Windows Analysis Report
https://app.hellosign.com/?utm_campaign=unspecified&utm_source=default&utm_channel=product_promo&utm_medium=email

Overview

General Information

Sample URL: https://app.hellosign.com/?utm_campaign=unspecified&utm_source=default&utm_channel=product_promo&utm_medium=email
Analysis ID: 1529358
Infos:

Detection

Score: 1
Range: 0 - 100
Whitelisted: false
Confidence: 80%

Signatures

HTML page contains hidden javascript code
HTTP GET or POST without a user agent
Stores files to the Windows start menu directory

Classification

HTML page contains hidden javascript code
Source: https://app.hellosign.com/account/logIn HTTP Parser: Base64 decoded: '%perf_eng_2024_05_24_udcl_ssa_exporter
Source: https://app.hellosign.com/account/logIn HTTP Parser: No favicon
Source: https://app.hellosign.com/account/logIn HTTP Parser: No favicon
Source: https://app.hellosign.com/account/logIn HTTP Parser: No favicon
Source: https://app.hellosign.com/account/logIn HTTP Parser: No favicon
Source: https://app.hellosign.com/account/logIn HTTP Parser: No favicon
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49722 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.17:49724 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49725 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49945 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.17:49946 version: TLS 1.2
Source: unknown HTTPS traffic detected: 2.23.209.150:443 -> 192.168.2.17:49952 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.17:49953 version: TLS 1.2
Source: chrome.exe Memory has grown: Private usage: 24MB later: 37MB
HTTP GET or POST without a user agent
Source: global traffic HTTP traffic detected: GET /ab HTTP/1.1Host: evoke-windowsservices-tas.msedge.netCache-Control: no-store, no-cacheX-PHOTOS-CALLERID: 9NMPJ99VJBWVX-EVOKE-RING: X-WINNEXT-RING: PublicX-WINNEXT-TELEMETRYLEVEL: BasicX-WINNEXT-OSVERSION: 10.0.19045.0X-WINNEXT-APPVERSION: 1.23082.131.0X-WINNEXT-PLATFORM: DesktopX-WINNEXT-CANTAILOR: FalseX-MSEDGE-CLIENTID: {c1afbad7-f7da-40f2-92f9-8846a91d69bd}X-WINNEXT-PUBDEVICEID: dbfen2nYS7HW6ON4OdOknKxxv2CCI5LJBTojzDztjwI=If-None-Match: 2056388360_-1434155563Accept-Encoding: gzip, deflate, br
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.31.69
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.31.69
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.31.69
Source: global traffic HTTP traffic detected: GET /?utm_campaign=unspecified&utm_source=default&utm_channel=product_promo&utm_medium=email HTTP/1.1Host: app.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /account/logIn HTTP/1.1Host: app.hellosign.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=jEFhmIIk6FFOY2gu2IG5JZB1XrnHVD387kEOmsJIawcwNVeWDOXCFApXT4bDL+70qOQ0ANpHbW8JWGIvkAdmecGGdCWiysoj9Zyqyg8fzL0EhC0+U1iefkUTGn6z; AWSALBCORS=jEFhmIIk6FFOY2gu2IG5JZB1XrnHVD387kEOmsJIawcwNVeWDOXCFApXT4bDL+70qOQ0ANpHbW8JWGIvkAdmecGGdCWiysoj9Zyqyg8fzL0EhC0+U1iefkUTGn6z; hf_user=9897faf81d45a8d06c23c4d829cb0ba67a43ee7bcc6a058670b86b4e34d1e945:33020a0152a6282054013e2c36d15d0d3fabd5306d7a09791fa40088299b5af5; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hs_puuid=b3258d043300ca07d94bf6cf30122b4068df7b2e
Source: global traffic HTTP traffic detected: GET /892a2f2/build/jquery3.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /892a2f2/build/common.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /892a2f2/build/hellospa.css HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hs_puuid=b3258d043300ca07d94bf6cf30122b4068df7b2e; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vYWNjb3VudC9sb2dJbg==
Source: global traffic HTTP traffic detected: GET /892a2f2/build/hellospa.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pithos/marketing_tracker_client,ux_analytics,hellosign_marketing_utils,privacy_consent HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /892a2f2/build/jquery3.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hs_puuid=b3258d043300ca07d94bf6cf30122b4068df7b2e; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vYWNjb3VudC9sb2dJbg==
Source: global traffic HTTP traffic detected: GET /shim.js?id=B0gYx8LpZM HTTP/1.1Host: cdn.userleap.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /892a2f2/build/hellospa.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hs_puuid=b3258d043300ca07d94bf6cf30122b4068df7b2e; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vYWNjb3VudC9sb2dJbg==
Source: global traffic HTTP traffic detected: GET /pithos/host%3Aapp.hellosign.com/marketing_tracker_client%2Cux_analytics%2Chellosign_marketing_utils%2Cprivacy_consent HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en
Source: global traffic HTTP traffic detected: GET /shim.js?id=B0gYx8LpZM HTTP/1.1Host: cdn.userleap.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pithos/host%3Aapp.hellosign.com/marketing_tracker_client%2Cux_analytics%2Chellosign_marketing_utils%2Cprivacy_consent HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=wn7dSyD+dWTwNUC&MD=EMzMpBk2 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /892a2f2/build/common.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hs_puuid=b3258d043300ca07d94bf6cf30122b4068df7b2e; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vYWNjb3VudC9sb2dJbg==
Source: global traffic HTTP traffic detected: GET /892a2f2/build/chunks/60df0b9d561d5f04918c.style.css HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /892a2f2/build/chunks/3453b8ece3999bf2c9fd.style.css HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /892a2f2/build/0.feab1f558c13bc830587.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /892a2f2/build/vendors~hellospa-jointeampage~hellospa-signinpage.6ae9d01cd8244e6160f3.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /892a2f2/build/vendors~hellospa-signinpage.1261f4b9ffa02b66110d.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/4506197685370880/envelope/?sentry_key=f8e19270d07412b6be0c537098edb309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1Host: d.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en
