D328CF184E90EA3A821CA2219338E3E00B5B94693415D73EA08453FC11E67F4A7BA0E7CE7103608ACDA064E462
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.580.js?cs=1ac122f1d5c3e061a61e
Preview:	/! For license information please see signing_iframeless_mobile.580.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[580],{34008:function(t,e,i){"use strict";var n=i(46331),o=i(82576),s=i(96648),r=i(10152),h=i(11452),a=Math.min,c=[].lastIndexOf,u=!!c&&1/[1].lastIndexOf(1,-0)<0,d=h("lastIndexOf"),l=u\|\|!d;t.exports=l?function(t){if(u)return n(c,this,arguments)\|\|0;var e=o(this),i=r(e),h=i-1;for(arguments.length>1&&(h=a(h,s(arguments[1]))),h<0&&(h=i+h);h>=0;h--)if(h in e&&e[h]===t)return h\|\|0;return-1}:c},73320:function(t,e,i){var n=i(22808),o=i(34008);n({target:"Array",proto:!0,forced:o!==[].lastIndexOf},{lastIndexOf:o})},35904:function(t,e,i){"use strict";var n=i(376),o=i(5775),s=i(58648),r=i(10152),h=i(80972);n&&(h(Array.prototype,"lastIndex",{configurable:!0,get:function(){var t=s(this),e=r(t);return 0==e?0:e-1}}),o("lastIndex"))},74336:function(t,e,i){"use strict";i.d(e,{Cy:function(){return n}});class n{constructor(){this._dataLength=0,this._b

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	3728
Entropy (8bit):	4.718277261919778
Encrypted:	false
SSDEEP:	96:JvfEcg0UqvMcOAvXa4zwjo0HtedznCOpKpFWgot:5Ecg04cXvXa4f0Y4p0
MD5:	EC396047518A7FEF11D53D1B4F6BE65B
SHA1:	E3BEC4CDAF5567641517A23019ADBFA2328B0A7F
SHA-256:	8F77CFC832517C619BC1B8D82A6A478EE18D97442B4C78B006B0286CEC91E1A8
SHA-512:	34AD62B5CC5EE5C950F340D65800102AE1CD06D34D24A611E7AC2CB9F23308AC96AC669D3B226C258DC6F862D985030EC3D5BB29609ECFEDF34E14F8F48529EB
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/olive/images/2.63.0/global-assets/ds-logo-default.svg
Preview:	<?xml version="1.0" encoding="utf-8"?>. Generator: Adobe Illustrator 28.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->.<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px".. viewBox="0 0 1200 241.4" style="enable-background:new 0 0 1200 241.4;" xml:space="preserve">.<style type="text/css">...st0{fill:#4C00FF;}...st1{fill:#FF5252;}.</style>.<g>..<g>...<g>....<path d="M1169.2,109.7v78.7h-28.9v-73.5c0-17.9-7.7-27.9-22.7-27.9s-24.9,10.5-27.7,28.1c-0.8,4.2-1,10.7-1,24.4v48.8H1060v-125.....h25.6c0.1,1.1,0.7,12.3,0.7,13c0,0.9,1.1,1.4,1.8,0.8c10.6-8.4,22.3-16.2,38.6-16.2C1153.5,60.9,1169.2,79,1169.2,109.7z"/>....<path d="M1013.4,63.4l-0.9,14.3c-0.1,0.9-1.2,1.4-1.8,0.8c-3.5-3.3-16.4-17.5-38.3-17.5c-31.4,0-54.5,27.1-54.5,63.9l0,0.....c0,37.3,22.9,64.5,54.5,64.5c21.1,0,34-13.7,36.4-16.7c0.7-0.8,2-0.3,2,0.7c-0.3,3.8-0.8,13.3-4,21.4c-4,10.2-13,19.7-31.1,19.7.....c-14.9,0-28.1-5.7-40.6-17.9L920,217.3c13.7,15.5,35

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (19601)
Category:	downloaded
Size (bytes):	19796
Entropy (8bit):	5.195800787737084
Encrypted:	false
SSDEEP:	384:Bi4Ir9+mjnlijz3t0mhxUazAX9+mjnlijz3t0mhxUCaLyrI:xmTleTt0mhxUalmTleTt0mhxU3Lyc
MD5:	9F321C3E7FBA0F3E6D43F488ADC930A5
SHA1:	C280266808C4B23969DE943D0ACEBC04DEF4826F
SHA-256:	EEA48822A68BD5401D08780CBF238E118F52E7445B6EEAD09C5C5187EAA49BC6
SHA-512:	70D506BC02078C0419AD1348759A6A4E5459755886861F6CDE890355EF1EA73EE79E431CA0D71C6D1976C846D3E8EE5996382C3DC90367F0AF75580A761EF26A
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.ai-q-and-a-entry.js?cs=f76b241d0e5bda5b599a
Preview:	/! For license information please see signing_iframeless_mobile.ai-q-and-a-entry.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[2804],{95132:function(t,e,r){"use strict";r.d(e,{IL:function(){return u},UF:function(){return c},of:function(){return a}});var n=r(68996),o=r(69904),i=r(33536),a=function(){function t(e){(0,n.c)(this,t),(0,i.c)(this,"thunk",void 0),this.thunk=e}return(0,o.c)(t,[{key:"value",get:function(){return this.thunk()}}]),t}(),c=new a((function(){return window})),u=new a((function(){return document}))},64928:function(t,e,r){var n=r(22808),o=r(52976),i=r(95032);n({target:"Object",stat:!0},{fromEntries:function(t){var e={};return o(t,(function(t,r){i(e,t,r)}),{AS_ENTRIES:!0}),e}})},22064:function(t,e,r){"use strict";r.r(e),r(19672),r(53224),r(79800),r(73656),r(94107),r(49896),r(86832),r(38252),r(47240),r(52288),r(15396),r(82480),r(21952),r(55036),r(54736),r(32520),r(39952),r(71088),r(6988),r(90292),r(21992),r(40720),r(64928),r(61

