Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
/dev/null
|
ASCII text
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/C/com.apple.Safari/com.apple.scriptmanager2.le.cache
|
data
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/C/com.apple.Safari/mds/mdsDirectory.db_
|
Mac OS X Keychain File
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/C/com.apple.Safari/mds/mdsObject.db_
|
Mac OS X Keychain File
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari
2)/AutoFillQuirks.plist
|
Apple binary property list
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/CloudHistoryRemoteConfiguration.plist
|
XML 1.0 document, ASCII text
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/KnownExtensions.plist
|
Apple binary property list
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/LastSession.plist
|
Apple binary property list
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/Preferences.plist
|
Apple binary property list
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/usr/libexec/xpcproxy
|
-
|
||
/usr/libexec/nsurlstoraged
|
/usr/libexec/nsurlstoraged --privileged
|
||
/Library/Frameworks/Mono.framework/Versions/4.4.2/bin/mono-sgen32
|
-
|
||
/usr/bin/open
|
/usr/bin/open -a Safari https://secure.na2.documents.adobe.com/public/esign?tsid=CBFCIBAACBSCTBABDUAAABACAABAAskvx_bq2cquZ4iq5BLjtEbawFZPxMTV6mRN_3v_virXQazei6QWK2KQGkwGCN9pO8Sn1Zu0F3YP6y43ljMzViV-Jk1qAjzp1hzXH72fTmZKTDP9OlrjmAtiGxIKJVXAP&
|
||
/usr/libexec/xpcproxy
|
-
|
||
/Applications/Safari.app/Contents/MacOS/Safari
|
/Applications/Safari.app/Contents/MacOS/Safari
|
||
/usr/libexec/xpcproxy
|
-
|
||
/usr/libexec/firmwarecheckers/eficheck/eficheck
|
/usr/libexec/firmwarecheckers/eficheck/eficheck --integrity-check-daemon
|
||
/usr/libexec/xpcproxy
|
-
|
||
/usr/libexec/silhouette
|
/usr/libexec/silhouette
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://secure.na2.documents.adobe.com/public/esign?tsid=CBFCIBAACBSCTBABDUAAABACAABAAskvx_bq2cquZ4iq5BLjtEbawFZPxMTV6mRN_3v_virXQazei6QWK2KQGkwGCN9pO8Sn1Zu0F3YP6y43ljMzViV-Jk1qAjzp1hzXH72fTmZKTDP9OlrjmAtiGxIKJVXAP&
|
|||
https://www.sephora.com/profile/MyAccount_
|
unknown
|
||
https://accounts.ebay.com/acctsec/security-center/chngpwd_
|
unknown
|
||
https://www.southwest.com/loyalty/myaccount/profile-security.html_
|
unknown
|
||
https://xhamster.com/password-recovery_
|
unknown
|
||
https://acesso.gov.br/area-cidadao/#/alterarSenha_
|
unknown
|
||
https://hotels.com/profile/settings.html_
|
unknown
|
||
https://www.usaa.com/inet/ent_auth_password/pages/ChangePasswordPage_
|
unknown
|
||
https://www.amctheatres.com/amcstubs/account_
|
unknown
|
||
https://customer.xfinity.com/users/me/update-password_
|
unknown
|
||
https://www.walmart.com/account/profile_
|
unknown
|
||
https://moncompte.lemonde.fr/gcustomer/account/password_
|
unknown
|
||
https://shein.com/user/security_
|
unknown
|
||
https://zoom.us/profile#pwd-form_
|
unknown
|
||
https://support.opentable.com/s/login/ForgotPassword?language=en_US_
|
unknown
|
||
https://forum.wii-homebrew.com/index.php/AccountManagement/_
|
unknown
|
||
https://www.twitch.tv/settings/security_
|
unknown
|
||
https://fps.fidelity.com/ftgw/Fps/Fidelity/RtlCust/ChangePIN/Init_
|
unknown
|
||
https://www.instacart.com/store/account_
|
unknown
|
||
https://www.newsweek.com/contact_
|
unknown
|
||
https://www.victoriassecret.com/us/account/profile#changePassword_
|
unknown
|
||
https://dashboard.dittomusic.com/account/password_
|
unknown
|
||
https://www.birkenstock.com/profile_
|
unknown
|
||
https://www.delta.com/myprofile/security-settings_
|
unknown
|
||
https://www.fanfiction.net/account/password.php_
|
unknown
|
||
https://id.sonyentertainmentnetwork.com/id/management/#/p/security_
|
unknown
|
||
https://www.nba.com/account/nbaprofile_
|
unknown
|
||
https://cloud.linode.com/profile/auth_
|
unknown
|
||
https://meuvivo.vivo.com.br/meuvivo/appmanager/portal/fixo_
|
unknown
|
||
https://www.livejasmin.com/en/girls/#
|
unknown
|
||
https://slickdeals.net/forums/login.php?do=lostpw_
|
unknown
|
||
https://www.alaskaair.com/www2/ssl/myalaskaair/myalaskaair.aspx?view=myinformation&tab=email_
|
unknown
|
||
https://www.linkedin.com/psettings/change-password_
|
unknown
|
||
https://bugzilla.kernel.org/userprefs.cgi?tab=account_
|
unknown
|
||
https://codepen.io/settings/account_
|
unknown
|
||
https://www.roblox.com/my/account#
|
unknown
|
||
