WARNING: All domains on this website should be considered dangerous. If you do
not know what you are doing here, it is recommended you leave right away. This
website is a resource for security professionals and enthusiasts.
Search: Results to return: Include inactive sites

Page 0 1 ... 23

Date (UTC)DomainIPReverse LookupDescriptionRegistrantASN
2014/05/12_00:24beespace.com.ua/hook/hookkey.exe91.222.136.251web123.ukraine.com.ua.Trojan.Agent% =========== / -47781UA
2009/03/22_00:00-205.209.143.94/000f1.htm-Trojan-33314US
2009/03/22_00:00-205.209.143.94/000f2.htm-Trojan-33314US
2009/04/27_00:00-200.122.168.229/dl/goldvipclub/-trojan Casino-3790CR
2009/04/27_00:00-200.122.168.229/dl/goldvipclub/TrackDownload.dll?DID=991392-trojan Casino-3790CR
2009/05/08_00:00espdesign.com.au64.49.219.215-directs to exploits-10532US
2009/05/13_00:00-72.10.169.26/loader.exe-Cutwail/Pushdo-36666CA
2009/05/18_00:00-85.13.236.154/v50/?v=66&s=I&uid=1824245000&p=13310&q=85.13.236.154.reverse.coreix.netMalware calls home-31708GB
2009/05/22_00:00officeon.ch.ma/office.js?google_ad_format=728x90_as88.191.20.248ns2.venez.net.directs to Exploits-12322FR
2009/05/23_00:00-219.148.34.9/dmdown/sss.exe-Trojan-17672CN
2009/05/24_00:00freeserials.spb.ru/key/68703.htm91.195.110.9991-195-110-99.hmrtelecom.ru.TDSS-43671RU
2009/05/26_00:00orbowlada.strefa.pl/text396.htm217.74.66.183www.strefa.pl.Directs to rogue-16138PL
2009/05/31_00:00cracks.vg/d1.php111.92.237.115server111092237115.i-services.com.hk.Directs to rogue-45816HK
2009/06/03_00:00-63.227.18.137/id5.txtmail.vail-valley.comRFI-209US
2009/06/04_00:00-202.91.74.136/bjp3/id3.txt-RFI-9830IN
2009/06/07_00:00bezproudoff.cz93.185.104.30www20.pipni.cz.directs to exploits-43541CZ
2009/06/07_00:00nordiccountry.cz93.185.104.28www18.pipni.cz.directs to exploits-43541CZ
2009/06/07_00:00otylkaaotesanek.cz81.2.195.176d176ud.forpsi.com.directs to exploits-24806CZ
2009/06/12_00:00zous.szm.sk88.86.113.4freehosting.szm.com.directs to exploits-39392CZ
2009/06/13_00:00noveslovo.com77.222.131.8686.0-127.131.222.77.in-addr.arpa.directs to exploits-21219UA
2009/06/16_00:00-213.174.143.196/v/g.php?d=79-directs to rogue-39572UA
2014/03/31_11:44-5.135.43.43/adm/documentos.zip-Trojan.Banker-16276FR
2014/03/31_11:44-185.12.14.208/tmp/Boleto_Vencido.zip-Trojan.Banker-50673NL
2014/04/07_18:32-193.218.144.3/cp/login/-Gozi control panel-197252UA
2009/06/18_00:00-69.3.109.79/1.htmlh-69-3-109-79-static.nycmny83.covad.netExploits-18566US
2014/04/02_08:53incoctel.cl/8RHFBgK4.php?html=27190.114.252.75server0126-0711.dnsmisitio.net.Drive-by-52368CL
2014/04/02_08:53incoctel.cl/8RHFBgK4.php?id=23694557190.114.252.75server0126-0711.dnsmisitio.net.Drive-by-52368CL
2009/06/29_00:00romsigmed.ro86.35.15.214www4.linux.romtelecom.net.directs to exploits-9050RO
2009/06/30_00:00pwvita.pl77.55.70.169acs169.rev.netart.pl.directs to exploits-15967PL
2009/06/30_00:00tomalinoalambres.com.ar190.228.29.81mx2981.godns.net.directs to exploits-7303AR
2009/06/30_00:00wroclawski.com.pl83.142.47.61www.linux.webserwer.pl.directs to exploits-39168PL
2009/07/01_00:00xoomer.alice.it/email02/bom.jpg62.211.68.12-trojan-20580IT
2009/07/21_00:00sentrol.cl/components/kampret.jpg74.200.91.144unknown144.91.200.74.defenderhosting.com.RFI-14383US
2009/07/21_00:00www.torgi.kz/help/id2.txt212.154.208.169-RFI-9198KZ
2009/07/21_00:00www.torgi.kz/help/idxx.txt212.154.208.169-RFI-9198KZ
