Windows Analysis Report
https://app.hellosign.com/t/12d97f79eb97705150d8f8046b386cc7edf916a9?utm_campaign=multisigner_complete&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=original

Overview

General Information

Sample URL:	https://app.hellosign.com/t/12d97f79eb97705150d8f8046b386cc7edf916a9?utm_campaign=multisigner_complete&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=original
Analysis ID:	1432140
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Stores files to the Windows start menu directory

Classification

Signatures

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.16:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.16:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49826 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.50.112.11
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10

Source: global traffic	HTTP traffic detected: GET /t/12d97f79eb97705150d8f8046b386cc7edf916a9?utm_campaign=multisigner_complete&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=original HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sign/bd3e3662b74f8ab7612343a062786a19bd12b415 HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=OGxQK3eCNP3Bji7BBIDtyKxHnc/6hgMwYRQpFML81GA7HiZdOzOrgaqGnCVSM0YHrs3Vm+Ei2s+5zxHcmGcq9g0ueuzx4KEYUW3D10ZpOwIgw/pmiFdIJPW7qz+z; AWSALBCORS=OGxQK3eCNP3Bji7BBIDtyKxHnc/6hgMwYRQpFML81GA7HiZdOzOrgaqGnCVSM0YHrs3Vm+Ei2s+5zxHcmGcq9g0ueuzx4KEYUW3D10ZpOwIgw/pmiFdIJPW7qz+z; hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce
Source: global traffic	HTTP traffic detected: GET /15282e1/build/jquery3.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/js/foundation.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/signer.css HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=
Source: global traffic	HTTP traffic detected: GET /15282e1/build/signer.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=
Source: global traffic	HTTP traffic detected: GET /jsapi HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shim.js?id=B0gYx8LpZM HTTP/1.1Host: cdn.userleap.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pithos/privacy_consent HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pithos/host%3Aapp.hellosign.com/privacy_consent HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en
Source: global traffic	HTTP traffic detected: GET /ccpa_iframe?hide_gdpr=false&is_ccpa_enabled=true&should_disable_banner=false&gpc_signal=false&origin=https%253A%252F%252Fapp.hellosign.com&sandbox_redirect=false&uri_for_logging=app.hellosign.com&locale_override=en&should_auto_open_options=false&privacy_consent_upgrade_flag=true&csrf_origin=https%253A%252F%252Fapp.hellosign.com HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /en/ccpa_iframe?hide_gdpr=false&is_ccpa_enabled=true&should_disable_banner=false&gpc_signal=false&origin=https%253A%252F%252Fapp.hellosign.com&sandbox_redirect=false&uri_for_logging=app.hellosign.com&locale_override=en&should_auto_open_options=false&privacy_consent_upgrade_flag=true&csrf_origin=https%253A%252F%252Fapp.hellosign.com HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /page_success/end?edison_page_name=ccpa_iframe&path=%2Fen%2Fccpa_iframe&request_id=ccc7b591a160469c8a073edfc16dc74f&time=1714137515 HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.dropbox.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.dropbox.com/en/ccpa_iframe?hide_gdpr=false&is_ccpa_enabled=true&should_disable_banner=false&gpc_signal=false&origin=https%253A%252F%252Fapp.hellosign.com&sandbox_redirect=false&uri_for_logging=app.hellosign.com&locale_override=en&should_auto_open_options=false&privacy_consent_upgrade_flag=true&csrf_origin=https%253A%252F%252Fapp.hellosign.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=MeZrkXMHcrDkweY&MD=gsdPdNcv HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /2/client_metrics/record HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /signer/ready?tsm_guid=39251484fa39c3b9a96f490a75249a4a49e44a5d&token=36c5ed1ec48f66db&_c=1714137520359 HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"baggage: sentry-environment=production,sentry-release=hellosign%4015282e1,sentry-transaction=%2Fsign%2F%3Aguid,sentry-public_key=f8e19270d07412b6be0c537098edb309,sentry-trace_id=0ce81c61c38f4dd592ef6ca54cf9ad2f,sentry-sample_rate=0.0001sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sentry-trace: 0ce81c61c38f4dd592ef6ca54cf9ad2f-af9bd86b324f1903-0sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; AWSALB=ma/VVgDAY8bnHxMsJoMhWM8q2w6I9rwkPDk8WOWui9RkZgaxiivns+F/SB+MeEuCgYle97qxLMoN8V1XhcvtixUOsR1embKQGkSrENdK4TBy4eFuwMdvgErYKKJ7; AWSALBCORS=ma/VVgDAY8bnHxMsJoMhWM8q2w6I9rwkPDk8WOWui9RkZgaxiivns+F/SB+MeEuCgYle97qxLMoN8V1XhcvtixUOsR1embKQGkSrENdK4TBy4eFuwMdvgErYKKJ7; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /15282e1/build/93b6f18ec99bcb7c3fa7ea570a75e240.woff2 HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/15282e1/build/signer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/images/dropbox-sign-favicon.ico HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /signer/load?guid=bd3e3662b74f8ab7612343a062786a19bd12b415&tsm_guid=39251484fa39c3b9a96f490a75249a4a49e44a5d&status_token=36c5ed1ec48f66db&_c=1714137521013 HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"baggage: sentry-environment=production,sentry-release=hellosign%4015282e1,sentry-transaction=%2Fsign%2F%3Aguid,sentry-public_key=f8e19270d07412b6be0c537098edb309,sentry-trace_id=0ce81c61c38f4dd592ef6ca54cf9ad2f,sentry-sample_rate=0.0001sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sentry-trace: 0ce81c61c38f4dd592ef6ca54cf9ad2f-820de0d7490f319a-0sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=5OoCYk4VSImIonMlfAWECXXYFF4RbBLfzbt+HlTT6kytcfSUmpr978ASZ1ytA6pL24Rc8ni4xseKDQutGlrh/YoeG0vBVsO7n2UFeoM9QSlLzzdeRb5UvoZsoG8F; AWSALBCORS=5OoCYk4VSImIonMlfAWECXXYFF4RbBLfzbt+HlTT6kytcfSUmpr978ASZ1ytA6pL24Rc8ni4xseKDQutGlrh/YoeG0vBVsO7n2UFeoM9QSlLzzdeRb5UvoZsoG8F
Source: global traffic	HTTP traffic detected: GET /signer/ready?tsm_guid=39251484fa39c3b9a96f490a75249a4a49e44a5d&token=36c5ed1ec48f66db&_c=1714137520359 HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=5OoCYk4VSImIonMlfAWECXXYFF4RbBLfzbt+HlTT6kytcfSUmpr978ASZ1ytA6pL24Rc8ni4xseKDQutGlrh/YoeG0vBVsO7n2UFeoM9QSlLzzdeRb5UvoZsoG8F; AWSALBCORS=5OoCYk4VSImIonMlfAWECXXYFF4RbBLfzbt+HlTT6kytcfSUmpr978ASZ1ytA6pL24Rc8ni4xseKDQutGlrh/YoeG0vBVsO7n2UFeoM9QSlLzzdeRb5UvoZsoG8F
Source: global traffic	HTTP traffic detected: GET /15282e1/images/dropbox-sign-favicon.ico HTTP/1.1Host: cdn.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /15282e1/build/chunks/d96c648d3fda751c7989.style.css HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/5.5f8f6191bd9af571fa9d.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/107.96aebe0cfadb350f1510.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signer/load?guid=bd3e3662b74f8ab7612343a062786a19bd12b415&tsm_guid=39251484fa39c3b9a96f490a75249a4a49e44a5d&status_token=36c5ed1ec48f66db&_c=1714137521013 HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=X2P3b2ldPtCVI1whtdtlAMcUmiV+woyLkVw/qVCBeTEYo7S2AQ7WK+MZx/Dlgj8h3dyu1VfuOY2Bsuj9VtbC493JuxR6A0jsm1vu9VvyrnOJah56AC8xESc5kfho; AWSALBCORS=X2P3b2ldPtCVI1whtdtlAMcUmiV+woyLkVw/qVCBeTEYo7S2AQ7WK+MZx/Dlgj8h3dyu1VfuOY2Bsuj9VtbC493JuxR6A0jsm1vu9VvyrnOJah56AC8xESc5kfho
Source: global traffic	HTTP traffic detected: GET /signature/list?type_code=S&ux_version=2&preloaded_tsm_group_key=default HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonX-CSRF-Token: 647db8077fb2cf53a2c7cfd5d8e9a851aea7c333e08c9e1187becd257f503f88sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=X2P3b2ldPtCVI1whtdtlAMcUmiV+woyLkVw/qVCBeTEYo7S2AQ7WK+MZx/Dlgj8h3dyu1VfuOY2Bsuj9VtbC493JuxR6A0jsm1vu9VvyrnOJah56AC8xESc5kfho; AWSALBCORS=X2P3b2ldPtCVI1whtdtlAMcUmiV+woyLkVw/qVCBeTEYo7S2AQ7WK+MZx/Dlgj8h3dyu1VfuOY2Bsuj9VtbC493JuxR6A0jsm1vu9VvyrnOJah56AC8xESc5kfho
Source: global traffic	HTTP traffic detected: GET /api/4506197685370880/envelope/?sentry_key=f8e19270d07412b6be0c537098edb309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1Host: d.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t=Je7dsFQgqXCHALByOBk9CkJ0; locale=en
Source: global traffic	HTTP traffic detected: GET /signature/list?type_code=I&ux_version=2&preloaded_tsm_group_key=default HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonX-CSRF-Token: 647db8077fb2cf53a2c7cfd5d8e9a851aea7c333e08c9e1187becd257f503f88sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=J7B6uu7K/UoyYzxkPuzfWb9act5XcfTQOtwZ6xWJcwtCyAU0Kyyxc6uwOMwFLCjPtdO+67YrT5gecpz2bdrUkdF7bnzG5Bc5MicdpCkvl2A229WEiQkGMvM92DD6; AWSALBCORS=J7B6uu7K/UoyYzxkPuzfWb9act5XcfTQOtwZ6xWJcwtCyAU0Kyyxc6uwOMwFLCjPtdO+67YrT5gecpz2bdrUkdF7bnzG5Bc5MicdpCkvl2A229WEiQkGMvM92DD6
Source: global traffic	HTTP traffic detected: GET /signature/list?type_code=S&ux_version=2&preloaded_tsm_group_key=default HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=J7B6uu7K/UoyYzxkPuzfWb9act5XcfTQOtwZ6xWJcwtCyAU0Kyyxc6uwOMwFLCjPtdO+67YrT5gecpz2bdrUkdF7bnzG5Bc5MicdpCkvl2A229WEiQkGMvM92DD6; AWSALBCORS=J7B6uu7K/UoyYzxkPuzfWb9act5XcfTQOtwZ6xWJcwtCyAU0Kyyxc6uwOMwFLCjPtdO+67YrT5gecpz2bdrUkdF7bnzG5Bc5MicdpCkvl2A229WEiQkGMvM92DD6
Source: global traffic	HTTP traffic detected: GET /15282e1/build/b177eba3bbeef5293fd6fd690523d3f8.svg HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /15282e1/build/dfc5e24cbc1b134e0c00c61e84ec999a.woff2 HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/15282e1/build/signer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signer/getData?cached_params_token=ba8d5d32691e143a2f926e4d757fc9a8 HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonX-CSRF-Token: 647db8077fb2cf53a2c7cfd5d8e9a851aea7c333e08c9e1187becd257f503f88sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=OnJCaN3qgBGS17gMF0R1d/1qe3snwehkCivK7WJxmFt/6GrFa+bbhSvnx878wi17Y4c830EHTnH7Ri34MsJkbIxRsPV0n0rU+hnVvdupLb4u8BqZoamkbRTkhRhW; AWSALBCORS=OnJCaN3qgBGS17gMF0R1d/1qe3snwehkCivK7WJxmFt/6GrFa+bbhSvnx878wi17Y4c830EHTnH7Ri34MsJkbIxRsPV0n0rU+hnVvdupLb4u8BqZoamkbRTkhRhW