Source: global traffic HTTP traffic detected: GET /892a2f2/build/6.9b0c9ddafe30cdfa6216.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /892a2f2/build/hellospa-signinpage.9b340df77dda5d06b1c9.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /892a2f2/build/vendors~hellospa-jointeampage~hellospa-signinpage.6ae9d01cd8244e6160f3.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hs_puuid=b3258d043300ca07d94bf6cf30122b4068df7b2e; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vYWNjb3VudC9sb2dJbg==
Source: global traffic HTTP traffic detected: GET /892a2f2/build/0.feab1f558c13bc830587.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hs_puuid=b3258d043300ca07d94bf6cf30122b4068df7b2e; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vYWNjb3VudC9sb2dJbg==
Source: global traffic HTTP traffic detected: GET /892a2f2/build/vendors~hellospa-signinpage.1261f4b9ffa02b66110d.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hs_puuid=b3258d043300ca07d94bf6cf30122b4068df7b2e; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vYWNjb3VudC9sb2dJbg==
Source: global traffic HTTP traffic detected: GET /account/logIn HTTP/1.1Host: marketing.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hs_consent_banner_enabled=true; hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hs_puuid=b3258d043300ca07d94bf6cf30122b4068df7b2e; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vYWNjb3VudC9sb2dJbg==
Source: global traffic HTTP traffic detected: GET /ccpa_iframe?hide_gdpr=false&should_disable_banner=false&gpc_signal=false&origin=https%253A%252F%252Fapp.hellosign.com&sandbox_redirect=false&uri_for_logging=app.hellosign.com&should_show_floating_button=undefined&should_auto_open_options=undefined&locale_override=en&csrf_origin=https%253A%252F%252Fapp.hellosign.com&default_non_ccpa=true&redesign_flag=true&width=1280 HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR
Source: global traffic HTTP traffic detected: GET /892a2f2/build/6.9b0c9ddafe30cdfa6216.js HTTP/1.1Host: cdn.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hs_puuid=b3258d043300ca07d94bf6cf30122b4068df7b2e; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vYWNjb3VudC9sb2dJbg==
Source: global traffic HTTP traffic detected: GET /pithos/marketing_tracker_service HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR
Source: global traffic HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /en/ccpa_iframe?csrf_origin=https%253A%252F%252Fapp.hellosign.com&default_non_ccpa=true&gpc_signal=false&hide_gdpr=false&locale_override=en&origin=https%253A%252F%252Fapp.hellosign.com&redesign_flag=true&sandbox_redirect=false&should_auto_open_options=undefined&should_disable_banner=false&should_show_floating_button=undefined&uri_for_logging=app.hellosign.com&width=1280 HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR
Source: global traffic HTTP traffic detected: GET /api/4506197685370880/envelope/?sentry_key=f8e19270d07412b6be0c537098edb309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1Host: d.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en
Source: global traffic HTTP traffic detected: GET /892a2f2/build/ebee194a9b773f166dc16096f8614aaa.woff2 HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/892a2f2/build/hellospa.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /892a2f2/build/93b6f18ec99bcb7c3fa7ea570a75e240.woff2 HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/892a2f2/build/hellospa.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /892a2f2/build/dfc5e24cbc1b134e0c00c61e84ec999a.woff2 HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hellosign.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.hellosign.com/892a2f2/build/hellospa.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pithos/host%3Amarketing.hellosign.com/marketing_tracker_service HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR
Source: global traffic HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /api/4506197685370880/envelope/?sentry_key=f8e19270d07412b6be0c537098edb309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1Host: d.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en
Source: global traffic HTTP traffic detected: GET /pithos/host%3Amarketing.hellosign.com/marketing_tracker_service HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /page_success/end?edison_page_name=ccpa_iframe&path=%2Fen%2Fccpa_iframe&request_id=92376b544731460facfe6c0710fd5c9a&time=1728419497 HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.dropbox.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.dropbox.com/en/ccpa_iframe?csrf_origin=https%253A%252F%252Fapp.hellosign.com&default_non_ccpa=true&gpc_signal=false&hide_gdpr=false&locale_override=en&origin=https%253A%252F%252Fapp.hellosign.com&redesign_flag=true&sandbox_redirect=false&should_auto_open_options=undefined&should_disable_banner=false&should_show_floating_button=undefined&uri_for_logging=app.hellosign.com&width=1280Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR
Source: global traffic HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B2AAF3C959275C660A495E7B%40AdobeOrg&d_nsid=0&ts=1728419499992 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://marketing.hellosign.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://marketing.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /page_success/end?edison_page_name=ccpa_iframe&path=%2Fen%2Fccpa_iframe&request_id=92376b544731460facfe6c0710fd5c9a&time=1728419497 HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B2AAF3C959275C660A495E7B%40AdobeOrg&d_nsid=0&ts=1728419499992 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=02554810231475605794528423177741457110
Source: global traffic HTTP traffic detected: GET /dest5.html?d_nsid=0 HTTP/1.1Host: dropbox.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://marketing.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=02554810231475605794528423177741457110
Source: global traffic HTTP traffic detected: GET /ibs:dpid=411&dpuuid=ZwWWrgAAAMR-IwO- HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marketing.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=02554810231475605794528423177741457110
Source: global traffic HTTP traffic detected: GET /ibs:dpid=411&dpuuid=ZwWWrgAAAMR-IwO- HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=02554810231475605794528423177741457110; dpm=02554810231475605794528423177741457110
