Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=1636 --field-trial-handle=1772,i,10089015272738415623,17700598493285716523,131072
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.canva.com
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --mojo-platform-channel-handle=6180 --field-trial-handle=1772,i,10089015272738415623,17700598493285716523,131072
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.canva.com
|
|||
https://www.canva.com/_ajax/consent/check
|
104.17.114.17
|
||
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.95
|
157.240.17.15
|
||
https://accounts.google.com/gsi/status?client_id=779010036194-lf6spugv22vvj41pqjdj4d8k2tq7o5fd.apps.googleusercontent.com&as=bCClXdV%2FZODP%2FJcmsRgmBQ
|
216.58.209.45
|
||
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37190734-9&cid=1615252243.1675822951&jid=2044558087&gjid=1841022744&_gid=481059741.1675822953&_u=YCDAgEABAAAAAEgFK~&z=1047222868
|
142.251.31.157
|
||
https://static.canva.com/web/93daaef2e244cef5.ltr.css
|
104.17.114.17
|
||
https://static.canva.com/web/f8551c82c4f183cf.vendor.js
|
104.17.114.17
|
||
https://static.canva.com/static/images/android-192x192-2.png
|
104.17.114.17
|
||
https://content-management-files.canva.com/cdn-cgi/image/format=auto,w=800/9690b17e-f3ad-4278-8680-f3c35d6549d5/hero-banner-en-1600x852-placeholder.jpg
|
104.17.114.17
|
||
https://static.canva.com/web/7b9533eb05694c5c.runtime.js
|
104.17.114.17
|
||
https://www.canva.com/
|
104.17.114.17
|
||
https://accounts.google.com/gsi/style
|
216.58.209.45
|
||
https://www.canva.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675814400
|
104.17.114.17
|
||
https://www.canva.com/cdn-cgi/challenge-platform/h/g/cv/result/795dcd8ccaa9bb43
|
104.17.114.17
|
||
https://accounts.google.com/gsi/client
|
216.58.209.45
|
||
https://static.canva.com/web/d6c62c87c7343321.js
|
104.17.114.17
|
||
https://www.canva.com/_ajax/consent/add
|
104.17.114.17
|
||
https://www.canva.com/_ajax/csrf3/consent
|
104.17.114.17
|
||
https://static.canva.com/static/images/favicon-1.ico
|
104.17.114.17
|
||
https://static.canva.com/web/9e60d146b34626d3.vendor.js
|
104.17.114.17
|
||
https://content-management-files.canva.com/943bd1b3-ffd6-4892-a4df-b107cb33e657/hero-banner-en-1600x852.mp4
|
104.17.114.17
|
||
https://content-management-files.canva.com/cdn-cgi/image/format=auto,w=454/b3bbd63b-12e6-43de-abe6-d6652fb3deea/template-2.jpg
|
104.17.114.17
|
||
https://connect.facebook.net/en_US/fbevents.js
|
157.240.17.15
|
||
https://static.canva.com/web/e3cc65ee81118233.vendor.js
|
104.17.114.17
|
||
https://static.canva.com/static/lib/sentry/7.16.0.min.js
|
104.17.114.17
|
||
https://www.canva.com/_ajax/csrf3/ae
|
104.17.114.17
|
||
https://static.canva.com/web/c2d180aa5829c77d.strings.js
|
104.17.114.17
|
||
https://static.canva.com/web/8cf1e53e7c516ca0.ltr.css
|
104.17.114.17
|
||
https://static.canva.com/web/7737b0b6b6b0cd06.js
|
104.17.114.17
|
||
https://static.canva.com/web/af9330c9659a5a59.js
|
104.17.114.17
|
||
https://static.canva.com/web/987f23139cf1f7a4.ltr.css
|
104.17.114.17
|
||
https://static.canva.com/web/18493a962b2a29d9.js
|
104.17.114.17
|
||
https://static.canva.com/web/b2ed1d602f16eb9e.runtime.js
|
104.17.114.17
|
||
https://static.canva.com/web/9b8a5b85111cafd4.ltr.css
|
104.17.114.17
|
||
https://static.canva.com/web/1bc16f36a7578f71.js
|
104.17.114.17
|
||
https://static.canva.com/web/0ab07b37dd750274.vendor.js
|
104.17.114.17
|
||
https://static.canva.com/web/bb5f427f24ae06c8.vendor.js
|
104.17.114.17
|
||
https://content-management-files.canva.com/cdn-cgi/image/format=auto,w=340/35b5c343-4194-4ae8-90f1-7ec803d4600d/template-4.jpg
|
104.17.114.17
|
||
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
216.58.209.45
|
||
https://static.canva.com/web/images/12487a1e0770d29351bd4ce4f87ec8fe.svg
|
104.17.114.17
|
||
https://www.canva.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
|
104.17.114.17
|
||
https://www.canva.com/cdn-cgi/rum?
