WARNING: All domains on this website should be considered dangerous. If you do
not know what you are doing here, it is recommended you leave right away. This
website is a resource for security professionals and enthusiasts.
Search: Results to return: Include inactive sites

Page 0 1 ... 23

Date (UTC)DomainIPReverse LookupDescriptionRegistrantASN
2010/09/15_17:18update.onescan.co.kr/setupa/onescansetup.exe115.68.13.152-fake avå : ijong1255@nate.com38700KR
2009/06/25_00:00hanulsms.com124.217.216.40-directs to exploitszzigger@naver.com38661KR
2015/01/13_14:47maxisoft.co.uk/taxadmin/get_doc.html192.185.111.220ns539.websitewelcome.com.Compromised site, leads to exploitZircon Ventures Ltd / -20013US
2016/09/05_09:37evans.babajilab.in/specimen/1479491/tire-something-detect-five-what-knot-unknown-entertain-stiff85.143.219.18160567.simplecloud.club.exploit kitZimong Software Private Limited Zimong Software Private Limited / info@zimong.com201848RU
2009/05/28_00:00zkic.com174.37.172.162www.se.parahost.com.directs to exploitszhirong yang cdyzr@yahoo.com.cn36351US
2016/07/12_13:19www.ywvcomputerprocess.info/errorreport/ty5ug6h4ndma4/103.224.212.222lb-212-222.above.com.fake alert pageywvcomputerprocess.info@domainsbyproxy.com133618AU
2013/12/20_15:23www.zctei.com/date/9377chiyue_Y_Cdcr1124.exe122.225.107.85-Win32/Trojan.Spyythappyboy@163.com4134CN
2009/09/19_00:00www.whitesports.co.kr211.202.2.17web-7.blueweb.co.kr.iframe directs to LuckySploityoon1092@hotmail.com9318KR
2009/05/22_00:00sn-gzzx.com222.76.215.12-Exploitsy113991122@yahoo.com.cn4134CN
2012/07/03_13:17wetjane.x10.mx/69.175.121.66boru.x10hosting.com.Java exploitx10 Hosting / % by email at ayuda@nic.mx .32475US
2013/02/11_08:24www.offerent.com/tmp/5lro65.php?receipt_print=825_417011330200.58.119.30texila.dattaweb.com.trojan inside zip filewww.offerent.com / walterpbook@gmail.com27823AR
2009/11/15_16:09www.wrestlingexposed.com/faq.php?t=bleach-244-english-sub67.20.108.6367-20-108-63.bluehost.com.redirects to Rogue if referer is a search enginewrestlingexposed.com / whois@emailaddressprotection.com11798US
2011/04/01_04:46www.widestep.com/files/ws_qk_install.exe205.186.183.224ekiaioocks.gs07.gridserver.com.Win32/Agent.HSDNOGRwidestep@mail.ru31815US
2014/12/03_08:50getdatanetukscan.info/sp32_64_10044639319006172375.exe85.17.73.28-Trojan.FakeMSWhoisProtectService.net PROTECTSERVICE, LTD. / getdatanetukscan.info@whoisprotectservice.net16265NL
2014/12/03_08:50getdatanetukscan.info/sp32_64_3491943367355003623.exe85.17.73.28-Trojan.FakeMSWhoisProtectService.net PROTECTSERVICE, LTD. / getdatanetukscan.info@whoisprotectservice.net16265NL
2009/06/14_00:00luckyeffect.info89.185.228.15ex14.exmasters.com.directs to rogueWhoisGuard Protected / f974291e6c834cb58b61da35ee0a825c.protect@whoisguard.com24971CZ
2009/06/14_00:00luckysure.info89.185.228.15ex14.exmasters.com.directs to rogueWhoisGuard Protected / e292ee43d78142ada7bc024ac5f0fed7.protect@whoisguard.com24971CZ
2009/06/14_00:00luckyblank.info89.185.228.15ex14.exmasters.com.directs to rogueWhoisGuard Protected / e09201274974449886ada169b50d5879.protect@whoisguard.com24971CZ
2009/06/14_00:00luckypure.info89.185.228.15ex14.exmasters.com.directs to rogueWhoisGuard Protected / befe020f9cc8404d8696e8f255d0eadc.protect@whoisguard.com24971CZ
2009/06/14_00:00luckyshine.info89.185.228.15ex14.exmasters.com.directs to rogueWhoisGuard Protected / a45a009dbed24caf8d5c337e097c367b.protect@whoisguard.com24971CZ
2014/02/19_08:08fallencrafts.info37.59.68.26-Multiple.MalwareWhoisGuard Protected / a2947cc98e68415b983f81ded9e98f3e.protect@whoisguard.com16276FR