Source: global traffic	HTTP traffic detected: GET /sdk/1/environments/B0gYx8LpZM/config HTTP/1.1Host: api.sprig.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"x-ul-visitor-id: e9736805-9ca5-4261-bb8d-782962920dd5sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonx-ul-installation-method: web-snippetx-ul-sdk-version: 2.27.0x-ul-environment-id: B0gYx8LpZMuserleap-platform: websec-ch-ua-platform: "Windows"Accept: /Origin: https://app.hellosign.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/b177eba3bbeef5293fd6fd690523d3f8.svg HTTP/1.1Host: cdn.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /signature/list?type_code=I&ux_version=2&preloaded_tsm_group_key=default HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=QRCtSIF9J+GDdvM/HYW9p9FmzSzunyueoeVkruc1d5NWHco47qKXTA1ew/feeMEnP0IPua5jVA8s8ZKolfVusEbhCLg5flTSC2O1GNbVWBJWUvkR6yshP6pkEj/f; AWSALBCORS=QRCtSIF9J+GDdvM/HYW9p9FmzSzunyueoeVkruc1d5NWHco47qKXTA1ew/feeMEnP0IPua5jVA8s8ZKolfVusEbhCLg5flTSC2O1GNbVWBJWUvkR6yshP6pkEj/f
Source: global traffic	HTTP traffic detected: GET /signer/getData?cached_params_token=ba8d5d32691e143a2f926e4d757fc9a8 HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=yVJyod5n3odwbc5aw1O8X9mu5eEBElw+4FE34ZS+4ZwRKrwuCTGM/8tg3IgLs6xBGrNjrF2CLsWMVa/WrfuKWqfBfeDAGUb3VapuaPekwNESbGm3Z0y+R9zALdOQ; AWSALBCORS=yVJyod5n3odwbc5aw1O8X9mu5eEBElw+4FE34ZS+4ZwRKrwuCTGM/8tg3IgLs6xBGrNjrF2CLsWMVa/WrfuKWqfBfeDAGUb3VapuaPekwNESbGm3Z0y+R9zALdOQ
Source: global traffic	HTTP traffic detected: GET /sdk/1/environments/B0gYx8LpZM/config HTTP/1.1Host: api.sprig.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hellofax_uploads/documents/2024/04/18/93557e3ed29a1f4b74def42fb6d01b29a145784a/snapshot/5dea7f2932a85070c511b1d2bbeae34aaacb6812/converted-0.png?response-content-disposition=attachment&response-content-type=application%2Fbinary&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUMSXJYX54LVFIWVL%2F20240425%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240425T233112Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=1ffd8299d5c361ee8bd2abd3d8abb5d249c4baec94b8ad10b79348cc5100644d HTTP/1.1Host: s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hellofax_uploads/documents/2024/04/18/93557e3ed29a1f4b74def42fb6d01b29a145784a/snapshot/5dea7f2932a85070c511b1d2bbeae34aaacb6812/converted-1.png?response-content-disposition=attachment&response-content-type=application%2Fbinary&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUMSXJYX54LVFIWVL%2F20240425%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240425T233112Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=3edb1b3da6c09ebfb912f2b1158fa311e1d9915767fb0c89f808fbd405b1bd3a HTTP/1.1Host: s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hellofax_uploads/documents/2024/04/18/93557e3ed29a1f4b74def42fb6d01b29a145784a/snapshot/5dea7f2932a85070c511b1d2bbeae34aaacb6812/converted-2.png?response-content-disposition=attachment&response-content-type=application%2Fbinary&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUMSXJYX54LVFIWVL%2F20240425%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240425T233112Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=d648a2c294a2c6fe0063c601bc023bc872b05af36ff60d85ccd2f6c6f1c2c5d2 HTTP/1.1Host: s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/873357982e6eda6c4c02f5c5de800c2f.ttf HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/15282e1/build/signer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hellofax_uploads/documents/2024/04/18/93557e3ed29a1f4b74def42fb6d01b29a145784a/snapshot/5dea7f2932a85070c511b1d2bbeae34aaacb6812/converted-2.png?response-content-disposition=attachment&response-content-type=application%2Fbinary&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUMSXJYX54LVFIWVL%2F20240425%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240425T233112Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=d648a2c294a2c6fe0063c601bc023bc872b05af36ff60d85ccd2f6c6f1c2c5d2 HTTP/1.1Host: s3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hellofax_uploads/documents/2024/04/18/93557e3ed29a1f4b74def42fb6d01b29a145784a/snapshot/5dea7f2932a85070c511b1d2bbeae34aaacb6812/converted-1.png?response-content-disposition=attachment&response-content-type=application%2Fbinary&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUMSXJYX54LVFIWVL%2F20240425%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240425T233112Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=3edb1b3da6c09ebfb912f2b1158fa311e1d9915767fb0c89f808fbd405b1bd3a HTTP/1.1Host: s3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hellofax_uploads/documents/2024/04/18/93557e3ed29a1f4b74def42fb6d01b29a145784a/snapshot/5dea7f2932a85070c511b1d2bbeae34aaacb6812/converted-0.png?response-content-disposition=attachment&response-content-type=application%2Fbinary&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUMSXJYX54LVFIWVL%2F20240425%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240425T233112Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=1ffd8299d5c361ee8bd2abd3d8abb5d249c4baec94b8ad10b79348cc5100644d HTTP/1.1Host: s3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/chunks/e6c0b51bad713718e80c.style.css HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/110.6d11a1f1c88962a22771.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/24712f6c47821394fba7942fbb52c3b2.ttf HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/15282e1/build/signer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/8931083ec8bb40af521ec1f7fec2e419.woff2 HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/15282e1/build/signer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/4506197685370880/envelope/?sentry_key=f8e19270d07412b6be0c537098edb309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1Host: d.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t=Je7dsFQgqXCHALByOBk9CkJ0; locale=en
Source: global traffic	HTTP traffic detected: GET /api/4506197685370880/envelope/?sentry_key=f8e19270d07412b6be0c537098edb309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1Host: d.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t=Je7dsFQgqXCHALByOBk9CkJ0; locale=en
Source: global traffic	HTTP traffic detected: GET /signer/save?c=1714137545640 HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=8EKL+NdoNS2eKDgxSw8tF+cmqb/gLXV9NKNuz6KQa+lhKO+9yT7x6zi6snmgsPf7fNoGdMkApVtBHZb59RZ/LI/80UBtxqaPSVtVIUEUVS/V5OI7DhXyv8hRR2Ve; AWSALBCORS=8EKL+NdoNS2eKDgxSw8tF+cmqb/gLXV9NKNuz6KQa+lhKO+9yT7x6zi6snmgsPf7fNoGdMkApVtBHZb59RZ/LI/80UBtxqaPSVtVIUEUVS/V5OI7DhXyv8hRR2Ve
Source: global traffic	HTTP traffic detected: GET /2/udcl/log_timing HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=MeZrkXMHcrDkweY&MD=gsdPdNcv HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /2/client_metrics/record HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /2/udcl/log_timing HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /15282e1/build/ebee194a9b773f166dc16096f8614aaa.woff2 HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/15282e1/build/signer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signature/list?type_code=S&ux_version=2&preloaded_tsm_group_key=default HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonX-CSRF-Token: 647db8077fb2cf53a2c7cfd5d8e9a851aea7c333e08c9e1187becd257f503f88sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; AWSALB=cbjCz4jd3ddXQOEYoRLcSMndPweZrWLdOM/m2aAhFxu80UVeVBQIzpcpefM2rqOob2I4d1aML9WcWlWOhLvlRlkwbaSA/len4W9gCJ2MTaDnQ0/+kFLD1JqjeRKd; AWSALBCORS=cbjCz4jd3ddXQOEYoRLcSMndPweZrWLdOM/m2aAhFxu80UVeVBQIzpcpefM2rqOob2I4d1aML9WcWlWOhLvlRlkwbaSA/len4W9gCJ2MTaDnQ0/+kFLD1JqjeRKd; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:19:46.412Z","expireDate":"2024-10-26T13:19:46.412Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":true,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /attachment/view?sig_guid=483623cf627fe7b155e56777fe26f8d8a59e81e1 HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; AWSALB=cbjCz4jd3ddXQOEYoRLcSMndPweZrWLdOM/m2aAhFxu80UVeVBQIzpcpefM2rqOob2I4d1aML9WcWlWOhLvlRlkwbaSA/len4W9gCJ2MTaDnQ0/+kFLD1JqjeRKd; AWSALBCORS=cbjCz4jd3ddXQOEYoRLcSMndPweZrWLdOM/m2aAhFxu80UVeVBQIzpcpefM2rqOob2I4d1aML9WcWlWOhLvlRlkwbaSA/len4W9gCJ2MTaDnQ0/+kFLD1JqjeRKd; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:19:46.412Z","expireDate":"2024-10-26T13:19:46.412Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":true,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /signature/list?type_code=S&ux_version=2&preloaded_tsm_group_key=default HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:19:46.412Z","expireDate":"2024-10-26T13:19:46.412Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":true,"numDots":1}; AWSALB=5R1z8AHAAD4ppC50dVd7gjFK/BEY4I679xU8heIM3SS6XvkhBHJByz6n2Gqu+Ww6X/w1c3tc9x2/HNsq2xO3tTC6euBuIzePNWrmDFYuBCSc9a60BIWn+01OcCdW; AWSALBCORS=5R1z8AHAAD4ppC50dVd7gjFK/BEY4I679xU8heIM3SS6XvkhBHJByz6n2Gqu+Ww6X/w1c3tc9x2/HNsq2xO3tTC6euBuIzePNWrmDFYuBCSc9a60BIWn+01OcCdW
Source: global traffic	HTTP traffic detected: GET /attachment/view?sig_guid=483623cf627fe7b155e56777fe26f8d8a59e81e1 HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:19:46.412Z","expireDate":"2024-10-26T13:19:46.412Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":true,"numDots":1}; AWSALB=Ros8pdkiGRl82CItRETqYsBzuF6Az17ZcXUEs9pYWX3V2nohq+0mT0WinZlwqKrBtvZWp+sG1S4wY41a2A0wuoDdLU8a4W2mdODg50JhbAU0RZpEOl3OV0iYYDhk; AWSALBCORS=Ros8pdkiGRl82CItRETqYsBzuF6Az17ZcXUEs9pYWX3V2nohq+0mT0WinZlwqKrBtvZWp+sG1S4wY41a2A0wuoDdLU8a4W2mdODg50JhbAU0RZpEOl3OV0iYYDhk

