CLEAN MX realtime database    
public access query for virus URL statistics
Totally watched: Walker is running: 467(607) http://ddos.tw/Built.exe
Subscribe to the VirusWatch Mailing list, updated hourly

This database consists of Virus URI, collected and verified since Feb 2006
Tweet
If you detect URI'S concerning your netblock, already closed... you have made a good job, otherwise please close them as soon as possible.

to look at some nice charts, there are complete statisticsstatistics for this database
Attention: all URI'S are manually verified, but not cross-checked for real viruses function in this moment you make this query.(Sites may have been closed already..)
Our automatic Viruswalker process is scheduled every hour, so you may see now a incident and this one will be resolved later on.
So please keep on sending close-feedbacks to us...

if you have questions, criticism, wishes or ... do not hesitate to contact us at abuse@clean-mx.de
Our PBX is down you may reach us by cell phone +49 171 4802507 ...
Query as xml: Same query as xml output
TIMERS: Runtime Query: 8.8541 Seconds 10 hits
helpLine help#descendigascending helpDatedescendigascending helpCloseddescendigascending helphours helpcontributordescendigascending helpvirusnamedescendigascending helpURLdescendigascending helpip state helpresponsedescendigascending helpIp initialdescendigascending helpAS#descendigascending helpip reviewdescendigascending helpURLdescendigascending helpDomaindescendigascending helpcountrydescendigascending helpsourcedescendigascending helpemaildescendigascending helpinetnumdescendigascending helpnetnamedescendigascending helpdescrdescendigascending helpns1descendigascending helpns2descendigascending helpns3descendigascending helpns4descendigascending helpns5descendigascending helpURLdescendigascending
1 follow up this item(11107343) 11107343 Report false positive Report closed case make a suggestion 2013-05-17 21:40:38     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
9/46 (19.6%) JS/Exploit-Blacole.ht Blacole.TV JS:Decode-AAV [Trj] HEUR:Trojan.Script.Generic Trojan.JS.Obfuscator.aa (v) JS/Exploit-Blacole.ht Exploit:JS/Coolex.D JS:Decode-AAV Trojan.HTML.Agent lookup in virustotal.com (9e7e02193fa0fa99404b517170468448)-->[http://www.virustotal.com/latest-report.html?resource=9e7e02193fa0fa99404b517170468448]follow up this md5sum(9e7e02193fa0fa99404b517170468448)follow up this itemfollow up this virusname (Trojan.HTML.Agent) as RSS-Feedfollow up this malware(Trojan.HTML.Agent) for scanner (undef) in md5 table9/46 (19.6%) Trojan.HTML.Agent
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://lahuertas.com/  up No previous evidence recordedSaved evidence (23971 Bytes) of last contact as txt May 17 2013 22:25:30 CEST. aliveSaved log of last contact as txt May 17 2013 22:25:30 CEST. SenderBaselookup 184.168.152.41 at virustotallookup 184.168.152.41 at Rus CERT university stuttgart germanylookup 184.168.152.41 at ARINfollow up this item(ip) in same window 184.168.152.41 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS26496) in networks tablefollow up this itemfollow up this AS (AS26496) as RSS-Feed AS26496 SenderBaselookup 184.168.152.41 at virustotallookup 184.168.152.41 at Rus CERT university stuttgart germanylookup 184.168.152.41 at ARINfollow up this item(review) in same window 184.168.152.41 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://lahuertas.com/ lookup lahuertas.com at virustotalfollow up this domain(lahuertas.com) lahuertas.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@godaddy.com) as RSS-Feed abuse@godaddy.com follow up this itemfollow up this item 184.168.0.0 - 184.168.255.255 follow up this item GO-DADDY-SOFTWARE-INC follow up this item GoDaddy.com, Inc. GODAD 14455 N Hayden Road Suite 226 Scottsdale AZ 85260 follow up this item ns70.domaincontrol.com follow up this item ns69.domaincontrol.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://lahuertas.com/
2 follow up this item(11107157) 11107157 Report false positive Report closed case make a suggestion 2013-05-17 21:40:30     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