Source: global traffic HTTP traffic detected: GET /2/client_metrics/record HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /892a2f2/images/dropbox-sign-favicon.ico HTTP/1.1Host: cdn.hellosign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hs_puuid=b3258d043300ca07d94bf6cf30122b4068df7b2e; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vYWNjb3VudC9sb2dJbg==; AMCVS_B2AAF3C959275C660A495E7B%40AdobeOrg=1; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-10-08T20:31:42.919Z","expireDate":"2025-04-08T20:31:42.919Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":true,"analytics":true,"performance and functionality":true,"social media advertising":true},"userInteracted":false,"numDots":1}; AMCV_B2AAF3C959275C660A495E7B%40AdobeOrg=179643557%7CMCIDTS%7C20005%7CMCMID%7C02353103420033588694472192912446809280%7CMCAAMLH-1729024300%7C6%7CMCAAMB-1729024300%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1728426700s%7CNONE%7CMCSYNCSOP%7C411-20012%7CvVersion%7C5.5.0
Source: global traffic HTTP traffic detected: GET /sdk/1/environments/B0gYx8LpZM/config HTTP/1.1Host: api.sprig.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"x-ul-visitor-id: 4dc7fcc2-39cd-44e5-87ff-bf85ac277af5sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonx-ul-installation-method: web-snippetsprig-modules: replayx-ul-sdk-version: 2.31.4x-ul-environment-id: B0gYx8LpZMuserleap-platform: websec-ch-ua-platform: "Windows"Accept: */*Origin: https://app.hellosign.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /892a2f2/images/dropbox-sign-favicon.ico HTTP/1.1Host: cdn.hellosign.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vP3V0bV9jYW1wYWlnbj11bnNwZWNpZmllZCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWls; hs_puuid=b3258d043300ca07d94bf6cf30122b4068df7b2e; hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vYWNjb3VudC9sb2dJbg==; AMCVS_B2AAF3C959275C660A495E7B%40AdobeOrg=1; __Secure-dbx_consent={"consentType":1,"consentDate":"2024-10-08T20:31:42.919Z","expireDate":"2025-04-08T20:31:42.919Z","consentMonths":6,"categories":{"strictly necessary":true,"general marketing and advertising":true,"analytics":true,"performance and functionality":true,"social media advertising":true},"userInteracted":false,"numDots":1}; AMCV_B2AAF3C959275C660A495E7B%40AdobeOrg=179643557%7CMCIDTS%7C20005%7CMCMID%7C02353103420033588694472192912446809280%7CMCAAMLH-1729024300%7C6%7CMCAAMB-1729024300%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1728426700s%7CNONE%7CMCSYNCSOP%7C411-20012%7CvVersion%7C5.5.0
Source: global traffic HTTP traffic detected: GET /uxa/4a39e5c4777d0.js HTTP/1.1Host: t.contentsquare.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /sdk/1/environments/B0gYx8LpZM/config HTTP/1.1Host: api.sprig.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /td/ga/rul?tid=G-5MZFBWHBBE&gacid=592317608.1728419507&gtm=45je4a20v9139038462za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=2&tag_exp=101671035~101747727&z=323622524 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://marketing.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ktag/latest/ktag.min.js?accountId=4a897efb-0052-440f-82be-86256c8450d2 HTTP/1.1Host: www.knotch-cdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /uxa/4a39e5c4777d0.js HTTP/1.1Host: t.contentsquare.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ktag/latest/ktag.min.js?accountId=4a897efb-0052-440f-82be-86256c8450d2 HTTP/1.1Host: www.knotch-cdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /v2/4a897efb-0052-440f-82be-86256c8450d2 HTTP/1.1Host: configs.knotch.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://marketing.hellosign.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://marketing.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /zi-tag.js HTTP/1.1Host: js.zi-scripts.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /zi-tag.js HTTP/1.1Host: js.zi-scripts.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /v2/4a897efb-0052-440f-82be-86256c8450d2 HTTP/1.1Host: configs.knotch.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /unified/v1/master/getSubscriptions HTTP/1.1Host: js.zi-scripts.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"Content-Type: application/jsonsec-ch-ua-mobile: ?0Authorization: Bearer 3a903e78361680113288User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36visited_url: https://marketing.hellosign.com/account/logInAccept: */*Origin: https://marketing.hellosign.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://marketing.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /unified/v1/master/getSubscriptions HTTP/1.1Host: js.zi-scripts.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel/64d3cebeb218e589c3b63a6d/?iszitag=true HTTP/1.1Host: ws.zoominfo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/javascriptvisited-url: https://marketing.hellosign.com/account/logIn_vtok: OC40Ni4xMjMuMzM=_zitok: e0b044f89651035df8341728419512sec-ch-ua-platform: "Windows"Accept: */*Origin: https://marketing.hellosign.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://marketing.hellosign.com/account/logInAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel/64d3cebeb218e589c3b63a6d/?iszitag=true HTTP/1.1Host: ws.zoominfo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=JZ95Y7ybiHz4yHSwm3P74W7SZS0OkZZ2LmxHwRBFQFs-1728419514-1.0.1.1-yZiSMfrTvF45MZsAmvr3mTcrw387SQUWJYCNfxIc9.izKLVma1K0Rj0y7mTT4c.LAPMxuvQsDw5t13usFZc5XA; _cfuvid=.qHzdAhh01jxyF.gjlhoDobZloooEoivhTbTmKDB544-1728419514861-0.0.1.1-604800000
Source: global traffic HTTP traffic detected: GET /ab HTTP/1.1Host: evoke-windowsservices-tas.msedge.netCache-Control: no-store, no-cacheX-PHOTOS-CALLERID: 9NMPJ99VJBWVX-EVOKE-RING: X-WINNEXT-RING: PublicX-WINNEXT-TELEMETRYLEVEL: BasicX-WINNEXT-OSVERSION: 10.0.19045.0X-WINNEXT-APPVERSION: 1.23082.131.0X-WINNEXT-PLATFORM: DesktopX-WINNEXT-CANTAILOR: FalseX-MSEDGE-CLIENTID: {c1afbad7-f7da-40f2-92f9-8846a91d69bd}X-WINNEXT-PUBDEVICEID: dbfen2nYS7HW6ON4OdOknKxxv2CCI5LJBTojzDztjwI=If-None-Match: 2056388360_-1434155563Accept-Encoding: gzip, deflate, br