Source: global traffic	DNS traffic detected: DNS query: app.hellosign.com
Source: global traffic	DNS traffic detected: DNS query: cdn.hellosign.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: cdn.userleap.com
Source: global traffic	DNS traffic detected: DNS query: cfl.dropboxstatic.com
Source: global traffic	DNS traffic detected: DNS query: d.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: api.sprig.com
Source: global traffic	DNS traffic detected: DNS query: s3.amazonaws.com

Source: unknown

HTTP traffic detected: POST /2/client_metrics/record HTTP/1.1Host: www.dropbox.comConnection: keep-aliveContent-Length: 381sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-CSRF-Token: Je7dsFQgqXCHALByOBk9CkJ0X-Dropbox-Uid: -1sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonx-dropbox-client-yaps-attribution: edison_atlasservlet.privacy_consent-edison:prodsec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.dropbox.comSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: emptyReferer: https://www.dropbox.com/en/ccpa_iframe?hide_gdpr=false&is_ccpa_enabled=true&should_disable_banner=false&gpc_signal=false&origin=https%253A%252F%252Fapp.hellosign.com&sandbox_redirect=false&uri_for_logging=app.hellosign.com&locale_override=en&should_auto_open_options=false&privacy_consent_upgrade_flag=true&csrf_origin=https%253A%252F%252Fapp.hellosign.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB

Source: chromecache_165.1.dr	String found in binary or memory: http://api.jqueryui.com/category/ui-core/
Source: chromecache_142.1.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_164.1.dr	String found in binary or memory: http://creativecommons.org/licenses/by/4.0/
Source: chromecache_165.1.dr	String found in binary or memory: http://feross.org
Source: chromecache_142.1.dr	String found in binary or memory: http://flesler.blogspot.com
Source: chromecache_142.1.dr	String found in binary or memory: http://flesler.blogspot.com/2007/10/jqueryscrollto.html
Source: chromecache_166.1.dr	String found in binary or memory: http://fontforge.sf.net)
Source: chromecache_166.1.dr	String found in binary or memory: http://fontforge.sf.net)Created
Source: chromecache_166.1.dr	String found in binary or memory: http://fontforge.sf.net)IoniconsIoniconsMediumMediumFontForge
Source: chromecache_154.1.dr	String found in binary or memory: http://foundation.zurb.com
Source: chromecache_142.1.dr, chromecache_165.1.dr	String found in binary or memory: http://hammerjs.github.io/
Source: chromecache_164.1.dr	String found in binary or memory: http://ionicons.com/
Source: chromecache_165.1.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_142.1.dr, chromecache_165.1.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_142.1.dr, chromecache_165.1.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_154.1.dr	String found in binary or memory: http://my.opera.com/emoller/blog/2011/12/20/requestanimationframe-for-smart-er-animating
Source: chromecache_154.1.dr	String found in binary or memory: http://paulirish.com/2011/requestanimationframe-for-smart-animating/
Source: chromecache_154.1.dr	String found in binary or memory: http://underscorejs.org
Source: chromecache_127.1.dr	String found in binary or memory: http://www.ascendercorp.com/0
Source: chromecache_127.1.dr	String found in binary or memory: http://www.ascendercorp.com/http://ascendercorp.com/eula10.html
Source: chromecache_127.1.dr	String found in binary or memory: http://www.ascendercorp.com/http://ascendercorp.com/eula10.htmlNormaaliNorm
Source: chromecache_127.1.dr	String found in binary or memory: http://www.ascendercorp.com/http://ascendercorp.com/eula10.htmlNormaloby
Source: chromecache_127.1.dr	String found in binary or memory: http://www.ascendercorp.com/http://www.ascendercorp.com/typedesigners.htmlThis
Source: chromecache_154.1.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_124.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/%
Source: chromecache_131.1.dr	String found in binary or memory: https://app.hellosign.com/
Source: chromecache_131.1.dr	String found in binary or memory: https://app.hellosign.com/home/manage
Source: chromecache_165.1.dr	String found in binary or memory: https://feross.org
Source: chromecache_165.1.dr	String found in binary or memory: https://feross.org/opensource
Source: chromecache_164.1.dr	String found in binary or memory: https://github.com/driftyco/ionicons
Source: chromecache_154.1.dr	String found in binary or memory: https://github.com/gnarf37/jquery-requestAnimationFrame
Source: chromecache_164.1.dr	String found in binary or memory: https://github.com/google/material-design-icons
Source: chromecache_154.1.dr	String found in binary or memory: https://github.com/paulirish/matchMedia.js
Source: chromecache_165.1.dr	String found in binary or memory: https://github.com/szimek/signature_pad
Source: chromecache_142.1.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_142.1.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_142.1.dr	String found in binary or memory: https://jqueryvalidation.org/
Source: chromecache_142.1.dr	String found in binary or memory: https://js.foundation/
Source: chromecache_124.1.dr	String found in binary or memory: https://maps-api-ssl.google.com/maps?jsapiRedirect=true&file=googleapi
Source: chromecache_124.1.dr	String found in binary or memory: https://maps.googleapis.com/maps/api/js?jsapiRedirect=true
Source: chromecache_126.1.dr, chromecache_188.1.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: chromecache_126.1.dr	String found in binary or memory: https://reactjs.org/link/react-polyfills
Source: chromecache_142.1.dr	String found in binary or memory: https://sizzlejs.com/
Source: chromecache_183.1.dr	String found in binary or memory: https://tinyurl.com/y2uuvskb
Source: chromecache_164.1.dr	String found in binary or memory: https://twitter.com/benjsperry
Source: chromecache_164.1.dr	String found in binary or memory: https://twitter.com/ionicframework
Source: chromecache_131.1.dr	String found in binary or memory: https://www.dropbox.com/signatures?
Source: chromecache_124.1.dr	String found in binary or memory: https://www.gstatic.cn/charts/%
Source: chromecache_124.1.dr	String found in binary or memory: https://www.gstatic.cn/charts/debug/%
Source: chromecache_124.1.dr	String found in binary or memory: https://www.gstatic.com/charts/%
Source: chromecache_124.1.dr	String found in binary or memory: https://www.gstatic.com/charts/debug/%
Source: chromecache_124.1.dr	String found in binary or memory: https://www.gstatic.com/inputtools/js/ita/inputtools_3.js

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443

Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.16:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.16:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49826 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@15/146@48/18

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://app.hellosign.com/t/12d97f79eb97705150d8f8046b386cc7edf916a9?utm_campaign=multisigner_complete&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=original
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1972,i,4750712491697218838,6996479479991682598,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1972,i,4750712491697218838,6996479479991682598,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
3.228.185.195	api.sprig.com	United States	14618	AMAZON-AESUS	false
13.226.52.2	unknown	United States	16509	AMAZON-02US	false
52.201.163.195	unknown	United States	14618	AMAZON-AESUS	false
13.226.52.82	cdn.userleap.com	United States	16509	AMAZON-02US	false
13.226.52.123	unknown	United States	16509	AMAZON-02US	false
162.125.6.20	d-edge.v.dropbox.com	United States	19679	DROPBOXUS	false
162.125.5.18	www-env.dropbox-dns.com	United States	19679	DROPBOXUS	false
52.86.181.185	unknown	United States	14618	AMAZON-AESUS	false
52.216.241.78	s3.amazonaws.com	United States	16509	AMAZON-02US	false
13.226.52.92	dyn550zzd47ox.cloudfront.net	United States	16509	AMAZON-02US	false
142.250.217.196	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.251.35.228	www.google.com	United States	15169	GOOGLEUS	false
162.125.1.20	unknown	United States	19679	DROPBOXUS	false
3.232.63.46	app.hellosign.com	United States	14618	AMAZON-AESUS	false
3.88.120.146	unknown	United States	14618	AMAZON-AESUS	false
16.182.108.240	unknown	United States	unknown	unknown	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
s3.amazonaws.com	52.216.241.78	true
dyn550zzd47ox.cloudfront.net	13.226.52.92	true
cdn.userleap.com	13.226.52.82	true
api.sprig.com	3.228.185.195	true
www-env.dropbox-dns.com	162.125.5.18	true
d-edge.v.dropbox.com	162.125.6.20	true
www.google.com	142.251.35.228	true
app.hellosign.com	3.232.63.46	true
d.dropbox.com	unknown	unknown
www.dropbox.com	unknown	unknown
cfl.dropboxstatic.com	unknown	unknown
cdn.hellosign.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cdn.hellosign.com/15282e1/build/jquery3.js	false		high
https://cdn.hellosign.com/15282e1/build/110.6d11a1f1c88962a22771.js	false		high
https://cdn.hellosign.com/15282e1/build/signer.js	false		high
https://cdn.hellosign.com/15282e1/build/8931083ec8bb40af521ec1f7fec2e419.woff2	false		high
https://app.hellosign.com/signer/ready?tsm_guid=39251484fa39c3b9a96f490a75249a4a49e44a5d&token=36c5ed1ec48f66db&_c=1714137520359	false		high
https://www.dropbox.com/log/ux_analytics	false		high
https://cdn.hellosign.com/15282e1/build/93b6f18ec99bcb7c3fa7ea570a75e240.woff2	false		high
https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415#/sign/component_331367850_5	false		high
https://cdn.hellosign.com/15282e1/build/signer.css	false		high
https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415	false		high
https://cdn.hellosign.com/15282e1/js/foundation.js	false		high
https://cdn.hellosign.com/15282e1/build/107.96aebe0cfadb350f1510.js	false		high
https://www.dropbox.com/pithos/host%3Aapp.hellosign.com/privacy_consent	false		high
https://www.dropbox.com/2/client_metrics/record	false		high
https://www.dropbox.com/ccpa_iframe?hide_gdpr=false&is_ccpa_enabled=true&should_disable_banner=false&gpc_signal=false&origin=https%253A%252F%252Fapp.hellosign.com&sandbox_redirect=false&uri_for_logging=app.hellosign.com&locale_override=en&should_auto_open_options=false&privacy_consent_upgrade_flag=true&csrf_origin=https%253A%252F%252Fapp.hellosign.com	false		high
https://app.hellosign.com/attachment/view?sig_guid=483623cf627fe7b155e56777fe26f8d8a59e81e1	false		high
https://www.dropbox.com/pithos/privacy_consent	false		high
https://cdn.userleap.com/shim.js?id=B0gYx8LpZM	false	Avira URL Cloud: safe	unknown
https://app.hellosign.com/signature/list?type_code=I&ux_version=2&preloaded_tsm_group_key=default	false		high
https://cdn.hellosign.com/15282e1/build/b177eba3bbeef5293fd6fd690523d3f8.svg	false		high
https://cdn.hellosign.com/15282e1/build/873357982e6eda6c4c02f5c5de800c2f.ttf	false		high
https://cdn.hellosign.com/15282e1/build/ebee194a9b773f166dc16096f8614aaa.woff2	false		high
https://app.hellosign.com/signer/save?c=1714137545640	false		high
https://cdn.hellosign.com/15282e1/build/dfc5e24cbc1b134e0c00c61e84ec999a.woff2	false		high
https://www.dropbox.com/2/udcl/log_timing	false		high
https://app.hellosign.com/signer/load?guid=bd3e3662b74f8ab7612343a062786a19bd12b415&tsm_guid=39251484fa39c3b9a96f490a75249a4a49e44a5d&status_token=36c5ed1ec48f66db&_c=1714137521013	false		high
https://www.dropbox.com/page_success/end?edison_page_name=ccpa_iframe&path=%2Fen%2Fccpa_iframe&request_id=ccc7b591a160469c8a073edfc16dc74f&time=1714137515	false		high
https://cdn.hellosign.com/15282e1/build/24712f6c47821394fba7942fbb52c3b2.ttf	false		high
https://app.hellosign.com/t/12d97f79eb97705150d8f8046b386cc7edf916a9?utm_campaign=multisigner_complete&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=original	false		high
https://cdn.hellosign.com/15282e1/build/5.5f8f6191bd9af571fa9d.js	false		high
https://d.dropbox.com/api/4506197685370880/envelope/?sentry_key=f8e19270d07412b6be0c537098edb309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0	false		high
https://api.sprig.com/sdk/1/environments/B0gYx8LpZM/config	false	Avira URL Cloud: safe	unknown
https://app.hellosign.com/signature/list?type_code=S&ux_version=2&preloaded_tsm_group_key=default	false		high
https://www.dropbox.com/en/ccpa_iframe?hide_gdpr=false&is_ccpa_enabled=true&should_disable_banner=false&gpc_signal=false&origin=https%253A%252F%252Fapp.hellosign.com&sandbox_redirect=false&uri_for_logging=app.hellosign.com&locale_override=en&should_auto_open_options=false&privacy_consent_upgrade_flag=true&csrf_origin=https%253A%252F%252Fapp.hellosign.com	false		high
https://cdn.hellosign.com/15282e1/build/chunks/e6c0b51bad713718e80c.style.css	false		high
https://www.google.com/jsapi	false		high
https://cdn.hellosign.com/15282e1/images/dropbox-sign-favicon.ico	false		high
https://app.hellosign.com/signer/getData?cached_params_token=ba8d5d32691e143a2f926e4d757fc9a8	false		high
https://cdn.hellosign.com/15282e1/build/chunks/d96c648d3fda751c7989.style.css	false		high

