IOC Report
https://www.canva.com/design/DAGaHpv1g1M/bVE7B2sT8b8T3P-e2xb64w/view?utm_content=DAGaHpv1g1M&utm_campaign=designshare&utm_medium=link2&utm_source=uniquelinks&utlId=h1ee3678e45

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 100
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 101
ASCII text, with very long lines (10099)
downloaded
Chrome Cache Entry: 102
ASCII text, with very long lines (65447)
dropped
Chrome Cache Entry: 103
JSON data
downloaded
Chrome Cache Entry: 104
ASCII text, with very long lines (563)
downloaded
Chrome Cache Entry: 105
ASCII text, with very long lines (55289)
downloaded
Chrome Cache Entry: 106
ASCII text, with very long lines (19948), with no line terminators
dropped
Chrome Cache Entry: 107
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
dropped
Chrome Cache Entry: 108
ASCII text, with very long lines (5945)
dropped
Chrome Cache Entry: 109
Web Open Font Format (Version 2), TrueType, length 42500, version 1.0
downloaded
Chrome Cache Entry: 110
Web Open Font Format, CFF, length 1136, version 1.0
downloaded
Chrome Cache Entry: 111
ASCII text, with very long lines (65455)
dropped
Chrome Cache Entry: 112
ASCII text, with very long lines (2415)
downloaded
Chrome Cache Entry: 113
ASCII text
dropped
Chrome Cache Entry: 114
ASCII text, with very long lines (2139)
dropped
Chrome Cache Entry: 115
Web Open Font Format (Version 2), TrueType, length 40708, version 1.0
downloaded
Chrome Cache Entry: 116
ASCII text, with very long lines (1732)
downloaded
Chrome Cache Entry: 117
ASCII text, with very long lines (1207)
dropped
Chrome Cache Entry: 118
ASCII text, with very long lines (8761), with no line terminators
dropped
Chrome Cache Entry: 119
Web Open Font Format (Version 2), TrueType, length 194188, version 1.15139
downloaded
Chrome Cache Entry: 120
ASCII text, with very long lines (1581)
downloaded
Chrome Cache Entry: 121
ASCII text, with very long lines (1207)
downloaded
Chrome Cache Entry: 122
HTML document, Unicode text, UTF-8 text, with very long lines (6739)
dropped
Chrome Cache Entry: 123
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
downloaded
Chrome Cache Entry: 124
ASCII text, with very long lines (1396)
dropped
Chrome Cache Entry: 125
Web Open Font Format (Version 2), TrueType, length 38848, version 1.655
downloaded
Chrome Cache Entry: 126
Web Open Font Format (Version 2), TrueType, length 203232, version 1.15139
downloaded
Chrome Cache Entry: 127
Web Open Font Format (Version 2), TrueType, length 42876, version 1.0
downloaded
Chrome Cache Entry: 128
Web Open Font Format (Version 2), TrueType, length 201132, version 1.15139
downloaded
Chrome Cache Entry: 129
HTML document, ASCII text, with CRLF line terminators
dropped
Chrome Cache Entry: 130
ASCII text, with very long lines (8830), with no line terminators
downloaded
Chrome Cache Entry: 131
ASCII text, with very long lines (3922)
dropped
Chrome Cache Entry: 132
ASCII text, with very long lines (18664)
dropped
Chrome Cache Entry: 133
ASCII text, with very long lines (3212)
downloaded
Chrome Cache Entry: 134
ASCII text
dropped
Chrome Cache Entry: 135
ASCII text, with very long lines (65455)
dropped
Chrome Cache Entry: 136
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 137
ASCII text, with very long lines (2156)
dropped
Chrome Cache Entry: 138
HTML document, ASCII text, with very long lines (65398), with CRLF line terminators
downloaded
Chrome Cache Entry: 139
ASCII text, with very long lines (3922)
downloaded
Chrome Cache Entry: 140
Web Open Font Format (Version 2), TrueType, length 194064, version 1.15139
downloaded
Chrome Cache Entry: 141
ASCII text, with very long lines (954)
dropped
Chrome Cache Entry: 142
ASCII text, with very long lines (19948), with no line terminators
downloaded
Chrome Cache Entry: 143
ASCII text, with very long lines (50697)
dropped
