Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
/dev/null
|
ASCII text
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/C/com.apple.Safari/com.apple.scriptmanager2.le.cache
|
data
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/C/com.apple.Safari/mds/mdsDirectory.db_
|
Mac OS X Keychain File
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/C/com.apple.Safari/mds/mdsObject.db_
|
Mac OS X Keychain File
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari
2)/CloudHistoryRemoteConfiguration.plist
|
XML 1.0 document, ASCII text
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/594B396FFEEC19E38A5E99169F3F172D
|
MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/71BFEA7D46CA0FE5910A400F9266CD08
|
MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/AutoFillQuirks.plist
|
Apple binary property list
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/CacheSettings.plist
|
Apple binary property list
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/KnownExtensions.plist
|
Apple binary property list
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/LastSession.plist
|
Apple binary property list
|
dropped
|
||
/private/var/folders/t9/r5v5jljx0rb04g1yc95c7hw40000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/Preferences.plist
|
Apple binary property list
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/Library/Frameworks/Mono.framework/Versions/4.4.2/bin/mono-sgen32
|
-
|
||
/usr/bin/open
|
/usr/bin/open -a Safari http://www.liftedentertainment.uk
|
||
/usr/libexec/xpcproxy
|
-
|
||
/Applications/Safari.app/Contents/MacOS/Safari
|
/Applications/Safari.app/Contents/MacOS/Safari
|
||
/usr/libexec/xpcproxy
|
-
|
||
/usr/libexec/silhouette
|
/usr/libexec/silhouette
|
||
/usr/libexec/xpcproxy
|
-
|
||
/usr/libexec/firmwarecheckers/eficheck/eficheck
|
/usr/libexec/firmwarecheckers/eficheck/eficheck --integrity-check-daemon
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://www.liftedentertainment.uk
|
|||
https://www.sephora.com/profile/MyAccount_
|
unknown
|
||
https://xhamster.com/password-recovery_
|
unknown
|
||
https://liftedentertainment.com/wp-content/uploads/2023/10/ShowDVD-MyMumYourDad.jpg
|
104.21.59.110
|
||
https://hotels.com/profile/settings.html_
|
unknown
|
||
https://www.usaa.com/inet/ent_auth_password/pages/ChangePasswordPage_
|
unknown
|
||
https://liftedentertainment.com/wp-content/uploads/2024/03/renewed-800x450.jpg
|
104.21.59.110
|
||
https://customer.xfinity.com/users/me/update-password_
|
unknown
|
||
https://liftedentertainment.com/wp-content/uploads/2023/10/ShowDVD-InForAPenny.jpg
|
104.21.59.110
|
||
https://moncompte.lemonde.fr/gcustomer/account/password_
|
unknown
|
||
https://shein.com/user/security_
|
unknown
|
||
https://support.opentable.com/s/login/ForgotPassword?language=en_US_
|
unknown
|
||
https://fps.fidelity.com/ftgw/Fps/Fidelity/RtlCust/ChangePIN/Init_
|
unknown
|
||
https://www.newsweek.com/contact_
|
unknown
|
||
https://www.birkenstock.com/profile_
|
unknown
|
||
https://id.sonyentertainmentnetwork.com/id/management/#/p/security_
|
unknown
|
||
https://www.nba.com/account/nbaprofile_
|
unknown
|
||
https://cloud.linode.com/profile/auth_
|
unknown
|
||
https://codepen.io/settings/account_
|
unknown
|
||
https://www.serasa.com.br/meus-dados/alterar-senha_
|
unknown
|
||
https://reg.usps.com/entreg/secure/ChangePasswordAction_input?returnActionName_
|
unknown
|
||
https://www.allrecipes.com/account/profile#/change-password_
|
unknown
|
||
https://user.manganelo.com/user_changes_pass_
|
unknown
|
||
https://www.dailymail.co.uk/registration/profile/change-password.html_
|
unknown
|
||
https://www.11st.co.kr/register/popupModifyPWD.tmall_
|
unknown
