WARNING: All domains on this website should be considered dangerous. If you do
not know what you are doing here, it is recommended you leave right away. This
website is a resource for security professionals and enthusiasts.
Date (UTC) | Domain | IP | Reverse Lookup | Description | Registrant | ASN | |
⇑ ⇓ | ⇑ ⇓ | ⇑ ⇓ | ⇑ ⇓ | ⇑ ⇓ | ⇑ ⇓ | ⇑ ⇓ | |
2017/06/02_08:38 | sarahdaniella.com/swift/SWIFT%20$.pdf.ace | 63.247.140.224 | coriandertest.hmdnsgroup.com. | trojan | Registrar Abuse Contact abuse@gkg.net | 19271 | |
2017/05/01_16:22 | amazon-sicherheit.kunden-ueberpruefung.xyz | 185.61.138.74 | hosted-by.blazingfast.io. | phishing | - | 49349 | |
2017/03/20_10:13 | alegroup.info/ntnrrhst | 194.87.217.87 | mccfortwayne.org. | Ransom, Fake.PCN, Malspam | Lee Everton / lee_everton2002@yahoo.com | 197695 | |
2017/03/20_10:13 | fourthgate.org/Yryzvt | 104.200.67.194 | - | Ransom, Fake.PCN, Malspam | Charlie Dillon / godaddy@638united.com | 8100 | |
2017/03/20_10:13 | dieutribenhkhop.com/parking/ | 84.200.4.125 | 125.0-255.4.200.84.in-addr.arpa. | Ransom, Fake.PCN, Malspam | - | 31400 | |
2017/03/20_10:13 | dieutribenhkhop.com/parking/pay/rd.php?id=10 | 84.200.4.125 | 125.0-255.4.200.84.in-addr.arpa. | Ransom, Fake.PCN, Malspam | - | 31400 | |
2017/03/14_23:02 | ssl-6582datamanager.de/ | 54.72.9.51 | ec2-54-72-9-51.eu-west-1.compute.amazonaws.com. | redirects to Paypal phishing | goldanderwand@aol.com | 16509 | |
2017/03/14_23:02 | privatkunden.datapipe9271.com/ | 104.31.75.147 | - | Paypal phishing | Registrar Abuse Contact abuse@namecheap.com | 13335 | |
2017/03/06_21:09 | www.hjaoopoa.top/admin.php?f=1.gif | 52.207.234.89 | ec2-52-207-234-89.compute-1.amazonaws.com. | Cerber ransomware | Registrant lecborbobl@rothtec.com | 14618 | |
2017/03/06_21:09 | up.mykings.pw:8888/update.txt | 60.250.76.52 | 60-250-76-52.HINET-IP.hinet.net. | related to a Mirai windows spreader trojan | Registrant 30da1310f05f42d7a349460c551aee6f.protect@whoisguard.com | 3462 | |
2017/03/06_21:09 | down.mykings.pw:8888/ver.txt | 60.250.76.52 | 60-250-76-52.HINET-IP.hinet.net. | related to a Mirai windows spreader trojan | Registrant 30da1310f05f42d7a349460c551aee6f.protect@whoisguard.com | 3462 | |
2017/03/06_21:09 | down.mykings.pw:8888/ups.rar | 60.250.76.52 | 60-250-76-52.HINET-IP.hinet.net. | related to a Mirai windows spreader trojan | Registrant 30da1310f05f42d7a349460c551aee6f.protect@whoisguard.com | 3462 | |
2017/02/09_14:04 | fo5.a1-downloader.org/g2v9s1.php?id=yourname@yourdomain.com | 188.225.32.177 | vds-tibca.timeweb.ru. | trojan download | Protection of Private Person / a1-downloader.org@regprivate.ru | 9123 | |
2017/01/25_20:16 | falconsafe.com.sg/api/get.php?id=aW5mb0BzYXBjdXBncmFkZXMuY29t | 43.229.84.107 | - | Trojan.Backdoor, Office.Word.Downloader | domain@exabytes.sg | 38532 | |
2017/01/25_20:15 | www.lifelabs.vn/api/get.php?id=aW5mb0BzYXBjdXBncmFkZXMuY29t | 118.69.196.199 | - | Trojan.Backdoor, Office.Word.Downloader | - | 18403 | |
2017/01/19_13:05 | 61kx.uk-insolvencydirect.com/sending_data/in_cgi/bbwp/cases/Inquiry.php | 35.166.113.223 | ec2-35-166-113-223.us-west-2.compute.amazonaws.com. | leads to ransomware | Registrar Abuse Contact abuse@namesilo.com | 16509 | |
2017/01/19_13:05 | daralasnan.com/wp-content/plugins/mkazaqbya/vmywyvz4.php | 166.62.12.1 | sg2nlhg800c1800.shr.prod.sin2.secureserver.net. | leads to ransomware | - | 26496 | |
2017/01/19_13:05 | www.studiolegaleabbruzzese.com/wp-content/plugins/urxwhbnw3ez/flight_4832.pdf | 62.149.142.206 | webx440.aruba.it. | ransomware | Registrar Abuse Contact domainabuse@tucows.com | 31034 | |
2017/01/19_13:05 | raneevahijab.id/adnin/box/workspace/ | 103.24.13.91 | server3.e-cbncloud.co.id. | phishing site | - | 132644 | |