Chrome Cache Entry: 144
Web Open Font Format (Version 2), TrueType, length 41456, version 1.0
downloaded
Chrome Cache Entry: 145
JSON data
dropped
Chrome Cache Entry: 146
ASCII text, with very long lines (50697)
downloaded
Chrome Cache Entry: 147
ASCII text, with very long lines (3169)
downloaded
Chrome Cache Entry: 148
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 149
ASCII text
downloaded
Chrome Cache Entry: 150
ASCII text, with very long lines (65455)
downloaded
Chrome Cache Entry: 151
JSON data
dropped
Chrome Cache Entry: 152
ASCII text, with very long lines (65455)
downloaded
Chrome Cache Entry: 153
ASCII text
downloaded
Chrome Cache Entry: 154
ASCII text, with very long lines (55289)
dropped
Chrome Cache Entry: 155
Web Open Font Format (Version 2), TrueType, length 41508, version 1.0
downloaded
Chrome Cache Entry: 156
ASCII text, with very long lines (961)
dropped
Chrome Cache Entry: 157
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
downloaded
Chrome Cache Entry: 158
JSON data
downloaded
Chrome Cache Entry: 159
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 160
Web Open Font Format (Version 2), TrueType, length 43356, version 1.0
downloaded
Chrome Cache Entry: 161
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 162
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 163
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 164
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
dropped
Chrome Cache Entry: 165
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 166
ASCII text, with very long lines (2156)
downloaded
Chrome Cache Entry: 167
ASCII text, with very long lines (5945)
downloaded
Chrome Cache Entry: 168
ASCII text, with very long lines (563)
dropped
Chrome Cache Entry: 169
ASCII text, with very long lines (961)
downloaded
Chrome Cache Entry: 170
ASCII text, with very long lines (2415)
dropped
Chrome Cache Entry: 93
ASCII text, with very long lines (18664)
downloaded
Chrome Cache Entry: 94
CSV text
downloaded
Chrome Cache Entry: 95
HTML document, Unicode text, UTF-8 text, with very long lines (6739)
downloaded
Chrome Cache Entry: 96
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 97
ASCII text, with very long lines (1581)
dropped
Chrome Cache Entry: 98
ASCII text, with very long lines (2139)
downloaded
Chrome Cache Entry: 99
ASCII text
dropped
There are 69 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1696,i,3985431384977248275,18187255008017628638,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.canva.com/design/DAGaHpv1g1M/bVE7B2sT8b8T3P-e2xb64w/view?utm_content=DAGaHpv1g1M&utm_campaign=designshare&utm_medium=link2&utm_source=uniquelinks&utlId=h1ee3678e45"

URLs

Name
IP
Malicious
https://www.canva.com/design/DAGaHpv1g1M/bVE7B2sT8b8T3P-e2xb64w/view?utm_content=DAGaHpv1g1M&utm_campaign=designshare&utm_medium=link2&utm_source=uniquelinks&utlId=h1ee3678e45
malicious
https://jo.vomlogsffy.ru/z9yaFIg/
malicious
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
104.16.79.73
https://font-public.canva.com/_fb/0/56.woff2)
unknown
https://stats.g.doubleclick.net/g/collect
unknown
https://font-public.canva.com/_fb/0/24.woff)
unknown
https://font-public.canva.com/YACgEZ1cb1Q/0/ArimoItalic.fa87472a877e70c5bce22e42be5c.d257a7100844bc3f98c9021168b6249e.woff2
104.16.103.112
https://www.redditstatic.com/ads/pixel.js
unknown
https://www.canva-staging.com/design/
unknown
https://font-public.canva.com/_fb/0/17.woff2)
unknown
https://static.canva.com/web/3982b953a9beb502.runtime.js
104.16.102.112
https://font-public.canva.com/_fb/0/04.ttf)
unknown
https://font-public.canva.com/YAFdJjTk5UU/0/CanvaSans-MediumItalic.2114be9bf82cd092e.e5e43f51d6d7939d8911c861efa5f9b7.woff2
104.16.103.112
https://font-public.canva.com/_fb/0/31.woff)
unknown
https://font-public.canva.com/_fb/0/04.woff)
unknown
https://font-public.canva.com/_fb/0/71.woff)
unknown
