WARNING: All domains on this website should be considered dangerous. If you do
not know what you are doing here, it is recommended you leave right away. This
website is a resource for security professionals and enthusiasts.
Search: Results to return: Include inactive sites

Page 0 1 ... 23

Date (UTC)DomainIPReverse LookupDescriptionRegistrantASN
2009/03/22_00:00-205.209.143.94/000f1.htm-Trojan-33314US
2009/03/22_00:00-205.209.143.94/000f2.htm-Trojan-33314US
2009/04/27_00:00-200.122.168.229/dl/goldvipclub/-trojan Casino-3790CR
2009/04/27_00:00-200.122.168.229/dl/goldvipclub/TrackDownload.dll?DID=991392-trojan Casino-3790CR
2009/05/13_00:00-72.10.169.26/loader.exe-Cutwail/Pushdo-36666CA
2009/05/18_00:00-85.13.236.154/v50/?v=66&s=I&uid=1824245000&p=13310&q=85.13.236.154.reverse.coreix.netMalware calls home-31708GB
2009/05/23_00:00-219.148.34.9/dmdown/sss.exe-Trojan-17672CN
2009/06/03_00:00-63.227.18.137/id5.txtmail.vail-valley.comRFI-209US
2009/06/04_00:00-202.91.74.136/bjp3/id3.txt-RFI-9830IN
2009/06/16_00:00-213.174.143.196/v/g.php?d=79-directs to rogue-39572UA
2014/03/31_11:44-5.135.43.43/adm/documentos.zip-Trojan.Banker-16276FR
2014/03/31_11:44-185.12.14.208/tmp/Boleto_Vencido.zip-Trojan.Banker-50673NL
2014/04/07_18:32-193.218.144.3/cp/login/-Gozi control panel-197252UA
2009/06/18_00:00-69.3.109.79/1.htmlh-69-3-109-79-static.nycmny83.covad.netExploits-18566US
2009/08/17_00:00-199.238.181.161/setup.exe-Rogue-2914US
2009/09/11_00:00-213.163.89.54/lib/index.php?t=2-redirects to exploit kit-20495NL
2009/09/13_00:00-66.96.214.117:80806696214117.hostnoc.netcompromised server with nginx at port 8080-21788US
2009/09/13_00:00-84.242.167.49:8080www.sopharma.bgcompromised server with nginx at port 8080-8672BG
2009/09/13_00:00-209.9.188.130/t.txt-RFI-3491US
2009/09/23_00:00-213.163.89.54/mito/-redirects to exploit kit-20495NL
2009/11/01_18:49-217.23.6.17:10283/d3n2829231.dat-malware calls home-15435NL
2009/11/13_20:52-200.80.97.174/maravilha.txtmultilink-97-174.ipAddr.multilink-ht.net.RFI-27767HT
2009/11/24_19:27-88.80.10.1/pp/anp.php-RFI-33837SE
2009/12/12_10:56-218.25.203.5/images/images/js.gif-trojan-4837CN
2010/02/14_15:14-119.145.143.6/aspnet_client/system_web/update.exe-trojan Redosdru-4134CN
2010/02/17_15:39-66.220.17.157/toolbar_uninstall.exe157.17.220.66.in-addr.arpaTrojan.Obfuscated.BX / Lop / Swizzor-6939US
2010/02/17_15:39-89.28.13.212/in.php?s=89.28.13.21489-28-13-212.starnet.mdredirects to fake av-31252MD
2010/02/26_16:28-77.245.61.232/offersfortoday/get_file.phpafleet15.amsnl.webair.com.redirects to trojan-36057NL
2010/02/26_16:30-77.245.61.232/offersfortoday/multi/28.exeafleet15.amsnl.webair.com.trojan-36057NL
2010/03/17_04:53-83.139.194.168/images/comprovanteEmail_Html.com-Trojan-33942IT
2010/03/24_11:51-58.55.127.16:8080/files/image.jpg-Backdoor Koutodoor-4134CN
2010/04/03_10:04-91.207.6.134/spm/page.php?id=1378328&tick=1378328&ver=100&smtp=ok&task=0134.6.207.91.unknown.SteepHost.Net.--47142CZ