2009/08/17_00:00-199.238.181.161/setup.exe-Rogue-2914US
2009/09/11_00:00-213.163.89.54/lib/index.php?t=2-redirects to exploit kit-20495NL
2009/09/13_00:00-66.96.214.117:80806696214117.hostnoc.netcompromised server with nginx at port 8080-21788US
2009/09/13_00:00-84.242.167.49:8080www.sopharma.bgcompromised server with nginx at port 8080-8672BG
2009/09/13_00:00tabex.sopharma.bg:808084.242.167.49www.sopharma.bg.compromised server with nginx at port 8080-8672BG
2009/09/13_00:00-209.9.188.130/t.txt-RFI-3491US
2009/09/18_00:000koryu0.easter.ne.jp208.71.106.216super-html-7.fc2.com.obfuscated iframe directs to LuckySploit-40263US
2009/09/23_00:00-213.163.89.54/mito/-redirects to exploit kit-20495NL
2009/09/26_00:00juedische-kammerphilharmonie.de85.13.135.179dd14202.kasserver.com.compromised site directs to exploits-34788DE
2009/11/01_18:49-217.23.6.17:10283/d3n2829231.dat-malware calls home-15435NL
2009/11/13_20:52-200.80.97.174/maravilha.txtmultilink-97-174.ipAddr.multilink-ht.net.RFI-27767HT
2009/11/24_19:27-88.80.10.1/pp/anp.php-RFI-33837SE
2009/12/10_15:48www.tpt.edu.in/76.163.253.1-compromized site loads external script with exploits-32392US
2009/12/12_10:56-218.25.203.5/images/images/js.gif-trojan-4837CN
2014/01/22_22:22downloads-whatsapp.com/whatsapp-for-samsung.php91.218.229.16h7.ihc.ru.Android/Trojan.SMS.FakeInst-48172RU
2010/02/02_08:40www.rempko.sk/kontakt.htm213.81.152.60wep.t-com.sk.compromised site directs to exploits-6855SK
2010/02/13_09:21sexzoznamka.eu/lightbox/js/r/files/tasks/AC87.236.199.153boom.barad.cz.returns malware url base64 encoded-35592CZ
2010/02/14_15:14-119.145.143.6/aspnet_client/system_web/update.exe-trojan Redosdru-4134CN
2010/02/17_15:39-66.220.17.157/toolbar_uninstall.exe157.17.220.66.in-addr.arpaTrojan.Obfuscated.BX / Lop / Swizzor-6939US
2010/02/17_15:39-89.28.13.212/in.php?s=89.28.13.21489-28-13-212.starnet.mdredirects to fake av-31252MD
2010/02/26_16:28-77.245.61.232/offersfortoday/get_file.phpafleet15.amsnl.webair.com.redirects to trojan-36057NL
2010/02/26_16:30-77.245.61.232/offersfortoday/multi/28.exeafleet15.amsnl.webair.com.trojan-36057NL
2010/03/17_04:53-83.139.194.168/images/comprovanteEmail_Html.com-Trojan-33942IT
2010/03/17_15:54vette-porno.nl213.132.197.60webguru104.webguru.nl.obfuscated iframe directs to exploit kit-24793NL
2010/03/24_11:51-58.55.127.16:8080/files/image.jpg-Backdoor Koutodoor-4134CN
2010/04/03_10:04-91.207.6.134/spm/page.php?id=1378328&tick=1378328&ver=100&smtp=ok&task=0134.6.207.91.unknown.SteepHost.Net.--47142CZ
2010/04/07_06:26blacknite.eu/cracking/Pelite.EXE89.234.64.135web3.hosting.digiweb.ie.trojan-31122IE
2010/04/07_14:26-78.140.15.82/protod.exe-backdoor-31357RU
2010/04/08_15:26-202.38.97.217/manual/readme.txt-trojan-4538CN
2010/04/08_15:26bargainracks.co.uk/img/common/1x2.gif77.75.105.9-trojan-39326GB
2010/04/10_09:07-62.75.152.79/MeinEigenerServer/index.php?p=Loginvs152079.vserver.de.control panel of Warbot-8972DE
2010/04/12_11:29-95.143.193.60/dir/gate.php?box=war&take=0&uid=pecwghrc-trojan Peerfit-49770SE
2010/04/12_20:14-193.86.3.170/region/karneva2003-2/karneval2003-2.htmlns3.oku-zn.cz.obfuscated iframe directs to exploit kit-2819CZ
2010/04/14_05:32-78.140.15.82/bootstrap-Gootkit-31357RU
2010/04/16_20:16pokachi.net/77.222.40.91varna.sweb.ru.compromised site directs to exploits-44112RU