https://font-public.canva.com/_fb/0/11.woff)
unknown
https://a.nel.cloudflare.com/report/v4?s=AudUHezqNnREeWdu77aj7y5fUlLaqQFmwByf2pS4vpPpJhjB7hDpwBsxFQ1hH1h%2BHXrQrlBDFkzCgZBLA8p6gHunWp974VfIhHYCdbwkbQOU%2BLzWyaXGnnBCOygbrbA%3D
35.190.80.1
https://static.canva.com/static/images/favicon-1.ico
104.16.102.112
https://font-public.canva.com/_fb/0/02.ttf)
unknown
https://font-public.canva.com/_fb/0/2E.ttf)
unknown
https://www.canva.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
104.16.102.112
https://cdn.iframe.ly
unknown
https://font-public.canva.com/_fb/0/76.ttf)
unknown
https://tally.so/
unknown
https://static.canva.com/web/2c8d424892fc6ce6.ltr.css
104.16.102.112
http://tally.so/
unknown
https://font-public.canva.com/_fb/0/16.woff)
unknown
https://vimeo.com/
unknown
https://font-public.canva.com/_fb/0/0B.woff2)
unknown
https://font-public.canva.com/_fb/0/61.woff2)
unknown
https://font-public.canva.com/_fb/0/28.woff2)
unknown
https://font-public.canva.com/_fb/0/72.woff)
unknown
https://font-public.canva.com/_fb/0/7E-quadratic.woff)
unknown
https://font-public.canva.com/_fb/0/31.ttf)
unknown
https://font-public.canva.com/_fb/0/24.woff2)
unknown
https://www.canva.com/_ajax/ae/createBatch
104.16.102.112
https://font-public.canva.com/_fb/0/56.woff)
unknown
https://font-public.canva.com/_fb/0/2D.woff2)
unknown
https://px.ads.linkedin.com/collect/?pid=
unknown
https://font-public.canva.com/_fb/0/4C.woff2)
unknown
https://static.canva.com/web/images/b46630e470f4040eba7033cf2435edce.woff
104.16.102.112
https://font-public.canva.com/_fb/0/29.woff)
unknown
https://font-public.canva.com/_fb/0/47.woff2)
unknown
https://ad.doubleclick.net/activity;register_conversion=1;src=9812343;type=conve0;cat=canva008;ord=1
unknown
https://font-public.canva.com/_fb/0/7E.otf)
unknown
https://font-public.canva.com/_fb/0/6F.woff)
unknown
https://api-gw.metadata.io
unknown
https://font-public.canva.com/_fb/0/3D.ttf)
unknown
https://font-public.canva.com/_fb/0/02.woff2)
unknown
https://font-public.canva.com/_fb/0/17.woff)
unknown
https://font-public.canva.com/_fb/0/60.ttf)
unknown
https://canva-embed.com
unknown
https://quilljs.com/
unknown
https://font-public.canva.com/_fb/0/47.ttf)
unknown
https://font-public.canva.com/_fb/0/28.ttf)
unknown
https://font-public.canva.com/_fb/0/2E.woff)
unknown
https://font-public.canva.com/_fb/0/05.woff)
unknown
https://font-public.canva.com/_fb/0/39.woff2)
unknown
https://font-public.canva.com/_fb/0/09.ttf)
unknown
https://static.canva.com/web/f739909298c930bb.js
104.16.102.112
https://font-public.canva.com/_fb/0/6F.ttf)
unknown
https://ad.doubleclick.net/activity;src=9812343;type=websi000;cat=flood0;ord=967358683;gtm=45j91e4c5
unknown
http://youtu.be/
unknown
https://font-public.canva.com/_fb/0/70.woff2)
unknown
https://font-public.canva.com/_fb/0/26.ttf)
unknown
https://font-public.canva.com/_fb/0/75.woff2)
unknown
https://font-public.canva.com/_fb/0/76.woff2)
unknown
https://font-public.canva.com/_fb/0/12.ttf)
unknown
https://font-public.canva.com/_fb/0/31.woff2)
unknown
https://font-public.canva.com/_fb/0/32.woff2)
unknown
https://vimeo.com/album/
unknown
https://font-public.canva.com/_fb/0/3D.woff2)
unknown
https://font-public.canva.com/_fb/0/27.ttf)
unknown
https://static.canva.com/web/5acf95fa6e193b90.js
104.16.102.112
https://static.canva.com/web/42edacda53f68fee.ltr.css
104.16.102.112
https://youtu.be/
unknown
https://sb.scorecardresearch.com/p?c1=2&c2=34402982&ns_type=hidden&ns_event=page_view&c6=canva-aad9e5ad-3a29-42d3-a4e3-b2a423a0bfe7&c7=&c9=&c8=&gtmcb=310749792
3.160.188.18
https://font-public.canva.com/_fb/0/0A.woff)
unknown
https://font-public.canva.com/_fb/0/23.woff)
unknown
https://static.canva.com/web/a539f22cb4b4cc9e.vendor.js
104.16.102.112
https://font-public.canva.com/_fb/0/7E.woff2)
unknown
https://font-public.canva.com/_fb/0/03.woff)
unknown