|
104.17.114.17
|
||
https://www.canva.com/_online?1675822957483
|
104.17.114.17
|
||
https://www.canva.com/_ajax/ae/createBatch
|
104.17.114.17
|
||
https://static.canva.com/web/606e898f092126b7.en.js
|
104.17.114.17
|
||
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37190734-9&cid=1615252243.1675822951&jid=2044558087&_u=YCDAgEABAAAAAEgFK~&z=498658461
|
142.250.184.100
|
||
https://o13855.ingest.sentry.io/api/5862012/envelope/?sentry_key=3e6b0deb414549c8901b5382885e478b&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.16.0
|
34.120.195.249
|
||
https://static.canva.com/web/fce11b7cbfb0248a.js
|
104.17.114.17
|
||
https://static.canva.com/web/d25dfa802c8b885c.js
|
104.17.114.17
|
||
https://static.canva.com/web/images/cff149ee1e9d2be50ac77bcd86769d05.woff2
|
104.17.114.17
|
||
https://content-management-files.canva.com/cdn-cgi/image/format=auto,w=300/22f18aa3-ac5c-45b6-bd4a-93fbfdd754f2/template-1.jpg
|
104.17.114.17
|
||
https://www.facebook.com/tr/?id=844585682227065&ev=ViewContent&dl=https%3A%2F%2Fwww.canva.com%2F&rl=&if=false&ts=1675822961012&sw=1280&sh=1024&ud[product_variant]=612f7a0edd33d5c1a7f59b38db605f5f0f9bf63cb4ce753b9bad0ff3aa941412&ud[country]=343677762813eaeb65704cc8d9e96f7a444ba0cca92ff861af7f68648b3e6ef1&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1675822961005.401739065&it=1675822953891&coo=false&eid=1675822927425_e044d839-6497-49c8-b55b-862f1c8ed02b_33&tm=1&rqm=GET
|
157.240.253.35
|
||
https://static.canva.com/web/abd4708436db3a4f.strings.js
|
104.17.114.17
|
||
https://static.canva.com/web/ba17ed9d9da61a7f.vendor.js
|
104.17.114.17
|
||
https://static.canva.com/web/8022d546fc18572e.js
|
104.17.114.17
|
||
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
|
104.16.56.101
|
||
https://www.canva.com/_online?1675822930156
|
104.17.114.17
|
||
https://www.canva.com/
|
|||
https://static.canva.com/web/ddb0f29556b417a7.js
|
104.17.114.17
|
||
https://content-management-files.canva.com/cdn-cgi/image/format=auto,w=306/673b652f-2614-43ff-8647-81ecbdb04678/template-3.jpg
|
104.17.114.17
|
||
https://www.canva.com/_ajax/designspec/spec/search?query=&limit=15
|
104.17.114.17
|
||
https://static.canva.com/web/4dc453f1b320cee8.runtime.js
|
104.17.114.17
|
||
https://www.facebook.com/tr/
|
157.240.253.35
|
||
https://www.canva.com/_online?1675822993078
|
104.17.114.17
|
||
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.180.174
|
||
https://static.canva.com/web/ec3712e0406a8a87.js
|
104.17.114.17
|
||
https://static.canva.com/web/d787ac8bca204aa4.vendor.js
|
104.17.114.17
|
||
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37190734-9&cid=1615252243.1675822951&jid=2044558087&_u=YCDAgEABAAAAAEgFK~&z=498658461
|
142.251.209.3
|
||
https://www.facebook.com/tr/?id=844585682227065&ev=homepage_visit&dl=https%3A%2F%2Fwww.canva.com%2F&rl=&if=false&ts=1675822961007&sw=1280&sh=1024&ud[product_variant]=612f7a0edd33d5c1a7f59b38db605f5f0f9bf63cb4ce753b9bad0ff3aa941412&ud[country]=343677762813eaeb65704cc8d9e96f7a444ba0cca92ff861af7f68648b3e6ef1&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675822961005.401739065&it=1675822953891&coo=false&eid=1675822927425_e044d839-6497-49c8-b55b-862f1c8ed02b_33&tm=2&rqm=GET
|
157.240.253.35
|
||