8/47 (17%) Generic.JS.Clickjack.1.089A7B8D Generic.JS.Clickjack.1.089A7B8D HTML:FBJack-A [Trj] Generic.JS.Clickjack.1.089A7B8D Troj/Iframe-ET Generic.JS.Clickjack.1.089A7B8D Generic.JS.Clickjack.1.089A7B8D (B) Generic.JS.Clickjack.1.089A7B8D lookup in virustotal.com (50c59cfbb352604dcadf554fe9f9b971)-->[http://www.virustotal.com/latest-report.html?resource=50c59cfbb352604dcadf554fe9f9b971]follow up this md5sum(50c59cfbb352604dcadf554fe9f9b971)follow up this itemfollow up this virusname (Generic.JS.Clickjack.1.089A7B8D) as RSS-Feedfollow up this malware(Generic.JS.Clickjack.1.089A7B8D) for scanner (undef) in md5 table8/47 (17%) Generic.JS.Clickjack.1.089A7B8D
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://dloading.com/maatran%20mp4%20vide ...  up No previous evidence recordedSaved evidence (7414 Bytes) of last contact as txt May 17 2013 22:27:12 CEST. aliveSaved log of last contact as txt May 17 2013 22:27:12 CEST. SenderBaselookup 173.201.146.1 at virustotallookup 173.201.146.1 at Rus CERT university stuttgart germanylookup 173.201.146.1 at ARINfollow up this item(ip) in same window 173.201.146.1 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS26496) in networks tablefollow up this itemfollow up this AS (AS26496) as RSS-Feed AS26496 SenderBaselookup 173.201.146.1 at virustotallookup 173.201.146.1 at Rus CERT university stuttgart germanylookup 173.201.146.1 at ARINfollow up this item(review) in same window 173.201.146.1 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://dloading.com/maatran%20mp4%20vide ... lookup dloading.com at virustotalfollow up this domain(dloading.com) dloading.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@godaddy.com) as RSS-Feed abuse@godaddy.com follow up this itemfollow up this item 173.201.0.0 - 173.201.255.255 follow up this item GO-DADDY-SOFTWARE-INC follow up this item GoDaddy.com, Inc. GODAD 14455 N Hayden Road Suite 226 Scottsdale AZ 85260 follow up this item ns78.domaincontrol.com follow up this item ns77.domaincontrol.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://dloading.com/maatran%20mp4%20vide ...
3 follow up this item(11107129) 11107129 Report false positive Report closed case make a suggestion 2013-05-17 21:40:28     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
22/46 (47.8%) Trojan.HTML.IFrame.I IFrame.gen IframeRef.DI TROJ_GEN.F47V0312 HTML:Iframe-inf Trojan.JS-37 Trojan.HTML.IFrame.I Troj/Iframe-BW UnclassifiedMalware Trojan.HTML.IFrame.I HTML/Infected.WebPage.Gen3 Trojan.HTML.IFrame.I (B) Exploit:HTML/IframeRef.E Trojan.H lookup in virustotal.com (7ea33b70e3cf17953ede31a961af027e)-->[http://www.virustotal.com/latest-report.html?resource=7ea33b70e3cf17953ede31a961af027e]follow up this md5sum(7ea33b70e3cf17953ede31a961af027e)follow up this itemfollow up this virusname (HTML%2FInfected.WebPage.Gen3) as RSS-Feedlookup Virusname at avirafollow up this malware(HTML%2FInfected.WebPage.Gen3) for scanner (avira) in md5 table22/46 (47.8%) HTML/Infected.WebPage.Gen3
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://cicekcicicek.com/  up No previous evidence recordedSaved evidence (13234 Bytes) of last contact as txt May 17 2013 22:16:10 CEST. aliveSaved log of last contact as txt May 17 2013 22:16:10 CEST. SenderBaselookup 208.109.14.24 at virustotallookup 208.109.14.24 at Rus CERT university stuttgart germanylookup 208.109.14.24 at ARINfollow up this item(ip) in same window 208.109.14.24 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS26496) in networks tablefollow up this itemfollow up this AS (AS26496) as RSS-Feed AS26496 SenderBaselookup 208.109.14.24 at virustotallookup 208.109.14.24 at Rus CERT university stuttgart germanylookup 208.109.14.24 at ARINfollow up this item(review) in same window 208.109.14.24 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://cicekcicicek.com/ lookup cicekcicicek.com at virustotalfollow up this domain(cicekcicicek.com) cicekcicicek.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@godaddy.com) as RSS-Feed abuse@godaddy.com follow up this itemfollow up this item 208.109.0.0 - 208.109.255.255 follow up this item GO-DADDY-SOFTWARE-INC follow up this item GoDaddy.com, Inc. GODAD 14455 N Hayden Road Suite 226 Scottsdale AZ 85260 follow up this item ns13.domaincontrol.com follow up this item ns14.domaincontrol.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://cicekcicicek.com/
4 follow up this item(11106873) 11106873 Report false positive Report closed case make a suggestion 2013-05-17 21:20:17     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
