Malware Domain List

WARNING: All domains on this website should be considered dangerous. If you do
not know what you are doing here, it is recommended you leave right away. This
website is a resource for security professionals and enthusiasts.

Page 0 1 ... 2

Date (UTC) ⇑ ⇓	Domain ⇑ ⇓	IP ⇑ ⇓	Reverse Lookup ⇑ ⇓	Description ⇑ ⇓	Registrant ⇑ ⇓	ASN ⇑ ⇓
2010/02/06_12:07	cavally.in/in.php	89.248.168.168	le6.zonohost.com.	exploit kit	Huan Guhi Rubin / google123@mail.com	29073
2010/02/06_12:07	cavally.in/admin.php	89.248.168.168	le6.zonohost.com.	control panel of exploit kit	Huan Guhi Rubin / google123@mail.com	29073
2010/02/06_12:07	cavally.in/in2.php?id=8026&soft=3pdf=8&java=16016	89.248.168.168	le6.zonohost.com.	exploit	Huan Guhi Rubin / google123@mail.com	29073
2010/02/06_12:07	cavally.in/8026_7.exe	89.248.168.168	le6.zonohost.com.	trojan downloader	Huan Guhi Rubin / google123@mail.com	29073
2010/02/05_22:58	pozemle.cn/en/SPet.txt	93.174.92.220	-	Win32/Syrutrk.A	JohnHester / info@pozemle.cn	29073
2010/02/05_22:58	pozemle.cn/sv/abb5.txt	93.174.92.220	-	trojan Cutwail	JohnHester / info@pozemle.cn	29073
2010/02/05_22:58	pozemle.cn/sv/svc.txt	93.174.92.220	-	trojan	JohnHester / info@pozemle.cn	29073
2010/02/05_22:58	pozemle.cn/sv/v5.txt	93.174.92.220	-	trojan	JohnHester / info@pozemle.cn	29073
2010/02/03_17:04	stickingout.cn/upd/setup.exe	93.174.95.140	-	trojan TDSS	GillyRonda / RondaGilly@xhotmail.net	29073
2010/02/03_17:04	stickingout.cn/upd/setup01.exe	93.174.95.140	-	trojan TDSS	GillyRonda / RondaGilly@xhotmail.net	29073
2010/01/31_12:23	missingout.cn/readdatagateway.php?type=stats&affid=139&subid=1&version=2.0&adwareok	93.174.95.140	-	malware calls home	GillyRonda / RondaGilly@xhotmail.net	29073
2010/01/30_17:37	youaskedthedomain.cn/spl/controller.php?action=bot&entity_list=&uid=666&first=1&guid=13441600&v=15&rnd=36431478	89.248.168.168	le6.zonohost.com.	Bredolab C&C	googlegoogle / tem.domen@mail.ru	29073
2010/01/30_09:08	www4.serv-scan-pro.net/index.php?cmd=sendFile&counter=1&p=p52dcWltbV/Cj8bYbnx9d3le0KCfaVbVoKDb2YmHWJjOxaCbkXehpqehnV/VodCjlWGRaGZulWCWaWOMoNfF16aqb1zWnomtm6ilmXVanqLNkqGMp5mSq29ezZ2fZmGUXpmSlGdqYG6L08ifb1qtp3Vlam+VZZadZ2hiWqarlmqTYmaaZZWbmWlsWJnInqyH	89.248.160.157	hosted-by.ecatel.net.	Rogue Downloader	Garritt Kooken / gkook@checkjemail.nl	29073
2010/01/30_09:08	www4.serv-scan-pro.net/?p=p52dcWltbV/Cj8bYbnx9d3le0KCfaVbVoKDb2YmHWJjOxaCbkXehpqehnV/VodCjlWGRaGZulWCWaWOMoNfF16aqb1zWnomtm6ilmXVanqLNkqGMp5mSq29ezZ2fZmGUXpmSlGdqYG6L08ifb1qtp3Vlam%2BVZZadZ2hiWqarlmqTYmaaZZWbmWlsWJnInqyH	89.248.160.157	hosted-by.ecatel.net.	Fake Scanner	Garritt Kooken / gkook@checkjemail.nl	29073
2010/01/29_09:43	www2.novironyourpc.net/?p=p52dcWltbV/Cj8bYbnx9d3le0KCfZ1bVoKDb2YmHWJjOxaCbkXehpqehnV/VodCjZGFfaGRuyGCaaGOMoNfF16aqb2aLxMZ2e4JfpXVarKLVmcmjV6aWmal1ipPLnJWjU9fXoGJpaGqclZxtZGxfnX%2Bmp67RaorWhZmamW9plmOWZ2SfX5mY	89.248.160.154	hosted-by.ecatel.net.	Fake scanner pages	Garritt Kooken gkook@checkjemail.nl	29073
2010/01/29_04:16	newesafety.com/index.php?affid=92800	94.102.50.137	hosted-by.ecatel.net.	fake av	Helen Manning / Email: Helen.H.Manning@gmail.com	29073
2010/01/29_04:16	newesafety.com/downloader.php?affid=92800	94.102.50.137	hosted-by.ecatel.net.	fake av	Helen Manning / Email: Helen.H.Manning@gmail.com	29073
2010/01/29_04:16	newesafety.com/hitin.php?land=20&affid=92800	94.102.50.137	hosted-by.ecatel.net.	fake av	Helen Manning / Email: Helen.H.Manning@gmail.com	29073
2010/01/27_00:23	extrassecuritynow.com/index.php?affid=92800	94.102.50.137	hosted-by.ecatel.net.	fake av	John Hayes / Email: John.G.Hayes@gmail.com	29073
2010/01/27_00:23	extrassecuritynow.com/downloader.php?affid=92800	94.102.50.137	hosted-by.ecatel.net.	fake av	John Hayes / Email: John.G.Hayes@gmail.com	29073