2016/10/30_01:52 | kingskillz.ru/~kingskil/Prince/Man/lucy/mine/shit.exe | 85.143.215.183 | 62695.simplecloud.club. | Trojan.FareIt | - | 201848 | |
2016/10/13_14:03 | www.family-partners.fr/data.dpg | 95.142.169.132 | xvm-169-132.ghst.net. | ransomware | noc@gandi.net | 29169 | |
2016/10/13_14:03 | elmissouri.fr/data.dpg | 213.186.33.50 | cluster017.ovh.net. | ransomware | tech@ovh.net | 16276 | |
2016/09/21_12:12 | apexgames.org/ykxj6/par/factura.zip | 166.62.112.150 | ip-166-62-112-150.ip.secureserver.net. | Javascript inside zip file leads to trojan | APEXGAMES.ORG@domainsbyproxy.com | 26496 | |
2016/09/21_12:12 | art-archiv.ru/images/animated-number/docum-arhiv.exe | 81.177.139.111 | - | trojan | - | 8342 | |
2016/09/15_10:06 | catjogger.win/ganel/gate.php | 213.145.225.170 | web02.chillydomains.com. | pony loader c&c; | - | 25575 | |
2016/09/15_08:48 | tscl.com.bd/m/RI%20XIN%20QUOTATION%20LIST.zip | 209.99.16.206 | 206.0/24.16.99.209.in-addr.arpa. | trojan inside zip file | - | 394695 | |
2016/09/14_20:05 | ad.getfond.info | 83.217.26.203 | ru2.com. | PlugX C&C; | jack tom / tom19822018@outlook.com | 200161 | |
2016/09/06_12:42 | jessisjewels.com/disk/update/postmaster/en/?ar=yourname@yourdomain.com | 50.87.153.96 | 50-87-153-96.unifiedlayer.com. | phishing site | - | 46606 | |
2016/09/06_11:49 | structured.blackswanstore.com/plc/header.js | 5.200.55.91 | - | leads to exploit kit | - | 48096 | |
2016/09/05_10:07 | ross.starvingmillionaire.org/unveiled/dropdown.js?ver=496e05e1aea0a9c4655800e8a7b9ea28 | 5.200.55.58 | - | leads to exploit kit | Keith Weaver / keith@keithlweaver.com | 48096 | |
2016/09/05_09:37 | ad.9tv.co.il/serv4/www/delivery/ajs.php?zoneid=37&cb;=54350405237&charset;=utf-8 | 62.219.67.44 | bzq-67-44.red.bezeqint.net. | iframe on compromised site leads to exploit kit | - | 8551 | |
2016/09/05_09:37 | giants.yourzip.co/static/quotes.js?ver=d58072be2820e8682c0a27c0518e805e | 5.200.55.58 | - | leads to exploit kit | David Atherton / automotiveace@gmail.com | 48096 | |
2016/09/05_09:37 | evans.babajilab.in/specimen/1479491/tire-something-detect-five-what-knot-unknown-entertain-stiff | 85.143.219.181 | 60567.simplecloud.club. | exploit kit | Zimong Software Private Limited Zimong Software Private Limited / info@zimong.com | 201848 | |
2016/09/01_17:35 | tahit.wastech2016.in/xcqrsw3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | Chirag Bhimani / chirag@bhimani.in | 49981 | |
2016/09/01_17:00 | pogruz.wanyizhao.net/ceqxwu3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | Registrant wangsongd@gmail.com | 49981 | |
2016/09/01_16:55 | livre.wasastation.fi/ceqxwu3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/09/01_14:55 | sanya.vipc2f.com/ceqxwu3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | Registrar Abuse Contact abuse@namesilo.com | 49981 | |
2016/09/01_11:55 | tanner.alicerosenmanmemorial.com/hggfgl3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/30_12:25 | wuvac.agwebdigital.com/dsgajo3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | Registrant WK356W35HL64VDK@PROXY.DREAMHOST.COM | 49981 | |
2016/08/30_12:20 | rufex.ajfingenieros.cl/dsgajo3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/29_15:40 | cqji.artidentalkurs.com/vdgqb3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/29_14:25 | unlink.altitude.lv/vdgqb3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | siaaltitude@gmail.com | 49981 | |
2016/08/29_13:15 | vitaly.agricolacolhue.cl/rncbu3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/29_13:10 | geil.alon3.tk/rncbu3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | E-mail: abuse: abuse@freenom.com, copyright infringement: copyright@freenom.com | 49981 | |