|
||
https://cam.ana.co.jp/psz/us/amc_us.jsp?index=105_
|
unknown
|
||
https://www.creditkarma.com/myprofile/security_
|
unknown
|
||
https://secure07ea.chase.com/web/auth/dashboard#/dashboard/myProfileSignInSecurity/resetPassword/res
|
unknown
|
||
https://account.magento.com/customer/account/changepassword_
|
unknown
|
||
https://profile.theguardian.com/reset_
|
unknown
|
||
https://reelgood.com/account_
|
unknown
|
||
https://go.com/profile/account-settings/edit_
|
unknown
|
||
https://genius.com/password_resets/new_
|
unknown
|
||
https://www.macys.com/account/profile?cm_sp=macys_account-_-my_account-_-my_profile&linklocation=lef
|
unknown
|
||
https://liftedentertainment.com/wp-content/litespeed/js/31d2f3ff6627bdf90b86ae7f861e0460.js?ver=8ab11
|
104.21.59.110
|
||
https://www.alternate.de/html/myAccount/account/basicData.html_
|
unknown
|
||
https://blend.io/settings_
|
unknown
|
||
https://www.aesop.com/my-account_
|
unknown
|
||
https://member.daum.net/change/password.daum_
|
unknown
|
||
https://myaccount.virginmobile.ca/MyProfile/Details/EditProfile?editField=PASSWORD_
|
unknown
|
||
https://mastercard.syf.com/login/reset_
|
unknown
|
||
https://www.jcpenney.com/account/dashboard/personal/info_
|
unknown
|
||
https://www.pearson.com/store/en-us/my-account/update-password_
|
unknown
|
||
https://worldstarhiphop.com/videos/reset.php_
|
unknown
|
||
https://www.shoop.de/einstellungen/benutzerdaten_
|
unknown
|
||
https://accounts.shopify.com/accounts/186490458/security_
|
unknown
|
||
https://app.carta.com/profiles/update/_
|
unknown
|
||
https://legacy.memoriams.com/Network/Account/ChangePassword_
|
unknown
|
||
https://profile.callofduty.com/cod/info_
|
unknown
|
||
https://secure.hulu.com/account_
|
unknown
|
||
https://news.ycombinator.com/changepw_
|
unknown
|
||
https://liftedentertainment.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
|
104.21.59.110
|
||
https://classroom.udacity.com/settings/password_
|
unknown
|
||
https://pwrecovery.ruc.dk_
|
unknown
|
||
https://www.splunk.com/my-account/#/profile-details
|
unknown
|
||
https://secure.ssa.gov/RIM/UpwdView.action_
|
unknown
|
||
https://cdn.jsdelivr.net/npm/@fancyapps/ui@5.0/dist/carousel/carousel.umd.js?ver=6.5.2
|
151.101.193.229
|
||
https://www.ancestry.com/account/security/password_
|
unknown
|
||
https://key.harvard.edu/manage-account/change-password_
|
unknown
|
||
https://cdn.jsdelivr.net/npm/@fancyapps/ui@5.0/dist/fancybox/fancybox.umd.js?ver=6.5.2
|
151.101.193.229
|
||
https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d4966.0194041032255!2d-0.2320333!3d51.513038!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x48760f7e0b94e4a3%3A0xa69959f858834bf6!2sITV%20White%20City!5e0!3m2!1sen!2suk!4v1691592696860!5m2!1sen!2suk
|
142.250.72.228
|
||
https://www.patreon.com/settings/account_
|
unknown
|
||
https://liftedentertainment.com/wp-content/uploads/2023/08/Header-ImACeleb-04-v2.jpg
|
104.21.59.110
|
||
https://apps.anatel.gov.br/AnatelConsumidor/ConsumidorEditar.aspx_
|
unknown
|
||
https://liftedentertainment.com/wp-content/uploads/2023/08/ShowDVD-DancingOnIce-v2.jpg
|
104.21.59.110
|
||
https://www.zocdoc.com/patient/editprofile?section=Password_
|
unknown
|
||
https://www.apartments.com/my-account/#_
|
unknown
|
||
https://logonservices.iam.target.com/change-password/?target=#
|
unknown
|
||
https://www.aerlingus.com/html/user-profile.html_
|
unknown
|
||
https://www.dickssportinggoods.com/MyAccount/AccountSettings_
|
unknown
|
||
https://liftedentertainment.com/wp-content/uploads/2023/10/ShowDVD-GetBritainSinging.jpg
|
104.21.59.110
|
||
https://liftedentertainment.com/wp-content/uploads/2023/08/ShowDVD-VoiceKids-1.jpg
|
104.21.59.110