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65445)
Category:	downloaded
Size (bytes):	914253
Entropy (8bit):	5.611933092870156
Encrypted:	false
SSDEEP:	12288:+3O0La4eLbid8BnB/RqmowndMwBAO3xmB:IbetqadMmL3xmB
MD5:	C3C54E671D8B3A0E0DB1E6C394D75885
SHA1:	71ED41E8165B0580E42AECF4462B064554101547
SHA-256:	1F6B2C9F37CD3AF4D4DCF33F123E7C932823C7A8A08E552F6065A393427B25D3
SHA-512:	0D546B6D55D7DADCBE272B7909A3E321A3BBAF3896763B202E269FD92C73E7825FB1675037F820A2206E2805C59DCEA1B58552A195FA6052FBCB023D52127CCB
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.172.js?cs=539be489332502f5e410
Preview:	/! For license information please see signing_iframeless_mobile.172.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[172,364],{4456:function(e,t,n){"use strict";n.d(t,{C:function(){return Ze}});var r=n(36980),o=n(99824),i=n(87403),a=n(49940),u=n(17600),s=n(19992),c=n(55072),l=n(52780),f=n(68400);function d(e,t){var n=r(e);if(o){var u=o(e);t&&(u=i(u).call(u,(function(t){return a(e,t).enumerable}))),n.push.apply(n,u)}return n}function p(e){for(var t=1;t<arguments.length;t++){var n,r,o=null!=arguments[t]?arguments[t]:{};t%2?u(n=d(Object(o),!0)).call(n,(function(t){(0,f.c)(e,t,o[t])})):s?c(e,s(o)):u(r=d(Object(o))).call(r,(function(t){l(e,t,a(o,t))}))}return e}var v=n(82204),h=n(39604),g=n(54716),m=n(3664),y=n.n(m),_=n(18108),w=n.n(_),E=n(74688),b=n.n(E),C=n(20796),T=n.n(C),x=n(31872),A=n.n(x),S={get:function(){return null},has:function(){return!1},forEach:function(){return""}},I=function e(t,n,r,o){(0,h.c)(this,e),(0,f.c)(this,"status",void 0),(0,f

Chrome Cache Entry: 97

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65247)
Category:	downloaded
Size (bytes):	154443
Entropy (8bit):	5.4492424518450715
Encrypted:	false
SSDEEP:	1536:6f95pU1kdP5srKnBrz9kdYCnf8OBW6oEpJGHQui8anueT7UrX2TYS:BkdParKJulfZc66s/7Urm0S
MD5:	958F1B034B93F045246502153AE2A125
SHA1:	FA9953118165B8372CD35BB1B1780B34D3982823
SHA-256:	F7BB75AB57789E3EE06B180A4B152834045E56AA82302B261C97384D875833E5
SHA-512:	9AD94C44B4E710870FB572C34B5FD6FD061E81A23E6D837A99DD5B91272D64ECD3FFA5DEEBDCB2EF96BED23BC6CE0D7083AE4DA7C9FD8D91C73C81AD0960F85C
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/signing_iframeless_mobile.6997.js?cs=81be006729ab69d6bc82
Preview:	/! For license information please see signing_iframeless_mobile.6997.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[6997],{88948:function(t,e,r){var n=r(92784),i=r(82504),a="EN-US";function o(t){return n.currencies[t.toUpperCase()]\|\|""}function s(t,e){return i.formatNumber(t,i.getNumberFormat(e,n.numberFormats))}e.formatNumber=function(t,e){return s(t,e=e?i.unifyLocale(e):a)},e.formatCurrencyNumber=function(t,e,r,u){r=r?i.unifyLocale(r):a,e=e.toUpperCase();var c={num:s(t,r),sym:o(e),iso:e},l=i.getCurrencyFormat(e,r,n.currencyFormats);return l=u?l[1]:l[0],i.replacePlaceholders(l,c)},e.getSymbol=o},82504:function(t,e){e.unifyLocale=function(t){return t.replace("_","-").toUpperCase()},e.getNumberFormat=function t(e,r){var n=r[e]\|\|r.DEFAULT;if(!n)return{LEAD_SEP:"",GROUP_SEP:"",DECIMAL_SEP:".",DECIMAL_NUM:2};var i=n.split("\|");return 4!==i.length?t("DEFAULT",r):{LEAD_SEP:i[0],GROUP_SEP:i[1],DECIMAL_SEP:i[2],DECIMAL_NUM:parseInt(i[3])}},e.getCurren

Chrome Cache Entry: 98

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 228 x 234
Category:	dropped
Size (bytes):	4248
Entropy (8bit):	7.5813594394257215
Encrypted:	false
SSDEEP:	96:tWU+uyG2H2tDb8Ba8N2vwcl1aLewEK2gmRm1BY82GQvgP:t7yG2W5b8B/24zLaK2gmedQ4P
MD5:	9F2E17B1A3A99C9D94E3FF82DD2AF341
SHA1:	25B20595E3D684A041F343672E043FCEA248B25A
SHA-256:	1860B1FBE187873D719CF45A9A02E32C942AFDE30077E55165855CCCBBF22CF1
SHA-512:	B61EEE4115C7AE6CD8FC234DE857989E3230FBED389CFC9FE04D0635453372225FC35E7A2348C1FC065897EDCD92A49A2B871A54138429C68BF0F165B5AC2C58
Malicious:	false
Reputation:	low
Preview:	GIF89a............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.........3..3.33.f3..3..3..3+.3+33+f3+.3+.3+.3U.3U33Uf3U.3U.3U.3..3.33.f3..3..3..3..3.33.f3..3..3..3..3.33.f3.3..3..3..3.33.f3..3..3..f..f.3f.ff..f..f..f+.f+3f+ff+.f+.f+.fU.fU3fUffU.fU.fU.f..f.3f.ff..f..f..f..f.3f.ff..f..f..f..f.3f.ff.f..f..f..f.3f.ff..f..f.......3..f.........+..+3.+f.+..+.+..U..U3.Uf.U..U.U......3..f.............3..f.............3..f............3..f.............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U....3.f.........3.f...........3..f.............3..f..............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.....................!.......,...............H......*\....#J.H....3j.... C..I...(S.\...0c.I...8s.....@.>d....G-@.G.)...J.).U.....j4../.ru. TB]c....Ve.d.......xI.........dz4.)..B.......U[po..T.m..e....]<....i%......

