Windows Analysis Report
https://na4.documents.adobe.com/public/esign?tsid=CBFCIBAACBSCTBABDUAAABACAABAAXOLPIJBfBmvGxlXwPlfq9c6X3NsD1pg6O8JYZY2E-Ga3AuSQNGZ-g8N0TvBmaUFABJvylLGhsJ9uMpqr2DHsr9g8lX7QuPwmuLcGhhclzXMQHuhGjFAB_Dnt33FKgDL2&

Overview

General Information

Sample URL: https://na4.documents.adobe.com/public/esign?tsid=CBFCIBAACBSCTBABDUAAABACAABAAXOLPIJBfBmvGxlXwPlfq9c6X3NsD1pg6O8JYZY2E-Ga3AuSQNGZ-g8N0TvBmaUFABJvylLGhsJ9uMpqr2DHsr9g8lX7QuPwmuLcGhhclzXMQHuhGjFAB_Dnt3
Analysis ID: 1524299
Infos:

Detection

Score: 1
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

HTML body contains low number of good links
HTML body contains password input but no form action

Classification

HTML body contains low number of good links
Source: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fgps.echosign.com%252Fpublic%252FadobeIDLogin%253Fserver%253Dna4.documents.adobe.com%2526isAdobeSignAuth%253Dfalse%2526port%253D443%26state%3D5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2CAdobeID%2CDCAPI%2Cadditional_info.account_type%2Cskybox%2Cupdate_profile.first_name%2Cupdate_profile.last_name%2Cagreement_send%2Cagreement_sign%2Csign_library_write%2Csign_user_read%2Csign_user_write%2Cagreement_read%2Cagreement_write%2Cwidget_read%2Cwidget_write%2Cworkflow_read%2Cworkflow_write%2Csign_addressbook_read%2Csign_library_read%2Cadditional_info.projectedProductContext%2Csign_webhook_read%2Csign_webhook_write%2Csign_webhook_retention%2Csao.ACOM_ESIGN_TRIAL%2Cee.GROUP_SIGN_WEB%2Cadditional_info.ownerOrg%2Caddi... HTTP Parser: Number of links: 0
HTML body contains password input but no form action
Source: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fgps.echosign.com%252Fpublic%252FadobeIDLogin%253Fserver%253Dna4.documents.adobe.com%2526isAdobeSignAuth%253Dfalse%2526port%253D443%26state%3D5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2CAdobeID%2CDCAPI%2Cadditional_info.account_type%2Cskybox%2Cupdate_profile.first_name%2Cupdate_profile.last_name%2Cagreement_send%2Cagreement_sign%2Csign_library_write%2Csign_user_read%2Csign_user_write%2Cagreement_read%2Cagreement_write%2Cwidget_read%2Cwidget_write%2Cworkflow_read%2Cworkflow_write%2Csign_addressbook_read%2Csign_library_read%2Cadditional_info.projectedProductContext%2Csign_webhook_read%2Csign_webhook_write%2Csign_webhook_retention%2Csao.ACOM_ESIGN_TRIAL%2Cee.GROUP_SIGN_WEB%2Cadditional_info.ownerOrg%2Caddi... HTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fgps.echosign.com%252Fpublic%252FadobeIDLogin%253Fserver%253Dna4.documents.adobe.com%2526isAdobeSignAuth%253Dfalse%2526port%253D443%26state%3D5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2CAdobeID%2CDCAPI%2Cadditional_info.account_type%2Cskybox%2Cupdate_profile.first_name%2Cupdate_profile.last_name%2Cagreement_send%2Cagreement_sign%2Csign_library_write%2Csign_user_read%2Csign_user_write%2Cagreement_read%2Cagreement_write%2Cwidget_read%2Cwidget_write%2Cworkflow_read%2Cworkflow_write%2Csign_addressbook_read%2Csign_library_read%2Cadditional_info.projectedProductContext%2Csign_webhook_read%2Csign_webhook_write%2Csign_webhook_retention%2Csao.ACOM_ESIGN_TRIAL%2Cee.GROUP_SIGN_WEB%2Cadditional_info.ownerOrg%2Caddi... HTTP Parser: <input type="password" .../> found
Source: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fgps.echosign.com%252Fpublic%252FadobeIDLogin%253Fserver%253Dna4.documents.adobe.com%2526isAdobeSignAuth%253Dfalse%2526port%253D443%26state%3D5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2CAdobeID%2CDCAPI%2Cadditional_info.account_type%2Cskybox%2Cupdate_profile.first_name%2Cupdate_profile.last_name%2Cagreement_send%2Cagreement_sign%2Csign_library_write%2Csign_user_read%2Csign_user_write%2Cagreement_read%2Cagreement_write%2Cwidget_read%2Cwidget_write%2Cworkflow_read%2Cworkflow_write%2Csign_addressbook_read%2Csign_library_read%2Cadditional_info.projectedProductContext%2Csign_webhook_read%2Csign_webhook_write%2Csign_webhook_retention%2Csao.ACOM_ESIGN_TRIAL%2Cee.GROUP_SIGN_WEB%2Cadditional_info.ownerOrg%2Caddi... HTTP Parser: No favicon