Source: global traffic HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /client/config?cc=CH&setlang=en-CH HTTP/1.1X-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-UserAgeClass: UnknownX-BM-Market: CHX-BM-DateFormat: dd/MM/yyyyX-Device-OSSKU: 48X-BM-DTZ: -240X-DeviceID: 01000A41090080B6X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDoAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAe%2Bnoz%2BvTmK6WKy7GfWt1e6TcxV6KXKxKg71isxzbo3AbMLsfTvG3lDEJt/3ck7UVEVKhxvEdbQqv8VgbNvbH1ooslWNwsLWEM7d4vMVymgJV3Jro23Dl5nfCcmF41KLvVCcQLwM7tpOpy%2BYO4EIZLyvObN1NEJZFJfzZFpHfpQlhkCqiNAJjvepREOte6ktedrxUfGOKG9jGyMMlvn08S98jo%2BRjedwrx%2BO4JhADzr9UMGGvFNpt7Lcpz3OJQY3kMbj6FxqFLwriRcIvuAtMAg%2BZP6L5jQBlN8lrXbj6WslsRLXI74X3TsgGwMk3UvuudsmZ/JzOaT4A051%2BvtDQHkQZgAAEDO46WasCCNkn8esTXVjZICwAa8plsGIBAfHbRt3N80qISSiVuvh1f7LasL4A2i9eWgZ59OKbyzZ05lOeQIHBBycuKi0gaMclMdc57AmOO3ZRntYboTcNDV1JC8TyHKety/9LnOQgJVvHAEdf0kTFHLw5ETznxsT%2BRsR/FzdOoet/5QtR4cB2FEEZZzYCpb/DXH%2BynlfucGA2jJemGFK%2BzxnoqCpAGAj4Onvwh9dbjkbpG6wtfK7NT1EEc28LFnnS2K6B9JQfczvAiWGKpVih24JoT5sJDKpY2vhFONQBDqZyhho16Zsl6/olRJKn0C73j/SdsAEwDqNsYCyw36d3HnHLXUJ2Ox49jS0tvT%2B7dvxmdf6K8DW5qsW6wCW0wdxtv8R/2Op9f%2BDuEpvy42A0MXeOA2dfEMihIR0R8fE58IK%2BzFP3FfsWf/Bc0lVttGzyzuKQNDfYoKvDICSxdQPMrwPeDpWw7Gtgx3C35tD7xV32DYrr/v6BM3qMJ6Gmc/BmlGIrU0xQy5zT34czGKzLnWrBsOdS3QR%2Bj9XiUhGpjcoSq5FMyRGf1hlKNKn4WXLwPM4DMMBEmlK37YJq7sq0bdH/tcB%26p%3DX-Agent-DeviceId: 01000A41090080B6X-BM-CBT: 1728419518User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045X-Device-isOptin: falseAccept-language: en-GB, en, en-USX-Device-Touch: falseX-Device-ClientSession: 951DA8822C74415EB2779B61DF277AFFX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIHost: www.bing.comConnection: Keep-AliveCookie: SRCHUID=V=2&GUID=C4EAB6C130004333A34B5668AE4E4D10&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=en; MUID=4590362BB5CF472B95BBEDB3112D4B7B; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=wn7dSyD+dWTwNUC&MD=EMzMpBk2 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /2/udcl/log_timing HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: global traffic HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gvc=MTQ4ODAyMjk2OTI1OTEyMzA5MTczNTQxNDQyMDUxNTY2MzUxMTI0; t=Fi-4z8nI4sVyQ_E3R_myF2ef; __Host-js_csrf=Fi-4z8nI4sVyQ_E3R_myF2ef; locale=en; __Host-logged-out-session=ChCSQbaK2okZi+yG2Khw36x0EKCtlrgGGi5BTEpmQXoyM0dYcnNBc0ZMZHhGUW9GWTNOSDZMdnhhQXhwRWFmUEhhOEswSFZR; __Host-ss=YfgTW2ZQAs
Source: chromecache_279.1.dr String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var k=rA(a,c,e);Q(121);if(k["gtm.elementUrl"]==="https://www.facebook.com/tr/")return Q(122),!0;if(d&&f){for(var m=Kb(b,g.length),n=0;n<g.length;++n)g[n](k,m);return m.done}for(var p=0;p<g.length;++p)g[p](k,function(){});return!0},uA=function(){var a=[],b=function(c){return pb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_268.1.dr String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var k=yA(a,c,e);T(121);if(k["gtm.elementUrl"]==="https://www.facebook.com/tr/")return T(122),!0;if(d&&f){for(var m=Kb(b,g.length),n=0;n<g.length;++n)g[n](k,m);return m.done}for(var p=0;p<g.length;++p)g[p](k,function(){});return!0},BA=function(){var a=[],b=function(c){return pb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_225.1.dr, chromecache_215.1.dr, chromecache_279.1.dr, chromecache_202.1.dr, chromecache_204.1.dr, chromecache_266.1.dr, chromecache_278.1.dr, chromecache_211.1.dr, chromecache_177.1.dr, chromecache_277.1.dr String found in binary or memory: return b}JC.F="internal.enableAutoEventOnTimer";var gc=la(["data-gtm-yt-inspected-"]),LC=["www.youtube.com","www.youtube-nocookie.com"],MC,NC=!1; equals www.youtube.com (Youtube)
Source: chromecache_268.1.dr String found in binary or memory: return b}QC.F="internal.enableAutoEventOnTimer";var gc=ka(["data-gtm-yt-inspected-"]),SC=["www.youtube.com","www.youtube-nocookie.com"],TC,UC=!1; equals www.youtube.com (Youtube)
Source: chromecache_279.1.dr String found in binary or memory: var YB=function(a,b,c,d,e){var f=Pz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Pz("fsl","nv.ids",[]):Pz("fsl","ids",[]);if(!g.length)return!0;var k=Uz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);Q(121);if(m==="https://www.facebook.com/tr/")return Q(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!Cy(k,Ey(b, equals www.facebook.com (Facebook)
Source: chromecache_268.1.dr String found in binary or memory: var eC=function(a,b,c,d,e){var f=Wz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Wz("fsl","nv.ids",[]):Wz("fsl","ids",[]);if(!g.length)return!0;var k=aA(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);T(121);if(m==="https://www.facebook.com/tr/")return T(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!Jy(k,Ly(b, equals www.facebook.com (Facebook)
Source: global traffic DNS traffic detected: DNS query: app.hellosign.com
Source: global traffic DNS traffic detected: DNS query: cdn.hellosign.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: www.dropbox.com
Source: global traffic DNS traffic detected: DNS query: cdn.userleap.com
Source: global traffic DNS traffic detected: DNS query: d.dropbox.com
Source: global traffic DNS traffic detected: DNS query: cfl.dropboxstatic.com
Source: global traffic DNS traffic detected: DNS query: marketing.hellosign.com
Source: global traffic DNS traffic detected: DNS query: assets.adobedtm.com
Source: global traffic DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic DNS traffic detected: DNS query: dropbox.demdex.net
Source: global traffic DNS traffic detected: DNS query: cm.everesttech.net
Source: global traffic DNS traffic detected: DNS query: api.sprig.com
Source: global traffic DNS traffic detected: DNS query: snap.licdn.com
Source: global traffic DNS traffic detected: DNS query: t.contentsquare.net
Source: global traffic DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic DNS traffic detected: DNS query: analytics.google.com
Source: global traffic DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic DNS traffic detected: DNS query: www.knotch-cdn.com
Source: global traffic DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic DNS traffic detected: DNS query: frontdoor.knotch.it
Source: global traffic DNS traffic detected: DNS query: configs.knotch.com
Source: global traffic DNS traffic detected: DNS query: js.zi-scripts.com
Source: global traffic DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic DNS traffic detected: DNS query: ws.zoominfo.com