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	240748
Entropy (8bit):	5.092451370734677
Encrypted:	false
SSDEEP:	1536:baBhpy5W6DPDtHrI+t/UNqM0aBw2Zgq/BpDr2TKwC4psiB09UiFkET:oy5W6DPDtHrI+t/cCaBw2Z5NN9UiLT
MD5:	2C73DD9B48CB342C5FEB81C8A378B291
SHA1:	FA52BCA3CF57FFE2FBA82D3C923B1A3DE1E38E76
SHA-256:	DA90AEA8421C31DDAB9FADDF17FC9D1F7EE9B466786C8113F0C523DB8CB3F00C
SHA-512:	FA16248370983FFFE7DD3E1F68B988FF24D11633CC61C796EE285D06CB4368FBF647CE7805B57B6736038D7E961FD242529D7254938CB6F38217DFC1759B4047
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.3.40-5/olive/17.20.0/css/olive.min.css
Preview:	@font-face{font-family:olive-icons;font-style:normal;font-weight:400;src:url(../fonts/olive-icons.eot);src:url(../fonts/olive-icons.eot?#iefix) format("eot"),url(../fonts/olive-icons.woff) format("woff"),url(../fonts/olive-icons.ttf) format("truetype"),url(../fonts/olive-icons.svg#olive-icons) format("svg")}@-webkit-keyframes slightFadeInUp{0%{opacity:0;-webkit-transform:translate3d(0,5px,0);transform:translate3d(0,5px,0)}to{opacity:1;-webkit-transform:none;transform:none}}@keyframes slightFadeInUp{0%{opacity:0;-webkit-transform:translate3d(0,5px,0);transform:translate3d(0,5px,0)}to{opacity:1;-webkit-transform:none;transform:none}}@-webkit-keyframes scaleIn{0%{-webkit-transform:scale(0);transform:scale(0)}to{-webkit-transform:scale(1);transform:scale(1)}}@keyframes scaleIn{0%{-webkit-transform:scale(0);transform:scale(0)}to{-webkit-transform:scale(1);transform:scale(1)}}/! normalize.css v3.0.1 \| MIT License \| git.io/normalize /html{-ms-text-size-adjust:100%;-webkit-text-size-adjust:1