21/47 (44.7%) Trojan.Script.480964 Trojan.Script.480964 JS/Exploit-Blacole.gc Trojan.Script.Expack.blnsat Blacole.TN JS:Decode-LI [Trj] Trojan-Downloader.HTML.IFrame.ahr Trojan.Script.480964 Troj/JSRedir-JT TrojWare.JS.Agent.EA Trojan.Script.480964 Exploit.BlackHole.1 lookup in virustotal.com (c1ba619195ac1e3c2dab9b4e35785af0)-->[http://www.virustotal.com/latest-report.html?resource=c1ba619195ac1e3c2dab9b4e35785af0]follow up this md5sum(c1ba619195ac1e3c2dab9b4e35785af0)follow up this itemfollow up this virusname (HTML%2FFramer) as RSS-Feedfollow up this malware(HTML%2FFramer) for scanner (undef) in md5 table21/47 (44.7%) HTML/Framer
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://wyomingsportsmansgunshows.com/ind ...  up No previous evidence recordedSaved evidence (57879 Bytes) of last contact as txt January 20 2013 23:50:13 CET. aliveSaved log of last contact as txt May 17 2013 22:17:21 CEST. SenderBaselookup 184.168.137.128 at virustotallookup 184.168.137.128 at Rus CERT university stuttgart germanylookup 184.168.137.128 at ARINfollow up this item(ip) in same window 184.168.137.128 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS26496) in networks tablefollow up this itemfollow up this AS (AS26496) as RSS-Feed AS26496 SenderBaselookup 184.168.137.128 at virustotallookup 184.168.137.128 at Rus CERT university stuttgart germanylookup 184.168.137.128 at ARINfollow up this item(review) in same window 184.168.137.128 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://wyomingsportsmansgunshows.com/ind ... lookup wyomingsportsmansgunshows.com at virustotalfollow up this domain(wyomingsportsmansgunshows.com) wyomingsportsmansgunshows.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@godaddy.com) as RSS-Feed abuse@godaddy.com follow up this itemfollow up this item 184.168.0.0 - 184.168.255.255 follow up this item GO-DADDY-SOFTWARE-INC follow up this item GoDaddy.com, Inc. GODAD 14455 N Hayden Road Suite 226 Scottsdale AZ 85260 follow up this item ns68.domaincontrol.com follow up this item ns67.domaincontrol.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://wyomingsportsmansgunshows.com/ind ...
5 follow up this item(11106868) 11106868 Report false positive Report closed case make a suggestion 2013-05-17 21:20:13     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
16/47 (34%) Trojan.Iframe.BMY Trojan.Iframe.BMY Trojan.Html.Iframer.bprxev Iframe.gen HTML:Iframe-ZG [Trj] HEUR:Trojan.Script.Generic Trojan.Iframe.BMY TrojWare.JS.Iframe.GJ Trojan.Iframe.BMY JS.IFrame.425 HTML/Infected.WebPage.Gen3 Heuristic.LooksLike.HTML.Infected lookup in virustotal.com (23390eaca32e6f368c525c87406d0848)-->[http://www.virustotal.com/latest-report.html?resource=23390eaca32e6f368c525c87406d0848]follow up this md5sum(23390eaca32e6f368c525c87406d0848)follow up this itemfollow up this virusname (JS%2FIframe.BMY%21tr) as RSS-Feedfollow up this malware(JS%2FIframe.BMY%21tr) for scanner (undef) in md5 table16/47 (34%) JS/Iframe.BMY!tr
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://vgroup.us/  up No previous evidence recordedSaved evidence (25779 Bytes) of last contact as txt May 17 2013 22:18:28 CEST. aliveSaved log of last contact as txt May 17 2013 22:18:28 CEST. SenderBaselookup 184.168.137.128 at virustotallookup 184.168.137.128 at Rus CERT university stuttgart germanylookup 184.168.137.128 at ARINfollow up this item(ip) in same window 184.168.137.128 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS26496) in networks tablefollow up this itemfollow up this AS (AS26496) as RSS-Feed AS26496 SenderBaselookup 184.168.137.128 at virustotallookup 184.168.137.128 at Rus CERT university stuttgart germanylookup 184.168.137.128 at ARINfollow up this item(review) in same window 184.168.137.128 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://vgroup.us/ lookup vgroup.us at virustotalfollow up this domain(vgroup.us) vgroup.us follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@godaddy.com) as RSS-Feed abuse@godaddy.com follow up this itemfollow up this item 184.168.0.0 - 184.168.255.255 follow up this item GO-DADDY-SOFTWARE-INC follow up this item GoDaddy.com, Inc. GODAD 14455 N Hayden Road Suite 226 Scottsdale AZ 85260 follow up this item ns13.domaincontrol.com follow up this item ns14.domaincontrol.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://vgroup.us/
