IOC Report
https://nicolelynam513779.invisionapp.com/freehand/KE-Design-LLC-24-22144---3LtuK81gj

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 100
ASCII text, with very long lines (21229)
dropped
Chrome Cache Entry: 101
Unicode text, UTF-8 text, with very long lines (65255)
dropped
Chrome Cache Entry: 102
ASCII text, with very long lines (37185)
dropped
Chrome Cache Entry: 103
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 104
ASCII text, with very long lines (6194)
downloaded
Chrome Cache Entry: 105
ASCII text, with very long lines (588)
downloaded
Chrome Cache Entry: 106
ASCII text, with very long lines (37185)
downloaded
Chrome Cache Entry: 107
Unicode text, UTF-8 text, with very long lines (46201)
downloaded
Chrome Cache Entry: 108
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
dropped
Chrome Cache Entry: 109
Unicode text, UTF-8 text, with very long lines (51066)
downloaded
Chrome Cache Entry: 110
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 111
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 112
Unicode text, UTF-8 text, with very long lines (65255)
downloaded
Chrome Cache Entry: 113
ASCII text, with very long lines (64000)
dropped
Chrome Cache Entry: 114
ASCII text
downloaded
Chrome Cache Entry: 115
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
dropped
Chrome Cache Entry: 116
ASCII text, with very long lines (64000)
downloaded
Chrome Cache Entry: 117
JSON data
dropped
Chrome Cache Entry: 118
JSON data
downloaded
Chrome Cache Entry: 119
JSON data
downloaded
Chrome Cache Entry: 120
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
dropped
Chrome Cache Entry: 121
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
downloaded
Chrome Cache Entry: 122
Unicode text, UTF-8 text, with very long lines (65418)
downloaded
Chrome Cache Entry: 123
ASCII text, with very long lines (2674)
downloaded
Chrome Cache Entry: 124
ASCII text, with very long lines (37739)
downloaded
Chrome Cache Entry: 125
ASCII text, with very long lines (65434)
downloaded
Chrome Cache Entry: 126
Unicode text, UTF-8 text, with very long lines (65418)
downloaded
Chrome Cache Entry: 127
Unicode text, UTF-8 text, with very long lines (65405)
downloaded
Chrome Cache Entry: 128
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
downloaded
Chrome Cache Entry: 129
ASCII text, with very long lines (65434)
dropped
Chrome Cache Entry: 130
Unicode text, UTF-8 text, with very long lines (65438)
downloaded
Chrome Cache Entry: 131
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
dropped
Chrome Cache Entry: 132
Unicode text, UTF-8 text, with very long lines (65438)
dropped
Chrome Cache Entry: 133
ASCII text, with very long lines (9177)
downloaded
Chrome Cache Entry: 134
ASCII text, with very long lines (37739)
dropped
Chrome Cache Entry: 135
ASCII text, with very long lines (6194)
dropped
Chrome Cache Entry: 136
Unicode text, UTF-8 text, with very long lines (65418)
dropped
Chrome Cache Entry: 137
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 138
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
dropped
Chrome Cache Entry: 139
ASCII text, with very long lines (588)
dropped
Chrome Cache Entry: 140
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
downloaded
Chrome Cache Entry: 141
Unicode text, UTF-8 text, with very long lines (28477)
dropped
Chrome Cache Entry: 142
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
downloaded
Chrome Cache Entry: 143
ASCII text, with very long lines (9177)
dropped
Chrome Cache Entry: 144
ASCII text, with very long lines (2674)
dropped
Chrome Cache Entry: 95
ASCII text, with very long lines (21229)
downloaded
Chrome Cache Entry: 96
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
downloaded
Chrome Cache Entry: 97
Unicode text, UTF-8 text, with very long lines (46201)
dropped
Chrome Cache Entry: 98
HTML document, ASCII text, with very long lines (59670)
downloaded
Chrome Cache Entry: 99
Unicode text, UTF-8 text, with very long lines (28477)
downloaded
There are 41 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=2000,i,9856245143333011369,530521192992549920,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://nicolelynam513779.invisionapp.com/freehand/KE-Design-LLC-24-22144---3LtuK81gj"