|
||
https://login.tmon.co.kr/user/info_
|
unknown
|
||
https://liftedentertainment.com/wp-content/uploads/2023/08/ShowDVD-ImACeleb-v2.jpg
|
104.21.59.110
|
||
https://secure.indeed.com/account/changepassword_
|
unknown
|
||
https://www.temu.com/bgp_account_security.html_
|
unknown
|
||
https://imgur.com/account/settings/password_
|
unknown
|
||
https://www.espn.com/_
|
unknown
|
||
https://www.consumidor.gov.br/pages/usuario/editar_
|
unknown
|
||
https://www.nike.com/member/settings_
|
unknown
|
||
https://www.bathandbodyworks.com/my-account/edit-profile_
|
unknown
|
||
https://liftedentertainment.com/wp-content/uploads/2023/08/ShowDVD-LoveIsland-1.jpg
|
104.21.59.110
|
||
https://myvpostpay.verizon.com/ui/bill/secure/_
|
unknown
|
||
https://www.glassdoor.com/member/profile/settings.htm_
|
unknown
|
||
https://login.yahoo.com/account/change-password_
|
unknown
|
||
https://www.pornhub.com/user/security_
|
unknown
|
||
https://www.cargurus.com/Cars/myAccount#/accountSettings_
|
unknown
|
||
https://liftedentertainment.com/wp-content/uploads/2023/10/ShowDVD-BritishSoapAwards.jpg
|
104.21.59.110
|
||
https://www.prowlapp.com/settings.php_
|
unknown
|
||
https://accounts.intuit.com/app/account-manager/security/password_
|
unknown
|
||
https://shop.tmz.com/user?show=account-tab_
|
unknown
|
||
https://account.gmx.net/ciss/security/edit/passwordChange_
|
unknown
|
||
https://www.samsclub.com/account/personal-info?xid=hdr_account_change-password_
|
unknown
|
||
https://www.xvideos.com/account/security_
|
unknown
|
||
https://portal.edd.ca.gov/WebApp/Profile/UpdatePassword_
|
unknown
|
||
https://liftedentertainment.com/wp-content/uploads/2024/02/heart-800x450.jpg
|
104.21.59.110
|
||
https://my.foxbusiness.com/?p=account_
|
unknown
|
||
https://selvbetjening.rejsekort.dk/CWS/CustomerManagement/ChangePassword_
|
unknown
|
||
https://www.meliuz.com.br/minha-conta/meus-dados/senha_
|
unknown
|
||
https://www.ventrachicago.com/account/manage-account/_
|
unknown
|
||
https://www.alliantcreditunion.com/OnlineBanking/Settings/AccessAndSecurity/ChangePassword.aspx_
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
jsdelivr.map.fastly.net
|
151.101.193.229
|
||
www.itvstudios.com
|
18.159.187.245
|
||
maxcdn.bootstrapcdn.com
|
104.18.10.207
|
||
liftedentertainment.uk
|
15.197.142.173
|
||
z-p42-instagram.c10r.instagram.com
|
31.13.70.174
|
||
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
||
dev.charliekirby.co.uk
|
154.56.35.60
|
||
youtu.be
|
172.217.14.110
|
||
youtube-ui.l.google.com
|
142.250.72.142
|
||
www.google.com
|
142.250.72.228
|
||
liftedentertainment.com
|
172.67.175.156
|
||
h3.apis.apple.map.fastly.net
|
151.101.3.6
|
||
ytimg.l.google.com
|
142.250.189.14
|
||
img.youtube.com
|
unknown
|
||
www.itvplc.com
|
unknown
|
||
cdn.jsdelivr.net
|
unknown
|
||
kit.fontawesome.com
|
unknown
|
||
www.linkedin.com
|
unknown
|
||
www.instagram.com
|
unknown
|
||
www.liftedentertainment.uk
|
unknown
|
||
www.youtube.com
|
unknown
|
||
updates.cdn-apple.com
|
unknown
|
||
www.tiktok.com
|
unknown
|
||
ka-p.fontawesome.com
|
unknown
|
There are 14 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
151.101.193.229
|
jsdelivr.map.fastly.net
|
United States
|
||
15.197.142.173
|
liftedentertainment.uk
|
United States
|
||
172.67.175.156
|
liftedentertainment.com
|
United States
|
||
151.101.3.6
|
h3.apis.apple.map.fastly.net
|
United States
|
||
104.21.59.110
|
unknown
|
United States
|
||
142.250.72.228
|
www.google.com
|
United States
|
||
3.33.152.147
|
unknown
|
United States
|
||
151.101.131.6
|
unknown
|
United States
|
||
151.101.195.6
|
unknown
|
United States
|
||
142.250.189.14
|
ytimg.l.google.com
|
United States
|