Source: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fgps.echosign.com%252Fpublic%252FadobeIDLogin%253Fserver%253Dna4.documents.adobe.com%2526isAdobeSignAuth%253Dfalse%2526port%253D443%26state%3D5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2CAdobeID%2CDCAPI%2Cadditional_info.account_type%2Cskybox%2Cupdate_profile.first_name%2Cupdate_profile.last_name%2Cagreement_send%2Cagreement_sign%2Csign_library_write%2Csign_user_read%2Csign_user_write%2Cagreement_read%2Cagreement_write%2Cwidget_read%2Cwidget_write%2Cworkflow_read%2Cworkflow_write%2Csign_addressbook_read%2Csign_library_read%2Cadditional_info.projectedProductContext%2Csign_webhook_read%2Csign_webhook_write%2Csign_webhook_retention%2Csao.ACOM_ESIGN_TRIAL%2Cee.GROUP_SIGN_WEB%2Cadditional_info.ownerOrg%2Caddi HTTP Parser: No <meta name="author".. found
Source: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fgps.echosign.com%252Fpublic%252FadobeIDLogin%253Fserver%253Dna4.documents.adobe.com%2526isAdobeSignAuth%253Dfalse%2526port%253D443%26state%3D5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2CAdobeID%2CDCAPI%2Cadditional_info.account_type%2Cskybox%2Cupdate_profile.first_name%2Cupdate_profile.last_name%2Cagreement_send%2Cagreement_sign%2Csign_library_write%2Csign_user_read%2Csign_user_write%2Cagreement_read%2Cagreement_write%2Cwidget_read%2Cwidget_write%2Cworkflow_read%2Cworkflow_write%2Csign_addressbook_read%2Csign_library_read%2Cadditional_info.projectedProductContext%2Csign_webhook_read%2Csign_webhook_write%2Csign_webhook_retention%2Csao.ACOM_ESIGN_TRIAL%2Cee.GROUP_SIGN_WEB%2Cadditional_info.ownerOrg%2Caddi... HTTP Parser: No <meta name="copyright".. found
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49747 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49840 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49843 version: TLS 1.2
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1727881899327 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://auth.services.adobe.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fgps.echosign.com%252Fpublic%252FadobeIDLogin%253Fserver%253Dna4.documents.adobe.com%2526isAdobeSignAuth%253Dfalse%2526port%253D443%26state%3D5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2CAdobeID%2CDCAPI%2Cadditional_info.account_type%2Cskybox%2Cupdate_profile.first_name%2Cupdate_profile.last_name%2Cagreement_send%2Cagreement_sign%2Csign_library_write%2Csign_user_read%2Csign_user_write%2Cagreement_read%2Cagreement_write%2Cwidget_read%2Cwidget_write%2Cworkflow_read%2Cworkflow_write%2Csign_addressbook_read%2Csign_library_read%2Cadditional_info.projectedProductContext%2Csign_webhook_read%2Csign_webhook_write%2Csign_webhook_retention%2Csao.ACOM_ESIGN_TRIAL%2Cee.GROUP_SIGN_WEB%2Cadditional_info.ownerOrg%2Cadditional_info.roles%2Caps.read.app_merchandising%2Csign_application_read%2Csign_application_write&state=5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8&relay=81555558-98b9-4eda-b01f-5bc6fa3def7e&locale=en_US&flow_type=code&ctx_id=Adobe_Sign&dctx_id=adobe_document_cloud&idp_flow_type=login&s_p=google%2Cfacebook%2Capple%2Cmicrosoft%2Cline&response_type=code&code_challenge_method=plain&redirect_uri=https%3A%2F%2Fgps.echosign.com%2Fpublic%2FadobeIDLogin%3Fserver%3Dna4.documents.adobe.com%26isAdobeSignAuth%3Dfalse%26port%3D443&use_ms_for_expiry=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1727881899327 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://auth.services.adobe.