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:18:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	283545C2BDB7699BDB1A373DFC06CC81	690A7EE031CFD21DE84E94BBD03BA5CD507A91D9	51C9A85EAEAA633441E524D8E24DEF50F402F8DE514ADDA0493F9581C7D6C3BF
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:18:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	20654352FA6D50F63F2A89C135EB47A0	3285EA47AB5CD7656290C17BDCF5E562295DA27E	3C0FB4EAA7D0B997F68FB0775FCB221CC21143FEE25C8E876BF3C4F0C1E96154
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	C3BB3757C52562AD8F940FDFF43412A5	10D923D1ADC29BD8937F9456B6B6CDBC868C167E	4C80E988E12D8845E05AD9A2F576F83A7D505607F4F0EFAFB3A70E9571E24697
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:18:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	CD667F68D46F72BBF7C053B78DE151F6	8C486E4875CF1A8BD7E51C00C4A538A21E245291	C1DB71F142F136BDFD418C76CA1E8211801FD811D172FD2B1318F40D9D2ED223
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:18:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	17CAC7656A528B5A8516A1662FB240DD	599A26D529D8021B9E7091C523ACFBA6E03F0019	0BE91029389AC4634B20D716A5307A33BB887F841B8EB8D4121AE1F1442914AE
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:18:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	3B74864116091B79C43F49A5AC58C36B	EF548E4DE02F0E5CEDFDDD7DC0026443CB57F424	0AF3A4C90E3135ED1ED23A65A0427212424FEF78622EDD83C4492BDFEA0BD492
Chrome Cache Entry: 121	ASCII text, with very long lines (1353)	4D83CD35A5B3138D895EA13588222C8F	2C86E768E75EB2F2846502D5D20C142A9912A590	90FD413CA296A562B99A32806EC8AA799455B0D252DEC24B2580FA45F621881A
Chrome Cache Entry: 122	PNG image data, 1275 x 1650, 8-bit grayscale, non-interlaced	8AB56FE8BBEFBB725C23A1E175BA5318	AC0935DD552C02991FF9FD03271CE4CAE40B18D1	7E8A8811927E255DE798EFBF83D455BA92D22DC9F68AC149776993C993343BB8
Chrome Cache Entry: 123	ASCII text, with very long lines (519)	C2591593FFBD92E16276E86068DB913A	E7B7B89E0FFB6C5E1CD91BB81AA418E1E9BD77D1	64CFD9646AFC31C4E5D1E3E6753194DCE4F385B017B1227DE2248730DE2DC0C0
Chrome Cache Entry: 124	ASCII text, with very long lines (2186)	32BC41D964FAA1B95D9C61FC443DF579	02D3F83DAC14FE996BABBFE332779ED182D39D1C	369AE154EAB37B7ADA7776B934833183BB053EBD1D0255F70EF8944F65CABB0C
Chrome Cache Entry: 125	ASCII text	46CAC945E491B87E2835B2D5E8EC8804	2D072C5E3A12ABD4733DD429709C8DBCB5D3D50B	5A2D87CA902230E9900DF89430987C8F17B22FF184820DD40C8C6FBE777A5FC1
Chrome Cache Entry: 126	ASCII text, with very long lines (544)	61699B70CF57ABE63FDF5F4007D36EC1	6C05189CC2D08BB2A7609C002F0675C9C670D362	229BBF4D0E7488209564152C6723497F1AC3934136CA1684233D2FA88FA4146F
Chrome Cache Entry: 127	TrueType Font data, digitally signed, 21 tables, 1st "DSIG", 54 names, Macintosh, \251 2006 Microsoft Corporation. All Rights Reserved.GeorgiaRegularAscender - Georgia RegularVer	873357982E6EDA6C4C02F5C5DE800C2F	188B7153CFC1DCB5E02E88646BAC33C6E33621E3	CFD76680EEE5B5B0ACC072D0AEA7F5F11083CA7A42F9BDC6AEB930D17E8BD730
Chrome Cache Entry: 128	ASCII text, with very long lines (2334)	D7102E61F8A55FE25337F4C956CCEF24	5B45C74151E3ADB6E9AA71428347060BA2098CA3	B3B2C6C4B2857BD79700FD042D4250538368ED5D1628FF82EAC6E7391D96DA86
Chrome Cache Entry: 129	ASCII text, with very long lines (30377)	8F16E6A90F27A7F35D51E36625BF0B8B	725FE40E151531AE74088A4A66D6747440569BC4	21DA27C1879494F260F847ED48A69BE8A741C37A2859D626B6B3B6EDD3F18CC4
Chrome Cache Entry: 130	ASCII text, with very long lines (2314)	61444FC69EEE497F28D680EE0C9157E7	D72A2EC487F48C1C8C6AAB7B316FCBB6F2ADD7BF	6E6CC053B72069322499F1716187D1C81889190DE9E22D00ADC3231A7FFF90D6
Chrome Cache Entry: 131	JSON data	E5F7E780BEDC2F7203EC02EE2EEA51D3	4AFCFCA6AE7457D314F185305AB812009F0FFE46	EB4D07293B0A069BF1F82DF88BEF88C17595DF55FC704D34DE08EB1CD7462CE8
Chrome Cache Entry: 132	ASCII text, with very long lines (16909)	313C3A6F8BD31B6BF355EF74CF3F819D	08A271D9551636E72D071433E8EBB0F2975D7A7E	C5FE6187E5DA574D6D694A83BE523993E62DAC5F89D165283F38EB92C830F992
Chrome Cache Entry: 133	PNG image data, 458 x 58, 8-bit gray+alpha, non-interlaced	41A9EA02D1AB113D252E0CAD09FB0371	929C83C44F4496017F2D7FBCF42844E1842B21E4	4F0C8EF731D42FA0441204373826DFA26B988597D09E259550E2E1C54AD64047
Chrome Cache Entry: 134	ASCII text, with very long lines (15368)	62E594328005F6A1C6E0EDBCAFA712B0	69404C43961EA5224B6DF433C9424C07679A08BD	2C79A0244A616AC9449EE94382007A3631AF38C5BE7BC6B91CC1B9F9C9F99513
Chrome Cache Entry: 135	ASCII text, with very long lines (40479)	20F30FB9628BA036488482FB976F603B	70A5B9C5F2B2A4B57BEA63EDAB4DCC50D2E911C1	CEA69EFB64401F584B3997F762DD72005C1CE83246A8BE02E7F6328CDA1001D3
Chrome Cache Entry: 136	JSON data	99914B932BD37A50B983C5E7C90AE93B	BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F	44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
Chrome Cache Entry: 137	ASCII text, with very long lines (65155)	6C0117474A7C527DC4D099D44DAE71A1	7E755D51CA5A05F8D42518F791BDA950A2F89D0B	23162DDA13C76A1FF73B9FE7F7EFFB042AA830093F19033B6C52F17716F74126
Chrome Cache Entry: 138	ASCII text, with very long lines (5082)	0E80CBB2EF9225FDC2B4DEFA7D321901	BD0862DEAD0CDAD41CC33D88856225717C6B173E	E34014DB1E6DA64AE844602B85DAFC41024F5694E49058A6F138DC7415E0AD25
Chrome Cache Entry: 139	Web Open Font Format (Version 2), TrueType, length 48580, version 1.66	8931083EC8BB40AF521EC1F7FEC2E419	40D6A836ED30E81BF71E836BC801852B3CEC108B	F7585530FDF34416263929CAC08C2BE803FCDBF57217C9BB6815FE25B7160476
Chrome Cache Entry: 140	ASCII text	069657210BAFE54BF738CE8489298BED	ACD814731DB697E444A3AEA6B636DC608FB17E89	1860B01D5A60C2E661647C79123AD74DC04E7BDBC3CE1C5463AB7469ADA4EC89
Chrome Cache Entry: 141	Web Open Font Format (Version 2), TrueType, length 54666, version 1.0	EBEE194A9B773F166DC16096F8614AAA	9D6A893AF295C90E9E9792D7E54A80034192255B	00F90DB31F42975FCDC5FA1F70660568BE68792EC11BE2AAC36362F435A6E555
Chrome Cache Entry: 142	Unicode text, UTF-8 text, with very long lines (50826), with NEL line terminators	78CC5772FBEC6BE36FD19A2DC23B8997	E7B0485BCB5DD7E31361BE13C19715182DEB0F35	79401C82BDAFEC776483A76425EAB0F0EBCC8C6A552B6C15A60778F48957B445
Chrome Cache Entry: 143	ASCII text, with very long lines (10533)	151644207B52C049454C572377EE3E83	3BF4661205268520A40DA52C8D2E87F0F9B4BBA4	8BB9C7C60AFCCF29AE2F7CFC9A613619677105D1C698E0343287225080FADFB2
Chrome Cache Entry: 144	ASCII text	98070F1CF7C37AF35E411C1EAE73D5C3	652F4EC37768D55F02BA12617D3058E3A3436761	2DD3B640A7C87526BB0B29205D1FD3253AA5B779BDCCBF8A6F4C082FE909BE90
Chrome Cache Entry: 145	PNG image data, 1275 x 1650, 1-bit grayscale, non-interlaced	7800AE4C82E903019C66F0BD5F948606	AC8004185A6BB2D9F7C9F39CC81B062BC00452C1	1A2B9E89C3C63EB552EE662A521E73C50A186E832F6665B8E67A2947987732A0
Chrome Cache Entry: 146	ASCII text, with very long lines (8391)	CEF3AFAC3BB3869958AE9EADA3A9E2D0	E19153C14CDC86ADDA25922707DEC307D7EAEA18	557B5C5A37612D8B42057A42C52D372546C51AAD7B3C8FF89E652EFAF6DAD603
Chrome Cache Entry: 147	ASCII text, with very long lines (31230)	97366B5396C1C6CB5B58CDF6F3A65527	8FC3649AF780C883CD08F85F55C2AF49CBD5F0E4	7FEDD50BE760F82829C4C313D7003F2D4C2448A5DEDB4FD5DE7A78B458F994A3
Chrome Cache Entry: 148	ASCII text, with no line terminators	825644F747BAAB2C00E420DBBC39E4B3	10588307553E766AB3C7D328D948DC6754893CEF	7C41B898C5DA0CFA4AA049B65EF50248BCE9A72D24BEF4C723786431921B75AA
Chrome Cache Entry: 149	ASCII text, with very long lines (4828)	E6C7B1B5B48D9989C48C543C3EA5ABC6	2109AF7D0C10FF2D93FF2B58802C7F01B93B485F	AF3DF2BE4EA805F2A8A8C43951C7EB8BB8CA60E16AA24A3868206156B4B7667E
Chrome Cache Entry: 150	ASCII text, with very long lines (57485)	9344C1ACA08405FF26D245EA6D33379D	ACB6C050B2830F8FC108B5174F6A138D49C9974A	8D9948E65D622C35A926726F17860B9F76A87FAD28CA7FFEEE697F6241D6A2AE
Chrome Cache Entry: 151	SVG Scalable Vector Graphics image	B177EBA3BBEEF5293FD6FD690523D3F8	CF34909643D8B9322C087F6C0830C121922A9F3D	7DC0C09AA1DE5E864076CBC75556BF1678D43F09B811BE12A60870EEA3094E97
Chrome Cache Entry: 152	ASCII text, with no line terminators	A2D4C6E99247B05B2212B6BB7D6534C4	064CA2D1E403443E0A67CECF7D409AA5C3744A69	7AFCB4FE3B3D7A71B40AAC70A342E9FD1A94BED87BE4C7079698843D486E5CB8
Chrome Cache Entry: 153	MS Windows icon resource - 1 icon, -75x-56, 32 bits/pixel	069108453AB500E95DC37A9BAC5123D0	B610ED426B9788B73D1E63A1036EA20C2A8BE867	3633A3C764748C800B35612CD4573082AFABE1D7AAEA570E9013ED36DE7C29BA
Chrome Cache Entry: 154	Unicode text, UTF-8 text	D55317D04A20BD0483C1EEE7051DB6CF	CC321CFE51489732645D19CD0A5EDB7A978FDC36	851FE124CC175C04DB5477EF8E409019589EBAA0EAF6CE2E080151DB678DC52B
