Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
/dev/null
|
ASCII text
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/C/com.apple.Safari/com.apple.scriptmanager2.le.cache
|
data
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/C/com.apple.Safari/mds/mdsDirectory.db_
|
Mac OS X Keychain File
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/C/com.apple.Safari/mds/mdsObject.db_
|
Mac OS X Keychain File
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari
2)/AutoFillQuirks.plist
|
Apple binary property list
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/CacheSettings.plist
|
Apple binary property list
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/CloudHistoryRemoteConfiguration.plist
|
XML 1.0 document, ASCII text
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/KnownExtensions.plist
|
Apple binary property list
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/LastSession.plist
|
Apple binary property list
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/Preferences.plist
|
Apple binary property list
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/usr/libexec/xpcproxy
|
-
|
||
/usr/libexec/nsurlstoraged
|
/usr/libexec/nsurlstoraged --privileged
|
||
/Library/Frameworks/Mono.framework/Versions/4.4.2/bin/mono-sgen32
|
-
|
||
/usr/bin/open
|
/usr/bin/open -a Safari https://omgitsrxqxb.com/
|
||
/usr/libexec/xpcproxy
|
-
|
||
/Applications/Safari.app/Contents/MacOS/Safari
|
/Applications/Safari.app/Contents/MacOS/Safari
|
||
/usr/libexec/xpcproxy
|
-
|
||
/usr/libexec/silhouette
|
/usr/libexec/silhouette
|
||
/usr/libexec/xpcproxy
|
-
|
||
/usr/libexec/firmwarecheckers/eficheck/eficheck
|
/usr/libexec/firmwarecheckers/eficheck/eficheck --integrity-check-daemon
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://omgitsrxqxb.com/
|
|||
https://www.sephora.com/profile/MyAccount_
|
unknown
|
||
https://myaccount.uscis.gov/users/registration/password_
|
unknown
|
||
https://www.dotloop.com/my/account/#/settings_
|
unknown
|
||
https://xhamster.com/password-recovery_
|
unknown
|
||
https://hotels.com/profile/settings.html_
|
unknown
|
||
https://myspace.com/settings/profile/email_
|
unknown
|
||
https://www.usaa.com/inet/ent_auth_password/pages/ChangePasswordPage_
|
unknown
|
||
https://allegro.pl/moje-allegro/moje-konto/logowanie-i-haslo_
|
unknown
|
||
https://customer.xfinity.com/users/me/update-password_
|
unknown
|
||
https://moncompte.lemonde.fr/gcustomer/account/password_
|
unknown
|
||
https://shein.com/user/security_
|
unknown
|
||
https://www.discogs.com/settings/user_
|
unknown
|
||
https://support.opentable.com/s/login/ForgotPassword?language=en_US_
|
unknown
|
||
https://fps.fidelity.com/ftgw/Fps/Fidelity/RtlCust/ChangePIN/Init_
|
unknown
|
||
https://www.amazon.com/ax/account/manage_
|
unknown
|
||
https://www.newsweek.com/contact_
|
unknown
|
||
https://www.birkenstock.com/profile_
|
unknown
|
||
https://id.sonyentertainmentnetwork.com/id/management/#/p/security_
|
unknown
|
||
https://www.nba.com/account/nbaprofile_
|
unknown
|
||
https://cloud.linode.com/profile/auth_
|
unknown
|
||
https://codepen.io/settings/account_
|
unknown
|
||
https://www.serasa.com.br/meus-dados/alterar-senha_
|
unknown
|
||
https://reg.usps.com/entreg/secure/ChangePasswordAction_input?returnActionName_
|
unknown
|
||
https://www.allrecipes.com/account/profile#/change-password_
|
unknown
|
||
https://pro.housecallpro.com/service_pro/account/reset_password_
|
unknown
|
||
https://user.manganelo.com/user_changes_pass_
|
unknown
|
||
https://www.dailymail.co.uk/registration/profile/change-password.html_
|
unknown
|
||
https://www.11st.co.kr/register/popupModifyPWD.tmall_
|
unknown
|
||
https://www.zulily.com/account/edit?rel=top_flyout_
|
unknown
|
||
https://cam.ana.co.jp/psz/us/amc_us.jsp?index=105_
|
unknown
|
||
https://www.creditkarma.com/myprofile/security_
|
unknown
|
||
https://secure07ea.chase.com/web/auth/dashboard#/dashboard/myProfileSignInSecurity/resetPassword/res
|
unknown
|
||
https://account.magento.com/customer/account/changepassword_
|
unknown
|
||
https://profile.theguardian.com/reset_
|
unknown
|
||
https://reelgood.com/account_
|
unknown
|
||
https://dash.e.jimdo.com/profile_
|
unknown
|
||
https://go.com/profile/account-settings/edit_
|
unknown
|
||
https://genius.com/password_resets/new_
|
unknown
|
||
https://www.macys.com/account/profile?cm_sp=macys_account-_-my_account-_-my_profile&linklocation=lef
