WARNING: All domains on this website should be considered dangerous. If you do
not know what you are doing here, it is recommended you leave right away. This
website is a resource for security professionals and enthusiasts.
Search: Results to return: Include inactive sites

Page 0 1 ... 33

Date (UTC)DomainIPReverse LookupDescriptionRegistrantASN
2016/02/11_09:36vrot.stervapoimenialena.info/megaadvertize/?keyword=18437f616abd9e3a755c36507bd79b3178.62.65.99-leads to exploit kitVasunya / valera.valera-146@yandex.ru202109EU
2016/02/01_15:17kolman.flatitleandescrow.com/wp-contents/scripts/tools.js?link=aHR0cDovL3d3dy5zZW1hbmEuZXMv82.146.36.115tilida.com.leads to exploit kit-29182RU
2016/02/01_15:17dilas.edarbipatients.com/wp/linkimg/getImage.asp89.40.181.60-leads to exploit kit-9009RO
2016/02/01_13:14www.pieiron.co.uk/146.185.29.100www6.grakka.net.compromised site leads to EKGrakka Limited / -29302GB
2016/01/29_07:39deleondeos.com/img/script.php?tup3.jpg176.104.18.152s-176-104-18-152.under.net.ua.trojanRegistrar Abuse Contact Email:compliance_abuse@webnic.cc41435UA
2016/01/29_07:39deleondeos.com/img/script.php?tup2.jpg176.106.31.227-trojanRegistrar Abuse Contact Email:compliance_abuse@webnic.cc52043RU
2016/01/29_07:39deleondeos.com/img/script.php?tup1.jpg95.105.27.1195.105.27.11.dynamic.oktgs.ufanet.ru.trojanRegistrar Abuse Contact Email:compliance_abuse@webnic.cc24955RU
2016/01/29_07:39sicuxp.sinerjimspor.com/servicelogin/accedi.php213.138.109.61ttcltd.default.ttc.uk0.bigv.io.Banking phishingRegistrant contact@whoisprotection.biz35425GB
2016/01/27_14:08adserv.sklice.com/ads/www/images/getImage.asp89.40.181.34-leads to exploit kit-9009RO
2016/01/27_11:21gosciniec-paproc.pl/lib/excel/kamp.php85.128.248.56aon56.rev.netart.pl.Phishingkontakt@nazwa.pl15967PL
2016/01/27_11:21wonchangvacuum.com.my/libraries/pear/mandate.htm103.6.196.156datousaurus.mschosting.com.Phishing-46015MY
2016/01/23_00:46jktdc.in/images/klb/azxvas.gif72.55.186.8s005.panelboxmanager.com.Trojan.BanloadMr. Fayaz / jktdc@aford.net32613CA
2016/01/23_00:46www.proascolcolombia.com/portal/modules/mod_banners/Imprimir_IntimacaoCTI2015-03698541.rar?cli=Cliente&/yRpBKPujKU/nNqRc6QsuO.php190.8.176.235bartolome.colombiahosting.com.co.Trojan.BanloadRegistrant dominios@colombiahosting.com.co52335CO
2016/01/23_00:46jktdc.in/images/klb/azxvas.gif72.55.186.8s005.panelboxmanager.com.Trojan.BanloadMr. Fayaz / jktdc@aford.net32613CA
2016/01/23_00:46www.proascolcolombia.com/portal/modules/mod_banners/Imprimir_IntimacaoCTI2015-03698541.rar?cli=Cliente&/yRpBKPujKU/nNqRc6QsuO.php190.8.176.235bartolome.colombiahosting.com.co.Trojan.BanloadRegistrant dominios@colombiahosting.com.co52335CO
2016/01/21_13:06www.cifor.com/213.186.33.84basic-cdn-01.cluster003.ovh.net.compromised site leads to exploit kitRegistrar Abuse Contact abuse@web.com16276FR