Chrome Cache Entry: 155	ASCII text, with very long lines (33484)	99EB0DE2B72A849BCAB77B4AB0CA030B	1273CD3F0776E5A43F00065FBFF954FF243C837F	F3560B927CD30017511D2623F2F3FF299BCAA3A09167742BC3DA3AE417D1F852
Chrome Cache Entry: 156	ASCII text, with very long lines (23788)	7F0DE15D2834D7F5398FE1498B85E363	1482E0682052B29AA2622EFFA9D542B46ADD723C	D3220E910DCEF663047D81274675678EF28F543D044709DCC699DE83C3827CAB
Chrome Cache Entry: 157	PNG image data, 1275 x 1650, 8-bit grayscale, non-interlaced	8AB56FE8BBEFBB725C23A1E175BA5318	AC0935DD552C02991FF9FD03271CE4CAE40B18D1	7E8A8811927E255DE798EFBF83D455BA92D22DC9F68AC149776993C993343BB8
Chrome Cache Entry: 158	ASCII text, with very long lines (33043)	27ADD18BD0D6063A41451810E633F68F	C601C5147800F0D6113B30FA91243921E642E514	05F21CF9D6F06B44F05CA9D515BA3A553A40E3B44DEF33AC69F2B846217531EE
Chrome Cache Entry: 159	PNG image data, 1275 x 1650, 1-bit grayscale, non-interlaced	7800AE4C82E903019C66F0BD5F948606	AC8004185A6BB2D9F7C9F39CC81B062BC00452C1	1A2B9E89C3C63EB552EE662A521E73C50A186E832F6665B8E67A2947987732A0
Chrome Cache Entry: 160	PNG image data, 1275 x 1650, 8-bit grayscale, non-interlaced	0CD291FC81EE42F2BF3E31F4714DEA3C	F39A8CE0BAC8CFF885F78FC6F2FFAD12A27B4B5A	2745DF14118734E10F9E7987E8A9E031D040527DAA0F0F7E5433177451D13EA8
Chrome Cache Entry: 161	ASCII text, with very long lines (655)	9E909F5DC4EB2917A092969CFA8C1C1B	EC5795627579E606612250BE3E30690F3A70E3CF	C174E839D663E6F9ED38C7901711B911FF058A033154BCDE3DF30208DF454C74
Chrome Cache Entry: 162	Web Open Font Format (Version 2), TrueType, length 43308, version 1.66	93B6F18EC99BCB7C3FA7EA570A75E240	60B9E3062FE532CBC18B897FAC542C56A03544C7	43693F7BDD6146E783FAB3F75BA0A51AA3CF9530ADBF790DBD686FC8A17AA3DB
Chrome Cache Entry: 163	ASCII text, with very long lines (12494)	0CCE36E0D631A9F9391326766FA604CC	32C7AC701C52A87238CF4F6A36AD8A8D517B9C72	090502C741FCE96E98551F7BB6CC3C89B14F55B2A2DD5F87BAF7856B5A699249
Chrome Cache Entry: 164	ASCII text, with very long lines (65536), with no line terminators	2BAA994E4D097D23F0331754E69F562D	4B1D730ADD9134D6FD805D8D9BB3213661A4395E	7DD51F3E4486E92BF06AB2B586FF330E956C61DE1051D9DB7CCC064C7AB2A92C
Chrome Cache Entry: 165	Unicode text, UTF-8 text, with very long lines (43197), with LF, NEL line terminators	1B1C29F487F08D8BD2CF4CED41485A54	F0C1379054504125D1A802387C30024D439AED7F	6A07AA16D5E3EB13B84190C6B1E36D8BC9308A06A0E5DE0307375DC0C75BCE8D
Chrome Cache Entry: 166	TrueType Font data, 15 tables, 1st "FFTM", 14 names, Macintosh	24712F6C47821394FBA7942FBB52C3B2	1B0A0DE084905946A20300CA8C354865DEC46764	2BA7F20B1D8990E17A47FE3D88E4C766628AAA2BAF1DD30FCA0A0DB59836F5F9
Chrome Cache Entry: 167	ASCII text, with very long lines (54939)	4D32661F45D92FB57ADCF45D1BBDE91A	0AB0B927E72BBE699FB744280396B2FFC5D68E06	FD5BAF908AC836D689B36BFCAD4A7F96D7D5509EA754CFF0206006F3E452EF13
Chrome Cache Entry: 168	ASCII text, with very long lines (27926), with no line terminators	CD7E125EDE5D9762155306DFD1AF3CA6	2B1AFB8221AC361E38524C5CC79A6C18120D9D1D	39609E96B9C994CF308B8D23B00FB6CB7225EE824D40B238DE21E8E5B73BB4D4
Chrome Cache Entry: 169	ASCII text, with very long lines (65536), with no line terminators	397A12082DAD602AE56CE2CB59E1ACD6	F79D65AC745F6F69130A615A89B1529702A02CC0	7806010CF8606175464D880FF8CA152D0B334CA809359D7B927B27210606766F
Chrome Cache Entry: 170	JSON data	99914B932BD37A50B983C5E7C90AE93B	BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F	44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
Chrome Cache Entry: 171	ASCII text, with very long lines (4787)	1DB6D4FD47F26888CB9787D97FC00EC0	7E0F0236E67678426A357D5CDC7F75773F5A4E44	85CC4203336C5900A1D094989172DF90925D5704EFCB314F5EB7633CDC811137
Chrome Cache Entry: 172	Web Open Font Format (Version 2), TrueType, length 46188, version 1.66	DFC5E24CBC1B134E0C00C61E84EC999A	D3B1A8EF1D0F6F9162986479252570525719F203	B5DB3E633EC765FC01A19C06B0955D56C2503285E59D8D348D08EC34ABBFEAF3
Chrome Cache Entry: 173	SVG Scalable Vector Graphics image	B177EBA3BBEEF5293FD6FD690523D3F8	CF34909643D8B9322C087F6C0830C121922A9F3D	7DC0C09AA1DE5E864076CBC75556BF1678D43F09B811BE12A60870EEA3094E97
Chrome Cache Entry: 174	ASCII text, with very long lines (40848)	EEFB1DF59C67FEF3C54F0CC53930B725	71ECD7F9FE0B2C0625573040BB58E797028FA21C	25799CE1BA6C1727D2F14B7C13438CC517A1A59536ED338EFD85F4F39D646750
Chrome Cache Entry: 175	ASCII text, with very long lines (4720)	366641E9CB419315F25D1AD2BF70936B	B789F141CB7EA723E10CB6F24428B760977FB9A2	D8A348DF23957CF3F7400C5A160B6D276D7DF0F16C46B673FD722391E5583586
Chrome Cache Entry: 176	ASCII text, with very long lines (65505)	BA5FD3C448F34530BA3B4946711EAD78	1BE70B41F5FA5F42613C8EADDA55EC0581AB011A	065BB0602898BC89EF809656ADBE49B091F52751C339956C7E56BABFB1A77EDF
Chrome Cache Entry: 177	ASCII text, with very long lines (345)	A1782CB302D36D94A8F5904841B1F9CD	F489819205A11E879A7CBD37D906B7476040F5D9	2B1903F4A4FA1A2C629480FCDDD60D673D3CEE3BE8C13C6D198419757FB6E228
Chrome Cache Entry: 178	ASCII text, with very long lines (19894), with no line terminators	040FBBCA590F68CF242510DD9C0D05EF	A9A481AE15034934414291656806427E73395D7F	7E11B4BE3AA27CE531D0A12F124E160D4DA1716A106FFDA7F711115060FEBC9D
Chrome Cache Entry: 179	MS Windows icon resource - 1 icon, -75x-56, 32 bits/pixel	069108453AB500E95DC37A9BAC5123D0	B610ED426B9788B73D1E63A1036EA20C2A8BE867	3633A3C764748C800B35612CD4573082AFABE1D7AAEA570E9013ED36DE7C29BA
Chrome Cache Entry: 180	Web Open Font Format (Version 2), TrueType, length 43308, version 1.66	93B6F18EC99BCB7C3FA7EA570A75E240	60B9E3062FE532CBC18B897FAC542C56A03544C7	43693F7BDD6146E783FAB3F75BA0A51AA3CF9530ADBF790DBD686FC8A17AA3DB
Chrome Cache Entry: 181	ASCII text	D6C32610BC01D28D09392E8CAE4869E6	1A248754B2853D6FFA0381BBA3C4CA65C1AF19C5	107F84EDAF1294B3B3681D48FAFE9DE85165493D55EA9C361FA08ECBD7994148
Chrome Cache Entry: 182	PNG image data, 458 x 58, 8-bit gray+alpha, non-interlaced	41A9EA02D1AB113D252E0CAD09FB0371	929C83C44F4496017F2D7FBCF42844E1842B21E4	4F0C8EF731D42FA0441204373826DFA26B988597D09E259550E2E1C54AD64047
Chrome Cache Entry: 183	Unicode text, UTF-8 text, with very long lines (35043)	A3D2C5F139C21BC84FA435F2252271D3	636D71DBB5D9476A55E13918E2433C59127A8D8D	82F9C09F55FB89DA42576E7C4DC75D1A41024C46A6F9FB1D2BED07360C1CFD6C
Chrome Cache Entry: 184	ASCII text, with very long lines (2962)	4D8313A7B6900F61AE9BFE51DDF4F67B	8B528784DBBE02C32F5F844953563C9B30178600	BFF7C9A7A1D2C6B47613859610EBA689A43C53189917DB1E81B5826B21B6C957
Chrome Cache Entry: 185	ASCII text, with very long lines (65372)	5E1450938FC288C4488BD341561E4420	4AE16AE2AC8B529481CDCCC7D2330E14499607A1	B7B2FDC1332EC71776B82EDF272E06779134B46C28AF1DFF3CB99FB2F2000278
Chrome Cache Entry: 186	ASCII text, with very long lines (55161)	339AB5487FCC7DA2EA5162570695B19D	6AFA3EFB1FDB91A653F47A2616E26088E84B0CD1	86B2EA30A82DFDE1F4019CAC8243F4F9CECDCA08D97A65C3E3AE8D2AE6D84CC4
Chrome Cache Entry: 187	ASCII text, with very long lines (47981)	AC75D2758BF3E040611814872A174121	CC5AF2F2D44FEF889E3779F768CFEC8713D4F386	7314EB1E0738878F2BACCF1B901FCD3E438834902A0146BC21B54D1521E62A3D
Chrome Cache Entry: 188	ASCII text, with very long lines (605)	23BFE7E99565EE8F34AFD63C06F4C24B	BF08B8AD1AD73C12A7C9CB211926CE23A861DB07	9DB33292007AB6C38527B39D5663E976A305564E19B2A5A8713EA2B2C00F505D
Chrome Cache Entry: 189	C source, ASCII text, with very long lines (1046)	FA9B26CB00C85A5EC7C1377CC8A6E716	F1C5D5D8361FF52554E6E5947E53FBCBB016B90B	80E3033E815DC1CD007B4D606237677AAE877EB72983FE03D865B7344D8C8E7C
Chrome Cache Entry: 190	ASCII text, with very long lines (54939)	BE46E7384B16280D2A080395AE35A8E6	72EB29B5FD98BAEBA883A827AC6FA487CA6DC9E1	A6E41B478743E79C6745B1BAD67932358D43BC911B34519C21D984B4213C2D7F
Chrome Cache Entry: 191	ASCII text, with very long lines (21663)	10F3FA701AF7A3CB6F9E8054D4AEBC62	A18AFB404DC5405CCBB850D4371AAB5119779302	40CF8DA6EAE259A4BC031CEDBE0844AB5B09D2A78ADE4A30B4FCB86237186CBB
Chrome Cache Entry: 192	PNG image data, 1275 x 1650, 8-bit grayscale, non-interlaced	0CD291FC81EE42F2BF3E31F4714DEA3C	F39A8CE0BAC8CFF885F78FC6F2FFAD12A27B4B5A	2745DF14118734E10F9E7987E8A9E031D040527DAA0F0F7E5433177451D13EA8
Chrome Cache Entry: 193	ASCII text	3B0BB3313BC069CCF76EC11101C435AA	3835D1E89171D4D16E7516B02F8DF3A7B2111EAE	B496879288D68FAF0C74CD134E93249132880AE2E8308930EAABA76231929623
Chrome Cache Entry: 194	ASCII text	3E904D06E56BD470498071EF9F7403BE	F99226A89C61F90A6FA6E3601E7B933DAD057A11	AC66E676723D630FDEC99090F7F476E9F933773409EEE8B4CC9157A3E3856794