|
unknown
|
||
https://logowanie.pl.canalplus.com/zmien-haslo_
|
unknown
|
||
https://www.alternate.de/html/myAccount/account/basicData.html_
|
unknown
|
||
https://blend.io/settings_
|
unknown
|
||
https://www.aesop.com/my-account_
|
unknown
|
||
https://member.daum.net/change/password.daum_
|
unknown
|
||
https://myaccount.virginmobile.ca/MyProfile/Details/EditProfile?editField=PASSWORD_
|
unknown
|
||
https://mastercard.syf.com/login/reset_
|
unknown
|
||
https://www.jcpenney.com/account/dashboard/personal/info_
|
unknown
|
||
https://worldstarhiphop.com/videos/reset.php_
|
unknown
|
||
https://www.shoop.de/einstellungen/benutzerdaten_
|
unknown
|
||
https://accounts.shopify.com/accounts/186490458/security_
|
unknown
|
||
https://app.carta.com/profiles/update/_
|
unknown
|
||
https://legacy.memoriams.com/Network/Account/ChangePassword_
|
unknown
|
||
https://profile.callofduty.com/cod/info_
|
unknown
|
||
https://blackwells.co.uk/bookshop/account/personal-details_
|
unknown
|
||
https://secure.hulu.com/account_
|
unknown
|
||
https://www.splunk.com/my-account/#/profile-details_
|
unknown
|
||
https://news.ycombinator.com/changepw_
|
unknown
|
||
https://classroom.udacity.com/settings/password_
|
unknown
|
||
https://pwrecovery.ruc.dk_
|
unknown
|
||
https://secure.ssa.gov/RIM/UpwdView.action_
|
unknown
|
||
https://www.ancestry.com/account/security/password_
|
unknown
|
||
https://key.harvard.edu/manage-account/change-password_
|
unknown
|
||
https://www.amazon.ca/ax/account/manage_
|
unknown
|
||
https://account.id.me/signin/password_
|
unknown
|
||
https://omgitsrxqxb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
|
104.21.77.60
|
||
https://www.carnival.com/profilemanagement/profiles/changepassword_
|
unknown
|
||
https://omgitsrxqxb.com/cdn-cgi/challenge-platform/h/g/jsd/r/8da100c22d34d0a7
|
104.21.77.60
|
||
https://thejigsawpuzzles.com/profile/?changepassword_
|
unknown
|
||
https://www.patreon.com/settings/account_
|
unknown
|
||
https://account.deere.com/actmgmt/change-password_
|
unknown
|
||
https://www.ikea.com/in/en/profile/dashboard/_
|
unknown
|
||
https://apps.anatel.gov.br/AnatelConsumidor/ConsumidorEditar.aspx_
|
unknown
|
||
https://www.safeway.com/customer-account/account-settings_
|
unknown
|
||
https://www.amazon.de/ax/account/manage_
|
unknown
|
||
https://www.cars.com/reset_password_
|
unknown
|
||
https://www.amazon.es/ax/account/manage_
|
unknown
|
||
https://www.zocdoc.com/patient/editprofile?section=Password_
|
unknown
|
||
https://www.apartments.com/my-account/#_
|
unknown
|
||
https://logonservices.iam.target.com/change-password/?target=#
|
unknown
|
||
https://www.aerlingus.com/html/user-profile.html_
|
unknown
|
||
https://www.dickssportinggoods.com/MyAccount/AccountSettings_
|
unknown
|
||
https://login.tmon.co.kr/user/info_
|
unknown
|
||
https://my.nextdns.io/account_
|
unknown
|
||
https://secure.indeed.com/account/changepassword_
|
unknown
|
||
https://www.temu.com/bgp_account_security.html_
|
unknown
|
||
https://imgur.com/account/settings/password_
|
unknown
|
||
https://my.norton.com/extspa/account/personalinfo_
|
unknown
|
||
https://account.proton.me/u/0/vpn/account-password_
|
unknown
|
||
https://www.espn.com/_
|
unknown
|
||
https://www.consumidor.gov.br/pages/usuario/editar_
|
unknown
|
||
https://www.nike.com/member/settings_
|
unknown
|
||
https://www.bathandbodyworks.com/my-account/edit-profile_
|
unknown
|
||
https://myvpostpay.verizon.com/ui/bill/secure/_
|
unknown
|
||
https://www.glassdoor.com/member/profile/settings.htm_
|
unknown
|
||
https://employeewe.bamboohr.com/dashboard/password.php_
|
unknown
|
||
https://login.yahoo.com/account/change-password_
|
unknown
|
||
https://www.pornhub.com/user/security_
|
unknown
|
||
https://www.cargurus.com/Cars/myAccount#/accountSettings_
|
unknown
|
||
https://www.prowlapp.com/settings.php_
|
unknown
|
||
https://www.aeon.co.jp/app/settings/profile/password/_
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
omgitsrxqxb.com
|
104.21.77.60
|
||
appledownload.map.fastly.net
|
151.101.195.8
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
104.21.77.60
|
omgitsrxqxb.com
|
United States
|
||
151.101.195.8
|
appledownload.map.fastly.net
|
United States
|
||
151.101.195.6
|
unknown
|
United States
|
||
23.46.224.247
|
unknown
|
United States
|
||
151.101.67.6
|
unknown
|
United States
|