2009/06/14_00:00luckysuccess.info89.185.228.15ex14.exmasters.com.directs to rogueWhoisGuard Protected / 92f381eb474e400f91bbe7a831dc9e82.protect@whoisguard.com24971CZ
2009/06/14_00:00luckyclean.info89.185.228.15ex14.exmasters.com.directs to rogueWhoisGuard Protected / 7e0c10ad0bb648489573b22a28f86594.protect@whoisguard.com24971CZ
2014/03/11_22:39ukonline.hc0.me/new.exe5.135.127.68-Win32/Injector.Autoit.ABQ trojanWhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2014/03/11_22:39ukonline.hc0.me/Host.exe5.135.127.68-Win32/Spy.Agent.NYU trojanWhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2014/03/11_22:39somethingnice.hc0.me/Miner/CPUMiner.files5.135.127.68-Trojan.PlasmaRAT.MinerWhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2014/03/11_22:39ukonline.hc0.me/Host.exe5.135.127.68-DR/AutoIt.Gen2WhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2014/03/11_22:39ukonline.hc0.me/new.exe5.135.127.68-DR/AutoIt.Gen2WhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2014/03/11_22:39mylondon.hc0.me/Panel/5.135.127.68-Solar EKWhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2014/03/11_22:39somethingnice.hc0.me/login.php5.135.127.68-PlasmaRAT ACPWhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2014/03/11_22:39somethingnice.hc0.me/Miner/YACMiner.files5.135.127.68-Trojan.PlasmaRATWhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2014/03/11_22:39somethingnice.hc0.me/Miner/Ufasoft.files5.135.127.68-Trojan.PlasmaRATWhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2014/03/11_22:39somethingnice.hc0.me/Miner/Miner.txt5.135.127.68-Trojan.PlasmaRATWhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2014/03/11_22:39somethingnice.hc0.me/Miner/jhProtominer.files5.135.127.68-Trojan.PlasmaRATWhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2014/03/11_22:39somethingnice.hc0.me/Miner/GPUMiner.files5.135.127.68-Trojan.PlasmaRATWhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2014/03/11_22:39somethingnice.hc0.me/Miner/CPUMiner.files5.135.127.68-Trojan.PlasmaRATWhoisGuard Protected / 630ca54ebc794d67bd94109ac2190e52.protect@whoisguard.com16276FR
2009/06/14_00:00luckyhalo.info89.185.228.15ex14.exmasters.com.directs to rogueWhoisGuard Protected / 5ef888c31e574ee39bec8149621cbd2b.protect@whoisguard.com24971CZ
2009/06/14_00:00luckytidy.info89.185.228.15ex14.exmasters.com.directs to rogueWhoisGuard Protected / 1ae7e16139f64a14a63beedbc44bd4bf.protect@whoisguard.com24971CZ
2009/06/14_00:00luckyclear.info89.185.228.15ex14.exmasters.com.directs to rogueWhoisGuard Protected / 1ad83c2f5960476583b10b7bf18fbccf.protect@whoisguard.com24971CZ
2015/12/20_11:16eeps.me/208.67.23.26h155.cpanellogin.net.ESET phishingWhoisGuard Protected / 16c2a1b16681459e91467194536acdbf.protect@whoisguard.com3257US
2009/05/23_00:00timothycopus.aimoo.com74.52.179.179b3.b3.344a.static.theplanet.com.directs to trojanWhoisGuard / 2cb93a446cab4816bf9b3dbf18d9b3c2.protect@whoisguard.com21844US
2009/11/15_16:09www.purplehorses.net/?page=bleach-244-online69.89.19.20019-200.bluehost.com.redirects to Rogue if referer is a search enginewhois@bluehost.com11798US
2009/11/15_16:09www.wildsap.com/?kkk=bleach-episodes-24469.89.31.59box259.bluehost.com.redirects to Rogue if referer is a search enginewhois@bluehost.com11798US
2009/11/15_16:09saturnleague.com/mxbb/?kkk=bleach-244-english-sub69.89.21.92box92.bluehost.com.redirects to Rogue if referer is a search enginewhois@bluehost.com11798US
2009/11/15_16:09be-funk.com/?kkk=bleach-244-english-sub69.89.18.20box20.bluehost.com.redirects to Rogue if referer is a search enginewhois@bluehost.com11798US