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.16:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.16:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49826 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.50.112.11
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10

Source: global traffic	HTTP traffic detected: GET /t/12d97f79eb97705150d8f8046b386cc7edf916a9?utm_campaign=multisigner_complete&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=original HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sign/bd3e3662b74f8ab7612343a062786a19bd12b415 HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=OGxQK3eCNP3Bji7BBIDtyKxHnc/6hgMwYRQpFML81GA7HiZdOzOrgaqGnCVSM0YHrs3Vm+Ei2s+5zxHcmGcq9g0ueuzx4KEYUW3D10ZpOwIgw/pmiFdIJPW7qz+z; AWSALBCORS=OGxQK3eCNP3Bji7BBIDtyKxHnc/6hgMwYRQpFML81GA7HiZdOzOrgaqGnCVSM0YHrs3Vm+Ei2s+5zxHcmGcq9g0ueuzx4KEYUW3D10ZpOwIgw/pmiFdIJPW7qz+z; hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce
Source: global traffic	HTTP traffic detected: GET /15282e1/build/jquery3.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/js/foundation.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/signer.css HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=
Source: global traffic	HTTP traffic detected: GET /15282e1/build/signer.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=
Source: global traffic	HTTP traffic detected: GET /jsapi HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shim.js?id=B0gYx8LpZM HTTP/1.1Host: cdn.userleap.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pithos/privacy_consent HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pithos/host%3Aapp.hellosign.com/privacy_consent HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en
Source: global traffic	HTTP traffic detected: GET /ccpa_iframe?hide_gdpr=false&is_ccpa_enabled=true&should_disable_banner=false&gpc_signal=false&origin=https%253A%252F%252Fapp.hellosign.com&sandbox_redirect=false&uri_for_logging=app.hellosign.com&locale_override=en&should_auto_open_options=false&privacy_consent_upgrade_flag=true&csrf_origin=https%253A%252F%252Fapp.hellosign.com HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /en/ccpa_iframe?hide_gdpr=false&is_ccpa_enabled=true&should_disable_banner=false&gpc_signal=false&origin=https%253A%252F%252Fapp.hellosign.com&sandbox_redirect=false&uri_for_logging=app.hellosign.com&locale_override=en&should_auto_open_options=false&privacy_consent_upgrade_flag=true&csrf_origin=https%253A%252F%252Fapp.hellosign.com HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /page_success/end?edison_page_name=ccpa_iframe&path=%2Fen%2Fccpa_iframe&request_id=ccc7b591a160469c8a073edfc16dc74f&time=1714137515 HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.dropbox.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.dropbox.com/en/ccpa_iframe?hide_gdpr=false&is_ccpa_enabled=true&should_disable_banner=false&gpc_signal=false&origin=https%253A%252F%252Fapp.hellosign.com&sandbox_redirect=false&uri_for_logging=app.hellosign.com&locale_override=en&should_auto_open_options=false&privacy_consent_upgrade_flag=true&csrf_origin=https%253A%252F%252Fapp.hellosign.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=MeZrkXMHcrDkweY&MD=gsdPdNcv HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /2/client_metrics/record HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /signer/ready?tsm_guid=39251484fa39c3b9a96f490a75249a4a49e44a5d&token=36c5ed1ec48f66db&_c=1714137520359 HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"baggage: sentry-environment=production,sentry-release=hellosign%4015282e1,sentry-transaction=%2Fsign%2F%3Aguid,sentry-public_key=f8e19270d07412b6be0c537098edb309,sentry-trace_id=0ce81c61c38f4dd592ef6ca54cf9ad2f,sentry-sample_rate=0.0001sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sentry-trace: 0ce81c61c38f4dd592ef6ca54cf9ad2f-af9bd86b324f1903-0sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; AWSALB=ma/VVgDAY8bnHxMsJoMhWM8q2w6I9rwkPDk8WOWui9RkZgaxiivns+F/SB+MeEuCgYle97qxLMoN8V1XhcvtixUOsR1embKQGkSrENdK4TBy4eFuwMdvgErYKKJ7; AWSALBCORS=ma/VVgDAY8bnHxMsJoMhWM8q2w6I9rwkPDk8WOWui9RkZgaxiivns+F/SB+MeEuCgYle97qxLMoN8V1XhcvtixUOsR1embKQGkSrENdK4TBy4eFuwMdvgErYKKJ7; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /15282e1/build/93b6f18ec99bcb7c3fa7ea570a75e240.woff2 HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/15282e1/build/signer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/images/dropbox-sign-favicon.ico HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /signer/load?guid=bd3e3662b74f8ab7612343a062786a19bd12b415&tsm_guid=39251484fa39c3b9a96f490a75249a4a49e44a5d&status_token=36c5ed1ec48f66db&_c=1714137521013 HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"baggage: sentry-environment=production,sentry-release=hellosign%4015282e1,sentry-transaction=%2Fsign%2F%3Aguid,sentry-public_key=f8e19270d07412b6be0c537098edb309,sentry-trace_id=0ce81c61c38f4dd592ef6ca54cf9ad2f,sentry-sample_rate=0.0001sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sentry-trace: 0ce81c61c38f4dd592ef6ca54cf9ad2f-820de0d7490f319a-0sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=5OoCYk4VSImIonMlfAWECXXYFF4RbBLfzbt+HlTT6kytcfSUmpr978ASZ1ytA6pL24Rc8ni4xseKDQutGlrh/YoeG0vBVsO7n2UFeoM9QSlLzzdeRb5UvoZsoG8F; AWSALBCORS=5OoCYk4VSImIonMlfAWECXXYFF4RbBLfzbt+HlTT6kytcfSUmpr978ASZ1ytA6pL24Rc8ni4xseKDQutGlrh/YoeG0vBVsO7n2UFeoM9QSlLzzdeRb5UvoZsoG8F
Source: global traffic	HTTP traffic detected: GET /signer/ready?tsm_guid=39251484fa39c3b9a96f490a75249a4a49e44a5d&token=36c5ed1ec48f66db&_c=1714137520359 HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=5OoCYk4VSImIonMlfAWECXXYFF4RbBLfzbt+HlTT6kytcfSUmpr978ASZ1ytA6pL24Rc8ni4xseKDQutGlrh/YoeG0vBVsO7n2UFeoM9QSlLzzdeRb5UvoZsoG8F; AWSALBCORS=5OoCYk4VSImIonMlfAWECXXYFF4RbBLfzbt+HlTT6kytcfSUmpr978ASZ1ytA6pL24Rc8ni4xseKDQutGlrh/YoeG0vBVsO7n2UFeoM9QSlLzzdeRb5UvoZsoG8F
Source: global traffic	HTTP traffic detected: GET /15282e1/images/dropbox-sign-favicon.ico HTTP/1.1Host: cdn.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /15282e1/build/chunks/d96c648d3fda751c7989.style.css HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/5.5f8f6191bd9af571fa9d.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/107.96aebe0cfadb350f1510.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signer/load?guid=bd3e3662b74f8ab7612343a062786a19bd12b415&tsm_guid=39251484fa39c3b9a96f490a75249a4a49e44a5d&status_token=36c5ed1ec48f66db&_c=1714137521013 HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=X2P3b2ldPtCVI1whtdtlAMcUmiV+woyLkVw/qVCBeTEYo7S2AQ7WK+MZx/Dlgj8h3dyu1VfuOY2Bsuj9VtbC493JuxR6A0jsm1vu9VvyrnOJah56AC8xESc5kfho; AWSALBCORS=X2P3b2ldPtCVI1whtdtlAMcUmiV+woyLkVw/qVCBeTEYo7S2AQ7WK+MZx/Dlgj8h3dyu1VfuOY2Bsuj9VtbC493JuxR6A0jsm1vu9VvyrnOJah56AC8xESc5kfho
Source: global traffic	HTTP traffic detected: GET /signature/list?type_code=S&ux_version=2&preloaded_tsm_group_key=default HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonX-CSRF-Token: 647db8077fb2cf53a2c7cfd5d8e9a851aea7c333e08c9e1187becd257f503f88sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=X2P3b2ldPtCVI1whtdtlAMcUmiV+woyLkVw/qVCBeTEYo7S2AQ7WK+MZx/Dlgj8h3dyu1VfuOY2Bsuj9VtbC493JuxR6A0jsm1vu9VvyrnOJah56AC8xESc5kfho; AWSALBCORS=X2P3b2ldPtCVI1whtdtlAMcUmiV+woyLkVw/qVCBeTEYo7S2AQ7WK+MZx/Dlgj8h3dyu1VfuOY2Bsuj9VtbC493JuxR6A0jsm1vu9VvyrnOJah56AC8xESc5kfho
Source: global traffic	HTTP traffic detected: GET /api/4506197685370880/envelope/?sentry_key=f8e19270d07412b6be0c537098edb309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1Host: d.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t=Je7dsFQgqXCHALByOBk9CkJ0; locale=en
Source: global traffic	HTTP traffic detected: GET /signature/list?type_code=I&ux_version=2&preloaded_tsm_group_key=default HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonX-CSRF-Token: 647db8077fb2cf53a2c7cfd5d8e9a851aea7c333e08c9e1187becd257f503f88sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=J7B6uu7K/UoyYzxkPuzfWb9act5XcfTQOtwZ6xWJcwtCyAU0Kyyxc6uwOMwFLCjPtdO+67YrT5gecpz2bdrUkdF7bnzG5Bc5MicdpCkvl2A229WEiQkGMvM92DD6; AWSALBCORS=J7B6uu7K/UoyYzxkPuzfWb9act5XcfTQOtwZ6xWJcwtCyAU0Kyyxc6uwOMwFLCjPtdO+67YrT5gecpz2bdrUkdF7bnzG5Bc5MicdpCkvl2A229WEiQkGMvM92DD6
Source: global traffic	HTTP traffic detected: GET /signature/list?type_code=S&ux_version=2&preloaded_tsm_group_key=default HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=J7B6uu7K/UoyYzxkPuzfWb9act5XcfTQOtwZ6xWJcwtCyAU0Kyyxc6uwOMwFLCjPtdO+67YrT5gecpz2bdrUkdF7bnzG5Bc5MicdpCkvl2A229WEiQkGMvM92DD6; AWSALBCORS=J7B6uu7K/UoyYzxkPuzfWb9act5XcfTQOtwZ6xWJcwtCyAU0Kyyxc6uwOMwFLCjPtdO+67YrT5gecpz2bdrUkdF7bnzG5Bc5MicdpCkvl2A229WEiQkGMvM92DD6
Source: global traffic	HTTP traffic detected: GET /15282e1/build/b177eba3bbeef5293fd6fd690523d3f8.svg HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /15282e1/build/dfc5e24cbc1b134e0c00c61e84ec999a.woff2 HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/15282e1/build/signer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signer/getData?cached_params_token=ba8d5d32691e143a2f926e4d757fc9a8 HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonX-CSRF-Token: 647db8077fb2cf53a2c7cfd5d8e9a851aea7c333e08c9e1187becd257f503f88sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=OnJCaN3qgBGS17gMF0R1d/1qe3snwehkCivK7WJxmFt/6GrFa+bbhSvnx878wi17Y4c830EHTnH7Ri34MsJkbIxRsPV0n0rU+hnVvdupLb4u8BqZoamkbRTkhRhW; AWSALBCORS=OnJCaN3qgBGS17gMF0R1d/1qe3snwehkCivK7WJxmFt/6GrFa+bbhSvnx878wi17Y4c830EHTnH7Ri34MsJkbIxRsPV0n0rU+hnVvdupLb4u8BqZoamkbRTkhRhW
Source: global traffic	HTTP traffic detected: GET /sdk/1/environments/B0gYx8LpZM/config HTTP/1.1Host: api.sprig.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"x-ul-visitor-id: e9736805-9ca5-4261-bb8d-782962920dd5sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonx-ul-installation-method: web-snippetx-ul-sdk-version: 2.27.0x-ul-environment-id: B0gYx8LpZMuserleap-platform: websec-ch-ua-platform: "Windows"Accept: /Origin: https://app.hellosign.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/b177eba3bbeef5293fd6fd690523d3f8.svg HTTP/1.1Host: cdn.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /signature/list?type_code=I&ux_version=2&preloaded_tsm_group_key=default HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=QRCtSIF9J+GDdvM/HYW9p9FmzSzunyueoeVkruc1d5NWHco47qKXTA1ew/feeMEnP0IPua5jVA8s8ZKolfVusEbhCLg5flTSC2O1GNbVWBJWUvkR6yshP6pkEj/f; AWSALBCORS=QRCtSIF9J+GDdvM/HYW9p9FmzSzunyueoeVkruc1d5NWHco47qKXTA1ew/feeMEnP0IPua5jVA8s8ZKolfVusEbhCLg5flTSC2O1GNbVWBJWUvkR6yshP6pkEj/f