2016/01/20_12:33www.areadiprova.eu/gardani/80.247.79.174mail.360at.net.compromised site leads to exploit kitNOT DISCLOSED! / -12850IT
2016/01/19_11:30www.profill-smd.com/77.55.57.113acf113.rev.netart.pl.compromised site leads to exploit kitRegistrar Abuse Contact abuse@netart-registrar.com15967PL
2016/01/19_09:50pradakomechanicals.com/203.124.103.1sg2nlhg500c1500.shr.prod.sin2.secureserver.net.compromised site leads to exploit kit-26496SG
2016/01/19_09:03blog.replacemycontacts.com/50.62.235.1p3nlhg498c1498.shr.prod.phx3.secureserver.net.compromised site leads to exploit kitRegistrant RTMVNDRYVP@WHOISPRIVACYPROTECT.COM26496US
2016/01/19_07:37avppet.com/wp-includes/js/tinymce/plugins/media/Oracle_64.zip173.254.37.144173-254-37-144.unifiedlayer.com.Java installation abused for installing Java malware-46606US
2016/01/19_07:37avppet.com/wp-includes/js/tinymce/plugins/media/Oracle_32.zip173.254.37.144173-254-37-144.unifiedlayer.com.Java installation abused for installing Java malware-46606US
2016/01/18_14:18www.gasthofpost-ebs.de/81.169.251.136h2402507.stratoserver.net.compromised site leads to exploit kithostmaster@serverkompetenz.de6724DE
2016/01/18_14:18www.rst-velbert.de/91.184.35.130merkur.incoweb.de.compromised site leads to exploit kitsupport@incoweb.de34225DE
2016/01/15_09:09www.csaladipotlek.info/192.254.233.1-compromised site leads to exploit kitWhoisGuard Protected / 8efd5d2e1d4949619ae07d4139a0ba40.protect@whoisguard.com46606US
2016/01/15_09:09www.trarydfonster.se/195.74.38.129cl-25.atm.binero.net.compromised site leads to exploit kit-41528SE
2016/01/15_09:09www.spfonster.se/195.74.38.129cl-25.atm.binero.net.compromised site leads to exploit kit-41528SE
2016/01/15_09:09www.lunchgarden.com/151.80.199.163electra-web02.proxi.technology.compromised site leads to exploit kitRegistrar Abuse Contact abuse@support.gandi.net16276IT
2016/01/13_15:10dashlinen.testing-domain-live.co.uk/Secure/paypal-CA/159.253.209.66server.bluebaboondesign.com.Paypal PhishingSean Conlon / -34934GB
2016/01/13_15:10inclusivediversity.co.uk/wp-content/upgrade/217.199.187.192web192.extendcp.co.uk.Paypal Phishing (Redirect)Sasha Scott / -20738GB
2016/01/12_15:50www.dicoz.fr/5.135.30.172dicoz.fr.compromised site leads to exploit kittech@ovh.net16276FR
2016/01/12_15:43www.tesia.it/37.59.188.226centos.ovh.bedin.com.compromised site leads to exploit kit-16276FR
2016/01/12_10:08www.ostsee-schnack.de/80.67.28.137dgws10s3-1-5db.ispgateway.de.compromised site leads to exploit kithostmaster@domainfactory.de34011DE
2016/01/12_09:58szinhaz.hu/185.43.205.98szinhaz.hu.compromised site leads to exploit kit-62214HU
2016/01/12_08:53www.reifen-simon.com/176.9.198.14static.14.198.9.176.clients.your-server.de.compromised site leads to exploit kitRegistrar Abuse Contact abuse@vautron.de24940DE
2016/01/12_08:53www.technix.it/217.194.6.34vchicken.oval.it.compromised site leads to exploit kit-12637IT