Source: unknown HTTP traffic detected: POST /api/4506197685370880/envelope/?sentry_key=f8e19270d07412b6be0c537098edb309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1Host: d.dropbox.comConnection: keep-aliveContent-Length: 469sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://app.hellosign.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hellosign.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Tue, 08 Oct 2024 20:31:36 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 095b177886a74f7fa17cff8e1310a3f1Connection: close
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Tue, 08 Oct 2024 20:31:37 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 62b9ec0d32f240acb4c19d7a282072b8Connection: close
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Tue, 08 Oct 2024 20:31:41 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: f03c29f4482f4261be3f8bc957d65ce6Connection: close
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Tue, 08 Oct 2024 20:31:41 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 16df2c98c15d4e33b92cf637db3f3900Connection: close
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Tue, 08 Oct 2024 20:31:46 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 8edec3ca81e342e9a469bb71191f541aConnection: close
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Tue, 08 Oct 2024 20:31:46 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 4ec2effb2c7044b4b42943c072bfa9ffConnection: close
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Tue, 08 Oct 2024 20:31:48 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 31226f9f7a094e12ba3ee728912ffc96Connection: close
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Tue, 08 Oct 2024 20:31:49 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 57906c8df6a146df870f7b3a0fb2b730Connection: close
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Tue, 08 Oct 2024 20:31:51 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 6292365a551e43a4a3471f28c4d2c7ecConnection: close
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Tue, 08 Oct 2024 20:32:05 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 47dd4efbea4f438da367de084d54df97Connection: close
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Tue, 08 Oct 2024 20:32:35 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: d2b96c09192a465d9988736da1f4ad00Connection: close
Source: chromecache_290.1.dr, chromecache_269.1.dr String found in binary or memory: http://api.jqueryui.com/category/ui-core/
Source: chromecache_306.1.dr, chromecache_335.1.dr String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_290.1.dr, chromecache_269.1.dr String found in binary or memory: http://feross.org
Source: chromecache_306.1.dr, chromecache_335.1.dr String found in binary or memory: http://flesler.blogspot.com
Source: chromecache_306.1.dr, chromecache_335.1.dr String found in binary or memory: http://flesler.blogspot.com/2007/10/jqueryscrollto.html
Source: chromecache_290.1.dr, chromecache_269.1.dr String found in binary or memory: http://hammerjs.github.io/
Source: chromecache_290.1.dr, chromecache_269.1.dr String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_290.1.dr, chromecache_269.1.dr, chromecache_306.1.dr, chromecache_335.1.dr String found in binary or memory: http://jquery.org/license
Source: chromecache_335.1.dr String found in binary or memory: http://jqueryui.com
Source: chromecache_277.1.dr String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_253.1.dr, chromecache_247.1.dr String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_189.1.dr String found in binary or memory: https://app.hellosign.com/
Source: chromecache_189.1.dr String found in binary or memory: https://app.hellosign.com/home/manage
Source: chromecache_244.1.dr String found in binary or memory: https://assets.adobedtm.com/7c31e7b46b8e/412c495bb7fd/89d6914728b4/RC08f3807101814ef48bb6f95ad6702da
Source: chromecache_187.1.dr String found in binary or memory: https://assets.adobedtm.com/7c31e7b46b8e/412c495bb7fd/89d6914728b4/RC2d0031be7543428c80ef3ff1bf400f6
Source: chromecache_233.1.dr String found in binary or memory: https://assets.adobedtm.com/7c31e7b46b8e/412c495bb7fd/89d6914728b4/RC38e3748e11e44fe5908c1b3fb654828
Source: chromecache_298.1.dr String found in binary or memory: https://assets.adobedtm.com/7c31e7b46b8e/412c495bb7fd/89d6914728b4/RC528b57cee6474d20b34a73ab2ba482d
Source: chromecache_272.1.dr String found in binary or memory: https://assets.adobedtm.com/7c31e7b46b8e/412c495bb7fd/89d6914728b4/RC7803d2740f23433baf82de389992c0c
Source: chromecache_213.1.dr String found in binary or memory: https://assets.adobedtm.com/7c31e7b46b8e/412c495bb7fd/89d6914728b4/RC8f70d59289c2485499bbbc1b9310625
Source: chromecache_251.1.dr String found in binary or memory: https://assets.adobedtm.com/7c31e7b46b8e/412c495bb7fd/89d6914728b4/RCb982e5a308b64140afff6424f02e6a6
Source: chromecache_321.1.dr String found in binary or memory: https://assets.adobedtm.com/7c31e7b46b8e/412c495bb7fd/89d6914728b4/RCc3eabeac283e44618e4d03f3960056b
Source: chromecache_316.1.dr String found in binary or memory: https://assets.adobedtm.com/7c31e7b46b8e/412c495bb7fd/89d6914728b4/RCe4009e5293e74815aab317b742d5185
Source: chromecache_287.1.dr String found in binary or memory: https://assets.adobedtm.com/7c31e7b46b8e/412c495bb7fd/89d6914728b4/RCf6fb805ce11e4e83a686becbcaa1e0f
Source: chromecache_249.1.dr, chromecache_221.1.dr String found in binary or memory: https://assets.adobedtm.com/7c31e7b46b8e/412c495bb7fd/launch-89f34743f412.js
Source: chromecache_225.1.dr, chromecache_215.1.dr, chromecache_274.1.dr, chromecache_279.1.dr, chromecache_268.1.dr, chromecache_202.1.dr, chromecache_204.1.dr, chromecache_266.1.dr, chromecache_329.1.dr, chromecache_278.1.dr, chromecache_211.1.dr, chromecache_177.1.dr, chromecache_277.1.dr String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_296.1.dr String found in binary or memory: https://cdn.hellosign.com/892a2f2/css/../build/hellospa.css
Source: chromecache_296.1.dr String found in binary or memory: https://cdn.hellosign.com/892a2f2/images/dropbox-sign-favicon.ico
Source: chromecache_296.1.dr String found in binary or memory: https://cdn.hellosign.com/892a2f2/images/icons/hs/apple-touch-icon.png