Source: global traffic	HTTP traffic detected: GET /signer/getData?cached_params_token=ba8d5d32691e143a2f926e4d757fc9a8 HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=yVJyod5n3odwbc5aw1O8X9mu5eEBElw+4FE34ZS+4ZwRKrwuCTGM/8tg3IgLs6xBGrNjrF2CLsWMVa/WrfuKWqfBfeDAGUb3VapuaPekwNESbGm3Z0y+R9zALdOQ; AWSALBCORS=yVJyod5n3odwbc5aw1O8X9mu5eEBElw+4FE34ZS+4ZwRKrwuCTGM/8tg3IgLs6xBGrNjrF2CLsWMVa/WrfuKWqfBfeDAGUb3VapuaPekwNESbGm3Z0y+R9zALdOQ
Source: global traffic	HTTP traffic detected: GET /sdk/1/environments/B0gYx8LpZM/config HTTP/1.1Host: api.sprig.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hellofax_uploads/documents/2024/04/18/93557e3ed29a1f4b74def42fb6d01b29a145784a/snapshot/5dea7f2932a85070c511b1d2bbeae34aaacb6812/converted-0.png?response-content-disposition=attachment&response-content-type=application%2Fbinary&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUMSXJYX54LVFIWVL%2F20240425%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240425T233112Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=1ffd8299d5c361ee8bd2abd3d8abb5d249c4baec94b8ad10b79348cc5100644d HTTP/1.1Host: s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hellofax_uploads/documents/2024/04/18/93557e3ed29a1f4b74def42fb6d01b29a145784a/snapshot/5dea7f2932a85070c511b1d2bbeae34aaacb6812/converted-1.png?response-content-disposition=attachment&response-content-type=application%2Fbinary&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUMSXJYX54LVFIWVL%2F20240425%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240425T233112Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=3edb1b3da6c09ebfb912f2b1158fa311e1d9915767fb0c89f808fbd405b1bd3a HTTP/1.1Host: s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hellofax_uploads/documents/2024/04/18/93557e3ed29a1f4b74def42fb6d01b29a145784a/snapshot/5dea7f2932a85070c511b1d2bbeae34aaacb6812/converted-2.png?response-content-disposition=attachment&response-content-type=application%2Fbinary&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUMSXJYX54LVFIWVL%2F20240425%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240425T233112Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=d648a2c294a2c6fe0063c601bc023bc872b05af36ff60d85ccd2f6c6f1c2c5d2 HTTP/1.1Host: s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/873357982e6eda6c4c02f5c5de800c2f.ttf HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/15282e1/build/signer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hellofax_uploads/documents/2024/04/18/93557e3ed29a1f4b74def42fb6d01b29a145784a/snapshot/5dea7f2932a85070c511b1d2bbeae34aaacb6812/converted-2.png?response-content-disposition=attachment&response-content-type=application%2Fbinary&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUMSXJYX54LVFIWVL%2F20240425%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240425T233112Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=d648a2c294a2c6fe0063c601bc023bc872b05af36ff60d85ccd2f6c6f1c2c5d2 HTTP/1.1Host: s3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hellofax_uploads/documents/2024/04/18/93557e3ed29a1f4b74def42fb6d01b29a145784a/snapshot/5dea7f2932a85070c511b1d2bbeae34aaacb6812/converted-1.png?response-content-disposition=attachment&response-content-type=application%2Fbinary&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUMSXJYX54LVFIWVL%2F20240425%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240425T233112Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=3edb1b3da6c09ebfb912f2b1158fa311e1d9915767fb0c89f808fbd405b1bd3a HTTP/1.1Host: s3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hellofax_uploads/documents/2024/04/18/93557e3ed29a1f4b74def42fb6d01b29a145784a/snapshot/5dea7f2932a85070c511b1d2bbeae34aaacb6812/converted-0.png?response-content-disposition=attachment&response-content-type=application%2Fbinary&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUMSXJYX54LVFIWVL%2F20240425%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240425T233112Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=1ffd8299d5c361ee8bd2abd3d8abb5d249c4baec94b8ad10b79348cc5100644d HTTP/1.1Host: s3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/chunks/e6c0b51bad713718e80c.style.css HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/110.6d11a1f1c88962a22771.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/24712f6c47821394fba7942fbb52c3b2.ttf HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/15282e1/build/signer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /15282e1/build/8931083ec8bb40af521ec1f7fec2e419.woff2 HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/15282e1/build/signer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/4506197685370880/envelope/?sentry_key=f8e19270d07412b6be0c537098edb309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1Host: d.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t=Je7dsFQgqXCHALByOBk9CkJ0; locale=en
Source: global traffic	HTTP traffic detected: GET /api/4506197685370880/envelope/?sentry_key=f8e19270d07412b6be0c537098edb309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1Host: d.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t=Je7dsFQgqXCHALByOBk9CkJ0; locale=en
Source: global traffic	HTTP traffic detected: GET /signer/save?c=1714137545640 HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:18:38.884Z","expireDate":"2024-10-26T13:18:38.884Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":false,"numDots":1}; AWSALB=8EKL+NdoNS2eKDgxSw8tF+cmqb/gLXV9NKNuz6KQa+lhKO+9yT7x6zi6snmgsPf7fNoGdMkApVtBHZb59RZ/LI/80UBtxqaPSVtVIUEUVS/V5OI7DhXyv8hRR2Ve; AWSALBCORS=8EKL+NdoNS2eKDgxSw8tF+cmqb/gLXV9NKNuz6KQa+lhKO+9yT7x6zi6snmgsPf7fNoGdMkApVtBHZb59RZ/LI/80UBtxqaPSVtVIUEUVS/V5OI7DhXyv8hRR2Ve
Source: global traffic	HTTP traffic detected: GET /2/udcl/log_timing HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=MeZrkXMHcrDkweY&MD=gsdPdNcv HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /2/client_metrics/record HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /2/udcl/log_timing HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTY1ODYzMDI4NzAyNTQyMzQ2MTg1MTQxMzIwNzg2NTQ0MDI3ODE4; t=Je7dsFQgqXCHALByOBk9CkJ0; __Host-js_csrf=Je7dsFQgqXCHALByOBk9CkJ0; locale=en; __Host-logged-out-session=ChCNScitIzbSfiVDX6zQSBC+EKjTrrEGGi5BSnFCWjM4alJkTjF2MnN1cjFZYkxDSTRzN1RpWHN4TVFtSHJra3FKdFo3RjFB
Source: global traffic	HTTP traffic detected: GET /15282e1/build/ebee194a9b773f166dc16096f8614aaa.woff2 HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/15282e1/build/signer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signature/list?type_code=S&ux_version=2&preloaded_tsm_group_key=default HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonX-CSRF-Token: 647db8077fb2cf53a2c7cfd5d8e9a851aea7c333e08c9e1187becd257f503f88sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; AWSALB=cbjCz4jd3ddXQOEYoRLcSMndPweZrWLdOM/m2aAhFxu80UVeVBQIzpcpefM2rqOob2I4d1aML9WcWlWOhLvlRlkwbaSA/len4W9gCJ2MTaDnQ0/+kFLD1JqjeRKd; AWSALBCORS=cbjCz4jd3ddXQOEYoRLcSMndPweZrWLdOM/m2aAhFxu80UVeVBQIzpcpefM2rqOob2I4d1aML9WcWlWOhLvlRlkwbaSA/len4W9gCJ2MTaDnQ0/+kFLD1JqjeRKd; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:19:46.412Z","expireDate":"2024-10-26T13:19:46.412Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":true,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /attachment/view?sig_guid=483623cf627fe7b155e56777fe26f8d8a59e81e1 HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/sign/bd3e3662b74f8ab7612343a062786a19bd12b415Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; AWSALB=cbjCz4jd3ddXQOEYoRLcSMndPweZrWLdOM/m2aAhFxu80UVeVBQIzpcpefM2rqOob2I4d1aML9WcWlWOhLvlRlkwbaSA/len4W9gCJ2MTaDnQ0/+kFLD1JqjeRKd; AWSALBCORS=cbjCz4jd3ddXQOEYoRLcSMndPweZrWLdOM/m2aAhFxu80UVeVBQIzpcpefM2rqOob2I4d1aML9WcWlWOhLvlRlkwbaSA/len4W9gCJ2MTaDnQ0/+kFLD1JqjeRKd; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:19:46.412Z","expireDate":"2024-10-26T13:19:46.412Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":true,"numDots":1}
Source: global traffic	HTTP traffic detected: GET /signature/list?type_code=S&ux_version=2&preloaded_tsm_group_key=default HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:19:46.412Z","expireDate":"2024-10-26T13:19:46.412Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":true,"numDots":1}; AWSALB=5R1z8AHAAD4ppC50dVd7gjFK/BEY4I679xU8heIM3SS6XvkhBHJByz6n2Gqu+Ww6X/w1c3tc9x2/HNsq2xO3tTC6euBuIzePNWrmDFYuBCSc9a60BIWn+01OcCdW; AWSALBCORS=5R1z8AHAAD4ppC50dVd7gjFK/BEY4I679xU8heIM3SS6XvkhBHJByz6n2Gqu+Ww6X/w1c3tc9x2/HNsq2xO3tTC6euBuIzePNWrmDFYuBCSc9a60BIWn+01OcCdW
Source: global traffic	HTTP traffic detected: GET /attachment/view?sig_guid=483623cf627fe7b155e56777fe26f8d8a59e81e1 HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_user=b246b267d1819d23f3fd2fe21f7330e4d54116e20ea4ac9dd83830f674a359aa:0f153205db4e46a0aef873e3a78f5f422147e94c; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vdC8xMmQ5N2Y3OWViOTc3MDUxNTBkOGY4MDQ2YjM4NmNjN2VkZjkxNmE5P3V0bV9jYW1wYWlnbj1tdWx0aXNpZ25lcl9jb21wbGV0ZSZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs; hs_puuid=be2539f63f2ab8d20fc42904da24093197daabce; ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-04-26T13:19:46.412Z","expireDate":"2024-10-26T13:19:46.412Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":false,"analytics":false,"performance and functionality":false,"social media advertising":false},"userInteracted":true,"numDots":1}; AWSALB=Ros8pdkiGRl82CItRETqYsBzuF6Az17ZcXUEs9pYWX3V2nohq+0mT0WinZlwqKrBtvZWp+sG1S4wY41a2A0wuoDdLU8a4W2mdODg50JhbAU0RZpEOl3OV0iYYDhk; AWSALBCORS=Ros8pdkiGRl82CItRETqYsBzuF6Az17ZcXUEs9pYWX3V2nohq+0mT0WinZlwqKrBtvZWp+sG1S4wY41a2A0wuoDdLU8a4W2mdODg50JhbAU0RZpEOl3OV0iYYDhk