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fgps.echosign.com%252Fpublic%252FadobeIDLogin%253Fserver%253Dna4.documents.adobe.com%2526isAdobeSignAuth%253Dfalse%2526port%253D443%26state%3D5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2CAdobeID%2CDCAPI%2Cadditional_info.account_type%2Cskybox%2Cupdate_profile.first_name%2Cupdate_profile.last_name%2Cagreement_send%2Cagreement_sign%2Csign_library_write%2Csign_user_read%2Csign_user_write%2Cagreement_read%2Cagreement_write%2Cwidget_read%2Cwidget_write%2Cworkflow_read%2Cworkflow_write%2Csign_addressbook_read%2Csign_library_read%2Cadditional_info.projectedProductContext%2Csign_webhook_read%2Csign_webhook_write%2Csign_webhook_retention%2Csao.ACOM_ESIGN_TRIAL%2Cee.GROUP_SIGN_WEB%2Cadditional_info.ownerOrg%2Cadditional_info.roles%2Caps.read.app_merchandising%2Csign_application_read%2Csign_application_write&state=5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8&relay=81555558-98b9-4eda-b01f-5bc6fa3def7e&locale=en_US&flow_type=code&ctx_id=Adobe_Sign&dctx_id=adobe_document_cloud&idp_flow_type=login&s_p=google%2Cfacebook%2Capple%2Cmicrosoft%2Cline&response_type=code&code_challenge_method=plain&redirect_uri=https%3A%2F%2Fgps.echosign.com%2Fpublic%2FadobeIDLogin%3Fserver%3Dna4.documents.adobe.com%26isAdobeSignAuth%3Dfalse%26port%3D443&use_ms_for_expiry=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=00284102289035300662441585223568858635
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=9E1005A551ED61CA0A490D45%40AdobeOrg&mid=00123936210207526042425938051521735301&ts=1727881901909 HTTP/1.1Host: sstats.adobe.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://auth.services.adobe.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fgps.echosign.com%252Fpublic%252FadobeIDLogin%253Fserver%253Dna4.documents.adobe.com%2526isAdobeSignAuth%253Dfalse%2526port%253D443%26state%3D5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2CAdobeID%2CDCAPI%2Cadditional_info.account_type%2Cskybox%2Cupdate_profile.first_name%2Cupdate_profile.last_name%2Cagreement_send%2Cagreement_sign%2Csign_library_write%2Csign_user_read%2Csign_user_write%2Cagreement_read%2Cagreement_write%2Cwidget_read%2Cwidget_write%2Cworkflow_read%2Cworkflow_write%2Csign_addressbook_read%2Csign_library_read%2Cadditional_info.projectedProductContext%2Csign_webhook_read%2Csign_webhook_write%2Csign_webhook_retention%2Csao.ACOM_ESIGN_TRIAL%2Cee.GROUP_SIGN_WEB%2Cadditional_info.ownerOrg%2Cadditional_info.roles%2Caps.read.app_merchandising%2Csign_application_read%2Csign_application_write&state=5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8&relay=81555558-98b9-4eda-b01f-5bc6fa3def7e&locale=en_US&flow_type=code&ctx_id=Adobe_Sign&dctx_id=adobe_document_cloud&idp_flow_type=login&s_p=google%2Cfacebook%2Capple%2Cmicrosoft%2Cline&response_type=code&code_challenge_method=plain&redirect_uri=https%3A%2F%2Fgps.echosign.com%2Fpublic%2FadobeIDLogin%3Fserver%3Dna4.documents.adobe.com%26isAdobeSignAuth%3Dfalse%26port%3D443&use_ms_for_expiry=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gpv=Account:IMS:GetStarted:OnLoad; AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1; AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=1176715910%7CMCMID%7C00123936210207526042425938051521735301%7CMCAAMLH-1728486701%7C6%7CMCAAMB-1728486701%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1727889101s%7CNONE%7CvVersion%7C5.4.0
Source: global traffic HTTP traffic detected: GET /clients/adobe-sign-2020/4x_f39219ea552b8fc1c7b42c6a2d0290c2.png HTTP/1.1Host: static.adobelogin.