WARNING: All domains on this website should be considered dangerous. If you do
not know what you are doing here, it is recommended you leave right away. This
website is a resource for security professionals and enthusiasts.
Search: Results to return: Include inactive sites

Page 0 ... 0 1 2 ... 23

Date (UTC)DomainIPReverse LookupDescriptionRegistrantASN
2016/07/08_16:50milf.gabriola.cl/gsvot2.html93.190.140.110customer.worldstream.nl.gateway to EK-49981NL
2016/07/08_16:15cosmos.felago.es/gsvot2.html93.190.140.110customer.worldstream.nl.gateway to EK-49981NL
2016/07/08_15:45drank.fa779.com/gsvot2.html93.190.140.110customer.worldstream.nl.gateway to EKRegistrant tmm121212@163.com49981NL
2016/07/08_14:05boots.fotopyra.pl/gsvot2.html93.190.140.110customer.worldstream.nl.gateway to EKkontakt@nazwa.pl49981NL
2016/07/08_11:20concede.fmtlib.net/khoklj2.html93.190.140.110customer.worldstream.nl.gateway to EKmoniker.com billing department / tech@moniker.com49981NL
2016/07/07_13:30shoal.grahanusareadymix.com/arais2.html93.190.140.110customer.worldstream.nl.gateway to EKRegistrar Abuse Contact domainabuse@tucows.com49981NL
2016/07/07_12:15exclaim.goldenteamacademy.cl/arais2.html93.190.140.110customer.worldstream.nl.gateway to EK-49981NL
2016/07/07_10:05scream.garudamp3.com/arais2.html93.190.140.110customer.worldstream.nl.gateway to EKRegistrant PAOLO@KIMCIL.WS49981NL
2016/06/29_08:48websitebuildersinfo.in166.62.28.83ip-166-62-28-83.ip.secureserver.net.fake infection pagerobert hawkins / robertkins1@outlook.com26496US
2016/06/28_20:52www.alphamedical02.fr/94.23.236.74ns308230.ip-94-23-236.eu.iframe on compromised site leads to EKstephane.louis@impaakt.fr16276FR
2016/06/27_12:33www.airbornehydrography.com/194.9.95.65s210.loopia.se.iframe on compromised site leads to EKRegistrar Abuse Contact abuse@ascio.com39570SE
2016/06/27_08:07www.gennaroespositomilano.it/75.126.217.36web234.webfaction.com.iframe on compromised site leads to EK-36351US
2016/06/24_12:43www.fiocchidiriso.com/81.31.147.98jmhlmd43.colt-engine.it.iframe on compromised site leads to EKRegistrar Abuse Contact domainabuse@tucows.com47242IT
2016/06/23_15:01www.enchantier.com/176.31.73.196www.enchantier.com.iframe on compromised site leads to EKRegistrar Abuse Contact abuse@1and1.com16276FR
2016/06/21_10:21www.fsm-europe.eu/79.96.162.106cloudserver092054.home.net.pl.iframe on compromised site leads to EKNOT DISCLOSED! / -12824PL
2016/06/20_14:33www.salentoeasy.it/95.110.189.62host62-189-110-95.serverdedicati.aruba.it.iframe on compromised site leads to EK-31034IT
2016/06/17_12:10www.nuvon.com/64.207.96.72-iframe on compromised site leads to EK-11598US
2016/06/17_12:10ex.technor.com/index.php82.113.193.43web.alias.twt.it.iframe on compromised site leads to EKRegistrar Abuse Contact abuse-registrar@orange-business.com30848IT
2016/06/16_12:43jeanlesigne.com/wp-content/file.exe46.4.100.162server18.hosting010.nl.Trojan.BackdoorRegistrant 760130F961CC42B39A919079849FA4A5.PROTECT@WHOISGUARD.COM24940DE
2016/06/07_08:37www.vertourmer.com/81.31.147.91jmhlmd41.colt-engine.it.iframe on compromised site leads to EKRegistrar Abuse Contact domainabuse@tucows.com47242IT
2016/06/06_10:17welington.info/187.17.111.101-iframe on compromised site leads to EKWelington dos Santos Silva / welington.silva@hotmail.com.br7162BR
2016/05/30_16:31buildviet.info/servicer/fattura/123.30.240.66static.vdc.vn.redirects to trojan download at SugarSyncVDC Online / domain@vdc.com.vn45899VN
2016/05/30_11:34www.northpoleitalia.it/46.37.11.7host7-11-37-46.serverdedicati.aruba.it.iframe on compromised site leads to EK-