https://font-public.canva.com/_fb/0/2D.woff)
unknown
https://font-public.canva.com/_fb/0/60.woff)
unknown
https://font-public.canva.com/_fb/0/32.woff)
unknown
https://font-public.canva.com/_fb/0/09.woff2)
unknown
https://font-public.canva.com/YAFdJjTk5UU/0/CanvaSans-Medium.95291d1cd5c6185e00ba590.c69c23593c9bd5705c7780a200f2a6db.woff2
104.16.103.112
https://github.com/getsentry/sentry-javascript
unknown
https://font-public.canva.com/_fb/0/0C.ttf)
unknown
https://codesandbox.io/
unknown
https://font-public.canva.com/_fb/0/55.woff)
unknown
https://font-public.canva.com/_fb/0/56.ttf)
unknown
https://logx.optimizely.com/v1/events
unknown
https://vimeo.com/channels/
unknown
https://font-public.canva.com/_fb/0/75.ttf)
unknown
https://font-public.canva.com/_fb/0/75.woff)
unknown
https://font-public.canva.com/YAFdJjTk5UU/0/CanvaSans-Bold13644182954117137290.33696.33696a29f45c1b554a4c12443b998d21.woff2
104.16.103.112
https://font-public.canva.com/_fb/s/41d36c36b634199c0ebf5e807fda38d0.css
104.16.103.112
https://font-public.canva.com/_fb/0/16.otf)
unknown
https://font-public.canva.com/_fb/0/26.woff)
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
jo.vomlogsffy.ru
104.21.56.29
 malicious
a.nel.cloudflare.com
35.190.80.1
static.cloudflareinsights.com
104.16.79.73
o13855.ingest.sentry.io
34.120.195.249
ad.doubleclick.net
172.217.17.70
p.tvpixel.com
75.2.57.54
www.canva.com
104.16.102.112
adservice.google.com
142.250.181.66
spdc-global.pbp.gysm.yahoodns.net
54.171.122.26
d1w725hft9421a.cloudfront.net
13.226.2.108
ct.canva.com
216.239.38.21
googleads.g.doubleclick.net
172.217.19.226
code.jquery.com
151.101.66.137
static.canva.com
104.16.102.112
font-public.canva.com
104.16.103.112
sb.scorecardresearch.com
3.160.188.18
www.google.com
142.250.181.68
api.ipify.org
104.26.12.205
sp.analytics.yahoo.com
unknown
cdn.metadata.io
unknown
There are 10 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
104.21.56.29
jo.vomlogsffy.ru
United States
malicious
172.217.19.226
googleads.g.doubleclick.net
United States
192.168.2.4
unknown
unknown
13.226.2.3
unknown
United States
104.16.80.73
unknown
United States
192.168.2.5
unknown
unknown
104.16.102.112
www.canva.com
United States
216.239.36.21
unknown
United States
216.239.38.21
ct.canva.com
United States
151.101.66.137
code.jquery.com
United States
142.250.181.68
www.google.com
United States
35.190.80.1
a.nel.cloudflare.com
United States
172.217.21.36
unknown
United States
151.101.194.137
unknown
United States
104.16.79.73
static.cloudflareinsights.com
United States
142.250.181.66
adservice.google.com
United States
3.160.188.18
sb.scorecardresearch.com
United States
104.26.12.205
api.ipify.org
United States
104.16.103.112
font-public.canva.com
United States
54.171.122.26
spdc-global.pbp.gysm.yahoodns.net
United States
239.255.255.250
unknown
Reserved
13.226.2.108
d1w725hft9421a.cloudfront.net
United States
172.217.17.70
ad.doubleclick.net
United States
75.2.57.54
p.tvpixel.com
United States
34.120.195.249
o13855.ingest.sentry.io
United States
172.67.74.152
unknown
United States
There are 16 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://www.canva.com/design/DAGaHpv1g1M/bVE7B2sT8b8T3P-e2xb64w/view?utm_content=DAGaHpv1g1M&utm_campaign=designshare&utm_medium=link2&utm_source=uniquelinks&utlId=h1ee3678e45
https://www.canva.com/design/DAGaHpv1g1M/bVE7B2sT8b8T3P-e2xb64w/view?utm_content=DAGaHpv1g1M&utm_campaign=designshare&utm_medium=link2&utm_source=uniquelinks&utlId=h1ee3678e45
https://www.canva.com/design/DAGaHpv1g1M/bVE7B2sT8b8T3P-e2xb64w/view?utm_content=DAGaHpv1g1M&utm_campaign=designshare&utm_medium=link2&utm_source=uniquelinks&utlId=h1ee3678e45
https://www.canva.com/design/DAGaHpv1g1M/bVE7B2sT8b8T3P-e2xb64w/view?utm_content=DAGaHpv1g1M&utm_campaign=designshare&utm_medium=link2&utm_source=uniquelinks&utlId=h1ee3678e45
https://jo.vomlogsffy.ru/z9yaFIg/