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fgps.echosign.com%252Fpublic%252FadobeIDLogin%253Fserver%253Dna4.documents.adobe.com%2526isAdobeSignAuth%253Dfalse%2526port%253D443%26state%3D5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2CAdobeID%2CDCAPI%2Cadditional_info.account_type%2Cskybox%2Cupdate_profile.first_name%2Cupdate_profile.last_name%2Cagreement_send%2Cagreement_sign%2Csign_library_write%2Csign_user_read%2Csign_user_write%2Cagreement_read%2Cagreement_write%2Cwidget_read%2Cwidget_write%2Cworkflow_read%2Cworkflow_write%2Csign_addressbook_read%2Csign_library_read%2Cadditional_info.projectedProductContext%2Csign_webhook_read%2Csign_webhook_write%2Csign_webhook_retention%2Csao.ACOM_ESIGN_TRIAL%2Cee.GROUP_SIGN_WEB%2Cadditional_info.ownerOrg%2Cadditional_info.roles%2Caps.read.app_merchandising%2Csign_application_read%2Csign_application_write&state=5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8&relay=81555558-98b9-4eda-b01f-5bc6fa3def7e&locale=en_US&flow_type=code&ctx_id=Adobe_Sign&dctx_id=adobe_document_cloud&idp_flow_type=login&s_p=google%2Cfacebook%2Capple%2Cmicrosoft%2Cline&response_type=code&code_challenge_method=plain&redirect_uri=https%3A%2F%2Fgps.echosign.com%2Fpublic%2FadobeIDLogin%3Fserver%3Dna4.documents.adobe.com%26isAdobeSignAuth%3Dfalse%26port%3D443&use_ms_for_expiry=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1727881899327 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=00284102289035300662441585223568858635
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=9E1005A551ED61CA0A490D45%40AdobeOrg&mid=00123936210207526042425938051521735301&ts=1727881901909 HTTP/1.1Host: sstats.adobe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gpv=Account:IMS:GetStarted:OnLoad; AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1; s_ecid=MCMID%7C00123936210207526042425938051521735301; s_cc=true; AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=1176715910%7CMCMID%7C00123936210207526042425938051521735301%7CMCAAMLH-1728486701%7C6%7CMCAAMB-1728486701%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1727889102s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0
Source: global traffic HTTP traffic detected: GET /clients/adobe-sign-2020/4x_f39219ea552b8fc1c7b42c6a2d0290c2.png HTTP/1.1Host: static.adobelogin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /b/ss/adbims,adbadobenonacdcprod,adbadobeprototype/1/JS-2.22.4-LCS4/s9125782429231 HTTP/1.1Host: sstats.adobe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gpv=Account:IMS:GetStarted:OnLoad; AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1; s_ecid=MCMID%7C00123936210207526042425938051521735301; s_cc=true; AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=1176715910%7CMCMID%7C00123936210207526042425938051521735301%7CMCAAMLH-1728486701%7C6%7CMCAAMB-1728486701%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1727889102s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0
Source: global traffic HTTP traffic detected: GET /b/ss/adbims,adbadobenonacdcprod,adbadobeprototype/1/JS-2.22.4-LCS4/s9125782429231?AQB=1&pccr=true&vidn=337EB158DF781E12-600014BE22F88CB1&g=none&AQE=1 HTTP/1.1Host: sstats.adobe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gpv=Account:IMS:GetStarted:OnLoad; AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1; s_ecid=MCMID%7C00123936210207526042425938051521735301; s_cc=true; AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=1176715910%7CMCMID%7C00123936210207526042425938051521735301%7CMCAAMLH-1728486701%7C6%7CMCAAMB-1728486701%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1727889102s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; s_vi=[CS]v1|337EB158DF781E12-600014BE22F88CB1[CE]
Source: global traffic HTTP traffic detected: GET /b/ss/adbims,adbadobenonacdcprod,adbadobeprototype/1/JS-2.22.4-LCS4/s9847560444662 HTTP/1.1Host: sstats.adobe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gpv=Account:IMS:GetStarted:OnLoad; AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1; s_ecid=MCMID%7C00123936210207526042425938051521735301; s_cc=true; AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=1176715910%7CMCMID%7C00123936210207526042425938051521735301%7CMCAAMLH-1728486701%7C6%7CMCAAMB-1728486701%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1727889102s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; s_vi=[CS]v1|337EB158DF781E12-600014BE22F88CB1[CE]