2016/05/24_17:36www.ceisystems.it/178.212.142.108ceisystems.it.iframe on compromised site leads to EK-47316IT
2016/05/23_09:06www.sieltre.it/79.58.246.237host237-246-static.58-79-b.business.telecomitalia.it.iframe on compromised site leads to EK-3269IT
2016/05/12_14:22www.autoappassionati.it/109.233.126.14cpanel01.infinitynet.it.iframe on compromised site leads EK-48815IT
2016/05/12_08:36www.airsonett.se193.44.13.93193-44-13-93.net.tnm.se.iframe on compromised site leads to EK-3301SE
2016/05/10_07:18www.outlinearray.com/85.235.130.71w461.widhost.net.iframe on compromised site leads to EKRegistrar Abuse Contact domainabuse@tucows.com31034IT
2016/05/05_18:09www.roltek.com.tr/94.73.151.594-73-151-5.cizgi.net.tr.iframe on compromised site leads to EK-34619TR
2016/05/02_10:23www.donneuropa.it/23.23.85.3ec2-23-23-85-3.compute-1.amazonaws.com.iframe on compromised site leads to EK-14618US
2016/04/28_14:52www.del-marine.com/80.244.187.39mail.ebnserver1.com.iframe on compromised site leads to EKRegistrar Abuse Contact domainabuse@tucows.com34934GB
2016/04/28_12:00kollagen4you.se/46.252.206.1n1nlhg198c1198.shr.prod.ams1.secureserver.net.iframe on compromised site leads to EK-26496NL
2016/04/28_07:49www.dezuiderwaard.nl/195.238.74.87www53.totaalholding.nl.iframe on compromised site leads to EK-50673NL
2016/03/31_13:34www.actiagroup.com/141.0.187.5-iframe on compromised site leads to EKRegistrar Abuse Contact abuse@support.gandi.net30741FR
2016/03/31_10:01kassabravo.com/67.196.85.119israsky.com.iframe on compromised site leads to EKRegistrant ELI72@013.NET8001US
2016/03/29_20:56holishit.in/wp-content/plugins/wpclef/assets/src/sass/neat/grid/binarystings.php160.153.63.4ip-160-153-63-4.ip.secureserver.net.Teslacrypt c&cAnkit Luthra / luthra.ankit@gmail.com26496US
2016/03/29_20:56grosirkecantikan.com/wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/images/binarystings.php192.185.51.87-Teslacrypt c&cRegistrant 7C066F9203AB46FC9331AF2FCDB5DD5E.PROTECT@WHOISGUARD.COM20013US
2016/03/18_14:13marialorena.com.br/wp-content/plugins/hello123/8888ytc6r.exe200.219.253.2323.0-127.253.219.200.in-addr.arpa.trojanAndre Luiz Bili / bili@ionconsultoria.com.br16397BR
2016/03/18_09:37-104.245.239.7/~earlysym/vr.phpinfra23.imacomsolucoes.com.br.WellsFargo phishing destination-62638US
2016/03/18_06:58zt.tim-taxi.com/login.php198.12.67.179179.67.12.198.host.nwnx.net.MasterCard phishingRegistrar Abuse Contact onlinenic-enduser@onlinenic.com36352US
2016/03/15_11:48legendsdtv.com/lmzjH7XQY/67.212.178.106m2304.sgded.com.leads to CryptoLockerRegistrar Abuse Contact domainabuse@tucows.com32475US
2016/03/15_07:55www.schuh-zentgraf.de/81.169.145.160wa0.rzone.de.iframe on compromised site leads to EKhostmaster@strato.de6724DE
2016/03/13_14:23-81.169.219.64/security_check.htmlh2543039.stratoserver.net.PayPal phishing-6724DE
2016/03/13_14:23-185.11.146.198/nginx1.vosuites.cl.PayPal phishing-49349NL
2016/03/08_10:58stopmeagency.free.fr/9uj8n76b5.exe212.27.63.112perso112-g5.free.fr.trojanskolaric@online.net12322FR
2016/03/08_10:58reclamus.com/9uj8n76b5.exe198.63.208.35vserv.cifnet.com.trojan-14585US
2016/03/08_10:58lhs-mhs.org/9uj8n76b5.exe208.131.141.2rageresearch.com.trojanGene Mathis / gcm@gcmathis.com29854US
2016/03/08_10:51izzy-cars.nl/9uj8n76b5.exe46.235.47.134srv047134.webreus.nl.trojan-34233NL
2016/03/04_13:55nevergreen.net/6ob107.180.26.77ip-107-180-26-77.ip.secureserver.net.Bot-26496US
2016/03/03_10:17www.inevo.co.il/212.199.114.168mx.standingdesk.co.il.iframe on compromised site leads to EK-9116IL