2010/01/27_00:23	extrassecuritynow.com/hitin.php?land=20&affid=92800	94.102.50.137	hosted-by.ecatel.net.	-	John Hayes / Email: John.G.Hayes@gmail.com	29073
2010/01/26_21:03	-	93.174.93.137/admin/crypted.exe	-	trojan	-	29073
2010/01/26_18:47	antivirusacademy.com/downloader.php?affid=92800	94.102.50.137	hosted-by.ecatel.net.	fake av	Sarah Reid / Email: Sarah.R.Reid@gmail.com	29073
2010/01/26_18:47	antivirusacademy.com/index.php?affid=92800	94.102.50.137	hosted-by.ecatel.net.	fake av	Sarah Reid / Email: Sarah.R.Reid@gmail.com	29073
2010/01/26_18:47	antivirusacademy.com/hitin.php?land=20&affid=92800	94.102.50.137	hosted-by.ecatel.net.	fake av	Sarah Reid / Email: Sarah.R.Reid@gmail.com	29073
2010/01/24_19:46	pozemle.cn/en/Vla2.txt	93.174.92.220	-	trojan	JohnHester / info@pozemle.cn	29073
2010/01/24_19:46	pozemle.cn/sv/pm.txt	93.174.92.220	-	trojan	JohnHester / info@pozemle.cn	29073
2010/01/24_19:46	pozemle.cn/sv/s2.txt	93.174.92.220	-	trojan	JohnHester / info@pozemle.cn	29073
2010/01/24_19:46	pozemle.cn/sv1/fout.php	93.174.92.220	-	trojan	JohnHester / info@pozemle.cn	29073
2010/01/22_18:31	pozemle.cn/sv/pm.txt	93.174.92.220	-	trojan	JohnHester / info@pozemle.cn	29073
2010/01/22_18:31	pozemle.cn/sv/s2.txt	93.174.92.220	-	trojan	JohnHester / info@pozemle.cn	29073
2010/01/19_17:59	missingout.cn/upd/setup.exe	93.174.95.140	-	trojan TDSS	GillyRonda / RondaGilly@xhotmail.net	29073
2010/01/17_16:17	ghost-antivirus.com	93.174.95.194	-	Rogue Ghost Antivirus	Petr Bernatcik / boundlap@gmail.com	29073
2010/01/17_16:17	ghost-pay.com	93.174.95.194	-	Rogue Ghost Antivirus	Michell / mupursie@gmail.com	29073
2010/01/17_16:17	ghostantivirus.com	93.174.95.194	-	Rogue Ghost Antivirus	Michell / Michell.Gregory2009@yahoo.com	29073
2010/01/17_16:17	ghostpays.com	93.174.95.194	-	Rogue Ghost Antivirus	George Owen / zebennet@gmail.com	29073
2010/01/17_16:17	thesecurebill.com	93.174.95.195	-	fraudulent payment page	John Young cabrocke@gmail.com	29073
2010/01/17_16:17	thesoftbill.com	93.174.95.196	-	fraudulent payment page	Derrick Payne vodemott@gmail.com	29073
2010/01/08_18:48	sekuritylistsite.com/downloader.php?affid=92800	94.102.63.245	-	fake av	Robert Cunningham / Robert.S.Cunningham@gmail.com	29073
2010/01/07_18:11	freshantyflu.com/downloader.php?affid=92800	94.102.63.245	-	fake av	Charles White / Charles.J.White@gmail.com	29073
2010/01/06_22:35	stickingout.cn/upd/setup01.exe	93.174.95.140	-	trojan	GillyRonda / RondaGilly@xhotmail.net	29073
2010/01/06_22:35	editedout.cn/readdatagateway.php?type=stats&affid=293&subid=new&version=2.0&adwareok	93.174.95.140	-	malware calls home	GillyRonda / RondaGilly@xhotmail.net	29073
2009/12/23_23:46	puttingout.cn/upd/setup.exe	93.174.95.140	-	trojan	GillyRonda / RondaGilly@xhotmail.net	29073
2009/12/23_23:46	editedout.cn/readdatagateway.php?type=stats&affid=184&subid=new&version=2.0&adwareok	93.174.95.140	-	malware calls home	GillyRonda / RondaGilly@xhotmail.net	29073
2009/12/23_16:35	winrescueupdate.com/download/winlogo.bmp	89.248.162.147	-	belongs to Rogue CoreGuard Antivirus 2009	Henry Nguyen Gong contact@privacy-protect.cn	29073
2009/12/14_16:01	operatedout.cn/setup/setup.exe	93.174.95.140	-	trojan	GillyRonda / RondaGilly@xhotmail.net	29073
2009/12/14_11:05	washedout.cn/readdatagateway.php?type=stats&affid=216&subid=new&version=1.0&adwareok	93.174.95.140	-	malware calls home	GillyRonda / RondaGilly@xhotmail.net	29073
2009/12/11_06:03	goscansort.com/?uid=12502	93.174.95.191	-	fake av	Andreas Zordan / Email: stgeyman@gmail.com	29073
2009/12/11_06:03	goscansort.com/?uid=12501	93.174.95.191	-	fake av	Andreas Zordan / Email: stgeyman@gmail.com	29073
2009/12/06_16:46	cammaru.cn/cp/tasksz.php?load=5f407072ed55f00c3be44df34a085a4a&id=11	89.248.162.164	hosted-by.ecatel.net.	trojan Bredolab	googlegoogle / gamegalenty@mail.ru	29073

Page 0 1 ... 2

Search:			Results to return:		Include inactive sites