2016/01/12_08:49www.scantanzania.com/bin/img/make.html64.202.115.199twiga-ip5.tanzaniawebhosting.com.phishingRegistrant scantan@raha.com23352US
2016/01/08_12:54gov.f3322.net:1717/syss.exe58.128.228.168-trojanRegistrar Abuse Contact onlinenic-enduser@onlinenic.com4847CN
2016/01/08_12:40-176.103.62.14/softparade/spanish.php-trojan Dridex-59729UA
2016/01/08_12:40-51.254.51.178/softparade/spanish.php-trojan Dridex-16276FR
2016/01/08_12:40-194.28.84.79/softparade/spanish.phpski-gagarin.com.trojan Dridex-21219UA
2016/01/06_15:19-46.30.45.39/Statement.jpgvz110372.eurodir.ru.Cryptowall download script-35415RU
2016/01/06_15:19-46.30.45.39/yyo.wvz110372.eurodir.ru.Cryptowall ransomware-35415RU
2016/01/04_07:33www.huecobi.de/83.220.144.22webbox442.server-home.org.compromised site leads to Angler EKinfo@bicomfor.de25074DE
2016/01/04_07:33www.koeppl.com/92.51.131.150server.koeppl.com.compromised site leads to Angler EKRegistrar Abuse Contact support@domainbox.com20773DE
2015/12/31_14:09www.cennoworld.com/Payment_Confirmation/Payment_Confirmation.zip198.105.221.5mail5.bulls.unisonplatform.com.trojanRegistrant ozowara@yahoo.com36351US
2015/12/31_14:05www.cennoworld.com/New_order/New_order.zip198.105.221.5mail5.bulls.unisonplatform.com.trojanRegistrant ozowara@yahoo.com36351US
2015/12/30_19:54healthybloodpressure.info/2uOioq.php50.63.56.47ip-50-63-56-47.ip.secureserver.net.Cryptowall ransomware C&CHEALTHYBLOODPRESSURE.INFO@domainsbyproxy.com26496US
2015/12/28_20:16yigitakcali.com/dbsys.php160.153.16.29ip-160-153-16-29.ip.secureserver.net.Teslacrypt ransomware c&cRegistrant mahoni_17@hotmail.com26496US
2015/12/28_20:16srimahaphotschool.com/dbsys.php119.59.120.21ns105.hostinglotus.net.Teslacrypt ransomware c&cRegistrant savitree_jomsree@hotmail.com56067TH
2015/12/28_20:16betterhomeandgardenideas.com/dbsys.php192.185.52.247-Teslacrypt ransomware c&c-20013US
2015/12/28_19:01wonderph.com/dbsys.php160.153.54.66ip-160-153-54-66.ip.secureserver.net.Teslacrypt ransomware c&c-26496US
2015/12/28_17:07www.soyter.pl/109.95.152.187v187.c3.dhosting.pl.compromised site leads to Angler EKkontakt@nazwa.pl48896PL
2015/12/26_15:50shean76.net/mine/castnew/login.php167.114.208.229server.gennetworks.in.Keybase keylogger web panelRegistrant huayeahtax@gmail.com16276CA
2015/12/26_15:47tazzatti.com/web/login.php104.37.168.4-Keybase keylogger web panel-62838US
2015/12/26_15:34www.hitekshop.vn/login.php112.78.2.101mb2d101.vdrs.net.Keybase keylogger web panel-45538VN
2015/12/26_13:42www.ozowarac.com/P_O/Purchase_Order.zip198.105.221.5mail5.bulls.unisonplatform.com.Zeus trojan inside zip file-36351US
2015/12/26_13:31www.ozowarac.com/me/config.bin198.105.221.5mail5.bulls.unisonplatform.com.Zeus config fileRegistrant OZOWARAC@YAHOO.COM36351US
2015/12/26_13:26www.cennoworld.com/Purchase_Order/Purchase_Order.zip198.105.221.5mail5.bulls.unisonplatform.com.Zeus trojan inside zip fileRegistrant ozowara@yahoo.com36351US
