Windows Analysis Report
https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60

Overview

General Information

Sample URL: https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60
Analysis ID: 1432213
Infos:

Detection

Score: 0
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

No high impact signatures.

Classification

There are no high impact signatures.

Source: https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 HTTP Parser: No favicon
Source: unknown HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware&id=acb392a2-86c9-4b24-95db-2636493585ad&et=20240426193248&sig=gwhayKnReUcWvOAMK22RmzWqYRsgaF5wky3R3i2mCJ0%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eng2e.seismic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware&id=42a9afb0-4e23-4a15-8f0a-491943de840e&et=20240426185005&sig=%2BU%2Fbf4l7Wt4vTYCCuUby8M14m72iv%2FhGKsN1B0m9KrY%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eng2e.seismic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware&id=acb392a2-86c9-4b24-95db-2636493585ad&et=20240426193248&sig=gwhayKnReUcWvOAMK22RmzWqYRsgaF5wky3R3i2mCJ0%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware&id=42a9afb0-4e23-4a15-8f0a-491943de840e&et=20240426185005&sig=%2BU%2Fbf4l7Wt4vTYCCuUby8M14m72iv%2FhGKsN1B0m9KrY%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /nr-full-1.257.0.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://eng2e.seismic.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://eng2e.seismic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=93b6e874-5233-482c-8362-ef68a6f3547b&et=20240426185012&isfullcontainername=True&sig=1n%2BweGZwFmtv9zXN%2F0Iu88%2BvLq%2FDHY1glGlTP%2F6BTMQ%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eng2e.seismic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=2acae5d3-2811-4025-aea0-7972a7f5879b&et=20240426185012&isfullcontainername=True&sig=oGhRNaO96VhOfEJXMV4MXVgxs6ivJwFGnjPvm8fZfgg%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eng2e.seismic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=551b630b-f274-454a-a270-9fbd8cbd7632&et=20240426185012&isfullcontainername=True&sig=HRtJpGlXjXBYT5eLg%2FzXs4J%2Frot%2F%2BMIZVCBYJPgcCgY%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eng2e.seismic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=9ae068b6-c5e0-4162-88d9-0fe8901271a8&et=20240426185012&isfullcontainername=True&sig=qhxabv2STg56bKO7iUzglC4NtauzI8aIhWcSpiVKkrc%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eng2e.seismic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=55c0f2a0-d164-4d6c-871f-2c0a754f72b0&et=20240426185012&isfullcontainername=True&sig=DMbSAwSFNjPgr6Ia5%2FtvoGFeACUX9lbY%2F25LmFuhi9I%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eng2e.seismic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=47820&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60&af=err,xhr,stn,ins&be=1098&fe=71&dc=42&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1714145552462,%22n%22:0,%22f%22:4,%22dn%22:334,%22dne%22:334,%22c%22:334,%22s%22:335,%22ce%22:620,%22rq%22:620,%22rp%22:1098,%22rpe%22:1101,%22di%22:1140,%22ds%22:1140,%22de%22:1140,%22dc%22:1168,%22l%22:1168,%22le%22:1169%7D,%22navigation%22:%7B%7D%7D&fp=1640&fcp=12964 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=2acae5d3-2811-4025-aea0-7972a7f5879b&et=20240426185012&isfullcontainername=True&sig=oGhRNaO96VhOfEJXMV4MXVgxs6ivJwFGnjPvm8fZfgg%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=551b630b-f274-454a-a270-9fbd8cbd7632&et=20240426185012&isfullcontainername=True&sig=HRtJpGlXjXBYT5eLg%2FzXs4J%2Frot%2F%2BMIZVCBYJPgcCgY%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=93b6e874-5233-482c-8362-ef68a6f3547b&et=20240426185012&isfullcontainername=True&sig=1n%2BweGZwFmtv9zXN%2F0Iu88%2BvLq%2FDHY1glGlTP%2F6BTMQ%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=55c0f2a0-d164-4d6c-871f-2c0a754f72b0&et=20240426185012&isfullcontainername=True&sig=DMbSAwSFNjPgr6Ia5%2FtvoGFeACUX9lbY%2F25LmFuhi9I%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=9ae068b6-c5e0-4162-88d9-0fe8901271a8&et=20240426185012&isfullcontainername=True&sig=qhxabv2STg56bKO7iUzglC4NtauzI8aIhWcSpiVKkrc%3D HTTP/1.1Host: newdownload.seismic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /events/1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=58644&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /jserrors/1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=58647&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /events/1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=58648&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /jserrors/1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=68654&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /jserrors/1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=78669&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic DNS traffic detected: DNS query: eng2e.seismic.com