URLs

Name
IP
Malicious
https://nicolelynam513779.invisionapp.com/freehand/KE-Design-LLC-24-22144---3LtuK81gj
https://static.invisionapp-cdn.com/spa/sidebar/sidebar.c041909dcb5df013780e.js
104.17.154.91
https://static.invisionapp-cdn.com/spa/rpr-react-dom-static/react-dom.cfce0b15c12860642616.js
104.17.154.91
https://static.invisionapp-cdn.com/spa/rpr-lodash-static/lodash.f0ad10da7d1f80112d7a.js
104.17.154.91
https://static.invisionapp-cdn.com/spa/freehand-web-v7-static/freehand-web-v7-pdf.worker.3a179d139c5
unknown
https://github.com/facebook/regenerator/issues/274
unknown
https://static.invisionapp-cdn.com/spa/rpr-react-static/react.f67761e0a08ead174e25.js
104.17.154.91
http://jaywcjlove.github.io/hotkeys
unknown
https://static.invisionapp-cdn.com/global/fonts/Inv-MaisonNeue-BookItalic.woff
unknown
https://opensource.org/licenses/MIT
unknown
https://static.invisionapp-cdn.com/global/fonts/Inv-MaisonNeue-BookItalic.woff2
unknown
https://static.invisionapp-cdn.com/global/fonts/Inv-MaisonNeue-Book.woff
unknown
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
172.64.155.119
https://static.invisionapp-cdn.com/global/fonts/Inv-MaisonNeue-DemiItalic.woff
unknown
https://invisionapp.atlassian.net/browse/FH-195
unknown
https://static.invisionapp-cdn.com/global/favicons/default/favicon-16x16.png
unknown
https://static.invisionapp-cdn.com/global/js/cloud-global-async.js
104.17.154.91
https://static.invisionapp-cdn.com/spa/freehand-web-v7-static/freehand-web-v7-asset-processing.worke
unknown
https://nicolelynam513779.invisionapp.com/freehand/KE-Design-LLC-24-22144---3LtuK81gj
https://static.invisionapp-cdn.com/global/favicons/default/favicon-32x32.png
unknown
https://static.invisionapp-cdn.com/global/fonts/Inv-MaisonNeue-Medium.woff2
unknown
https://static.invisionapp-cdn.com/global/favicons/default/favicon.ico
104.17.154.91
https://support.invisionapp.com
unknown
https://static.invisionapp-cdn.com/global/js/cloud-global-pre-app-modules-synchronous.js
104.17.154.91
https://cdn.cookielaw.org/vendorlist/googleData.json
unknown
https://static.invisionapp-cdn.com/spa/freehand-web-v7-static/freehand-web-v7-asset-loading.worker.54e9673acff233e630af.worker.js
104.17.154.91
https://static.invisionapp-cdn.com/spa/freehand-web-v7-static/freehand-web-v7-process-line.worker.a28bfd0e90dd57e220a4.worker.js
104.17.154.91
https://static.invisionapp-cdn.com/spa/rpr-helios-one-web-static/helios-one.16ef689b76ede057e610.js
104.17.154.91
https://cdn.cookielaw.org/vendorlist/iabData.json
unknown
https://static.invisionapp-cdn.com/spa/rpr-styled-components-static/styled-components.a226967a2b27915f0a7f.js
104.17.154.91
https://static.invisionapp-cdn.com/spa/freehand-web-v7-static/freehand-web-v7-process-line.worker.a2
unknown
http://www.jacklmoore.com/autosize
unknown
https://cdn.cookielaw.org/vendorlist/iab2Data.json
unknown
https://static.invisionapp-cdn.com/spa/global-navigation-static/global-navigation.5cc6818c1a7e880293
unknown
https://static.invisionapp-cdn.com/spa/rpr-helios-one-web-static/helios-one.16ef689b76ede057e610.css
104.17.154.91
https://segment.com/docs/destinations/amplitude/#setting-event-level-groups-via-track-
unknown
http://jedwatson.github.io/classnames
unknown
https://static.invisionapp-cdn.com/global/fonts/Inv-Eina03-SemiBold.woff2
unknown
https://static.invisionapp-cdn.com/global/fonts/Inv-MaisonNeue-Book.woff2
unknown
https://js.pusher.com/beams/service-worker.js
108.156.64.41
https://static.invisionapp-cdn.com/spa/cloud-ui/app-shell-legacy.99fc193a.js
unknown
https://static.invisionapp-cdn.com/global/fonts/Inv-MaisonNeue-MediumItalic.woff
unknown
https://static.invisionapp-cdn.com/spa/rpr-styled-components-static/styled-components.a226967a2b2791
unknown
https://static.invisionapp-cdn.com/spa/freehand-web-v7-static/freehand-web-v7-vendors.0410ce90753f5f
unknown
https://static.invisionapp-cdn.com/global/fonts/AktivGroteskVF_W_Wght.woff2
unknown