2016/08/29_12:35 | honor.agitaattori.fi/rncbu3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/26_17:35 | gojnox.boxtomarket.com/yxmvr3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | Registrant VENTAS@CAMINOWEB.COM | 49981 | |
2016/08/26_16:55 | womsy.bobbutcher.net/rtuee3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/26_15:40 | bonjo.bmbsklep.pl/jvoxyj3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | domeny@ConsultingService.pl | 49981 | |
2016/08/26_15:05 | pybul.bestfrozenporn.nl/jvoxyj3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/26_12:35 | soxorok.ddospower.ro/lwwxx3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/26_12:00 | funkucck.bluerobot.cl/lwwxx3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/26_11:55 | wixx.caliptopis.cl/lwwxx3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/26_10:45 | mepra.blautechnology.cl/pwigd3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/26_10:10 | wopper.bioblitzgaming.ca/pwigd3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/23_18:45 | losas.cabanaslanina.com.ar/wkicrz3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/23_18:40 | losos.caliane.com.br/wkicrz3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | Newton Arigony da Silva Neto / newtondf@gmail.com | 49981 | |
2016/08/23_17:30 | pumpkin.brisik.net/rvgkm3.html | 93.190.140.162 | customer.worldstream.nl. | gateway to EK | Registrar Abuse Contact abuse@melbourneit.com.au | 49981 | |
2016/08/22_18:45 | decorator.crabgrab.cl/rjavgx3.html | 93.190.140.163 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/22_16:35 | scanty.colormark.cl/rjavgx3.html | 93.190.140.163 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/08/13_10:47 | coffeol.com/fend/raw_server.exe | 208.112.30.120 | - | Trojan.Backdoor | - | 20021 | |
2016/08/13_10:47 | www.pgathailand.com/which.exe | 128.199.127.7 | pyptech.net. | Trojan.P0ny | - | 133165 | |
2016/08/12_07:01 | euro-vertrieb.com/hosteurope/KIS-Login.htm | 217.31.81.101 | zaphod3-1.hostweb.de. | Hosteurope phishing | Registrar Abuse Contact abuse@corehub.net | 29140 | |
2016/08/09_20:02 | www.jcmarcadolib.com/hbc/a.php | 82.221.129.16 | esja.orangewebsite.com. | phishing | Registrar Abuse Contact abuse@internet.bs | 50613 | |
2016/08/09_12:36 | avokka.com/Panel/dl.exe | 67.212.91.221 | beach.sibername.com. | Trojan.Backdoor | Registrant contact@privacyprotect.org | 10929 | |
2016/08/09_12:36 | avokka.com/Panel/gate.php | 67.212.91.221 | beach.sibername.com. | Trojan.C&C; | Registrant contact@privacyprotect.org | 10929 | |
2016/07/21_16:35 | lexu.goggendorf.at/nukgfr2.html | 93.190.140.121 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/21_16:30 | victor.connectcloud.ch/nukgfr2.html | 93.190.140.121 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/21_15:20 | molla.gato1000.cl/edmiu2.html | 93.190.140.121 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/21_14:45 | hmora.fred-build.tk/odbsx2.html | 93.190.140.121 | customer.worldstream.nl. | gateway to EK | E-mail: abuse: abuse@freenom.com, copyright infringement: copyright@freenom.com | 49981 | |
2016/07/21_14:40 | peeg.fronterarq.cl/odbsx2.html | 93.190.140.121 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/21_13:20 | adv.riza.it/www/delivery/ajs.php?zoneid=51&cb;=96020978060 | 62.149.195.107 | host107-195-149-62.serverdedicati.aruba.it. | iframe on compromised site leads to exploit kit | - | 31034 | |