Source: global traffic HTTP traffic detected: GET /b/ss/adbims,adbadobenonacdcprod,adbadobeprototype/1/JS-2.22.4-LCS4/s94143179143099 HTTP/1.1Host: sstats.adobe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gpv=Account:IMS:GetStarted:OnLoad; AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1; s_ecid=MCMID%7C00123936210207526042425938051521735301; s_cc=true; AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=1176715910%7CMCMID%7C00123936210207526042425938051521735301%7CMCAAMLH-1728486701%7C6%7CMCAAMB-1728486701%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1727889102s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; s_vi=[CS]v1|337EB158DF781E12-600014BE22F88CB1[CE]
Source: global traffic DNS traffic detected: DNS query: use.typekit.net
Source: global traffic DNS traffic detected: DNS query: static.echocdn.com
Source: global traffic DNS traffic detected: DNS query: secure.na4.echocdn.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: p.typekit.net
Source: global traffic DNS traffic detected: DNS query: secure.na4.adobesign.com
Source: global traffic DNS traffic detected: DNS query: ims-na1.adobelogin.com
Source: global traffic DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic DNS traffic detected: DNS query: static.adobelogin.com
Source: unknown HTTP traffic detected: POST /b/ss/adbims,adbadobenonacdcprod,adbadobeprototype/1/JS-2.22.4-LCS4/s9125782429231 HTTP/1.1Host: sstats.adobe.comConnection: keep-aliveContent-Length: 6554sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://auth.services.adobe.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fgps.echosign.com%252Fpublic%252FadobeIDLogin%253Fserver%253Dna4.documents.adobe.com%2526isAdobeSignAuth%253Dfalse%2526port%253D443%26state%3D5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2CAdobeID%2CDCAPI%2Cadditional_info.account_type%2Cskybox%2Cupdate_profile.first_name%2Cupdate_profile.last_name%2Cagreement_send%2Cagreement_sign%2Csign_library_write%2Csign_user_read%2Csign_user_write%2Cagreement_read%2Cagreement_write%2Cwidget_read%2Cwidget_write%2Cworkflow_read%2Cworkflow_write%2Csign_addressbook_read%2Csign_library_read%2Cadditional_info.projectedProductContext%2Csign_webhook_read%2Csign_webhook_write%2Csign_webhook_retention%2Csao.ACOM_ESIGN_TRIAL%2Cee.GROUP_SIGN_WEB%2Cadditional_info.ownerOrg%2Cadditional_info.roles%2Caps.read.app_merchandising%2Csign_application_read%2Csign_application_write&state=5e3fa6080f778198bce2065c11f736284fb842515c3cd03fca993e4cece5efa8&relay=81555558-98b9-4eda-b01f-5bc6fa3def7e&locale=en_US&flow_type=code&ctx_id=Adobe_Sign&dctx_id=adobe_document_cloud&idp_flow_type=login&s_p=google%2Cfacebook%2Capple%2Cmicrosoft%2Cline&response_type=code&code_challenge_method=plain&redirect_uri=https%3A%2F%2Fgps.echosign.com%2Fpublic%2FadobeIDLogin%3Fserver%3Dna4.documents.adobe.com%26isAdobeSignAuth%3Dfalse%26port%3D443&use_ms_for_expiry=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gpv=Account:IMS:GetStarted:OnLoad; AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1; s_ecid=MCMID%7C00123936210207526042425938051521735301; AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=1176715910%7CMCMID%7C00123936210207526042425938051521735301%7CMCAAMLH-1728486701%7C6%7CMCAAMB-1728486701%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1727889101s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; s_cc=true
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: http://eightmedia.github.com/hammer.js
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: http://flesler.blogspot.com
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: http://flesler.blogspot.com/2007/10/jqueryscrollto.html