2009/11/15_16:09revistaelite.com/?topic=bleach-244-english-sub69.89.22.116box116.bluehost.com.redirects to Rogue if referer is a search enginewhois@bluehost.com11798US
2009/11/15_16:09revistaelite.com/?topic=bleach-244-raw69.89.22.116box116.bluehost.com.redirects to Rogue if referer is a search enginewhois@bluehost.com11798US
2009/12/04_19:56www.doctor-alex.com/files/SetupDrAlex.exe69.89.20.48box48.bluehost.com.Roguewhois@bluehost.com11798US
2009/09/24_00:00purethc.com/204.93.171.26web01.snaago.com.obfuscated script directs to exploitswHd9hT@privacypost.com23352US
2009/09/24_00:00typeofmarijuana.com/204.93.171.26web01.snaago.com.obfuscated script directs to exploitsWF / mark@tig.eu23352US
2009/09/24_00:00trafficgrowth.com/204.93.171.26web01.snaago.com.obfuscated script directs to exploitsWF / mark@tig.eu23352US
2009/09/24_00:00thcvaporizer.com/204.93.171.26web01.snaago.com.obfuscated script directs to exploitsWF / mark@tig.eu23352US
2009/09/24_00:00roorbong.com/204.93.171.26web01.snaago.com.obfuscated script directs to exploitsWF / mark@tig.eu23352US
2009/09/24_00:00thcextractor.com/204.93.171.26web01.snaago.com.obfuscated script directs to exploitsWF / mark@tig.eu23352US
2009/09/24_00:00potvaporizer.com/204.93.171.26web01.snaago.com.obfuscated script directs to exploitsWF / mark@tig.eu23352US
2009/09/24_00:00portablevaporizer.com/204.93.171.26web01.snaago.com.obfuscated script directs to exploitsWF / mark@tig.eu23352US
2009/09/24_00:00cannabispicture.com/204.93.171.26web01.snaago.com.obfuscated script directs to exploitsWF / mark@tig.eu23352US
2009/09/24_00:00cannabislyric.com/204.93.171.26web01.snaago.com.obfuscated script directs to exploitsWF / mark@tig.eu23352US
2016/06/06_10:17welington.info/187.17.111.101-iframe on compromised site leads to EKWelington dos Santos Silva / welington.silva@hotmail.com.br7162BR
2014/05/27_04:02nctbonline.co.uk/InvoiceCopy.scr37.9.169.15lb-proxy-13.websupport.sk.Trojan.ZbotWebsupport, s.r.o. / -51013SK
2009/06/29_00:00vocational-training.us216.8.179.24ptr-216-8-179-24.ptr.nextdimensioninc.com.directs to exploitswebmaster@okcontentweb.com13727CA
2011/03/12_14:57vkont.bos.ru194.186.208.8as3.centre.ru.Trojanweb@centre.ru3216RU
2009/06/25_00:00web-olymp.ru81.176.232.104server4.neoweb.ru.directs to exploitsweb-webolymp@yandex.ru8342RU
2009/07/21_00:00stormpages.com/script/PHP.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/07/21_00:00stormpages.com/master/psy.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/07/21_00:00stormpages.com/master/ping.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/07/21_00:00stormpages.com/diantara/BOT.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/07/21_00:00www.stormpages.com/ariefdream/nidec.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/07/21_00:00www.stormpages.com/blewah/bot.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/07/21_00:00www.stormpages.com/hasheo/mil.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/07/21_00:00www.stormpages.com/hasheo/naoky.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/07/21_00:00www.stormpages.com/hasheo/ros.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/07/21_00:00www.stormpages.com/master/VoLcoM_04.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/07/21_00:00www.stormpages.com/p38r1/aku.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/07/21_00:00www.stormpages.com/script/PHP.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/07/21_00:00www.stormpages.com/script/ping.txt209.33.220.8-RFIWeb Services / webmaster@slk9.com11071US