https://static.invisionapp-cdn.com/spa/freehand-web-v7-static/freehand-web-v7-asset-processing.worker.57b12da83ed170e0f876.worker.js
104.17.154.91
https://ui-gateway-production.invisionapp-cdn.com/freehand/KE-Design-LLC-24-22144---3LtuK81gj
unknown
https://support.invisionapp.com/hc/en-us/articles/115004118683
unknown
https://static.invisionapp-cdn.com/global/fonts/Inv-MaisonNeue-MediumItalic.woff2
unknown
https://static.invisionapp-cdn.com/spa/freehand-web-v7-static/freehand-web-v7-asset-loading.worker.5
unknown
https://static.invisionapp-cdn.com/spa/global-navigation-static/global-navigation.5cc6818c1a7e880293c7.js
104.17.154.91
https://static.invisionapp-cdn.com/spa/freehand-web-v7-static/freehand-web-v7-pdf.worker.3a179d139c5a92babc56.worker.js
104.17.154.91
https://cdn.pendo.io/agent/static/
unknown
https://static.invisionapp-cdn.com/spa/freehand-web-v7-static/freehand-web-v7-bundle.1a632b09d6f4f31
unknown
https://static.invisionapp-cdn.com/global/fonts/Inv-Eina03-SemiBold.woff
unknown
https://s3.amazonaws.com/invision-global-static/production/spa/cloud-ui/global-service-worker-loader
unknown
https://static.invisionapp-cdn.com/spa/rpr-bugsnag-static/bugsnag.108782ef33631fee5b7a.js
104.17.154.91
https://static.invisionapp-cdn.com/spa/cloud-ui/polyfills.0ca8b6ae.js
unknown
https://static.invisionapp-cdn.com/spa/freehand-web-v7-static/freehand-web-v7-vendors.0410ce90753f5fc29351.js
104.17.154.91
https://support.pendo.io/hc/en-us/articles/360032201071-Client-side-data-installation
unknown
https://static.invisionapp-cdn.com/global/fonts/Inv-MaisonNeue-DemiItalic.woff2
unknown
https://static.invisionapp-cdn.com/global/fonts/Inv-MaisonNeue-Medium.woff
unknown
https://static.invisionapp-cdn.com/global/fonts/Inv-MaisonNeue-Demi.woff2
unknown
https://static.invisionapp-cdn.com/spa/cloud-ui/app-shell.9729de5c.js
104.17.154.91
https://static.invisionapp-cdn.com/global/fonts/AktivGroteskVF_Italics_W_Wght.woff2
unknown
https://static.invisionapp-cdn.com/spa/invproto-fe-static/invproto-fe.a25731557cffe53d7576.js
104.17.154.91
https://help.invisionapp.com/hc/en-us/requests/new
unknown
https://static.invisionapp-cdn.com/spa/rpr-helios-one-web-static/
unknown
https://fb.me/react-polyfills
unknown
https://static.invisionapp-cdn.com/global/favicons/default/apple-touch-icon.png
unknown
https://static.invisionapp-cdn.com/spa/freehand-web-v7-static/freehand-web-v7-bundle.1a632b09d6f4f3123e63.js
104.17.154.91
https://people.mozilla.org/~jorendorff/es6-draft.html#sec-generatorresume
unknown
https://cdn.cookielaw.org/consent/d0d9132f-a6e0-4094-81da-798f2d0285d2/d0d9132f-a6e0-4094-81da-798f2d0285d2.json
104.18.86.42
https://lea.verou.me
unknown
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.18.86.42
https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
unknown
https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
104.18.86.42
https://static.invisionapp-cdn.com/global/fonts/Inv-MaisonNeue-Demi.woff
unknown
There are 67 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
k256-all.gslb.ksyuncdn.com
118.112.233.1
www.google.com
142.250.186.36
d3dy5gmtp8yhk7.cloudfront.net
108.156.64.41
cdn.cookielaw.org
104.18.86.42
geolocation.onetrust.com
172.64.155.119
fp2e7a.wpc.phicdn.net
192.229.221.95
static.invisionapp-cdn.com
104.17.154.91
nicolelynam513779.invisionapp.com
unknown
js.pusher.com
unknown

IPs

IP
Domain
Country
Malicious
104.18.87.42
unknown
United States
142.250.186.36
www.google.com
United States
104.17.154.91
static.invisionapp-cdn.com
United States
104.17.155.91
unknown
United States
108.156.64.41
d3dy5gmtp8yhk7.cloudfront.net
United States
192.168.2.4
unknown
unknown
172.64.155.119
geolocation.onetrust.com
United States
239.255.255.250
unknown
Reserved
104.18.32.137
unknown
United States
104.18.86.42
cdn.cookielaw.org
United States

DOM / HTML

URL
Malicious
https://nicolelynam513779.invisionapp.com/freehand/KE-Design-LLC-24-22144---3LtuK81gj