2015/12/26_13:12www.goooglesecurity.com/Purchase_Order/Purchase_Order.zip85.159.237.150150.237.159.85.in-addr.arpaZeus trojan inside zip fileEmmanuel emma / ozowarac@yahoo.com43350NL
2015/12/26_13:12www.cennoworld.com/ur/config.bin198.105.221.5mail5.bulls.unisonplatform.com.Zeus config fileRegistrant ozowara@yahoo.com36351US
2015/12/23_18:52www.schluckspecht.com/62.75.229.120titan464.startdedicated.net.compromised site leads to Angler EKRegistrar Abuse Contact domain-abuse@psi-usa.info8972DE
2015/12/23_18:52www.agrimont.cz/95.168.204.225masakrator.zikum.cz.compromised site leads to Angler EKLibor Král / info@zikum.cz39392CZ
2015/12/23_18:52www.wohnmoebel-blog.de/85.13.147.213dd29530.kasserver.com.compromised site leads to Angler EKinfo@all-inkl.com34788DE
2015/12/23_18:52www.mangiamando.com/81.31.147.60jmhlmd14.colt-engine.it.compromised site leads to Angler EKRegistrar Abuse Contact domainabuse@tucows.com47242IT
2015/12/22_07:09www.lambrusco.it/95.110.174.125kscrb.kosmosol.it.compromised site leads to Angler EK-31034IT
2015/12/20_11:16eeps.me/208.67.23.26h155.cpanellogin.net.ESET phishingWhoisGuard Protected / 16c2a1b16681459e91467194536acdbf.protect@whoisguard.com3257US
2015/12/17_12:33www.megatron.ch/85.158.232.35web3.awardic.net.compromised site leads to Angler EK-6830CH
2015/12/16_10:39eielectronics.ie/92.51.242.105server.reminders4.me.compromised site leads to Angler EK-31122IE
2015/12/15_14:41bvb-fanabteilung.de151.80.217.26-compromised site leads to Angler EKinfo@sportsandbytes.de16276IT
2015/12/14_22:05www.drteachme.com/wp-content/plugins/theme-check/misc.php198.154.254.250glulife.glulife.com.trojanRegistrant ENOM@VIZMOTION.COM46606US
2015/12/07_11:12www.elbacom.com/195.3.124.25-compromised site leads to Angler EK-8447AT
2015/12/03_12:58www.carvoeiro.com/195.154.216.188195-154-216-188.rev.poneytelecom.eu.compromised site leads to Angler EK-12876FR
2015/12/02_12:37www.syes.eu/2.228.70.140-compromised site leads to Angler EKNOT DISCLOSED! / support@register.it12874IT
2015/12/02_12:37www.wiiux.de/87.230.43.141vwp2887.webpack.hosteurope.de.compromised site leads to Angler EKinfo@hosteurope.de20773DE
2015/11/30_10:20www.imagerieduroc.com/83.143.18.95ds95.digital-network.net.compromised site leads to EKRegistrar Abuse Contact abuse@ovh.net34235FR
2015/11/30_09:15summonerswarskyarena.info/sea-emperor/50.62.112.1p3nlhg644c1644.shr.prod.phx3.secureserver.net.compromised site leads to Angler EKSeet Leng / lengstocks@yahoo.com26496US
2015/11/27_07:03www.cc-isobus.com/195.60.109.14mail.cc-isobus.org.compromised site leads to Angler EKRegistrar Abuse Contact abuse@key-systems.net12371DE
2015/11/20_13:22www.blinkgroup.com/50.87.13.5550-87-13-55.unifiedlayer.com.compromised site leads to Angler EK-46606US
2015/11/20_09:51www.keyfuture.com/46.252.150.171171.150.252.46.netsons.net.compromised site leads to Angler EKRegistrar Abuse Contact domainabuse@tucows.com60087IT