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 19, 2024 16:02:58.359571934 CEST	49673	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:02:58.359587908 CEST	49674	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:02:58.656464100 CEST	49672	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:03:07.968529940 CEST	49674	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:03:07.969007015 CEST	49673	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:03:08.267206907 CEST	49672	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:03:08.781267881 CEST	49713	443	192.168.2.6	35.162.217.246
Apr 19, 2024 16:03:08.781315088 CEST	443	49713	35.162.217.246	192.168.2.6
Apr 19, 2024 16:03:08.781436920 CEST	49713	443	192.168.2.6	35.162.217.246
Apr 19, 2024 16:03:08.809679985 CEST	49713	443	192.168.2.6	35.162.217.246
Apr 19, 2024 16:03:08.809703112 CEST	443	49713	35.162.217.246	192.168.2.6
Apr 19, 2024 16:03:09.126451969 CEST	49714	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:03:09.126492977 CEST	443	49714	64.233.176.106	192.168.2.6
Apr 19, 2024 16:03:09.126679897 CEST	49714	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:03:09.126914024 CEST	49714	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:03:09.126924992 CEST	443	49714	64.233.176.106	192.168.2.6
Apr 19, 2024 16:03:09.342478037 CEST	443	49713	35.162.217.246	192.168.2.6
Apr 19, 2024 16:03:09.344750881 CEST	443	49714	64.233.176.106	192.168.2.6
Apr 19, 2024 16:03:09.351872921 CEST	49714	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:03:09.351888895 CEST	443	49714	64.233.176.106	192.168.2.6
Apr 19, 2024 16:03:09.352061033 CEST	49713	443	192.168.2.6	35.162.217.246
Apr 19, 2024 16:03:09.352075100 CEST	443	49713	35.162.217.246	192.168.2.6
Apr 19, 2024 16:03:09.352983952 CEST	443	49714	64.233.176.106	192.168.2.6
Apr 19, 2024 16:03:09.353183031 CEST	49714	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:03:09.353471041 CEST	443	49713	35.162.217.246	192.168.2.6
Apr 19, 2024 16:03:09.353542089 CEST	49713	443	192.168.2.6	35.162.217.246
Apr 19, 2024 16:03:09.356559992 CEST	49713	443	192.168.2.6	35.162.217.246
Apr 19, 2024 16:03:09.356638908 CEST	443	49713	35.162.217.246	192.168.2.6
Apr 19, 2024 16:03:09.357026100 CEST	49713	443	192.168.2.6	35.162.217.246
Apr 19, 2024 16:03:09.357033014 CEST	443	49713	35.162.217.246	192.168.2.6
Apr 19, 2024 16:03:09.357161999 CEST	49714	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:03:09.357255936 CEST	443	49714	64.233.176.106	192.168.2.6
Apr 19, 2024 16:03:09.405797958 CEST	49714	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:03:09.405808926 CEST	49713	443	192.168.2.6	35.162.217.246
Apr 19, 2024 16:03:09.405819893 CEST	443	49714	64.233.176.106	192.168.2.6
Apr 19, 2024 16:03:09.452436924 CEST	49714	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:03:09.510925055 CEST	49722	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.510976076 CEST	443	49722	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.511085987 CEST	49722	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.511432886 CEST	49723	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.511461973 CEST	443	49723	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.511593103 CEST	49723	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.512146950 CEST	49723	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.512161970 CEST	443	49723	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.512506962 CEST	49722	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.512523890 CEST	443	49722	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.534061909 CEST	443	49713	35.162.217.246	192.168.2.6
Apr 19, 2024 16:03:09.534248114 CEST	443	49713	35.162.217.246	192.168.2.6
Apr 19, 2024 16:03:09.534303904 CEST	49713	443	192.168.2.6	35.162.217.246
Apr 19, 2024 16:03:09.536696911 CEST	49713	443	192.168.2.6	35.162.217.246
Apr 19, 2024 16:03:09.536720991 CEST	443	49713	35.162.217.246	192.168.2.6
Apr 19, 2024 16:03:09.659802914 CEST	443	49698	173.222.162.64	192.168.2.6
Apr 19, 2024 16:03:09.659912109 CEST	49698	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:03:09.730102062 CEST	443	49723	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.730365992 CEST	49723	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.730386019 CEST	443	49723	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.731393099 CEST	443	49723	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.731507063 CEST	49723	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.734132051 CEST	443	49722	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.734323025 CEST	49722	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.734357119 CEST	443	49722	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.735764980 CEST	443	49722	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.735831976 CEST	49722	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.954658985 CEST	49723	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.954894066 CEST	443	49723	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.955130100 CEST	49723	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.955147028 CEST	443	49723	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.955465078 CEST	49722	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.955665112 CEST	443	49722	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:09.956012964 CEST	49722	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:09.956033945 CEST	443	49722	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:10.008815050 CEST	49722	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:10.008891106 CEST	49723	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:10.190449953 CEST	443	49722	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:10.190606117 CEST	443	49722	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:10.190666914 CEST	49722	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:10.192689896 CEST	443	49723	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:10.192812920 CEST	443	49723	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:10.192883015 CEST	49723	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:10.195025921 CEST	49722	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:10.195044041 CEST	443	49722	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:10.197365046 CEST	49723	443	192.168.2.6	130.211.34.183
Apr 19, 2024 16:03:10.197376966 CEST	443	49723	130.211.34.183	192.168.2.6
Apr 19, 2024 16:03:10.945269108 CEST	49736	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:10.945307970 CEST	443	49736	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:10.945369005 CEST	49736	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:10.951055050 CEST	49736	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:10.951071024 CEST	443	49736	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:10.990931988 CEST	49738	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:10.990957975 CEST	443	49738	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:10.991056919 CEST	49738	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:10.991482973 CEST	49739	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:10.991511106 CEST	443	49739	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:10.991550922 CEST	49739	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:10.991970062 CEST	49738	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:10.991980076 CEST	443	49738	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:10.992582083 CEST	49739	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:10.992593050 CEST	443	49739	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.167268038 CEST	443	49736	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.167357922 CEST	49736	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.176839113 CEST	49736	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.176847935 CEST	443	49736	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.177068949 CEST	443	49736	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.206659079 CEST	443	49739	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.206712961 CEST	443	49738	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.207016945 CEST	49739	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.207031012 CEST	443	49739	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.207751036 CEST	49738	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.207762957 CEST	443	49738	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.208530903 CEST	443	49739	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.208599091 CEST	49739	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.208837032 CEST	443	49738	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.208899021 CEST	49738	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.209062099 CEST	49739	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.209146976 CEST	443	49739	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.209479094 CEST	49739	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.209487915 CEST	443	49739	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.210027933 CEST	49738	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.210092068 CEST	443	49738	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.210355997 CEST	49738	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.210361958 CEST	443	49738	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.218296051 CEST	49736	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.250214100 CEST	49739	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.264991999 CEST	49738	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.265883923 CEST	49736	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.312107086 CEST	443	49736	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.373080015 CEST	443	49736	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.373167038 CEST	443	49736	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.373217106 CEST	49736	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.373357058 CEST	49736	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.373368025 CEST	443	49736	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.373395920 CEST	49736	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.373400927 CEST	443	49736	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.410953999 CEST	49741	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.410988092 CEST	443	49741	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.411097050 CEST	49741	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.411417007 CEST	49741	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.411432981 CEST	443	49741	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.442935944 CEST	443	49738	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.443023920 CEST	443	49738	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.443078995 CEST	49738	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.443492889 CEST	49738	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.443506956 CEST	443	49738	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.445871115 CEST	443	49739	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.446204901 CEST	443	49739	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.446350098 CEST	49739	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.446459055 CEST	49739	443	192.168.2.6	35.186.241.51
Apr 19, 2024 16:03:11.446468115 CEST	443	49739	35.186.241.51	192.168.2.6
Apr 19, 2024 16:03:11.630407095 CEST	443	49741	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.630490065 CEST	49741	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.632018089 CEST	49741	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.632028103 CEST	443	49741	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.632380962 CEST	443	49741	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.633599043 CEST	49741	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:11.676116943 CEST	443	49741	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.837260962 CEST	443	49741	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.837524891 CEST	443	49741	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:11.837579966 CEST	49741	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:12.689835072 CEST	49741	443	192.168.2.6	184.31.62.93
Apr 19, 2024 16:03:12.689894915 CEST	443	49741	184.31.62.93	192.168.2.6
Apr 19, 2024 16:03:19.337013960 CEST	443	49714	64.233.176.106	192.168.2.6
Apr 19, 2024 16:03:19.337080002 CEST	443	49714	64.233.176.106	192.168.2.6
Apr 19, 2024 16:03:19.337127924 CEST	49714	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:03:19.874614954 CEST	49714	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:03:19.874644041 CEST	443	49714	64.233.176.106	192.168.2.6
Apr 19, 2024 16:03:22.698427916 CEST	49698	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:03:22.708018064 CEST	49698	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:03:22.851013899 CEST	443	49698	173.222.162.64	192.168.2.6
Apr 19, 2024 16:03:22.860599995 CEST	443	49698	173.222.162.64	192.168.2.6
Apr 19, 2024 16:03:22.921962976 CEST	49808	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:03:22.922019958 CEST	443	49808	173.222.162.64	192.168.2.6
Apr 19, 2024 16:03:22.922135115 CEST	49808	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:03:23.029607058 CEST	49808	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:03:23.029649019 CEST	443	49808	173.222.162.64	192.168.2.6
Apr 19, 2024 16:03:23.343502998 CEST	443	49808	173.222.162.64	192.168.2.6
Apr 19, 2024 16:03:23.343875885 CEST	49808	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:03:42.494785070 CEST	443	49808	173.222.162.64	192.168.2.6
Apr 19, 2024 16:03:42.494859934 CEST	49808	443	192.168.2.6	173.222.162.64
Apr 19, 2024 16:04:09.078336954 CEST	49818	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:04:09.078389883 CEST	443	49818	64.233.176.106	192.168.2.6
Apr 19, 2024 16:04:09.078491926 CEST	49818	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:04:09.079463959 CEST	49818	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:04:09.079489946 CEST	443	49818	64.233.176.106	192.168.2.6
Apr 19, 2024 16:04:09.297666073 CEST	443	49818	64.233.176.106	192.168.2.6
Apr 19, 2024 16:04:09.297988892 CEST	49818	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:04:09.298012018 CEST	443	49818	64.233.176.106	192.168.2.6
Apr 19, 2024 16:04:09.298443079 CEST	443	49818	64.233.176.106	192.168.2.6
Apr 19, 2024 16:04:09.298867941 CEST	49818	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:04:09.298934937 CEST	443	49818	64.233.176.106	192.168.2.6
Apr 19, 2024 16:04:09.342421055 CEST	49818	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:04:19.314070940 CEST	443	49818	64.233.176.106	192.168.2.6
Apr 19, 2024 16:04:19.314239979 CEST	443	49818	64.233.176.106	192.168.2.6
Apr 19, 2024 16:04:19.314344883 CEST	49818	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:04:20.265464067 CEST	49818	443	192.168.2.6	64.233.176.106
Apr 19, 2024 16:04:20.265505075 CEST	443	49818	64.233.176.106	192.168.2.6