Source: chromecache_140.2.dr, chromecache_129.2.dr String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: http://jquery.org/license
Source: chromecache_81.2.dr String found in binary or memory: http://jqueryui.com
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: http://sizzlejs.com/
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: http://trentrichardson.com/examples/timepicker
Source: chromecache_87.2.dr, chromecache_76.2.dr String found in binary or memory: http://typekit.com/eulas/0000000000000000000149e7
Source: chromecache_144.2.dr, chromecache_100.2.dr, chromecache_87.2.dr, chromecache_76.2.dr String found in binary or memory: http://typekit.com/eulas/0000000000000000000176ff
Source: chromecache_144.2.dr, chromecache_100.2.dr, chromecache_87.2.dr, chromecache_76.2.dr String found in binary or memory: http://typekit.com/eulas/000000000000000000017701
Source: chromecache_87.2.dr, chromecache_76.2.dr String found in binary or memory: http://typekit.com/eulas/000000000000000000017702
Source: chromecache_144.2.dr, chromecache_100.2.dr, chromecache_87.2.dr, chromecache_76.2.dr String found in binary or memory: http://typekit.com/eulas/000000000000000000017703
Source: chromecache_140.2.dr, chromecache_129.2.dr String found in binary or memory: http://underscorejs.org/LICENSE
Source: chromecache_96.2.dr, chromecache_116.2.dr, chromecache_81.2.dr, chromecache_136.2.dr String found in binary or memory: http://www.mozilla.org/MPL/
Source: chromecache_84.2.dr String found in binary or memory: https://github.com/WebReflection/url-search-params/blob/master/README.md#ios-10--other-platforms-bug
Source: chromecache_140.2.dr, chromecache_129.2.dr String found in binary or memory: https://github.com/facebook/regenerator/blob/main/LICENSE
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: https://github.com/gabceb
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: https://github.com/gabceb/jquery-browser-plugin
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: https://github.com/jquery/jquery-color
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: https://github.com/websanova/mousestop
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: https://jquery.com/
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: https://jquery.org/license
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: https://jqueryvalidation.org/
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: https://js.foundation/
Source: chromecache_140.2.dr, chromecache_129.2.dr String found in binary or memory: https://lodash.com/
Source: chromecache_140.2.dr, chromecache_129.2.dr String found in binary or memory: https://lodash.com/license
Source: chromecache_140.2.dr, chromecache_129.2.dr String found in binary or memory: https://openjsf.org/
Source: chromecache_144.2.dr, chromecache_100.2.dr, chromecache_87.2.dr, chromecache_76.2.dr String found in binary or memory: https://p.typekit.net/p.gif
Source: chromecache_96.2.dr, chromecache_81.2.dr String found in binary or memory: https://sizzlejs.com/
Source: chromecache_138.2.dr, chromecache_119.2.dr String found in binary or memory: https://sso.behance.net/ims
Source: chromecache_137.2.dr, chromecache_110.2.dr String found in binary or memory: https://static.adobelogin.com/clients/adobe-sign-2020/1x_f39219ea552b8fc1c7b42c6a2d0290c2.png
Source: chromecache_137.2.dr, chromecache_110.2.dr String found in binary or memory: https://static.adobelogin.com/clients/adobe-sign-2020/2x_f39219ea552b8fc1c7b42c6a2d0290c2.png
Source: chromecache_137.2.dr, chromecache_110.2.dr String found in binary or memory: https://static.adobelogin.com/clients/adobe-sign-2020/4x_f39219ea552b8fc1c7b42c6a2d0290c2.png
Source: chromecache_137.2.dr, chromecache_110.2.dr String found in binary or memory: https://static.adobelogin.com/clients/adobe-sign-2020/f39219ea552b8fc1c7b42c6a2d0290c2.png
