Malware Domain List

WARNING: All domains on this website should be considered dangerous. If you do
not know what you are doing here, it is recommended you leave right away. This
website is a resource for security professionals and enthusiasts.

Page 0 1 ... 20

Date (UTC)	Domain	IP	Reverse Lookup	Description	Registrant	ASN
⇑ ⇓	⇑ ⇓	⇑ ⇓	⇑ ⇓	⇑ ⇓	⇑ ⇓	⇑ ⇓
2013/06/17_11:56	sunny99.cholerik.cz/plugins/3yvPRqFJ.php	77.93.211.244	f.banan.cz.	redirects to exploit kit	Martin Toman / tomanmartiny@seznam.cz	24971
2013/06/05_20:17	lan2wave.com/161e8fdc56f715bb/z.php	174.133.12.202	ca.c.85ae.static.theplanet.com.	exploit kit	lan2wave, inc. / -	21844
2013/06/05_20:17	www.tdms.saglik.gov.tr/KDV_Guncel_Tevkifat_Oranlari.htm	212.175.169.227	-	compromised sites leads to exploit kit	Salk Bakanl / netsistem@saglik.gov.tr	9121
2013/06/03_19:38	-	143.95.1.6/31b9326e5a618c53/a.php	ip-143-95-1-6.iplocal.	exploit kit	-	36444
2013/06/03_19:38	keymasconsultancy.co.uk/wp-includes/cnt.php	89.145.77.24	nomad.xssl.net.	redirects to exploit kit	Keymas Ltd / -	29017
2013/05/31_16:59	www.riktoetenel.com/paypal/44804/index.php	69.195.68.94	69-195-68-94.unifiedlayer.com.	Paypal phishing site	Rik Toetenel / mail@riktoetenel.com	46606
2013/05/29_09:54	markbruinink.nl/wp-admin/cnt.php	46.244.13.6	www1.hitnet.nl.	redirects to exploit kit	-	51088
2013/05/29_03:48	lulzstack.com/?go=1	80.82.79.35	-	Java drive-by	a5e4e5af615748a79bf341ef614e9ed2.protect@whoisguard.com	29073
2013/05/20_20:35	youtibe.com	173.193.106.10	173.193.106.10-static.reverse.softlayer.com.	Redirects to Rogue.FakeFlashPlayer	Domain Admin (contact@privacyprotect.org	36351
2013/05/20_18:00	dls.nicdls.com/p/157/FlashPlayer/415/526	37.59.180.17	-	Rogue.FakeFlashPlayer	Whois Privacy Service Protects this domain / nicdls.com@whoisprivacycontact.com	16276
2013/05/20_18:00	flashplayerupdate.trusted-downloads.org/33/	199.223.209.169	server.ambertechnic.com.	Rogue.FakeFlashPlayer	Domain Hostmaster, CustomerID : 30528876646217 / 30528876646217-b30469@whoisprivacyservices.com.au	25847
2013/05/20_18:00	youtuhe.com	174.140.17.100	-	Redirects to Rogue.FakeFlashPlayer	15520009924361-f52e2a@whoisprivacyservices.com.au	32311
2013/05/20_18:00	yougube.com	199.223.209.169	server.ambertechnic.com.	Redirects to Rogue.FakeFlashPlayer	Email:k8atacs4f84bd7a8c158@t02cduv4f7f99a255f64.privatewhois.net	25847
2013/05/12_15:34	adobe-flashplayer.com	46.254.20.77	linzy.ws.	Leads to Trojan.FakeFlashPlayer	contact@privacyprotect.org	48172
2013/05/12_14:55	-	94.23.38.214:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	ns368891.ovh.net.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	85.214.133.237:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	gamelevel.de.	Trojan.FakeAlert	-	6724
2013/05/12_14:55	-	78.110.162.79:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	78-110-162-79.rdns.ldni.net.	Trojan.FakeAlert	-	42831
2013/05/12_14:55	-	78.110.162.73:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	78-110-162-73.rdns.ldni.net.	Trojan.FakeAlert	-	42831
2013/05/12_14:55	-	78.110.162.72:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	78-110-162-72.rdns.ldni.net.	Trojan.FakeAlert	-	42831
2013/05/12_14:55	-	66.175.218.117:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	li513-117.members.linode.com.	Trojan.FakeAlert	-	6939
2013/05/12_14:55	-	5.135.115.222:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta28.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.221:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta27.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.220:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta26.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.219:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta25.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.218:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta24.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.217:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta23.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.216:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta22.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.215:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta21.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.214:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta20.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.213:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta19.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.212:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta18.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.211:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta17.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.210:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta16.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.209:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta15.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.208:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta14.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.207:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta13.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.206:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta12.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.205:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta11.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.204:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta10.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.203:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta9.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.202:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta8.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.201:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta7.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.199:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta5.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.198:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta4.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.197:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta3.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.196:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta2.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.195:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mta1.serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.194:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	serv1-am-mta.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.193:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	serv2-am.com.	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	5.135.115.100:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	-	Trojan.FakeAlert	-	16276