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 19, 2024 16:03:04.975297928 CEST	53	57725	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:05.249205112 CEST	53	55618	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:05.849071980 CEST	53	52421	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:06.402096033 CEST	58783	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:06.402331114 CEST	49474	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:08.634366035 CEST	50563	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:08.634792089 CEST	62141	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:08.636363983 CEST	64345	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:08.636863947 CEST	58619	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:08.741528988 CEST	53	64345	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:08.776261091 CEST	53	58619	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:09.016696930 CEST	53713	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:09.019768953 CEST	53580	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:09.121468067 CEST	53	53713	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:09.124677896 CEST	53	53580	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:09.216670990 CEST	62211	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:09.217087984 CEST	57616	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:09.404758930 CEST	62646	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:09.405428886 CEST	64613	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:09.509166002 CEST	53	62646	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:09.509800911 CEST	53	64613	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:10.884938955 CEST	60147	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:10.885521889 CEST	62335	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:10.989406109 CEST	53	60147	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:10.990005970 CEST	53	62335	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:13.538985014 CEST	53708	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:13.539151907 CEST	58331	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:14.625662088 CEST	58432	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:14.626066923 CEST	61541	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:15.949965000 CEST	63386	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:15.950356960 CEST	60200	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:16.262233973 CEST	62298	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:16.262461901 CEST	63287	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:03:17.042653084 CEST	53	65533	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:22.878293991 CEST	53	49661	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:31.925848961 CEST	53	57139	1.1.1.1	192.168.2.6
Apr 19, 2024 16:03:42.967442036 CEST	53	63796	1.1.1.1	192.168.2.6
Apr 19, 2024 16:04:04.768508911 CEST	53	61457	1.1.1.1	192.168.2.6
Apr 19, 2024 16:04:07.073467970 CEST	53	59893	1.1.1.1	192.168.2.6
Apr 19, 2024 16:04:16.981689930 CEST	55644	53	192.168.2.6	1.1.1.1
Apr 19, 2024 16:04:16.982336998 CEST	60148	53	192.168.2.6	1.1.1.1