6 follow up this item(11106863) 11106863 Report false positive Report closed case make a suggestion 2013-05-17 21:20:07     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
16/47 (34%) Trojan.Iframe.BMY Trojan.Iframe.BMY Trojan.Html.Iframer.bprxev Iframe.gen HTML:Iframe-ZG [Trj] HEUR:Trojan.Script.Generic Trojan.Iframe.BMY TrojWare.JS.Iframe.GJ Trojan.Iframe.BMY JS.IFrame.425 HTML/Infected.WebPage.Gen3 Heuristic.LooksLike.HTML.Infected lookup in virustotal.com (23390eaca32e6f368c525c87406d0848)-->[http://www.virustotal.com/latest-report.html?resource=23390eaca32e6f368c525c87406d0848]follow up this md5sum(23390eaca32e6f368c525c87406d0848)follow up this itemfollow up this virusname (JS%2FIframe.BMY%21tr) as RSS-Feedfollow up this malware(JS%2FIframe.BMY%21tr) for scanner (undef) in md5 table16/47 (34%) JS/Iframe.BMY!tr
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://fhtmgroup.com/  up No previous evidence recordedSaved evidence (25779 Bytes) of last contact as txt May 17 2013 22:19:45 CEST. aliveSaved log of last contact as txt May 17 2013 22:19:45 CEST. SenderBaselookup 184.168.137.128 at virustotallookup 184.168.137.128 at Rus CERT university stuttgart germanylookup 184.168.137.128 at ARINfollow up this item(ip) in same window 184.168.137.128 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS26496) in networks tablefollow up this itemfollow up this AS (AS26496) as RSS-Feed AS26496 SenderBaselookup 184.168.137.128 at virustotallookup 184.168.137.128 at Rus CERT university stuttgart germanylookup 184.168.137.128 at ARINfollow up this item(review) in same window 184.168.137.128 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://fhtmgroup.com/ lookup fhtmgroup.com at virustotalfollow up this domain(fhtmgroup.com) fhtmgroup.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@godaddy.com) as RSS-Feed abuse@godaddy.com follow up this itemfollow up this item 184.168.0.0 - 184.168.255.255 follow up this item GO-DADDY-SOFTWARE-INC follow up this item GoDaddy.com, Inc. GODAD 14455 N Hayden Road Suite 226 Scottsdale AZ 85260 follow up this item ns77.domaincontrol.com follow up this item ns78.domaincontrol.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://fhtmgroup.com/
7 follow up this item(11106811) 11106811 Report false positive Report closed case make a suggestion 2013-05-17 21:11:12     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
5/36 (13.9%) JS/Exploit-Blacole.iw HEUR:Trojan.Script.Generic Mal/JSRedir-H JS/Exploit-Blacole.iw Trojan:HTML/BlacoleRef.B lookup in virustotal.com (7df6055a88ca892641c7cef812d2558a)-->[http://www.virustotal.com/latest-report.html?resource=7df6055a88ca892641c7cef812d2558a]follow up this md5sum(7df6055a88ca892641c7cef812d2558a)follow up this itemfollow up this virusname (HEUR%3ATrojan.Script.Generic) as RSS-Feedfollow up this malware(HEUR%3ATrojan.Script.Generic) for scanner (Kaspersky) in md5 table5/36 (13.9%) HEUR:Trojan.Script.Generic
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.compgroup.com/sunni/index.htm ...  up No previous evidence recordedSaved evidence (445 Bytes) of last contact as txt May 17 2013 22:27:35 CEST. aliveSaved log of last contact as txt May 17 2013 22:27:35 CEST. SenderBaselookup 208.109.181.139 at virustotallookup 208.109.181.139 at Rus CERT university stuttgart germanylookup 208.109.181.139 at ARINfollow up this item(ip) in same window 208.109.181.139 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS26496) in networks tablefollow up this itemfollow up this AS (AS26496) as RSS-Feed AS26496 SenderBaselookup 208.109.181.139 at virustotallookup 208.109.181.139 at Rus CERT university stuttgart germanylookup 208.109.181.139 at ARINfollow up this item(review) in same window 208.109.181.139 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.compgroup.com/sunni/index.htm ... lookup compgroup.com at virustotalfollow up this domain(compgroup.com) compgroup.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@godaddy.com) as RSS-Feed abuse@godaddy.com follow up this itemfollow up this item 208.109.0.0 - 208.109.255.255 follow up this item GO-DADDY-SOFTWARE-INC follow up this item GoDaddy.com, Inc. GODAD 14455 N Hayden Road Suite 226 Scottsdale AZ 85260 follow up this item ns44.domaincontrol.com follow up this item ns43.domaincontrol.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.compgroup.com/sunni/index.htm ...