2016/03/01_07:20-188.138.68.160/sdt/skodls/dp.exestatic-ip-188-138-68-160.inaddr.ip-pool.com.trojan-8972DE
2016/02/29_13:00www.gold-city.it/image/_vti_cnf/app/psi.exe31.11.33.82websn2s072.aruba.it.trojan-31034IT
2016/02/29_13:00www.cerquasas.it/wp-admin/user/UPS_INVOICE.rar109.168.123.112srv-hs2-112.netsons.net.trojan-5602IT
2016/02/29_13:00-91.224.161.116/ftz/z64.bin-malware calls home-50673NL
2016/02/29_13:00-91.224.161.116/ftz/z32.bin-malware calls home-50673NL
2016/02/29_07:14www.icybrand.eu/pathway/created/accelerated/mailuserlg/savealife/trwrwbejtw.zip192.185.194.21ns387.websitewelcome.com.PhishingNOT DISCLOSED! / -20013US
2016/02/29_07:14www.icybrand.eu/pathway/created/accelerated/mailuserlg/savealife/trwrwbejtw/viewer.php192.185.194.21ns387.websitewelcome.com.PhishingNOT DISCLOSED! / -20013US
2016/02/01_13:14www.pieiron.co.uk/146.185.29.100www6.grakka.net.iframe on compromised site leads to EKGrakka Limited / -29302GB
2016/01/29_07:39deleondeos.com/img/script.php?tup1.jpg95.105.27.1195.105.27.11.dynamic.oktgs.ufanet.ru.trojanRegistrar Abuse Contact Email:compliance_abuse@webnic.cc24955RU
2016/01/29_07:39deleondeos.com/img/script.php?tup2.jpg176.106.31.227-trojanRegistrar Abuse Contact Email:compliance_abuse@webnic.cc52043RU
2016/01/29_07:39deleondeos.com/img/script.php?tup3.jpg176.104.18.152s-176-104-18-152.under.net.ua.trojanRegistrar Abuse Contact Email:compliance_abuse@webnic.cc41435UA
2016/01/27_11:21wonchangvacuum.com.my/libraries/pear/mandate.htm103.6.196.156datousaurus.mschosting.com.Phishing-46015MY
2016/01/27_11:21gosciniec-paproc.pl/lib/excel/kamp.php85.128.248.56aon56.rev.netart.pl.Phishingkontakt@nazwa.pl15967PL
2016/01/23_00:46www.proascolcolombia.com/portal/modules/mod_banners/Imprimir_IntimacaoCTI2015-03698541.rar?cli=Cliente&/yRpBKPujKU/nNqRc6QsuO.php190.8.176.235bartolome.colombiahosting.com.co.Trojan.BanloadRegistrant dominios@colombiahosting.com.co52335CO
2016/01/23_00:46jktdc.in/images/klb/azxvas.gif72.55.186.8s005.panelboxmanager.com.Trojan.BanloadMr. Fayaz / jktdc@aford.net32613CA
2016/01/23_00:46www.proascolcolombia.com/portal/modules/mod_banners/Imprimir_IntimacaoCTI2015-03698541.rar?cli=Cliente&/yRpBKPujKU/nNqRc6QsuO.php190.8.176.235bartolome.colombiahosting.com.co.Trojan.BanloadRegistrant dominios@colombiahosting.com.co52335CO
2016/01/23_00:46jktdc.in/images/klb/azxvas.gif72.55.186.8s005.panelboxmanager.com.Trojan.BanloadMr. Fayaz / jktdc@aford.net32613CA
2016/01/21_13:06www.cifor.com/213.186.33.84basic-cdn-01.cluster003.ovh.net.iframe on compromised site leads to EKRegistrar Abuse Contact abuse@web.com16276FR
2016/01/20_12:33www.areadiprova.eu/gardani/80.247.79.174mail.360at.net.compromised site leads to exploit kitNOT DISCLOSED! / -12850IT
2016/01/19_11:30www.profill-smd.com/77.55.57.113acf113.rev.netart.pl.compromised site leads to exploit kitRegistrar Abuse Contact abuse@netart-registrar.com15967PL
2016/01/19_09:50pradakomechanicals.com/203.124.103.1sg2nlhg500c1500.shr.prod.sin2.secureserver.net.compromised site leads to exploit kit-26496SG
2016/01/19_09:03blog.replacemycontacts.com/50.62.235.1p3nlhg498c1498.shr.prod.phx3.secureserver.net.compromised site leads to exploit kitRegistrant RTMVNDRYVP@WHOISPRIVACYPROTECT.COM26496US
2016/01/19_07:37avppet.com/wp-includes/js/tinymce/plugins/media/Oracle_32.zip173.254.37.144173-254-37-144.unifiedlayer.com.Java installation abused for installing Java malware-46606US
