Analysis Overview
score
1/10
Threat Level: No (potentially) malicious behavior was detected
The file https://url.us.m.mimecastprotect.com/s/d9YaCn5V9JT6yyP6zc9XDFS?domain=my.healthequity.com was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
N/A
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2024-06-06 20:54
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-06 20:54
Reported
2024-06-06 20:54
Platform
ubuntu2404-amd64-20240523-en
Max time network
19s
Command Line
N/A
Signatures
N/A
Processes
N/A
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | url.us.m.mimecastprotect.com | udp |
| US | 8.8.8.8:53 | url.us.m.mimecastprotect.com | udp |
| US | 207.211.31.113:443 | url.us.m.mimecastprotect.com | tcp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | detectportal.firefox.com | udp |
| US | 8.8.8.8:53 | detectportal.firefox.com | udp |
| US | 8.8.8.8:53 | locprod2-elb-us-west-2.prod.mozaws.net | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 44.241.205.248:443 | location.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | www.mozorg.moz.works | udp |
| GB | 13.224.77.115:443 | www.mozilla.org | tcp |
| US | 207.211.31.113:443 | url.us.m.mimecastprotect.com | tcp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 8.8.8.8:53 | fp2e7a.wpc.phicdn.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | fp2e7a.wpc.phicdn.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.36.165.17:443 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | tcp |
| US | 34.36.165.17:443 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | my.healthequity.com | udp |
| US | 8.8.8.8:53 | my.healthequity.com | udp |
| US | 8.8.8.8:53 | my.healthequity.com.cdn.cloudflare.net | udp |
| US | 104.16.21.42:443 | my.healthequity.com | tcp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | normandy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | normandy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | normandy-cdn.services.mozilla.com | udp |
| US | 44.237.65.238:443 | shavar.services.mozilla.com | tcp |
| US | 35.201.103.21:443 | normandy.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | classify-client.services.mozilla.com | udp |
| US | 8.8.8.8:53 | classify-client.services.mozilla.com | udp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod-classifyclient.normandy.prod.cloudops.mozgcp.net | udp |
| US | 34.98.75.36:443 | classify-client.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | incoming.telemetry.mozilla.org | udp |
| US | 8.8.8.8:53 | incoming.telemetry.mozilla.org | udp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 34.120.208.123:443 | incoming.telemetry.mozilla.org | tcp |
| US | 8.8.8.8:53 | fp2e7a.wpc.phicdn.net | udp |
| US | 34.107.243.93:443 | push.services.mozilla.com | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | www.amazon.co.uk | udp |
| US | 8.8.8.8:53 | www.vodafone.co.uk | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.vodafone.co.uk | udp |
| US | 8.8.8.8:53 | www.amazon.co.uk | udp |
| US | 8.8.8.8:53 | www.bbc.co.uk | udp |
| US | 8.8.8.8:53 | www.bbc.co.uk | udp |
| US | 8.8.8.8:53 | reddit.map.fastly.net | udp |
| US | 8.8.8.8:53 | www-live.waf.digital-prod.vodafoneaws.co.uk | udp |
| US | 8.8.8.8:53 | www.ebay.co.uk | udp |
| US | 8.8.8.8:53 | www.ebay.co.uk | udp |
| US | 8.8.8.8:53 | bbc.map.fastly.net | udp |
| US | 8.8.8.8:53 | getpocket.com | udp |
| US | 8.8.8.8:53 | getpocket.com | udp |
| US | 8.8.8.8:53 | www.mozorg.moz.works | udp |
| US | 8.8.8.8:53 | forms.bootshearingcare.com | udp |