2009/06/29_00:00warco.pl81.2.200.162host-81-2-200-162.alpha.pl.directs to exploitswarco.pl24806CZ
2009/06/28_00:00sbnc.hak.su/spread.txt91.189.81.71www2.wen.ru.RFIwapplanet@mail.ru8342RU
2009/07/21_00:00plengeh.wen.ru/id.txt91.189.80.71www.wen.ru.RFIwapplanet@mail.ru8342RU
2014/12/03_08:50xicaxique.com.br/catalog/view/theme/default/image/image102.jpg200.219.249.162static.200.219.249.162.datacenter1.com.br.Trojan.Banker.DEVincent Comercio Eletroeletronico Ltda / registro@br2001.com.br16397BR
2009/05/20_00:00rupor.info62.149.12.191rupor.info.redirects to exploitsViktor Tjutjun / support@rupor.info15497UA
2009/09/26_00:00vernoblisk.com67.228.85.201hostica.com.compromised site directs to exploitsVern Oblisk Bail Bonds / voblisk@tampabay.rr.com36351US
2016/05/30_16:31buildviet.info/servicer/fattura/123.30.240.66static.vdc.vn.redirects to trojan download at SugarSyncVDC Online / domain@vdc.com.vn45899VN
2009/05/18_00:00crackspider.us/toolbar/install.php?pack=exe85.159.233.47-Adware.Cracksearch.AVaravva Brothers Ltd. / bestserials@mail.ru43350NL
2014/09/16_09:59luchtenbergdecor.com.br/cythsfonuj/sijnkzotme.js186.202.56.110CPROHWIN0190.locaweb.com.br.Compromised site (Natwest malspam campaign), leads to UpatreVALDENIR TORRES E SILVA / valdenirtorres@ig.com.br27715BR
2014/09/16_09:59luchtenbergdecor.com.br/gcbelfuqbk/ygjbemlcsd.js186.202.56.110CPROHWIN0190.locaweb.com.br.Compromised site (DHL malspam campaign), leads to UpatreVALDENIR TORRES E SILVA / valdenirtorres@ig.com.br27715BR
2009/07/21_00:00www.usaenterprise.com/images/images.txt212.70.224.183virtweb-cms.nethouse.it.RFIusa enterprise / usainfo@virgilio.it16141IT
2013/12/09_11:11amu.twobox4addon.info/rachel/162.210.192.5-Leads to Win32/InstallRexTWOBOX4ADDON.INFO@domainsbyproxy.com30633US
2009/06/30_00:00tk-gregoric.si91.185.202.90mail.internetstoritve.com.directs to exploitsturisticna.kmetija.gregoric@siol.net41828SI
2009/07/21_00:00www.freewebtown.com/atakus/Nokia/BotNetNew.txt208.75.230.43www.freewebtown.com.RFITulip Systems / abuse@tulix.com36820US
2013/10/31_18:23www.blueimagen.com/Attachment/Invoice-List2013-10-20-Copy.jar65.99.225.72server79.neubox.net.Trojan.AdWindTools Ideas Enter (staff@toolsideascreativas.com)36024US
2014/02/07_16:49www.3peaks.co.jp/1.html211.19.24.235usr235.g024.nabic.jp.Leads to exploit at jolygoestobeinvester.ruthree@soho-net.ne.jp23641JP
2009/09/16_00:00www.professionalblackbook.com/96.30.28.181host.disantolaw.com.obfuscated iframe directs to exploitsThe Corporate and Real Estate Law Group, P.L. / bethdesanto@yahoo.com19066US
2013/07/25_06:31server1.extra-web.cz/dbm.exe212.80.69.55xhosting.cz.trojantefan Ihnat / stefan.ihnat@email.cz29208CZ
2016/10/13_14:03elmissouri.fr/data.dpg213.186.33.50cluster017.ovh.net.ransomwaretech@ovh.net16276FR
2009/06/29_00:00titon.info212.36.9.10ns1.tophostbg.net.directs to exploitsTania Terzieva / tania_terzieva@abv.bg39388BG
2013/08/07_18:57saemark.is/wp-content/plugins/wp-sts.php212.30.229.50-Leads to exploitSęmark-Sjįvarafuršir ehf / siggi@saemark.is44515IS
2013/08/07_18:57www.saemark.is/wp-content/plugins/wp-sts.php212.30.229.50-Leads to exploitSęmark-Sjįvarafuršir ehf / siggi@saemark.is44515IS
2016/01/18_14:18www.rst-velbert.de/91.184.35.130merkur.incoweb.de.iframe on compromised site leads to EKsupport@incoweb.de34225DE
2014/02/07_17:00corroshield.estb.com.sg/1.html203.125.76.84ns2.e-dir.com.sg.Leads to exploit at jolygoestobeinvester.rusupport@e-dir.com3758SG

Page 0 1 ... 23


You can find an overview of downloadable lists here