2013/05/12_14:55	-	217.8.253.250:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	mail.trcontents.co.uk.	Trojan.FakeAlert	-	20738
2013/05/12_14:55	-	208.88.5.229:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	d05805e4.powerprojct.ca.	Trojan.FakeAlert	-	36218
2013/05/12_14:55	-	180.235.132.29:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	-	Trojan.FakeAlert	-	55639
2013/05/12_14:55	-	103.4.218.22:8080//get/e3943d7369aa6add911aca18b3a507f4.exe	-	Trojan.FakeAlert	-	131472
2013/05/10_17:35	-	66.175.218.117:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	li513-117.members.linode.com.	trojan	-	6939
2013/05/10_17:35	-	208.88.5.229:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	d05805e4.powerprojct.ca.	trojan	-	36218
2013/05/10_17:35	-	180.235.132.29:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	-	trojan	-	55639
2013/05/10_17:35	-	94.23.38.214:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	ns368891.ovh.net.	trojan	-	16276
2013/05/10_17:35	-	85.214.133.237:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	gamelevel.de.	trojan	-	6724
2013/05/10_17:35	-	103.4.218.22:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	-	trojan	-	131472
2013/05/10_17:35	-	217.8.253.250:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mail.trcontents.co.uk.	trojan	-	20738
2013/05/10_17:35	-	94.23.38.214:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	ns368891.ovh.net.	trojan	-	16276
2013/05/10_17:35	-	78.110.162.79:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	78-110-162-79.rdns.ldni.net.	trojan	-	42831
2013/05/10_17:35	-	78.110.162.73:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	78-110-162-73.rdns.ldni.net.	trojan	-	42831
2013/05/10_17:35	-	78.110.162.72:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	78-110-162-72.rdns.ldni.net.	trojan	-	42831
2013/05/10_17:35	-	5.135.115.222:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta28.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.221:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta27.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.220:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta26.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.219:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta25.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.218:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta24.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.217:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta23.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.216:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta22.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.215:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta21.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.214:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta20.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.213:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta19.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.212:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta18.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.211:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta17.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.210:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta16.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.209:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta15.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.208:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta14.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.207:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta13.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.206:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta12.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.205:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta11.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.204:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta10.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.203:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta9.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.202:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta8.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.201:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta7.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.100:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	-	trojan	-	16276
2013/05/10_17:35	-	5.135.115.199:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta5.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.198:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta4.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.197:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta3.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.196:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta2.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.195:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	mta1.serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.194:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	serv1-am-mta.com.	trojan	-	16276
2013/05/10_17:35	-	5.135.115.193:8080/get/e3943d7369aa6add911aca18b3a507f4.exe	serv2-am.com.	trojan	-	16276
2013/05/10_17:21	-	69.89.5.179/306673b2c90def2c0e6815b1093eb888/q.php	455905b3.isentury.com.	Blackhole exploit kit	-	20141
2013/05/10_16:49	-	149.47.59.163/20f53f1123cb92ee060b33a8606d38de/q.php	ip-149-47-59-163.iplocal.	Blackhole exploit kit	-	36444
2013/05/10_06:18	-	149.47.237.168/28661d3f899ce4811f87f7d8d9e9ddcc/q.php	ip-149-47-237-168.iplocal.	Blackhole exploit kit	-	36444
2013/05/10_06:18	-	93.158.93.134/8dc0c64f1f91858631fa4d0e6a2445e5/q.php	-	Blackhole exploit kit	-	39369
2013/05/10_06:18	-	69.50.249.3/997736f5203e4c9b1c00c127b40bb58f/q.php	customer.surrealhost.com.	Blackhole exploit kit	-	13332

Page 0 1 ... 20

You can find an overview of downloadable lists here

Search:			Results to return:		Include inactive sites