Source: global traffic	DNS traffic detected: DNS query: app.hellosign.com
Source: global traffic	DNS traffic detected: DNS query: cdn.hellosign.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: cdn.userleap.com
Source: global traffic	DNS traffic detected: DNS query: cfl.dropboxstatic.com
Source: global traffic	DNS traffic detected: DNS query: d.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: api.sprig.com
Source: global traffic	DNS traffic detected: DNS query: s3.amazonaws.com

Source: unknown

Source: chromecache_165.1.dr	String found in binary or memory: http://api.jqueryui.com/category/ui-core/
Source: chromecache_142.1.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_164.1.dr	String found in binary or memory: http://creativecommons.org/licenses/by/4.0/
Source: chromecache_165.1.dr	String found in binary or memory: http://feross.org
Source: chromecache_142.1.dr	String found in binary or memory: http://flesler.blogspot.com
Source: chromecache_142.1.dr	String found in binary or memory: http://flesler.blogspot.com/2007/10/jqueryscrollto.html
Source: chromecache_166.1.dr	String found in binary or memory: http://fontforge.sf.net)
Source: chromecache_166.1.dr	String found in binary or memory: http://fontforge.sf.net)Created
Source: chromecache_166.1.dr	String found in binary or memory: http://fontforge.sf.net)IoniconsIoniconsMediumMediumFontForge
Source: chromecache_154.1.dr	String found in binary or memory: http://foundation.zurb.com
Source: chromecache_142.1.dr, chromecache_165.1.dr	String found in binary or memory: http://hammerjs.github.io/
Source: chromecache_164.1.dr	String found in binary or memory: http://ionicons.com/
Source: chromecache_165.1.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_142.1.dr, chromecache_165.1.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_142.1.dr, chromecache_165.1.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_154.1.dr	String found in binary or memory: http://my.opera.com/emoller/blog/2011/12/20/requestanimationframe-for-smart-er-animating
Source: chromecache_154.1.dr	String found in binary or memory: http://paulirish.com/2011/requestanimationframe-for-smart-animating/
Source: chromecache_154.1.dr	String found in binary or memory: http://underscorejs.org
Source: chromecache_127.1.dr	String found in binary or memory: http://www.ascendercorp.com/0
Source: chromecache_127.1.dr	String found in binary or memory: http://www.ascendercorp.com/http://ascendercorp.com/eula10.html
Source: chromecache_127.1.dr	String found in binary or memory: http://www.ascendercorp.com/http://ascendercorp.com/eula10.htmlNormaaliNorm
Source: chromecache_127.1.dr	String found in binary or memory: http://www.ascendercorp.com/http://ascendercorp.com/eula10.htmlNormaloby
Source: chromecache_127.1.dr	String found in binary or memory: http://www.ascendercorp.com/http://www.ascendercorp.com/typedesigners.htmlThis
Source: chromecache_154.1.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_124.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/%
Source: chromecache_131.1.dr	String found in binary or memory: https://app.hellosign.com/
Source: chromecache_131.1.dr	String found in binary or memory: https://app.hellosign.com/home/manage
Source: chromecache_165.1.dr	String found in binary or memory: https://feross.org
Source: chromecache_165.1.dr	String found in binary or memory: https://feross.org/opensource
Source: chromecache_164.1.dr	String found in binary or memory: https://github.com/driftyco/ionicons
Source: chromecache_154.1.dr	String found in binary or memory: https://github.com/gnarf37/jquery-requestAnimationFrame
Source: chromecache_164.1.dr	String found in binary or memory: https://github.com/google/material-design-icons
Source: chromecache_154.1.dr	String found in binary or memory: https://github.com/paulirish/matchMedia.js
Source: chromecache_165.1.dr	String found in binary or memory: https://github.com/szimek/signature_pad
Source: chromecache_142.1.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_142.1.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_142.1.dr	String found in binary or memory: https://jqueryvalidation.org/
Source: chromecache_142.1.dr	String found in binary or memory: https://js.foundation/
Source: chromecache_124.1.dr	String found in binary or memory: https://maps-api-ssl.google.com/maps?jsapiRedirect=true&file=googleapi
Source: chromecache_124.1.dr	String found in binary or memory: https://maps.googleapis.com/maps/api/js?jsapiRedirect=true
Source: chromecache_126.1.dr, chromecache_188.1.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: chromecache_126.1.dr	String found in binary or memory: https://reactjs.org/link/react-polyfills
Source: chromecache_142.1.dr	String found in binary or memory: https://sizzlejs.com/
Source: chromecache_183.1.dr	String found in binary or memory: https://tinyurl.com/y2uuvskb
Source: chromecache_164.1.dr	String found in binary or memory: https://twitter.com/benjsperry
Source: chromecache_164.1.dr	String found in binary or memory: https://twitter.com/ionicframework
Source: chromecache_131.1.dr	String found in binary or memory: https://www.dropbox.com/signatures?
Source: chromecache_124.1.dr	String found in binary or memory: https://www.gstatic.cn/charts/%
Source: chromecache_124.1.dr	String found in binary or memory: https://www.gstatic.cn/charts/debug/%
Source: chromecache_124.1.dr	String found in binary or memory: https://www.gstatic.com/charts/%
Source: chromecache_124.1.dr	String found in binary or memory: https://www.gstatic.com/charts/debug/%
Source: chromecache_124.1.dr	String found in binary or memory: https://www.gstatic.com/inputtools/js/ita/inputtools_3.js

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443

Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.16:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.16:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49826 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@15/146@48/18

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://app.hellosign.com/t/12d97f79eb97705150d8f8046b386cc7edf916a9?utm_campaign=multisigner_complete&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=original
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1972,i,4750712491697218838,6996479479991682598,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1972,i,4750712491697218838,6996479479991682598,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1432140
Product:	CloudBasic
Start time:	15:18:00
Start date:	26.04.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://app.hellosign.com/t/12d97f79eb97705150d8f8046b386cc7edf916a9?utm_campaign=multisigner_complete&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=original

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://app.hellosign.com/t/12d97f79eb97705150d8f8046b386cc7edf916a9?utm_campaign=multisigner_complete&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=original

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://app.hellosign.com/t/12d97f79eb97705150d8f8046b386cc7edf916a9?utm_campaign=multisigner_complete&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=original