8 follow up this item(11106693) 11106693 Report false positive Report closed case make a suggestion 2013-05-17 21:10:30     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
16/47 (34%) JS/Coolex.D JS/Blacole-Redirect.ad Trojan.Script.Redirector.bqgpfz JS/IFrame.RS.gen BlacoleRef.BC JS:Decode-AFL [Trj] Trojan-Downloader.JS.Iframe.ddp JS.IFrame.429 JS/EXP.Redir.EL.7 Heuristic.BehavesLike.JS.Infected.D Exploit:JS/Coolex.D JS:Decode-AFL JS lookup in virustotal.com (45338d3cdf8fda051fde5ef6380fea93)-->[http://www.virustotal.com/latest-report.html?resource=45338d3cdf8fda051fde5ef6380fea93]follow up this md5sum(45338d3cdf8fda051fde5ef6380fea93)follow up this itemfollow up this virusname (HTML%2FFramer) as RSS-Feedfollow up this malware(HTML%2FFramer) for scanner (undef) in md5 table16/47 (34%) HTML/Framer
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://georgiaethicsreform.com/  up No previous evidence recordedSaved evidence (39212 Bytes) of last contact as txt May 17 2013 22:16:55 CEST. aliveSaved log of last contact as txt May 17 2013 22:16:55 CEST. SenderBaselookup 184.168.235.1 at virustotallookup 184.168.235.1 at Rus CERT university stuttgart germanylookup 184.168.235.1 at ARINfollow up this item(ip) in same window 184.168.235.1 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS26496) in networks tablefollow up this itemfollow up this AS (AS26496) as RSS-Feed AS26496 SenderBaselookup 184.168.235.1 at virustotallookup 184.168.235.1 at Rus CERT university stuttgart germanylookup 184.168.235.1 at ARINfollow up this item(review) in same window 184.168.235.1 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://georgiaethicsreform.com/ lookup georgiaethicsreform.com at virustotalfollow up this domain(georgiaethicsreform.com) georgiaethicsreform.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@godaddy.com) as RSS-Feed abuse@godaddy.com follow up this itemfollow up this item 184.168.0.0 - 184.168.255.255 follow up this item GO-DADDY-SOFTWARE-INC follow up this item GoDaddy.com, Inc. GODAD 14455 N Hayden Road Suite 226 Scottsdale AZ 85260 follow up this item ns67.domaincontrol.com follow up this item ns68.domaincontrol.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://georgiaethicsreform.com/
9 follow up this item(11106602) 11106602 Report false positive Report closed case make a suggestion 2013-05-17 21:00:16     follow up this itemfollow up this contributor (cross posting from portals) as RSS-Feed sub17possible lookup Evidence at malwaredomainlist.com
24/47 (51.1%) JS:Trojan.Script.AAL JS:Trojan.Script.AAL JS/Exploit-Blacole.em Trojan.Html.Iframe.bovzxf JS/IFrame.RS.gen Blacole.PT JS_BLACOLE.SMJB JS:Iframe-AHU [Trj] Trojan.JS.Redirector.ye JS:Trojan.Script.AAL Troj/JSRedir-JW TrojWare.JS.iFrame.TD JS:Trojan.Script. lookup in virustotal.com (fc59a6ef94a6d5456149414e59b1272a)-->[http://www.virustotal.com/latest-report.html?resource=fc59a6ef94a6d5456149414e59b1272a]follow up this md5sum(fc59a6ef94a6d5456149414e59b1272a)follow up this itemfollow up this virusname (JS%2FiFrame.UY) as RSS-Feedlookup Virusname at avirafollow up this malware(JS%2FiFrame.UY) for scanner (avira) in md5 table24/47 (51.1%) JS/iFrame.UY