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Apr 19, 2024 16:03:16.121793985 CEST	192.168.2.6	1.1.1.1	c233	(Port unreachable)	Destination Unreachable
Apr 19, 2024 16:04:17.208431959 CEST	192.168.2.6	1.1.1.1	c265	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Apr 19, 2024 16:03:06.402096033 CEST	192.168.2.6	1.1.1.1	0xf694	Standard query (0)	na2.docusign.net	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:06.402331114 CEST	192.168.2.6	1.1.1.1	0x571d	Standard query (0)	na2.docusign.net	65	IN (0x0001)	false
Apr 19, 2024 16:03:08.634366035 CEST	192.168.2.6	1.1.1.1	0x600e	Standard query (0)	docucdn-a.akamaihd.net	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:08.634792089 CEST	192.168.2.6	1.1.1.1	0x6cb6	Standard query (0)	docucdn-a.akamaihd.net	65	IN (0x0001)	false
Apr 19, 2024 16:03:08.636363983 CEST	192.168.2.6	1.1.1.1	0xfb8	Standard query (0)	a.docusign.com	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:08.636863947 CEST	192.168.2.6	1.1.1.1	0xb295	Standard query (0)	a.docusign.com	65	IN (0x0001)	false
Apr 19, 2024 16:03:09.016696930 CEST	192.168.2.6	1.1.1.1	0x8e63	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:09.019768953 CEST	192.168.2.6	1.1.1.1	0xcc7f	Standard query (0)	www.google.com	65	IN (0x0001)	false
Apr 19, 2024 16:03:09.216670990 CEST	192.168.2.6	1.1.1.1	0xa549	Standard query (0)	docucdn-a.akamaihd.net	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:09.217087984 CEST	192.168.2.6	1.1.1.1	0xe8a3	Standard query (0)	docucdn-a.akamaihd.net	65	IN (0x0001)	false
Apr 19, 2024 16:03:09.404758930 CEST	192.168.2.6	1.1.1.1	0x6b21	Standard query (0)	api.mixpanel.com	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:09.405428886 CEST	192.168.2.6	1.1.1.1	0xe895	Standard query (0)	api.mixpanel.com	65	IN (0x0001)	false
Apr 19, 2024 16:03:10.884938955 CEST	192.168.2.6	1.1.1.1	0xc701	Standard query (0)	api.mixpanel.com	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:10.885521889 CEST	192.168.2.6	1.1.1.1	0xa67d	Standard query (0)	api.mixpanel.com	65	IN (0x0001)	false
Apr 19, 2024 16:03:13.538985014 CEST	192.168.2.6	1.1.1.1	0xe186	Standard query (0)	cdn.optimizely.com	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:13.539151907 CEST	192.168.2.6	1.1.1.1	0x3239	Standard query (0)	cdn.optimizely.com	65	IN (0x0001)	false
Apr 19, 2024 16:03:14.625662088 CEST	192.168.2.6	1.1.1.1	0x5d7e	Standard query (0)	na2.docusign.net	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:14.626066923 CEST	192.168.2.6	1.1.1.1	0xf4bc	Standard query (0)	na2.docusign.net	65	IN (0x0001)	false
Apr 19, 2024 16:03:15.949965000 CEST	192.168.2.6	1.1.1.1	0xea2d	Standard query (0)	na2.docusign.net	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:15.950356960 CEST	192.168.2.6	1.1.1.1	0x96ae	Standard query (0)	na2.docusign.net	65	IN (0x0001)	false
Apr 19, 2024 16:03:16.262233973 CEST	192.168.2.6	1.1.1.1	0xaeef	Standard query (0)	cdn.optimizely.com	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:16.262461901 CEST	192.168.2.6	1.1.1.1	0xb6ea	Standard query (0)	cdn.optimizely.com	65	IN (0x0001)	false
Apr 19, 2024 16:04:16.981689930 CEST	192.168.2.6	1.1.1.1	0x2dc7	Standard query (0)	na2.docusign.net	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:04:16.982336998 CEST	192.168.2.6	1.1.1.1	0xc97b	Standard query (0)	na2.docusign.net	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Apr 19, 2024 16:03:06.509257078 CEST	1.1.1.1	192.168.2.6	0x571d	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:06.509327888 CEST	1.1.1.1	192.168.2.6	0xf694	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:08.739628077 CEST	1.1.1.1	192.168.2.6	0x6cb6	No error (0)	docucdn-a.akamaihd.net	docucdn-a.akamaihd.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:08.740262032 CEST	1.1.1.1	192.168.2.6	0x600e	No error (0)	docucdn-a.akamaihd.net	docucdn-a.akamaihd.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:08.741528988 CEST	1.1.1.1	192.168.2.6	0xfb8	No error (0)	a.docusign.com	arya-1323461286.us-west-2.elb.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:08.741528988 CEST	1.1.1.1	192.168.2.6	0xfb8	No error (0)	arya-1323461286.us-west-2.elb.amazonaws.com		35.162.217.246	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:08.741528988 CEST	1.1.1.1	192.168.2.6	0xfb8	No error (0)	arya-1323461286.us-west-2.elb.amazonaws.com		54.186.38.246	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:08.741528988 CEST	1.1.1.1	192.168.2.6	0xfb8	No error (0)	arya-1323461286.us-west-2.elb.amazonaws.com		54.148.51.66	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:08.776261091 CEST	1.1.1.1	192.168.2.6	0xb295	No error (0)	a.docusign.com	arya-1323461286.us-west-2.elb.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:09.121468067 CEST	1.1.1.1	192.168.2.6	0x8e63	No error (0)	www.google.com		64.233.176.106	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:09.121468067 CEST	1.1.1.1	192.168.2.6	0x8e63	No error (0)	www.google.com		64.233.176.104	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:09.121468067 CEST	1.1.1.1	192.168.2.6	0x8e63	No error (0)	www.google.com		64.233.176.103	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:09.121468067 CEST	1.1.1.1	192.168.2.6	0x8e63	No error (0)	www.google.com		64.233.176.99	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:09.121468067 CEST	1.1.1.1	192.168.2.6	0x8e63	No error (0)	www.google.com		64.233.176.147	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:09.121468067 CEST	1.1.1.1	192.168.2.6	0x8e63	No error (0)	www.google.com		64.233.176.105	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:09.124677896 CEST	1.1.1.1	192.168.2.6	0xcc7f	No error (0)	www.google.com			65	IN (0x0001)	false
Apr 19, 2024 16:03:09.322384119 CEST	1.1.1.1	192.168.2.6	0xe8a3	No error (0)	docucdn-a.akamaihd.net	docucdn-a.akamaihd.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:09.322650909 CEST	1.1.1.1	192.168.2.6	0xa549	No error (0)	docucdn-a.akamaihd.net	docucdn-a.akamaihd.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:09.509166002 CEST	1.1.1.1	192.168.2.6	0x6b21	No error (0)	api.mixpanel.com		130.211.34.183	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:09.509166002 CEST	1.1.1.1	192.168.2.6	0x6b21	No error (0)	api.mixpanel.com		35.186.241.51	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:09.509166002 CEST	1.1.1.1	192.168.2.6	0x6b21	No error (0)	api.mixpanel.com		107.178.240.159	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:09.509166002 CEST	1.1.1.1	192.168.2.6	0x6b21	No error (0)	api.mixpanel.com		35.190.25.25	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:10.989406109 CEST	1.1.1.1	192.168.2.6	0xc701	No error (0)	api.mixpanel.com		35.186.241.51	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:10.989406109 CEST	1.1.1.1	192.168.2.6	0xc701	No error (0)	api.mixpanel.com		130.211.34.183	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:10.989406109 CEST	1.1.1.1	192.168.2.6	0xc701	No error (0)	api.mixpanel.com		35.190.25.25	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:10.989406109 CEST	1.1.1.1	192.168.2.6	0xc701	No error (0)	api.mixpanel.com		107.178.240.159	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:13.643709898 CEST	1.1.1.1	192.168.2.6	0xe186	No error (0)	cdn.optimizely.com	cdn.o6.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:13.644161940 CEST	1.1.1.1	192.168.2.6	0x3239	No error (0)	cdn.optimizely.com	cdn.o6.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:14.731420994 CEST	1.1.1.1	192.168.2.6	0x5d7e	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:14.735379934 CEST	1.1.1.1	192.168.2.6	0xf4bc	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:16.121663094 CEST	1.1.1.1	192.168.2.6	0xea2d	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:16.195472002 CEST	1.1.1.1	192.168.2.6	0x96ae	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:16.366934061 CEST	1.1.1.1	192.168.2.6	0xaeef	No error (0)	cdn.optimizely.com	cdn.o6.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:16.367047071 CEST	1.1.1.1	192.168.2.6	0xb6ea	No error (0)	cdn.optimizely.com	cdn.o6.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:20.356235981 CEST	1.1.1.1	192.168.2.6	0xc7e4	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:20.356235981 CEST	1.1.1.1	192.168.2.6	0xc7e4	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:35.214143991 CEST	1.1.1.1	192.168.2.6	0xe705	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:35.214143991 CEST	1.1.1.1	192.168.2.6	0xe705	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:03:59.042469025 CEST	1.1.1.1	192.168.2.6	0x5bd2	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:03:59.042469025 CEST	1.1.1.1	192.168.2.6	0x5bd2	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 19, 2024 16:04:17.086807966 CEST	1.1.1.1	192.168.2.6	0x2dc7	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:04:17.208344936 CEST	1.1.1.1	192.168.2.6	0xc97b	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:04:17.557787895 CEST	1.1.1.1	192.168.2.6	0x17a7	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 19, 2024 16:04:17.557787895 CEST	1.1.1.1	192.168.2.6	0x17a7	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