Source: global traffic DNS traffic detected: DNS query: js-agent.newrelic.com
Source: global traffic DNS traffic detected: DNS query: service-discovery.seismic.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: cdn-prod.seismic.com
Source: global traffic DNS traffic detected: DNS query: newdownload.seismic.com
Source: global traffic DNS traffic detected: DNS query: bam.nr-data.net
Source: global traffic DNS traffic detected: DNS query: api.seismic.com
Source: unknown HTTP traffic detected: POST /1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=47820&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60&af=err,xhr,stn,ins&be=1098&fe=71&dc=42&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1714145552462,%22n%22:0,%22f%22:4,%22dn%22:334,%22dne%22:334,%22c%22:334,%22s%22:335,%22ce%22:620,%22rq%22:620,%22rp%22:1098,%22rpe%22:1101,%22di%22:1140,%22ds%22:1140,%22de%22:1140,%22dc%22:1168,%22l%22:1168,%22le%22:1169%7D,%22navigation%22:%7B%7D%7D&fp=1640&fcp=12964 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: text/plainAccept: */*Origin: https://eng2e.seismic.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://eng2e.seismic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: http://ocsp.thawte.com0
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: http://sc.symcb.com/sc.crl0W
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: http://sc.symcb.com/sc.crt0
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: http://sc.symcd.com0&
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: http://scripts.sil.org/OFL
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: http://scripts.sil.org/OFLCopyright
Source: chromecache_76.2.dr String found in binary or memory: http://scripts.sil.org/OFLSource
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: http://ts-ocsp.ws.symantec.com07
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: http://www.symauth.com/cps0(
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: http://www.symauth.com/rpa04
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: https://d.symcb.com/cps0%
Source: chromecache_86.2.dr, chromecache_76.2.dr, chromecache_78.2.dr String found in binary or memory: https://d.symcb.com/rpa0
Source: chromecache_127.2.dr, chromecache_123.2.dr String found in binary or memory: https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60
Source: chromecache_99.2.dr String found in binary or memory: https://js-agent.newrelic.com
Source: chromecache_127.2.dr, chromecache_123.2.dr String found in binary or memory: https://newdownload.seismic.com/api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware&id=42a9
Source: chromecache_93.2.dr, chromecache_75.2.dr, chromecache_129.2.dr, chromecache_110.2.dr String found in binary or memory: https://newdownload.seismic.com/api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware&id=acb3
Source: chromecache_99.2.dr String found in binary or memory: https://service-discovery.seismic.com
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: classification engine Classification label: clean0.win@16/97@28/7
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2416 --field-trial-handle=2384,i,13309312840750829887,16417824520483540368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2416 --field-trial-handle=2384,i,13309312840750829887,16417824520483540368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Automated click: agree
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Automated click: Accept
Source: Window Recorder Window detected: More than 3 window changes detected
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1432213 URL: https://eng2e.seismic.com/l... Startdate: 26/04/2024 Architecture: WINDOWS Score: 0 5 chrome.exe 1 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.17 unknown unknown 5->13 15 192.168.2.4, 138, 443, 49672 unknown unknown 5->15 17 239.255.255.250 unknown Reserved 5->17 10 chrome.exe 5->10         started        process4 dnsIp5 19 kubernetes-prod-az-eastus-raptor.seismic.com 52.151.208.67, 443, 49773, 49774 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 10->19 21 www.google.com 142.250.64.196, 443, 49742, 49831 GOOGLEUS United States 10->21 23 11 other IPs or domains 10->23
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
52.151.208.67
 kubernetes-prod-az-eastus-raptor.seismic.com United States
8075 MICROSOFT-CORP-MSN-AS-BLOCKUS false
142.250.64.196
 www.google.com United States
15169 GOOGLEUS false
239.255.255.250
 unknown Reserved
unknown unknown false
162.247.243.29
 fastly-tls12-bam.nr-data.net United States
13335 CLOUDFLARENETUS false
162.247.243.39
 js-agent.newrelic.com United States
13335 CLOUDFLARENETUS false

