Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
https://sparkasse.corona-umstellungsverfahren-de.com/ALC81OPACG
|
URL
|
initial url
|
||
/Users/berri/Library/Safari/.dat.nosync0210.8kfcUv
|
Apple binary property list
|
dropped
|
||
/Users/berri/Library/Safari/.dat.nosync0210.bKXvUw
|
XML 1.0 document, ASCII text
|
dropped
|
||
/Users/berri/Library/Safari/Favicon Cache/favicons/.dat.nosync0210.t7NkvP
|
MS Windows icon resource - 6 icons, 256x256 withPNG image data, 256 x 256, 8-bit/color RGB, non-interlaced, 32 bits/pixel,
128x128, 32 bits/pixel
|
dropped
|
||
/dev/null
|
ASCII text
|
dropped
|
||
/private/var/folders/ql/8wfqxrtx52n95h35b6cz4nyw0000gn/0/SafariFamily/Safari/.dat.nosync0210.Is8mxg
|
Apple binary property list
|
dropped
|
||
/private/var/folders/ql/8wfqxrtx52n95h35b6cz4nyw0000gn/C/mds/mdsDirectory.db_
|
Mac OS X Keychain File
|
dropped
|
||
/private/var/folders/ql/8wfqxrtx52n95h35b6cz4nyw0000gn/C/mds/mdsObject.db_
|
Mac OS X Keychain File
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/usr/libexec/xpcproxy
|
n/a
|
||
/Applications/Safari.app/Contents/MacOS/Safari
|
/Applications/Safari.app/Contents/MacOS/Safari
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://sparkasse.corona-umstellungsverfahren-de.com/ALC81OPACG
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
sparkasse.corona-umstellungsverfahren-de.com
|
47.243.138.168
|
||
dart.l.doubleclick.net
|
172.217.16.102
|
||
pagead46.l.doubleclick.net
|
142.250.181.226
|
||
static.rheinturm.de
|
85.13.148.189
|
||
stats.l.doubleclick.net
|
142.250.27.154
|
||
gateway.fe.apple-dns.net
|
17.248.145.74
|
||
a97adde81b00f2ca4.awsglobalaccelerator.com
|
13.248.242.197
|
||
cm.g.doubleclick.net
|
172.217.20.2
|
||
pixelglobal.sojern.com
|
107.178.244.119
|
||
ib.anycast.adnxs.com
|
185.33.221.90
|
||
kubernetes-loadbalancer.triptease.io
|
35.186.195.233
|
||
static.triptease.io
|
unknown
|
||
pixel.sojern.com
|
unknown
|
||
ad.doubleclick.net
|
unknown
|
||
onboard.triptease.io
|
unknown
|
||
adservice.google.de
|
unknown
|
||
stats.g.doubleclick.net
|
unknown
|
||
beacon.sojern.com
|
unknown
|
||
x1.c.lencr.org
|
unknown
|
||
api.triptease.io
|
unknown
|
||
ib.adnxs.com
|
unknown
|
||
r3.o.lencr.org
|
unknown
|
||
match.adsrvr.org
|
unknown
|
There are 13 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
47.243.138.168
|
sparkasse.corona-umstellungsverfahren-de.com
|
United States
|
||
185.33.221.90
|
ib.anycast.adnxs.com
|
Netherlands
|
||
107.178.244.119
|
pixelglobal.sojern.com
|
United States
|
||
13.248.242.197
|
a97adde81b00f2ca4.awsglobalaccelerator.com
|
United States
|
||
17.253.55.204
|
unknown
|
United States
|
||
17.248.145.74
|
gateway.fe.apple-dns.net
|
United States
|
||
104.76.200.212
|
unknown
|
United States
|
||
85.13.148.189
|
static.rheinturm.de
|
Germany
|
||
172.217.16.102
|
dart.l.doubleclick.net
|
United States
|
||
142.250.27.154
|
stats.l.doubleclick.net
|
United States
|
||
17.171.27.65
|
unknown
|
United States
|
||
35.186.195.233
|
kubernetes-loadbalancer.triptease.io
|
United States
|
||
172.217.20.2
|
cm.g.doubleclick.net
|
United States
|
There are 3 hidden IPs, click here to show them.