https:

a.docusign.com

api.mixpanel.com

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.6	49713	35.162.217.246	443	2120	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-19 14:03:09 UTC	540	OUT	GET /ds_arya_wrapper.min.js?f=1 HTTP/1.1 Host: a.docusign.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://na2.docusign.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-19 14:03:09 UTC	313	IN	HTTP/1.1 200 OK Date: Fri, 19 Apr 2024 14:03:09 GMT Content-Length: 631 Connection: close Server: DS-Arya Expires: Sat, 20 Apr 2024 14:03:09 GMT Cache-Control: max-age=86400 Set-Cookie: ds_a=3c996898-0318-41ee-8026-1a56f12736f8;Domain=.docusign.com;Max-Age=63072000;SameSite=None;Secure;Path=/;HttpOnly
2024-04-19 14:03:09 UTC	631	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 75 3d 74 68 69 73 3b 21 66 75 6e 63 74 69 6f 6e 28 6e 2c 74 2c 69 2c 66 2c 72 2c 65 2c 6f 29 7b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 29 72 65 74 75 72 6e 20 64 65 66 69 6e 65 28 6f 29 3b 66 26 26 66 5b 72 5d 3f 66 5b 72 5d 3d 6f 28 6e 2c 30 2c 21 30 2c 66 2c 72 2c 65 29 3a 75 5b 6e 5d 3d 6f 28 6e 2c 30 2c 21 30 2c 66 2c 72 2c 65 29 7d 28 22 44 53 5f 41 72 79 61 22 2c 30 2c 30 2c 75 2e 6d 6f 64 75 6c 65 2c 22 65 78 70 6f 72 74 73 22 2c 22 6c 65 6e 67 74 68 22 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 69 2c 6e 2c 66 2c 72 2c 65 2c 6f 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 75 3d 7b 7d 2c 63 3d 28 73 28 66 75 6e 63 74 Data Ascii: (function(){var u=this;!function(n,t,i,f,r,e,o){if("function"==typeof define&&define.amd)return define(o);f&&f[r]?f[r]=o(n,0,!0,f,r,e):u[n]=o(n,0,!0,f,r,e)}("DS_Arya",0,0,u.module,"exports","length",function(t,i,n,f,r,e,o){"use strict";var u={},c=(s(funct