2010/04/07_14:26-78.140.15.82/protod.exe-backdoor-31357RU
2010/04/08_15:26-202.38.97.217/manual/readme.txt-trojan-4538CN
2010/04/10_09:07-62.75.152.79/MeinEigenerServer/index.php?p=Loginvs152079.vserver.de.control panel of Warbot-8972DE
2010/04/12_11:29-95.143.193.60/dir/gate.php?box=war&take=0&uid=pecwghrc-trojan Peerfit-49770SE
2010/04/12_20:14-193.86.3.170/region/karneva2003-2/karneval2003-2.htmlns3.oku-zn.cz.obfuscated iframe directs to exploit kit-2819CZ
2010/04/14_05:32-78.140.15.82/bootstrap-Gootkit-31357RU
2010/04/17_23:47-78.140.15.82/quu3aiVai7Lei6epha7azoYegah4da9za2rec8ahngoosu7tuneemoizee5vael5eBoazahHephaahohTa3eecoochaiseesheichoh7aikuz0uas8zeekiaChiayeVa/scripts/tasks.xml-Gootkit-31357RU
2010/05/07_06:52-62.122.75.237/-Rogue AV-5577UA
2010/05/08_11:02-116.127.121.27/~brownsoftdown/download/servprodect27.exe-trojan-9318KR
2010/05/09_19:02-193.105.174.42/stat/halo-i16/o.php-malware calls home-196954UA
2010/05/09_19:02-193.105.174.42/stat/halo-i16/s.php-malware calls home-196954UA
2010/05/09_19:02-193.105.174.42/stat/halo-i5/s.php-malware calls home-196954UA
2010/05/09_19:02-193.105.174.42/stat/halo-i5/l.php-malware calls home-196954UA
2010/05/13_10:04-188.65.74.166-fake av-42473AT
2010/05/13_10:04-188.65.74.167-fake av-42473AT
2010/05/13_10:04-188.65.74.168-fake av-42473AT
2010/05/13_10:04-188.65.74.169-fake av-42473AT
2010/05/13_10:04-188.65.74.170-fake av-42473AT
2010/05/15_21:10-193.105.207.21/ccc/dede.qwas---50793CZ
2010/05/15_21:10-193.105.207.21/dede/gate.php---50793CZ
2013/08/07_19:06-54.248.126.242/ruggedly/copernican.jsec2-54-248-126-242.ap-northeast-1.compute.amazonaws.com.Leads to exploit-16509US
2010/05/26_18:24-83.133.125.178/r.php?type=0srv45.cyberhost.name.returns malware url-13237EU
2010/06/01_18:58-213.252.116.180:81/roundcubemail/bin/1.gif213.252.116.180.clients.rmt.ru.RFI-5523RU
2010/06/30_19:51-72.18.206.103/nervoso/download01.rarns2.amigoxeternamente.com.trojan Banker-26277US
2010/06/30_19:51-72.18.206.103/nervoso/download02.rarns2.amigoxeternamente.com.trojan Banker-26277US
2010/06/30_19:51-72.18.206.103/nervoso/download03.rarns2.amigoxeternamente.com.trojan Banker-26277US
2010/07/13_12:51-91.188.60.5/hit.php?v=44&app_type_id=1&wm_id=acc0044&u=d6c9b08c-89d3-46bf-b610-08c742b7ebf2&t=2-malware calls home-6851LV
2010/07/17_20:53-193.105.240.59/optima/index.php?uid=080286&ver=6g%20XP-malware calls home, returns base64 encoded url list-43513LV
2010/07/19_21:04-91.188.60.5/hit.php?v=45&app_type_id=1&wm_id=acc0049&u=28b6d4a0-f30b-43bc-8cc8-c466a4ca72bc&t=2-malware calls home-6851LV
2010/07/21_01:11-219.255.13.77:8080/Home/exemple.com/-exploit-9318KR
2010/07/21_01:11-219.255.13.77:8080/Home/exemple.com/api.php-exploit-9318KR
2010/07/21_01:11-219.255.13.77:8080/Home/exemple.com/992.jar-Java exploit-9318KR
2010/07/21_01:11-219.255.13.77:8080/Home/exemple.com/cbe.jar-Java exploit-9318KR