2010/04/16_20:16pride-u-bike.com/2006/09/30/akkymtlator/206.225.20.77-compromised site directs to exploits-6428US
2010/04/16_20:16pride-u-bike.com/2007/06/23/s-tolkacha/206.225.20.77-compromised site directs to exploits-6428US
2010/04/16_20:16pride-u-bike.com/2007/07/30/doroga-smerti/206.225.20.77-compromised site directs to exploits-6428US
2010/04/16_20:16pride-u-bike.com/byzapimoto/206.225.20.77-compromised site directs to exploits-6428US
2010/04/16_20:16pride-u-bike.com/motorcycle/suzuki-motorcycle/206.225.20.77-compromised site directs to exploits-6428US
2010/04/16_20:16pride-u-bike.com/motorcycle/vozdeniye-motorcycle/206.225.20.77-compromised site directs to exploits-6428US
2010/04/16_20:16pride-u-bike.com/sell/honda-steed-400-1996/206.225.20.77-compromised site directs to exploits-6428US
2010/04/16_20:16pride-u-bike.com/sell/honda-vfr400r-nc30/206.225.20.77-compromised site directs to exploits-6428US
2010/04/16_20:16quotidiennokoue.com/66.7.214.152pass81.dizinc.com.compromised site directs to exploits-33182US
2010/04/16_20:16quotidiennokoue.com/?cat=566.7.214.152pass81.dizinc.com.compromised site directs to exploits-33182US
2010/04/16_20:16quotidiennokoue.com/?p=55866.7.214.152pass81.dizinc.com.compromised site directs to exploits-33182US
2010/04/16_20:16safety.amw.com/family/ask-john-walsh-how-can-i-tell-if-a-child-has-been-abused/4.59.56.18-compromised site directs to exploits-3356US
2010/04/16_20:16safety.amw.com/home/stop-domestic-violence-before-it-starts/4.59.56.18-compromised site directs to exploits-3356US
2010/04/16_20:16wmserver.net/sgcg/?page_id=5217.30.180.48virtual22.nebula.fi.compromised site directs to exploits-29422FI
2010/04/16_20:16wp9.ru/188.127.248.545.mirit.su.compromised site directs to exploits-48172RU
2010/04/16_20:16www.sanseracingteam.com/wordpress/85.10.140.251wpc4811.host7x24.com.compromised site directs to exploits-48185FR
2010/04/16_20:16www.sanseracingteam.com/wordpress/?p=12885.10.140.251wpc4811.host7x24.com.compromised site directs to exploits-48185FR
2010/04/16_20:16www.sonnoli.com/?page_id=562.149.140.107webx97.aruba.it.compromised site directs to exploits-31034IT
2010/04/16_20:16www.stirparts.ru/89.108.67.238cp141.agava.net.compromised site directs to exploits-43146RU
2010/04/16_20:16www.tiergestuetzt.de/80.190.144.115sv05.net-housting.de.compromised site directs to exploits-15598DE
2010/04/17_23:47-78.140.15.82/quu3aiVai7Lei6epha7azoYegah4da9za2rec8ahngoosu7tuneemoizee5vael5eBoazahHephaahohTa3eecoochaiseesheichoh7aikuz0uas8zeekiaChiayeVa/scripts/tasks.xml-Gootkit-31357RU
2010/04/20_16:20www.angolotesti.it/J/testi_canzoni_jovanotti_168/testo_canzone_chissa_se_stai_dormendo_9566.html174.122.221.186ba.dd.7aae.static.theplanet.com.obfuscated iframe directs to exploits-21844US
2010/05/07_06:52-62.122.75.237/-Rogue AV-5577UA
2010/05/08_11:02-116.127.121.27/~brownsoftdown/download/servprodect27.exe-trojan-9318KR
2010/05/09_19:02-193.105.174.42/stat/halo-i16/o.php-malware calls home-196954UA
2010/05/09_19:02-193.105.174.42/stat/halo-i16/s.php-malware calls home-196954UA
2010/05/09_19:02-193.105.174.42/stat/halo-i5/s.php-malware calls home-196954UA
2010/05/09_19:02-193.105.174.42/stat/halo-i5/l.php-malware calls home-196954UA
2010/05/13_10:04-188.65.74.166-fake av-42473AT
2010/05/13_10:04-188.65.74.167-fake av-42473AT

Page 0 1 ... 23


You can find an overview of downloadable lists here