2016/07/21_12:15 | borat.elticket.com.ar/pkge2.html | 93.190.140.121 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/20_17:35 | lay.elticket.com.ar/tslwo2.html | 93.190.140.121 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/20_16:30 | plank.duplicolor.cl/zbtqvc2.html | 93.190.140.121 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/20_16:25 | pave.elisecries.com/zbtqvc2.html | 93.190.140.121 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/20_15:15 | spread.diadanoivabh.com.br/alvbh2.html | 93.190.140.121 | customer.worldstream.nl. | gateway to EK | Bernardo Barreto Cyrillo / bernardobcy@gmail.com | 49981 | |
2016/07/20_14:05 | smilll.depozit.hr/bgaldb2.html | 93.190.140.121 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/18_18:30 | soros.departamentosejecutivos.cl/venak2.html | 93.190.140.118 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/18_17:31 | www.luce.polimi.it/it/ | 131.175.187.208 | web193.asict.polimi.it. | iframe on compromised site leads to EK | - | 137 | |
2016/07/18_17:15 | stock.daydreamfuze.com/rxdjna2.html | 93.190.140.118 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/18_16:40 | vdula.czystykod.pl/rxdjna2.html | 93.190.140.118 | customer.worldstream.nl. | gateway to EK | domeny@ConsultingService.pl | 49981 | |
2016/07/18_15:30 | produla.czatgg.pl/rxdjna2.html | 93.190.140.118 | customer.worldstream.nl. | gateway to EK | bok@biznes-host.pl | 49981 | |
2016/07/18_13:10 | aircraft.evote.cl/ybluq2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/14_17:25 | absurdity.flarelight.com/xdnkn2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | Registrar Abuse Contact domains@crazydomains.com | 49981 | |
2016/07/14_15:35 | pacan.gofreedom.info/omrjy2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | Go Freedom Info / gofreedom@protonmail.ch | 49981 | |
2016/07/14_15:30 | pacman.gkgar.com/omrjy2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | Registrant tekinabay4@hotmail.com | 49981 | |
2016/07/14_14:20 | terem.eltransbt.ro/ysfmgl2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/14_14:15 | likes.gisnetwork.net/ysfmgl2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | Registrar Abuse Contact domainabuse@tucows.com | 49981 | |
2016/07/14_13:10 | personal.editura-amsibiu.ro/rdxzmt2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/13_18:20 | above.e-rezerwacje24.pl/uzjuz2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | bok@domena.pl | 49981 | |
2016/07/13_18:15 | headless.ebkfwd.com/uzjuz2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | Registrar Abuse Contact domainabuse@tucows.com | 49981 | |
2016/07/13_17:05 | higher.dwebsi.tk/uzjuz2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | E-mail: abuse: abuse@freenom.com, copyright infringement: copyright@freenom.com | 49981 | |
2016/07/13_16:30 | crops.dunight.eu/uzjuz2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | NOT DISCLOSED! / - | 49981 | |
2016/07/13_12:50 | invention.festinolente.cl/ajuijm2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/13_12:45 | erupt.fernetmoretti.com.ar/ajuijm2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/13_12:15 | stork.escortfinder.cl/ajuijm2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | - | 49981 | |
2016/07/13_12:10 | vomit.facilitandosonhos.com.br/ajuijm2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | Mariana Helena Queiroz Santos / marianahqs@gmail.com | 49981 | |
2016/07/13_11:10 | trifle.ernstenco.be/ajuijm2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | Not shown, please visit www.dnsbelgium.be for webbased whois. / administrator@mijnhostingpartner.nl | 49981 | |
2016/07/12_13:19 | www.ywvcomputerprocess.info/errorreport/ty5ug6h4ndma4/ | 103.224.212.222 | lb-212-222.above.com. | fake alert page | ywvcomputerprocess.info@domainsbyproxy.com | 133618 | |
2016/07/08_16:55 | cosmos.furnipict.com/gsvot2.html | 93.190.140.110 | customer.worldstream.nl. | gateway to EK | Registrar Abuse Contact domainabuse@tucows.com | 49981 | |