https://www.serasa.com.br/meus-dados/alterar-senha_
|
unknown
|
||
https://reg.usps.com/entreg/secure/ChangePasswordAction_input?returnActionName_
|
unknown
|
||
https://www.allrecipes.com/account/profile#/change-password_
|
unknown
|
||
https://user.manganelo.com/user_changes_pass_
|
unknown
|
||
https://www.dailymail.co.uk/registration/profile/change-password.html_
|
unknown
|
||
https://www.11st.co.kr/register/popupModifyPWD.tmall_
|
unknown
|
||
https://app.plex.tv/desktop#
|
unknown
|
||
https://cam.ana.co.jp/psz/us/amc_us.jsp?index=105_
|
unknown
|
||
https://account.samsung.com/membership/contents/security/password/change-password_
|
unknown
|
||
https://www.creditkarma.com/myprofile/security_
|
unknown
|
||
https://auth.readymag.com/password/forgot_
|
unknown
|
||
https://archive.org/account/index.php?settings=1_
|
unknown
|
||
https://secure07ea.chase.com/web/auth/dashboard#/dashboard/myProfileSignInSecurity/resetPassword/res
|
unknown
|
||
https://account.magento.com/customer/account/changepassword_
|
unknown
|
||
https://accounts.nintendo.com/password/edit_
|
unknown
|
||
https://www.nordstrom.com/my-account/sign-in-info_
|
unknown
|
||
https://www.dominos.com/en/pages/customer/#
|
unknown
|
||
https://profile.theguardian.com/reset_
|
unknown
|
||
https://reelgood.com/account_
|
unknown
|
||
https://www.dropbox.com/account/security_
|
unknown
|
||
https://customercenter.wsj.com/account#password_
|
unknown
|
||
https://go.com/profile/account-settings/edit_
|
unknown
|
||
https://chaturbate.com/auth/password_change/_
|
unknown
|
||
https://genius.com/password_resets/new_
|
unknown
|
||
https://www.macys.com/account/profile?cm_sp=macys_account-_-my_account-_-my_profile&linklocation=lef
|
unknown
|
||
https://www.alternate.de/html/myAccount/account/basicData.html_
|
unknown
|
||
https://blend.io/settings_
|
unknown
|
||
https://www.cnn.com/account/settings_
|
unknown
|
||
https://www.instagram.com/accounts/password/change/_
|
unknown
|
||
https://www.redtube.com/settings_
|
unknown
|
||
https://www.aesop.com/my-account_
|
unknown
|
||
https://member.daum.net/change/password.daum_
|
unknown
|
||
https://myaccount.virginmobile.ca/MyProfile/Details/EditProfile?editField=PASSWORD_
|
unknown
|
||
https://mastercard.syf.com/login/reset_
|
unknown
|
||
https://www.jcpenney.com/account/dashboard/personal/info_
|
unknown
|
||
https://www.pearson.com/store/en-us/my-account/update-password_
|
unknown
|
||
https://worldstarhiphop.com/videos/reset.php_
|
unknown
|
||
https://www.boredpanda.com/settings/_
|
unknown
|
||
https://www.shoop.de/einstellungen/benutzerdaten_
|
unknown
|
||
https://mypassword.uml.edu/#Change_
|
unknown
|
||
https://stripchat.com/settings_
|
unknown
|
||
https://accounts.shopify.com/accounts/186490458/security_
|
unknown
|
||
https://www.redfin.com/change-password_
|
unknown
|
||
https://hibrain.net/mybrain/users/password/edit_
|
unknown
|
||
https://app.carta.com/profiles/update/_
|
unknown
|
||
https://legacy.memoriams.com/Network/Account/ChangePassword_
|
unknown
|
||
https://www.ups.com/lasso/updatePass?loc=en_US_
|
unknown
|
||
https://www.pinterest.com/settings/account-settings_
|
unknown
|
||
https://profile.callofduty.com/cod/info_
|
unknown
|
||
https://bandcamp.com/settings#password_
|
unknown
|
||
https://www.crackle.com/profile_
|
unknown
|
||
https://secure.hulu.com/account_
|
unknown
|
||
https://app.acorns.com/settings/change-password_
|
unknown
|
||
https://news.ycombinator.com/changepw_
|
unknown
|
||
https://classroom.udacity.com/settings/password_
|
unknown
|
||
https://pwrecovery.ruc.dk_
|
unknown
|
||
https://rumble.com/account/profile_
|
unknown
|
||
https://www.michaels.com/on/demandware.store/Sites-MichaelsUS-Site/default/Account-EditProfile_
|
unknown
|
||
https://www.splunk.com/my-account/#/profile-details
|
unknown
|
||
https://secure.ssa.gov/RIM/UpwdView.action_
|
unknown
|
||
https://www.realtor.com/myaccount/profile/settings_
|
unknown
|
||
https://www.ancestry.com/account/security/password_
|
unknown
|
||
https://www.zillow.com/myzillow/profile/_
|
unknown
|
||
https://key.harvard.edu/manage-account/change-password_
|
unknown
|
||
https://www.nytimes.com/account/change-password_
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
1.1.1.1
|
unknown
|
Australia
|
||
184.24.159.165
|
unknown
|
United States
|
||
151.101.195.6
|
unknown
|
United States
|
||
151.101.67.6
|
unknown
|
United States
|