Source: chromecache_296.1.dr String found in binary or memory: https://cdn.hellosign.com/892a2f2/js/../build/common.js
Source: chromecache_296.1.dr String found in binary or memory: https://cdn.hellosign.com/892a2f2/js/../build/hellospa.js
Source: chromecache_296.1.dr String found in binary or memory: https://cdn.hellosign.com/892a2f2/js/../build/jquery3.js
Source: chromecache_296.1.dr String found in binary or memory: https://cdn.userleap.com/shim.js
Source: chromecache_333.1.dr, chromecache_187.1.dr String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: chromecache_180.1.dr, chromecache_310.1.dr String found in binary or memory: https://experience.dropbox.com/id-id/
Source: chromecache_180.1.dr, chromecache_310.1.dr String found in binary or memory: https://experience.dropbox.com/ja-jp/
Source: chromecache_180.1.dr, chromecache_310.1.dr String found in binary or memory: https://experience.dropbox.com/ko-kr/
Source: chromecache_180.1.dr, chromecache_310.1.dr String found in binary or memory: https://experience.dropbox.com/nb-no/
Source: chromecache_180.1.dr, chromecache_310.1.dr String found in binary or memory: https://experience.dropbox.com/ru-ru/
Source: chromecache_180.1.dr, chromecache_310.1.dr String found in binary or memory: https://experience.dropbox.com/th-th/
Source: chromecache_180.1.dr, chromecache_310.1.dr String found in binary or memory: https://experience.dropbox.com/zh-cn/
Source: chromecache_290.1.dr, chromecache_269.1.dr String found in binary or memory: https://feross.org
Source: chromecache_269.1.dr String found in binary or memory: https://feross.org/opensource
Source: chromecache_296.1.dr String found in binary or memory: https://fonts.googleapis.com/css?family=Taviraj:regular
Source: chromecache_296.1.dr String found in binary or memory: https://fonts.gstatic.com
Source: chromecache_182.1.dr String found in binary or memory: https://fonts.gstatic.com/s/taviraj/v13/ahcZv8Cj3ylylTXzTOYrUtFw.woff2)
Source: chromecache_182.1.dr String found in binary or memory: https://fonts.gstatic.com/s/taviraj/v13/ahcZv8Cj3ylylTXzTOcrUtFw.woff2)
Source: chromecache_182.1.dr String found in binary or memory: https://fonts.gstatic.com/s/taviraj/v13/ahcZv8Cj3ylylTXzTOkrUg.woff2)
Source: chromecache_182.1.dr String found in binary or memory: https://fonts.gstatic.com/s/taviraj/v13/ahcZv8Cj3ylylTXzTP0rUtFw.woff2)
Source: chromecache_182.1.dr String found in binary or memory: https://fonts.gstatic.com/s/taviraj/v13/ahccv8Cj3ylylTXzRBoIR-5RgA.woff2)
Source: chromecache_182.1.dr String found in binary or memory: https://fonts.gstatic.com/s/taviraj/v13/ahccv8Cj3ylylTXzRBoIR-BRgHS5.woff2)
Source: chromecache_182.1.dr String found in binary or memory: https://fonts.gstatic.com/s/taviraj/v13/ahccv8Cj3ylylTXzRBoIR-FRgHS5.woff2)
Source: chromecache_182.1.dr String found in binary or memory: https://fonts.gstatic.com/s/taviraj/v13/ahccv8Cj3ylylTXzRBoIR_pRgHS5.woff2)
Source: chromecache_227.1.dr, chromecache_251.1.dr String found in binary or memory: https://ga.clearbit.com/v1/ga.js?authorization=pk_94abb29bd783b4657c3b3b489f932413
Source: chromecache_325.1.dr String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_290.1.dr, chromecache_269.1.dr String found in binary or memory: https://github.com/focus-trap/tabbable/blob/master/LICENSE
Source: chromecache_325.1.dr String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_306.1.dr, chromecache_335.1.dr String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_306.1.dr, chromecache_335.1.dr String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.29.1/LICENSE
Source: chromecache_277.1.dr String found in binary or memory: https://google.com
Source: chromecache_277.1.dr String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_180.1.dr, chromecache_310.1.dr String found in binary or memory: https://help.dropbox.com/es-es/
Source: chromecache_180.1.dr, chromecache_310.1.dr String found in binary or memory: https://help.dropbox.com/fr-fr/
Source: chromecache_306.1.dr, chromecache_335.1.dr String found in binary or memory: https://jquery.com/
Source: chromecache_306.1.dr, chromecache_335.1.dr String found in binary or memory: https://jquery.org/license
Source: chromecache_306.1.dr, chromecache_335.1.dr String found in binary or memory: https://jqueryvalidation.org/
Source: chromecache_306.1.dr, chromecache_335.1.dr String found in binary or memory: https://js.foundation/
Source: chromecache_277.1.dr String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_225.1.dr, chromecache_215.1.dr, chromecache_274.1.dr, chromecache_279.1.dr, chromecache_268.1.dr, chromecache_202.1.dr, chromecache_204.1.dr, chromecache_266.1.dr, chromecache_329.1.dr, chromecache_278.1.dr, chromecache_211.1.dr, chromecache_177.1.dr, chromecache_277.1.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_284.1.dr String found in binary or memory: https://reactjs.org/link/react-polyfills
Source: chromecache_306.1.dr, chromecache_335.1.dr String found in binary or memory: https://sizzlejs.com/
Source: chromecache_215.1.dr, chromecache_266.1.dr, chromecache_177.1.dr String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_247.1.dr String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_260.1.dr, chromecache_272.1.dr String found in binary or memory: https://t.contentsquare.net/uxa/4a39e5c4777d0.js
Source: chromecache_253.1.dr, chromecache_247.1.dr String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_225.1.dr, chromecache_215.1.dr, chromecache_274.1.dr, chromecache_279.1.dr, chromecache_268.1.dr, chromecache_202.1.dr, chromecache_204.1.dr, chromecache_266.1.dr, chromecache_329.1.dr, chromecache_278.1.dr, chromecache_211.1.dr, chromecache_177.1.dr, chromecache_277.1.dr String found in binary or memory: https://td.doubleclick.net
Source: chromecache_234.1.dr String found in binary or memory: https://ws.zoominfo.com
Source: chromecache_296.1.dr String found in binary or memory: https://www.dropbox.com/pithos/marketing_tracker_client
Source: chromecache_241.1.dr String found in binary or memory: https://www.dropbox.com/pithos/marketing_tracker_service
Source: chromecache_189.1.dr String found in binary or memory: https://www.dropbox.com/signatures?