Source: chromecache_144.2.dr, chromecache_100.2.dr, chromecache_87.2.dr, chromecache_76.2.dr String found in binary or memory: https://use.typekit.net/af/40207f/0000000000000000000176ff/27/
Source: chromecache_87.2.dr, chromecache_76.2.dr String found in binary or memory: https://use.typekit.net/af/74ffb1/000000000000000000017702/27/
Source: chromecache_144.2.dr, chromecache_100.2.dr, chromecache_87.2.dr, chromecache_76.2.dr String found in binary or memory: https://use.typekit.net/af/cb695f/000000000000000000017701/27/
Source: chromecache_87.2.dr, chromecache_76.2.dr String found in binary or memory: https://use.typekit.net/af/e301c6/0000000000000000000149e7/27/
Source: chromecache_144.2.dr, chromecache_100.2.dr, chromecache_87.2.dr, chromecache_76.2.dr String found in binary or memory: https://use.typekit.net/af/eaf09c/000000000000000000017703/27/
Source: unknown Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49747 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49840 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49843 version: TLS 1.2
Source: classification engine Classification label: clean1.win@17/122@30/9
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1908,i,2733554176455454787,14053848275243881291,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://na4.documents.adobe.com/public/esign?tsid=CBFCIBAACBSCTBABDUAAABACAABAAXOLPIJBfBmvGxlXwPlfq9c6X3NsD1pg6O8JYZY2E-Ga3AuSQNGZ-g8N0TvBmaUFABJvylLGhsJ9uMpqr2DHsr9g8lX7QuPwmuLcGhhclzXMQHuhGjFAB_Dnt33FKgDL2&"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1908,i,2733554176455454787,14053848275243881291,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1524299 URL: https://na4.documents.adobe... Startdate: 02/10/2024 Architecture: WINDOWS Score: 1 5 chrome.exe 1 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.6, 443, 49307, 49704 unknown unknown 5->13 15 239.255.255.250 unknown Reserved 5->15 10 chrome.exe 5->10         started        process4 dnsIp5 17 adobe.com.ssl.d1.sc.omtrdc.net 63.140.62.17, 443, 49788, 49801 OMNITUREUS United States 10->17 19 63.140.62.27, 443, 49802, 49817 OMNITUREUS United States 10->19 21 20 other IPs or domains 10->21
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
13.224.189.78
 unknown United States
16509 AMAZON-02US false
216.58.206.36
 www.google.com United States
15169 GOOGLEUS false
63.140.62.27
 unknown United States
15224 OMNITUREUS false
13.224.189.8
 dd20fzx9mj46f.cloudfront.net United States
16509 AMAZON-02US false
63.140.62.17
 adobe.com.ssl.d1.sc.omtrdc.net United States
15224 OMNITUREUS false
18.202.109.49
 unknown United States
16509 AMAZON-02US false
239.255.255.250
 unknown Reserved
unknown unknown false
99.81.250.169
 dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com United States
16509 AMAZON-02US false

Private

IP
192.168.2.6

Contacted Domains

Name IP Active
dd20fzx9mj46f.cloudfront.net 13.224.189.8 true
adobe.com.ssl.d1.sc.omtrdc.net 63.140.62.17 true
www.google.com 216.58.206.36 true
secure.na4.adobesign.com 52.35.253.84 true
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com 99.81.250.169 true
secure.na4dc2.echosign.com 52.35.253.84 true
fp2e7a.wpc.phicdn.net 192.229.221.95 true
windowsupdatebg.s.llnwi.net 87.248.204.0 true
use.typekit.net unknown unknown
p.typekit.net unknown unknown
ims-na1.adobelogin.com unknown unknown
secure.na4.echocdn.com unknown unknown
dpm.demdex.net unknown unknown
static.adobelogin.com unknown unknown
static.echocdn.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://static.adobelogin.com/clients/adobe-sign-2020/4x_f39219ea552b8fc1c7b42c6a2d0290c2.png false
    		unknown
    https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1727881899327 false
      		unknown
      https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1727881899327 false
        		unknown