2015/11/17_09:45prowoodsrl.it/5.150.143.208board14.linux.kolst.it.compromised site leads to Angler EK-5602IT
2015/11/03_13:06screenshot-saves.com/6ap25m/37.140.192.212server67.hosting.reg.ru.Trojan.BackdoorRegistrar Abuse Contact abuse@reg.ru197695RU
2015/11/03_08:24earthcontrolsys.com/abuse_report.php?issviews.com69.50.210.69-Trojan.BackdoorRegistrant info@earthcontrolsys.com18866US
2015/10/24_03:50-155.133.18.117/38yes3.exeptr-155.133.18.117.vmline.pl.Trojan.Andromeda-197226DE
2015/10/24_03:50-155.133.18.117/nut50a403.exeptr-155.133.18.117.vmline.pl.Trojan.Andromeda-197226DE
2015/10/24_03:50-155.133.18.117/235fjrgoneXyeia1c3v1e3e1e2w4c3e1a3j7a3z4a1f2a1a2z1a3a4e1a2ba2a1w3.exeptr-155.133.18.117.vmline.pl.Trojan.Andromeda-197226DE
2015/10/24_03:50-155.133.18.117/goldenbet403.exeptr-155.133.18.117.vmline.pl.Trojan.Andromeda-197226DE
2015/10/24_03:50-155.133.18.117/121fjrgoneXyeia1c3v1e3e1e2w4c3e1a3j7a3z4a1f2a1a2z1a3a4e1a2ba2a1w3.exeptr-155.133.18.117.vmline.pl.Trojan.Andromeda-197226DE
2015/10/16_07:41lunaticjazz.com69.163.200.161apache2-bongo.koechlin.dreamhost.com.Trojan.RamnitRegistrant jotawagner@gmail.com26347US
2015/10/16_07:33www.smartscan.ro85.9.27.130s13v.webindex.ro.compromised site leads to exploit kit-5588RO
2015/10/16_07:31up.dnpequipment.com/neitrino2.php178.33.66.246-iframe leads to Neutrino exploit kit-16276FR
2015/09/26_14:56putevka-volgograd.ru/volzhskij-volgograd-gelendzhik/5.101.152.85m2.yoda.beget.ru.Compromised site, Script.iFrame-198610RU
2015/09/26_14:56c11n4.i.teaserguide.com/snitch?default_keyword=&referrer=&se_referrer=&source=91.226.33.54d6828.core-vps.lv.Script.iFrame.TDS (via compromised sites)Registrar Abuse Contact abuse@reg.ru56617LV
2015/09/26_14:56kfc.i.illuminationes.com/snitch?default_keyword=&referrer=&se_referrer=&source=91.226.33.54d6828.core-vps.lv.Script.iFrame.TDS (via compromised sites)Registrar Abuse Contact abuse@bizcn.com56617LV
2015/09/26_14:56skidki-yuga.ru/files/17448.jpg5.101.152.85m2.yoda.beget.ru.PHP.RFI-198610RU
2015/09/25_07:10googlescrn.com/img420937.140.192.213server126.hosting.reg.ru.Trojan.BackdoorRegistrar Abuse Contact abuse@reg.ru197695RU
2015/09/17_22:431866809.securefastserver.com/~keycodes777/x1/login.php86.105.227.125-Bot.C2Registrant info@qhoster.com49335EU
2015/09/17_22:43t-srafficimg.tf/w/alerts/test3/?city=United+Kingdom&ip=212.56.95.253&isp=PlusNet+Technologies+Ltd&num=020-3514-0756104.24.125.217-Browlock, Fake.TechSupport-13335US
2015/09/17_22:43s-gtrafficim.tf/w/alerts/test3/?city=United+Kingdom&ip=212.56.95.253&isp=PlusNet+Technologies+Ltd&num=020-3514-0756104.28.22.189-Browlock, Fake.TechSupport-13335US
2015/09/17_22:43r-trdfficimj.tf/w/alerts/test3/?city=United+Kingdom&ip=212.56.95.253&isp=PlusNet+Technologies+Ltd&num=020-3514-0756104.31.94.228-Browlock, Fake.TechSupport-13335US

Page 0 1 ... 33


You can find an overview of downloadable lists here