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://versailles.com/versailles-busines ...  up No previous evidence recordedSaved evidence (42304 Bytes) of last contact as txt May 17 2013 22:19:30 CEST. aliveSaved log of last contact as txt May 17 2013 22:19:31 CEST. SenderBaselookup 184.168.137.128 at virustotallookup 184.168.137.128 at Rus CERT university stuttgart germanylookup 184.168.137.128 at ARINfollow up this item(ip) in same window 184.168.137.128 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS26496) in networks tablefollow up this itemfollow up this AS (AS26496) as RSS-Feed AS26496 SenderBaselookup 184.168.137.128 at virustotallookup 184.168.137.128 at Rus CERT university stuttgart germanylookup 184.168.137.128 at ARINfollow up this item(review) in same window 184.168.137.128 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://versailles.com/versailles-busines ... lookup versailles.com at virustotalfollow up this domain(versailles.com) versailles.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@godaddy.com) as RSS-Feed abuse@godaddy.com follow up this itemfollow up this item 184.168.0.0 - 184.168.255.255 follow up this item GO-DADDY-SOFTWARE-INC follow up this item GoDaddy.com, Inc. GODAD 14455 N Hayden Road Suite 226 Scottsdale AZ 85260 follow up this item ns44.domaincontrol.com follow up this item ns43.domaincontrol.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://versailles.com/versailles-busines ...
10 follow up this item(11106575) 11106575 Report false positive Report closed case make a suggestion 2013-05-17 21:00:21     follow up this itemfollow up this contributor (cross posting from portals) as RSS-Feed sub17possible lookup Evidence at malwaredomainlist.com
24/47 (51.1%) Trojan.JS.Iframe.CFB Trojan.JS.Iframe.CFB Trojan Trojan.Script.Iframe.vjblc JS/IFrame.QD Iframe.PE JS:Redirector-ZK [Trj] HEUR:Trojan.Script.Generic Trojan.JS.Iframe.CFB Troj/Iframe-IO TrojWare.JS.Iframe.te Trojan.JS.Iframe.CFB Trojan.JS.IFrame.i (v) HTM lookup in virustotal.com (4723663100816ad6768638025c354ece)-->[http://www.virustotal.com/latest-report.html?resource=4723663100816ad6768638025c354ece]follow up this md5sum(4723663100816ad6768638025c354ece)follow up this itemfollow up this virusname (HTML%2FRce.Gen5) as RSS-Feedlookup Virusname at avirafollow up this malware(HTML%2FRce.Gen5) for scanner (avira) in md5 table24/47 (51.1%) HTML/Rce.Gen5
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.beautifuldemondesigns.com/bdd ...  up No previous evidence recordedSaved evidence (8461 Bytes) of last contact as txt May 17 2013 22:15:43 CEST. aliveSaved log of last contact as txt May 17 2013 22:15:43 CEST. SenderBaselookup 184.168.50.1 at virustotallookup 184.168.50.1 at Rus CERT university stuttgart germanylookup 184.168.50.1 at ARINfollow up this item(ip) in same window 184.168.50.1 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS26496) in networks tablefollow up this itemfollow up this AS (AS26496) as RSS-Feed AS26496 SenderBaselookup 184.168.50.1 at virustotallookup 184.168.50.1 at Rus CERT university stuttgart germanylookup 184.168.50.1 at ARINfollow up this item(review) in same window 184.168.50.1 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.beautifuldemondesigns.com/bdd ... lookup beautifuldemondesigns.com at virustotalfollow up this domain(beautifuldemondesigns.com) beautifuldemondesigns.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@godaddy.com) as RSS-Feed abuse@godaddy.com follow up this itemfollow up this item 184.168.0.0 - 184.168.255.255 follow up this item GO-DADDY-SOFTWARE-INC follow up this item GoDaddy.com, Inc. GODAD 14455 N Hayden Road Suite 226 Scottsdale AZ 85260 follow up this item ns07.domaincontrol.com follow up this item ns08.domaincontrol.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.beautifuldemondesigns.com/bdd ...
Click here for other vital incidents


for query you may use wildcard=% or placeholder=_
response
domain
url
virusname
md5
ip
review
score
as
id
scanner
recent
descr
email
netname
inetnum
source
country
nsx
ns1
ns2
ns3
ns4
ns5
sub
sort
# of items to display

Protected by clean MX [Valid RSS] Valid HTML 4.01 Transitional CSS ist valide!
Access is provided for free and subject to these Terms and Conditions.