https://connect.facebook.net/signals/config/844585682227065?v=2.9.95&r=stable
|
157.240.17.15
|
There are 59 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
star-mini.c10r.facebook.com
|
157.240.253.35
|
||
content-management-files.canva.com
|
104.17.114.17
|
||
scontent.xx.fbcdn.net
|
157.240.17.15
|
||
static.cloudflareinsights.com
|
104.16.56.101
|
||
accounts.google.com
|
216.58.209.45
|
||
o13855.ingest.sentry.io
|
34.120.195.249
|
||
static.canva.com
|
104.17.114.17
|
||
www.google.co.uk
|
142.251.209.3
|
||
www.google.com
|
142.250.184.100
|
||
clients.l.google.com
|
142.250.180.174
|
||
www.canva.com
|
104.17.114.17
|
||
stats.g.doubleclick.net
|
142.251.31.157
|
||
www.facebook.com
|
unknown
|
||
sdk.iad-01.braze.com
|
unknown
|
||
connect.facebook.net
|
unknown
|
||
clients2.google.com
|
unknown
|
There are 6 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
192.168.2.1
|
unknown
|
unknown
|
||
104.17.114.17
|
content-management-files.canva.com
|
United States
|
||
142.251.31.157
|
stats.g.doubleclick.net
|
United States
|
||
142.251.209.3
|
www.google.co.uk
|
United States
|
||
216.58.209.45
|
accounts.google.com
|
United States
|
||
157.240.17.15
|
scontent.xx.fbcdn.net
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
104.16.56.101
|
static.cloudflareinsights.com
|
United States
|
||
157.240.253.35
|
star-mini.c10r.facebook.com
|
United States
|
||
142.250.184.100
|
www.google.com
|
United States
|
||
142.250.180.174
|
clients.l.google.com
|
United States
|
||
34.120.195.249
|
o13855.ingest.sentry.io
|
United States
|
There are 2 hidden IPs, click here to show them.
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
HKEY_CURRENT_USER\Software\Microsoft\Speech_OneCore\Voices
|
DefaultTokenId
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.cdm.origin_data
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blocklist_cache_md5_digest
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
HKEY_USERSS-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry
|
TraceTimeLast
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
There are 42 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
2118B23E000
|
heap
|
page read and write
|
||
2118B279000
|
heap
|
page read and write
|
||
F18E87B000
|
stack
|
page read and write
|
||
2118B213000
|
heap
|
page read and write
|
||
2118B150000
|
heap
|
page read and write
|
||
2118B300000
|
heap
|
page read and write
|
||
2118B268000
|
heap
|
page read and write
|
||
2118B302000
|
heap
|
page read and write
|
||
F18E97E000
|
stack
|
page read and write
|
||
2118B200000
|
heap
|
page read and write
|
||
F18EA7F000
|
stack
|
page read and write
|
||
2118BC02000
|
trusted library allocation
|
page read and write
|
||
2118B202000
|
heap
|
page read and write
|
||
2118B228000
|
heap
|
page read and write
|
||
2118B257000
|
heap
|
page read and write
|
||
F18EB7D000
|
stack
|
page read and write
|
||
2118B1E0000
|
trusted library allocation
|
page read and write
|
||
2118B140000
|
heap
|
page read and write
|
||
2118B313000
|
heap
|
page read and write
|
||
2118B1B0000
|
heap
|
page read and write
|
||
F18E32C000
|
stack
|
page read and write
|
There are 11 hidden memdumps, click here to show them.
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://www.canva.com/
|