Source: chromecache_225.1.dr, chromecache_202.1.dr, chromecache_204.1.dr, chromecache_278.1.dr String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_253.1.dr, chromecache_247.1.dr String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_253.1.dr, chromecache_247.1.dr String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_253.1.dr, chromecache_247.1.dr String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_277.1.dr String found in binary or memory: https://www.google.com
Source: chromecache_253.1.dr, chromecache_247.1.dr String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_277.1.dr String found in binary or memory: https://www.googleadservices.com
Source: chromecache_277.1.dr String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_279.1.dr, chromecache_268.1.dr, chromecache_211.1.dr, chromecache_277.1.dr String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_253.1.dr, chromecache_247.1.dr String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_279.1.dr, chromecache_268.1.dr, chromecache_211.1.dr, chromecache_277.1.dr String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_231.1.dr, chromecache_244.1.dr String found in binary or memory: https://www.knotch-cdn.com/ktag/latest/ktag.min.js?accountId=4a897efb-0052-440f-82be-86256c8450d2
Source: chromecache_215.1.dr, chromecache_266.1.dr, chromecache_177.1.dr String found in binary or memory: https://www.merchant-center-analytics.goog
Source: unknown Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49722 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.17:49724 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49725 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49945 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.17:49946 version: TLS 1.2
Source: unknown HTTPS traffic detected: 2.23.209.150:443 -> 192.168.2.17:49952 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.17:49953 version: TLS 1.2
Source: classification engine Classification label: clean1.win@19/260@90/29
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=2000,i,17114361026728067811,1662563053655598962,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://app.hellosign.com/?utm_campaign=unspecified&utm_source=default&utm_channel=product_promo&utm_medium=email"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=2000,i,17114361026728067811,1662563053655598962,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Google Drive.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Stores files to the Windows start menu directory
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1529358 URL: https://app.hellosign.com/?... Startdate: 08/10/2024 Architecture: WINDOWS Score: 1 14 www.dropbox.com 2->14 16 www-env.dropbox-dns.com 2->16 6 chrome.exe 9 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 18 192.168.2.17, 443, 49701, 49702 unknown unknown 6->18 20 239.255.255.250 unknown Reserved 6->20 11 chrome.exe 6->11         started        process5 dnsIp6 22 analytics.google.com 142.250.185.174 GOOGLEUS United States 11->22 24 td.doubleclick.net 142.250.185.226 GOOGLEUS United States 11->24 26 43 other IPs or domains 11->26
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
34.198.52.31
 unknown United States
14618 AMAZON-AESUS false
3.161.82.95
 d3aqntjehoyiyc.cloudfront.net United States
16509 AMAZON-02US false
35.171.206.145
 frontdoor.knotch.it United States
14618 AMAZON-AESUS false
3.161.82.101
 d3d564pv0p4759.cloudfront.net United States
16509 AMAZON-02US false
142.250.185.226
 td.doubleclick.net United States
15169 GOOGLEUS false
104.16.117.43
 ws.zoominfo.com United States
13335 CLOUDFLARENETUS false
34.249.181.141
 dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com United States
16509 AMAZON-02US false
104.18.37.212
 js.zi-scripts.com United States
13335 CLOUDFLARENETUS false
74.125.206.154
 stats.g.doubleclick.net United States
15169 GOOGLEUS false
52.222.236.63
 configs.knotch.com United States
16509 AMAZON-02US false
52.222.214.107
 unknown United States
16509 AMAZON-02US false
157.240.252.13
 scontent.xx.fbcdn.net United States
32934 FACEBOOKUS false
65.9.66.79
 marketing.hellosign.com United States
16509 AMAZON-02US false
99.80.175.1
 unknown United States
16509 AMAZON-02US false
162.125.66.18
 www-env.dropbox-dns.com United States
19679 DROPBOXUS false
18.244.18.53
 t.contentsquare.net United States
16509 AMAZON-02US false
3.227.48.248
 app.hellosign.com United States
14618 AMAZON-AESUS false
52.49.114.115
 unknown United States
16509 AMAZON-02US false
3.161.82.114
 unknown United States
16509 AMAZON-02US false
184.72.105.205
 api.sprig.com United States
14618 AMAZON-AESUS false
104.16.118.43
 unknown United States
13335 CLOUDFLARENETUS false
216.58.206.68
 www.google.com United States
15169 GOOGLEUS false
239.255.255.250
 unknown Reserved
unknown unknown false
142.250.185.174
 analytics.google.com United States
15169 GOOGLEUS false
162.125.1.20
 d-edge.v.dropbox.com United States
19679 DROPBOXUS false
108.156.60.35
 unknown United States
16509 AMAZON-02US false
52.222.214.118
 cdn.userleap.com United States
16509 AMAZON-02US false
18.244.18.60
 unknown United States
16509 AMAZON-02US false

Private

IP
192.168.2.17

Contacted Domains

Name IP Active
js.zi-scripts.com 104.18.37.212 true
ws.zoominfo.com 104.16.117.43 true
api.sprig.com 184.72.105.205 true
app.hellosign.com 3.227.48.248 true
stats.g.doubleclick.net 74.125.206.154 true
marketing.hellosign.com 65.9.66.79 true
d3aqntjehoyiyc.cloudfront.net 3.161.82.95 true
configs.knotch.com 52.222.236.63 true
scontent.xx.fbcdn.net 157.240.252.13 true
cdn.userleap.com 52.222.214.118 true
d3d564pv0p4759.cloudfront.net 3.161.82.101 true
frontdoor.knotch.it 35.171.206.145 true
www-env.dropbox-dns.com 162.125.66.18 true
d-edge.v.dropbox.com 162.125.1.20 true
www.google.com 216.58.206.68 true
analytics.google.com 142.250.185.174 true
td.doubleclick.net 142.250.185.226 true
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com 34.249.181.141 true
t.contentsquare.net 18.244.18.53 true
cfl.dropboxstatic.com unknown unknown
cm.everesttech.net unknown unknown
dropbox.demdex.net unknown unknown
www.knotch-cdn.com unknown unknown
d.dropbox.com unknown unknown
www.dropbox.com unknown unknown
dpm.demdex.net unknown unknown
cdn.hellosign.com unknown unknown
assets.adobedtm.com unknown unknown
www.linkedin.com unknown unknown
px.ads.linkedin.com unknown unknown
connect.facebook.net unknown unknown
snap.licdn.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://www.knotch-cdn.com/ktag/latest/ktag.min.js?accountId=4a897efb-0052-440f-82be-86256c8450d2 false
    		unknown
    https://cdn.hellosign.com/892a2f2/build/93b6f18ec99bcb7c3fa7ea570a75e240.woff2 false
      		unknown
      https://www.dropbox.com/log/ux_analytics false
        		unknown
        https://js.zi-scripts.com/unified/v1/master/getSubscriptions false
        • URL Reputation: safe
        		 unknown