Private

IP
192.168.2.17
192.168.2.4

Contacted Domains

Name IP Active
fastly-tls12-bam.nr-data.net 162.247.243.29 true
js-agent.newrelic.com 162.247.243.39 true
kubernetes-prod-az-eastus-raptor.seismic.com 52.151.208.67 true
www.google.com 142.250.64.196 true
fp2e7a.wpc.phicdn.net 192.229.211.108 true
cdn-prod.seismic.com unknown unknown
eng2e.seismic.com unknown unknown
newdownload.seismic.com unknown unknown
service-discovery.seismic.com unknown unknown
api.seismic.com unknown unknown
bam.nr-data.net unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://newdownload.seismic.com/api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=551b630b-f274-454a-a270-9fbd8cbd7632&et=20240426185012&isfullcontainername=True&sig=HRtJpGlXjXBYT5eLg%2FzXs4J%2Frot%2F%2BMIZVCBYJPgcCgY%3D false
    		high
    https://bam.nr-data.net/jserrors/1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=68654&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 false
    • Avira URL Cloud: safe
    		 unknown
    https://js-agent.newrelic.com/nr-full-1.257.0.min.js false
      		high
      https://bam.nr-data.net/1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=47820&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60&af=err,xhr,stn,ins&be=1098&fe=71&dc=42&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1714145552462,%22n%22:0,%22f%22:4,%22dn%22:334,%22dne%22:334,%22c%22:334,%22s%22:335,%22ce%22:620,%22rq%22:620,%22rp%22:1098,%22rpe%22:1101,%22di%22:1140,%22ds%22:1140,%22de%22:1140,%22dc%22:1168,%22l%22:1168,%22le%22:1169%7D,%22navigation%22:%7B%7D%7D&fp=1640&fcp=12964 false
      • Avira URL Cloud: safe
      		 unknown
      https://bam.nr-data.net/events/1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=58644&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 false
      • Avira URL Cloud: safe
      		 unknown
      https://bam.nr-data.net/ins/1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=48518&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 false
      • Avira URL Cloud: safe
      		 unknown
      https://newdownload.seismic.com/api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware&id=42a9afb0-4e23-4a15-8f0a-491943de840e&et=20240426185005&sig=%2BU%2Fbf4l7Wt4vTYCCuUby8M14m72iv%2FhGKsN1B0m9KrY%3D false
        		high
        https://newdownload.seismic.com/api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=2acae5d3-2811-4025-aea0-7972a7f5879b&et=20240426185012&isfullcontainername=True&sig=oGhRNaO96VhOfEJXMV4MXVgxs6ivJwFGnjPvm8fZfgg%3D false
          		high
          https://newdownload.seismic.com/api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=55c0f2a0-d164-4d6c-871f-2c0a754f72b0&et=20240426185012&isfullcontainername=True&sig=DMbSAwSFNjPgr6Ia5%2FtvoGFeACUX9lbY%2F25LmFuhi9I%3D false
            		high
            https://newdownload.seismic.com/api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=9ae068b6-c5e0-4162-88d9-0fe8901271a8&et=20240426185012&isfullcontainername=True&sig=qhxabv2STg56bKO7iUzglC4NtauzI8aIhWcSpiVKkrc%3D false
              		high
              https://bam.nr-data.net/events/1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=58648&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 false
              • Avira URL Cloud: safe
              		 unknown
              https://bam.nr-data.net/jserrors/1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=58647&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 false
              • Avira URL Cloud: safe
              		 unknown
              https://newdownload.seismic.com/api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware-collaboration&id=93b6e874-5233-482c-8362-ef68a6f3547b&et=20240426185012&isfullcontainername=True&sig=1n%2BweGZwFmtv9zXN%2F0Iu88%2BvLq%2FDHY1glGlTP%2F6BTMQ%3D false
                		high
                https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60#/ false
                  		high
                  https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 false
                    		high
                    https://newdownload.seismic.com/api/download/v1/blob?t=onestreamsoftware&c=onestreamsoftware&id=acb392a2-86c9-4b24-95db-2636493585ad&et=20240426193248&sig=gwhayKnReUcWvOAMK22RmzWqYRsgaF5wky3R3i2mCJ0%3D false
                      		high
                      https://bam.nr-data.net/jserrors/1/33e37aa8ea?a=937843118&sa=1&v=1.257.0&t=Unnamed%20Transaction&rst=78669&ck=0&s=3102a23c86424843&ref=https://eng2e.seismic.com/ls/b817d80c-e942-40b0-8698-2e058b375eb8/KeKSp5v9_rr55V60 false
                      • Avira URL Cloud: safe
                      		 unknown