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.6	49723	130.211.34.183	443	2120	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-19 14:03:09 UTC	1091	OUT	GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGVmNmFiMGFjYTNiOC0wMmVkNWViM2MwYWIzYy0yNjAzMWU1MS0xNDAwMDAtMThlZjZhYjBhY2IxYjUiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogIm5hMi5kb2N1c2lnbi5uZXQiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICIzMDRjY2JkZTI0ZDNiMTVmZmUyZDVkZTMwYzEwZGFiMiJ9fQ%3D%3D&ip=1&_=1713535388374 HTTP/1.1 Host: api.mixpanel.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://na2.docusign.net Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://na2.docusign.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-19 14:03:10 UTC	579	IN	HTTP/1.1 200 OK access-control-allow-credentials: true access-control-allow-headers: X-Requested-With access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: https://na2.docusign.net access-control-expose-headers: X-MP-CE-Backoff access-control-max-age: 1728000 cache-control: no-cache, no-store content-type: application/json strict-transport-security: max-age=604800; includeSubDomains date: Fri, 19 Apr 2024 14:03:10 GMT Content-Length: 1 x-envoy-upstream-service-time: 0 server: envoy Via: 1.1 google Alt-Svc: clear Connection: close
2024-04-19 14:03:10 UTC	1	IN	Data Raw: 31 Data Ascii: 1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.6	49722	130.211.34.183	443	2120	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-19 14:03:09 UTC	1091	OUT	GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGVmNmFiMGFkMDJhZi0wZjYzZjdkNGI3MzdkYS0yNjAzMWU1MS0xNDAwMDAtMThlZjZhYjBhZDEyMTMiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogIm5hMi5kb2N1c2lnbi5uZXQiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICI2MjQ0YmI5ZTMxZGY2ZDhkY2Y4YzQxMzVkZWZlNjQ2MCJ9fQ%3D%3D&ip=1&_=1713535388375 HTTP/1.1 Host: api.mixpanel.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://na2.docusign.net Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://na2.docusign.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-19 14:03:10 UTC	579	IN	HTTP/1.1 200 OK access-control-allow-credentials: true access-control-allow-headers: X-Requested-With access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: https://na2.docusign.net access-control-expose-headers: X-MP-CE-Backoff access-control-max-age: 1728000 cache-control: no-cache, no-store content-type: application/json strict-transport-security: max-age=604800; includeSubDomains date: Fri, 19 Apr 2024 14:03:10 GMT Content-Length: 1 x-envoy-upstream-service-time: 0 server: envoy Via: 1.1 google Alt-Svc: clear Connection: close
2024-04-19 14:03:10 UTC	1	IN	Data Raw: 31 Data Ascii: 1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.6	49739	35.186.241.51	443	2120	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-19 14:03:11 UTC	885	OUT	GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGVmNmFiMGFkMDJhZi0wZjYzZjdkNGI3MzdkYS0yNjAzMWU1MS0xNDAwMDAtMThlZjZhYjBhZDEyMTMiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogIm5hMi5kb2N1c2lnbi5uZXQiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICI2MjQ0YmI5ZTMxZGY2ZDhkY2Y4YzQxMzVkZWZlNjQ2MCJ9fQ%3D%3D&ip=1&_=1713535388375 HTTP/1.1 Host: api.mixpanel.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-19 14:03:11 UTC	556	IN	HTTP/1.1 200 OK access-control-allow-credentials: true access-control-allow-headers: X-Requested-With access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: * access-control-expose-headers: X-MP-CE-Backoff access-control-max-age: 1728000 cache-control: no-cache, no-store content-type: application/json strict-transport-security: max-age=604800; includeSubDomains date: Fri, 19 Apr 2024 14:03:11 GMT Content-Length: 1 x-envoy-upstream-service-time: 0 server: envoy Via: 1.1 google Alt-Svc: clear Connection: close
2024-04-19 14:03:11 UTC	1	IN	Data Raw: 31 Data Ascii: 1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.6	49738	35.186.241.51	443	2120	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-19 14:03:11 UTC	885	OUT	GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGVmNmFiMGFjYTNiOC0wMmVkNWViM2MwYWIzYy0yNjAzMWU1MS0xNDAwMDAtMThlZjZhYjBhY2IxYjUiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogIm5hMi5kb2N1c2lnbi5uZXQiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICIzMDRjY2JkZTI0ZDNiMTVmZmUyZDVkZTMwYzEwZGFiMiJ9fQ%3D%3D&ip=1&_=1713535388374 HTTP/1.1 Host: api.mixpanel.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-19 14:03:11 UTC	556	IN	HTTP/1.1 200 OK access-control-allow-credentials: true access-control-allow-headers: X-Requested-With access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: * access-control-expose-headers: X-MP-CE-Backoff access-control-max-age: 1728000 cache-control: no-cache, no-store content-type: application/json strict-transport-security: max-age=604800; includeSubDomains date: Fri, 19 Apr 2024 14:03:11 GMT Content-Length: 1 x-envoy-upstream-service-time: 0 server: envoy Via: 1.1 google Alt-Svc: clear Connection: close
2024-04-19 14:03:11 UTC	1	IN	Data Raw: 31 Data Ascii: 1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.6	49736	184.31.62.93	443

Timestamp	Bytes transferred	Direction	Data
2024-04-19 14:03:11 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-19 14:03:11 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (chd/079C) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus-z1 Cache-Control: public, max-age=147610 Date: Fri, 19 Apr 2024 14:03:11 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.6	49741	184.31.62.93	443

Timestamp	Bytes transferred	Direction	Data
2024-04-19 14:03:11 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-19 14:03:11 UTC	805	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (chd/0778) X-CID: 11 X-CCC: US X-Azure-Ref-OriginShield: Ref A: 52EA27DBDE0C4533B819423583F6692E Ref B: CH1AA2040902052 Ref C: 2023-07-09T23:10:08Z X-MSEdge-Ref: Ref A: 528BB8D443C042AA9AEA4EC3F75C7762 Ref B: CHI30EDGE0111 Ref C: 2023-07-09T23:11:11Z Content-Type: application/octet-stream X-Azure-Ref: 01uvbYwAAAACkqWtaEMjWQL/4cpisZkorTUVNMzBFREdFMDgxMQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y= Cache-Control: public, max-age=147631 Date: Fri, 19 Apr 2024 14:03:11 GMT Content-Length: 55 Connection: close X-CID: 2
2024-04-19 14:03:11 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 2632, Parent PID: 6772

General

Target ID:	0
Start time:	16:02:58
Start date:	19/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2120, Parent PID: 2632

General

Target ID:	2
Start time:	16:03:03
Start date:	19/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=2024,i,15035561699717979938,14526954516782873913,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 5424, Parent PID: 6772

General

Target ID:	3
Start time:	16:03:05
Start date:	19/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://na2.docusign.net/signing/emails/v1-7e4338614cd04d838758eb831275322bb8b544f118a24b3fb8d83e44a51689ee"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://na2.docusign.net/signing/emails/v1-7e4338614cd04d838758eb831275322bb8b544f118a24b3fb8d83e44a51689ee

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Windows Analysis Report
https://na2.docusign.net/signing/emails/v1-7e4338614cd04d838758eb831275322bb8b544f118a24b3fb8d83e44a51689ee