        https://www.dropbox.com/page_success/end?edison_page_name=ccpa_iframe&path=%2Fen%2Fccpa_iframe&request_id=92376b544731460facfe6c0710fd5c9a&time=1728419497 false
          		unknown
          https://cdn.hellosign.com/892a2f2/build/vendors~hellospa-jointeampage~hellospa-signinpage.6ae9d01cd8244e6160f3.js false
            		unknown
            https://connect.facebook.net/en_US/fbevents.js false
            • URL Reputation: safe
            		 unknown
            https://cdn.hellosign.com/892a2f2/build/hellospa.css false
              		unknown
              https://www.dropbox.com/ccpa_iframe?hide_gdpr=false&should_disable_banner=false&gpc_signal=false&origin=https%253A%252F%252Fapp.hellosign.com&sandbox_redirect=false&uri_for_logging=app.hellosign.com&should_show_floating_button=undefined&should_auto_open_options=undefined&locale_override=en&csrf_origin=https%253A%252F%252Fapp.hellosign.com&default_non_ccpa=true&redesign_flag=true&width=1280 false
                		unknown
                https://ws.zoominfo.com/pixel/64d3cebeb218e589c3b63a6d/?iszitag=true false
                  		unknown
                  https://dropbox.demdex.net/dest5.html?d_nsid=0 false
                    		unknown
                    https://www.dropbox.com/pithos/host%3Amarketing.hellosign.com/marketing_tracker_service false
                      		unknown
                      https://cdn.hellosign.com/892a2f2/build/dfc5e24cbc1b134e0c00c61e84ec999a.woff2 false
                        		unknown
                        https://www.dropbox.com/pithos/marketing_tracker_client,ux_analytics,hellosign_marketing_utils,privacy_consent false
                          		unknown
                          https://cdn.hellosign.com/892a2f2/build/6.9b0c9ddafe30cdfa6216.js false
                            		unknown
                            https://www.dropbox.com/pithos/host%3Aapp.hellosign.com/marketing_tracker_client%2Cux_analytics%2Chellosign_marketing_utils%2Cprivacy_consent false
                              		unknown
                              https://cdn.hellosign.com/892a2f2/build/0.feab1f558c13bc830587.js false
                                		unknown
                                https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZwWWrgAAAMR-IwO- false
                                  		unknown
                                  https://api.sprig.com/sdk/1/environments/B0gYx8LpZM/config false
                                    		unknown
                                    https://js.zi-scripts.com/zi-tag.js false
                                    • URL Reputation: safe
                                    		 unknown
                                    https://www.dropbox.com/en/ccpa_iframe?csrf_origin=https%253A%252F%252Fapp.hellosign.com&default_non_ccpa=true&gpc_signal=false&hide_gdpr=false&locale_override=en&origin=https%253A%252F%252Fapp.hellosign.com&redesign_flag=true&sandbox_redirect=false&should_auto_open_options=undefined&should_disable_banner=false&should_show_floating_button=undefined&uri_for_logging=app.hellosign.com&width=1280 false
                                      		unknown
                                      https://www.dropbox.com/2/client_metrics/record false
                                        		unknown
                                        https://cdn.hellosign.com/892a2f2/build/jquery3.js false
                                          		unknown
                                          https://frontdoor.knotch.it/ingress false
                                            		unknown
                                            https://app.hellosign.com/account/logIn false
                                              		unknown
                                              https://t.contentsquare.net/uxa/4a39e5c4777d0.js false
                                                		unknown
                                                https://cdn.hellosign.com/892a2f2/build/hellospa-signinpage.9b340df77dda5d06b1c9.js false
                                                  		unknown
                                                  https://marketing.hellosign.com/account/logIn false
                                                    		unknown
                                                    https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B2AAF3C959275C660A495E7B%40AdobeOrg&d_nsid=0&ts=1728419499992 false
                                                      		unknown
                                                      https://cdn.hellosign.com/892a2f2/build/vendors~hellospa-signinpage.1261f4b9ffa02b66110d.js false
                                                        		unknown
                                                        https://cdn.userleap.com/shim.js?id=B0gYx8LpZM false
                                                          		unknown
                                                          https://cdn.hellosign.com/892a2f2/build/ebee194a9b773f166dc16096f8614aaa.woff2 false
                                                            		unknown
                                                            https://www.dropbox.com/pithos/marketing_tracker_service false
                                                              		unknown
                                                              https://www.dropbox.com/2/udcl/log_timing false
                                                                		unknown
                                                                https://cdn.hellosign.com/892a2f2/build/chunks/3453b8ece3999bf2c9fd.style.css false
                                                                  		unknown
                                                                  https://app.hellosign.com/?utm_campaign=unspecified&utm_source=default&utm_channel=product_promo&utm_medium=email false
                                                                    		unknown
                                                                    https://cdn.hellosign.com/892a2f2/build/chunks/60df0b9d561d5f04918c.style.css false
                                                                      		unknown
                                                                      https://d.dropbox.com/api/4506197685370880/envelope/?sentry_key=f8e19270d07412b6be0c537098edb309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 false
                                                                        		unknown
                                                                        https://configs.knotch.com/v2/4a897efb-0052-440f-82be-86256c8450d2 false
                                                                        • URL Reputation: safe
                                                                        		 unknown
                                                                        https://cdn.hellosign.com/892a2f2/build/hellospa.js false
                                                                          		unknown