| US | 8.8.8.8:53 | forms.bootshearingcare.com | udp |
| US | 8.8.8.8:53 | www.womenshealthmag.com | udp |
| US | 8.8.8.8:53 | www.womenshealthmag.com | udp |
| US | 8.8.8.8:53 | e11847.a.akamaiedge.net | udp |
| US | 8.8.8.8:53 | hearst-hdm.map.fastly.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | seal.digicert.com | udp |
| US | 8.8.8.8:53 | seal.digicert.com | udp |
| IE | 63.33.186.64:443 | seal.digicert.com | tcp |
| US | 8.8.8.8:53 | cdn.walkme.com | udp |
| US | 8.8.8.8:53 | cdn.walkme.com | udp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | e12923.a.akamaiedge.net | udp |
| BE | 104.68.83.225:443 | cdn.walkme.com | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | papi.walkme.com | udp |
| US | 8.8.8.8:53 | papi.walkme.com | udp |
| BE | 104.68.83.225:443 | papi.walkme.com | tcp |
| US | 8.8.8.8:53 | zn3wuoawaazkbfa29-healthequity.siteintercept.qualtrics.com | udp |
| US | 8.8.8.8:53 | zn3wuoawaazkbfa29-healthequity.siteintercept.qualtrics.com | udp |
| US | 8.8.8.8:53 | prodlb.siteintercept.qualtrics.com.cdn.cloudflare.net | udp |
| US | 104.17.209.240:443 | zn3wuoawaazkbfa29-healthequity.siteintercept.qualtrics.com | tcp |
| US | 8.8.8.8:53 | siteintercept.qualtrics.com | udp |
| US | 8.8.8.8:53 | siteintercept.qualtrics.com | udp |
| US | 8.8.8.8:53 | prodlb.siteintercept.qualtrics.com.cdn.cloudflare.net | udp |
| US | 104.17.208.240:443 | siteintercept.qualtrics.com | tcp |
| US | 8.8.8.8:53 | prodlb.siteintercept.qualtrics.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | my.healthequity.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | iad1.qualtrics.com | udp |
| US | 8.8.8.8:53 | iad1.qualtrics.com | udp |
| US | 8.8.8.8:53 | e12398.b.akamaiedge.net | udp |
| SE | 23.34.233.95:443 | iad1.qualtrics.com | tcp |
| US | 8.8.8.8:53 | prodlb.siteintercept.qualtrics.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | www.theguardian.com | udp |
| US | 8.8.8.8:53 | www.theguardian.com | udp |
| US | 8.8.8.8:53 | www.timeout.com | udp |
| US | 8.8.8.8:53 | www.timeout.com | udp |
| US | 8.8.8.8:53 | playerserver.walkme.com | udp |
| US | 8.8.8.8:53 | playerserver.walkme.com | udp |
| US | 8.8.8.8:53 | ec-playback.walkme.com | udp |
| US | 8.8.8.8:53 | ec-playback.walkme.com | udp |
| BE | 104.68.83.225:443 | playerserver.walkme.com | tcp |
| US | 34.117.60.46:443 | ec-playback.walkme.com | tcp |
| US | 8.8.8.8:53 | my.healthequity.com.cdn.cloudflare.net | udp |
| US | 34.117.60.46:443 | ec-playback.walkme.com | udp |
| US | 8.8.8.8:53 | ec.walkme.com | udp |
| US | 8.8.8.8:53 | ec.walkme.com | udp |
| US | 35.201.109.167:443 | ec.walkme.com | tcp |
| US | 8.8.8.8:53 | ec.walkme.com | udp |
| US | 35.201.109.167:443 | ec.walkme.com | udp |
| US | 8.8.8.8:53 | my.healthequity.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | edition.cnn.com | udp |
| US | 8.8.8.8:53 | edition.cnn.com | udp |
| US | 8.8.8.8:53 | time.com | udp |
| US | 8.8.8.8:53 | time.com | udp |
| US | 8.8.8.8:53 | my.healthequity.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | ec-playback.walkme.com | udp |
| US | 34.117.60.46:443 | ec-playback.walkme.com | udp |
| US | 8.8.8.8:53 | www.businessinsider.com | udp |
| US | 8.8.8.8:53 | www.businessinsider.com | udp |
| US | 8.8.8.8:53 | theconversation.com | udp |
| US | 8.8.8.8:53 | theconversation.com | udp |
| US | 8.8.8.8:53 | f.shared.global.fastly.net | udp |
| US | 8.8.8.8:53 | www.inverse.com | udp |
| US | 8.8.8.8:53 | www.inverse.com | udp |
Files
N/A