2016/01/19_07:37avppet.com/wp-includes/js/tinymce/plugins/media/Oracle_64.zip173.254.37.144173-254-37-144.unifiedlayer.com.Java installation abused for installing Java malware-46606US
2016/01/18_14:18www.rst-velbert.de/91.184.35.130merkur.incoweb.de.iframe on compromised site leads to EKsupport@incoweb.de34225DE
2016/01/18_14:18www.gasthofpost-ebs.de/81.169.251.136h2402507.stratoserver.net.iframe on compromised site leads to EKhostmaster@serverkompetenz.de6724DE
2016/01/13_15:10inclusivediversity.co.uk/wp-content/upgrade/217.199.187.192web192.extendcp.co.uk.Paypal Phishing (Redirect)Sasha Scott / -20738GB
2016/01/12_10:08www.ostsee-schnack.de/80.67.28.137dgws10s3-1-5db.ispgateway.de.compromised site leads to exploit kithostmaster@domainfactory.de34011DE
2016/01/12_09:58szinhaz.hu/185.43.205.98szinhaz.hu.compromised site leads to exploit kit-62214HU
2016/01/12_08:53www.technix.it/217.194.6.34vchicken.oval.it.compromised site leads to exploit kit-12637IT
2016/01/12_08:53www.reifen-simon.com/176.9.198.14static.14.198.9.176.clients.your-server.de.compromised site leads to exploit kitRegistrar Abuse Contact abuse@vautron.de24940DE
2016/01/12_08:49www.scantanzania.com/bin/img/make.html64.202.115.199twiga-ip5.tanzaniawebhosting.com.phishingRegistrant scantan@raha.com23352US
2016/01/06_15:19-46.30.45.39/yyo.wvz110372.eurodir.ru.Cryptowall ransomware-35415RU
2016/01/06_15:19-46.30.45.39/Statement.jpgvz110372.eurodir.ru.Cryptowall download script-35415RU
2015/12/30_19:54healthybloodpressure.info/2uOioq.php50.63.56.47ip-50-63-56-47.ip.secureserver.net.Cryptowall ransomware C&CHEALTHYBLOODPRESSURE.INFO@domainsbyproxy.com26496US
2015/12/28_20:16betterhomeandgardenideas.com/dbsys.php192.185.52.247-Teslacrypt ransomware c&c-20013US
2015/12/28_20:16yigitakcali.com/dbsys.php160.153.16.29ip-160-153-16-29.ip.secureserver.net.Teslacrypt ransomware c&cRegistrant mahoni_17@hotmail.com26496US
2015/12/26_15:34www.hitekshop.vn/login.php112.78.2.101mb2d101.vdrs.net.Keybase keylogger web panel-45538VN
2015/12/20_11:16eeps.me/208.67.23.26h155.cpanellogin.net.ESET phishingWhoisGuard Protected / 16c2a1b16681459e91467194536acdbf.protect@whoisguard.com3257US
2015/12/14_22:05www.drteachme.com/wp-content/plugins/theme-check/misc.php198.154.254.250glulife.glulife.com.trojanRegistrant ENOM@VIZMOTION.COM46606US
2015/11/30_10:20www.imagerieduroc.com/83.143.18.95ds95.digital-network.net.compromised site leads to EKRegistrar Abuse Contact abuse@ovh.net34235FR
2015/11/03_08:24earthcontrolsys.com/abuse_report.php?issviews.com69.50.210.69-Trojan.BackdoorRegistrant info@earthcontrolsys.com18866US
2015/10/24_03:50-155.133.18.117/121fjrgoneXyeia1c3v1e3e1e2w4c3e1a3j7a3z4a1f2a1a2z1a3a4e1a2ba2a1w3.exeptr-155.133.18.117.vmline.pl.Trojan.Andromeda-197226DE
2015/10/24_03:50-155.133.18.117/goldenbet403.exeptr-155.133.18.117.vmline.pl.Trojan.Andromeda-197226DE
2015/10/24_03:50-155.133.18.117/235fjrgoneXyeia1c3v1e3e1e2w4c3e1a3j7a3z4a1f2a1a2z1a3a4e1a2ba2a1w3.exeptr-155.133.18.117.vmline.pl.Trojan.Andromeda-197226DE
2015/10/24_03:50-155.133.18.117/nut50a403.exeptr-155.133.18.117.vmline.pl.Trojan.Andromeda-197226DE
2015/10/24_03:50-155.133.18.117/38yes3.exeptr-155.133.18.117.vmline.pl.Trojan.Andromeda-197226DE
2015/10/16_07:41lunaticjazz.com69.163.200.161apache2-bongo.koechlin.dreamhost.com.Trojan.RamnitRegistrant jotawagner@gmail.com26347US
2015/10/16_07:33www.smartscan.ro85.9.27.130s13v.webindex.ro.compromised site leads to exploit kit-5588RO
2015/09/26_14:56skidki-yuga.ru/files/17448.jpg5.101.152.85m2.yoda.beget.ru.PHP.RFI-198610RU

Page 0 ... 0 1 2 ... 23


You can find an overview of downloadable lists here