2010/07/21_01:11-219.255.13.77:8080/Home/exemple.com/error.js.php-exploit-9318KR
2010/07/21_01:11-219.255.13.77:8080/Home/exemple.com/gogol.Familie.class-exploit-9318KR
2010/07/21_01:11-219.255.13.77:8080/Home/exemple.com/MyName-exploit-9318KR
2010/07/22_14:56-91.212.226.33/qkl4Cix7f4XUCs8MTQ1fGRvd25sb2FkfA==18k.gif-backdoor SdBot-5577CZ
2010/07/23_08:01-91.188.60.5/hit.php?v=46&app_type_id=1&wm_id=acc0047&u=6a397086-fc8c-4e4e-bd44-05f8f376ab0f&t=2-malware calls home-6851LV
2010/07/23_08:01-91.188.60.5/l.php?wm_id=acc0047-trojan downloader-6851LV
2010/07/24_11:27-188.65.74.161/wrath_ehgoihgwpigpehh.exe-trojan-42473AT
2010/07/25_17:24-91.188.59.10/opapa.exe-trojan-6851LV
2010/07/29_13:45-85.21.235.231/psd/index.html85-21-235-231.dar-ekspo.corbina.ru.obfuscated script / java downloader-8402RU
2010/08/01_10:11-188.65.74.161/varag_sdfgkwlkgadfshn.exe-trojan-42473AT
2010/08/10_09:17-69.50.221.190/l1/bb.php?v=200&id=554905388&b=9468674099&tm=3-Oficla/Sasfis C&C-18866US
2010/08/11_14:26-193.104.146.12:443-malware calls home over SSL-50134CZ
2010/08/11_19:28-188.65.74.161/netpoint_ghlaerggweqa.exe-fake av-42473AT
2010/08/12_12:51-69.50.221.190/l1/bb.php?v=200&id=636608811&b=9468674099&tm=2---18866US
2010/08/13_18:44-202.109.143.16:81/ma.exe-PWS:Win32/Frethog.gen!G-4134CN
2010/08/18_14:45-188.65.74.161/archi_orweihaorgaigph.exe-trojan-42473AT
2010/08/20_09:37-87.118.88.140/pizda/show.phpns.server.leo-host.ru.Siberia exploit pack-31103DE
2010/08/20_09:37-87.118.88.140/pizda/stat.phpns.server.leo-host.ru.control panel of Siberia exploit pack-31103DE
2010/08/20_09:37-87.118.88.140/pizda/exe.php?spl=HCPns.server.leo-host.ru.trojan-31103DE
2010/08/21_19:01-91.188.59.150/show.php?s=bc0915c6c2-Incognito exploit kit-6851LV
2010/08/21_19:01-91.188.59.150/admin.php-control panel of Incognito exploit kit-6851LV
2010/08/21_19:01-91.188.59.150/load.php?e=2-fake av-6851LV
2010/08/23_20:18-69.50.221.196/x22/load/load.exe-fake av-18866US
2010/08/23_20:18-69.50.221.196/x33/load/load.exe-trojan-18866US
2010/08/23_20:18-69.50.221.196/x44/load/load.exe-fake av-18866US
2010/08/23_20:18-69.50.221.196/x55/load/load.exe-fake av-18866US
2010/08/26_16:20-91.188.59.10/exe/sweater.exe-fake av-6851LV
2010/08/26_16:20-91.188.59.10/exe/dogma.exe-trojan TDSS-6851LV
2010/08/26_16:20-91.188.59.10/report/log.php-malware calls home-6851LV
2010/08/30_18:49-61.147.75.89/index.php?open=1&myid=14c7c6847c09807.44463926-malware calls home-23650CN
2010/08/30_18:49-112.84.189.89/mks.exe-TrojanDownloader:Win32/Doneltart.gen-4837CN
2010/09/05_12:09-208.79.232.46:8444/exemple.com/load.php?spl=mdachost.hotmommagossip.com.trojan-19066US
2010/09/05_12:09-212.117.161.31/js/ip-212-117-161-31.server.lu.exploit kit-5577LU
2010/09/05_12:09-212.117.161.31/js/fi_4.phpip-212-117-161-31.server.lu.trojan TDSS-5577LU
2010/09/07_20:34-188.65.74.162/test_severyan_sdhkjwg.exe-trojan-42473AT

Page 0 1 ... 23


You can find an overview of downloadable lists here