CLEAN MX realtime database    
public access query for virus URL statistics
Totally watched: 649798 As of 2013-05-19 23:44:50 CEST
Subscribe to the VirusWatch Mailing list, updated hourly

This database consists of Virus URI, collected and verified since Feb 2006
Tweet
If you detect URI'S concerning your netblock, already closed... you have made a good job, otherwise please close them as soon as possible.

to look at some nice charts, there are complete statisticsstatistics for this database
Attention: all URI'S are manually verified, but not cross-checked for real viruses function in this moment you make this query.(Sites may have been closed already..)
Our automatic Viruswalker process is scheduled every hour, so you may see now a incident and this one will be resolved later on.
So please keep on sending close-feedbacks to us...

if you have questions, criticism, wishes or ... do not hesitate to contact us at abuse@clean-mx.de
Our PBX is down you may reach us by cell phone +49 171 4802507 ...
Query as xml: Same query as xml output
TIMERS: Runtime Query: 0.0229 Seconds 5 hits
helpLine help#descendigascending helpDatedescendigascending helpCloseddescendigascending helphours helpcontributordescendigascending helpvirusnamedescendigascending helpURLdescendigascending helpip state helpresponsedescendigascending helpIp initialdescendigascending helpAS#descendigascending helpip reviewdescendigascending helpURLdescendigascending helpDomaindescendigascending helpcountrydescendigascending helpsourcedescendigascending helpemaildescendigascending helpinetnumdescendigascending helpnetnamedescendigascending helpdescrdescendigascending helpns1descendigascending helpns2descendigascending helpns3descendigascending helpns4descendigascending helpns5descendigascending helpURLdescendigascending
1 follow up this item(11164015) 11164015 Report false positive Report closed case make a suggestion 2013-05-19 17:40:31     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
2/47 (4.3%) JS:Includer-LM [Trj] JS:Includer-LM lookup in virustotal.com (15e3420c6d309f776d53cc609ed79d38)-->[http://www.virustotal.com/latest-report.html?resource=15e3420c6d309f776d53cc609ed79d38]follow up this md5sum(15e3420c6d309f776d53cc609ed79d38)follow up this itemfollow up this virusname (JS%3AIncluder-LM) as RSS-Feedfollow up this malware(JS%3AIncluder-LM) for scanner (undef) in md5 table2/47 (4.3%) JS:Includer-LM
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.blogdomiyagi.com.br/2012/11/a ...  up No previous evidence recordedSaved evidence (81129 Bytes) of last contact as txt May 07 2013 13:10:33 CEST. aliveSaved log of last contact as txt May 19 2013 18:19:58 CEST. SenderBaselookup 173.194.70.121 at virustotallookup 173.194.70.121 at Rus CERT university stuttgart germanylookup 173.194.70.121 at ARINfollow up this item(ip) in same window 173.194.70.121 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS15169) in networks tablefollow up this itemfollow up this AS (AS15169) as RSS-Feed AS15169 SenderBaselookup 173.194.70.121 at virustotallookup 173.194.70.121 at Rus CERT university stuttgart germanylookup 173.194.70.121 at ARINfollow up this item(review) in same window 173.194.70.121 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.blogdomiyagi.com.br/2012/11/a ... lookup blogdomiyagi.com.br at virustotalfollow up this domain(blogdomiyagi.com.br) blogdomiyagi.com.br follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (arin-contact@google.com) as RSS-Feed arin-contact@google.com follow up this itemfollow up this item 173.194.0.0 - 173.194.255.255 follow up this item GOOGLE follow up this item Google Inc. GOGL 1600 Amphitheatre Parkway Mountain View CA 94043 follow up this item b.sec.dns.br follow up this item a.sec.dns.br follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.blogdomiyagi.com.br/2012/11/a ...
2 follow up this item(11026361) 11026361 Report false positive Report closed case make a suggestion 2013-05-16 00:10:12     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
15/46 (32.6%) Trojan.JS.Agent.EWZ HTML:Iframe-OC [Trj] HEUR:Trojan.Script.Generic Trojan.JS.Agent.EWZ Trojan.JS.Agent.EWZ (B) TrojWare.JS.Iframe.po Trojan.JS.Agent.EWZ JS.IFrame.218 HTML/IFrame.OC.3 Trojan:JS/Redirector.KK Trojan.JS.Agent.EWZ Trojan.Script JS/Crypt.BB lookup in virustotal.com (1a85fc97a9a65ee9b9ffd2065876ff6f)-->[http://www.virustotal.com/latest-report.html?resource=419108fe8a3a50a4b3b51b8d38522bb8]follow up this md5sum(1a85fc97a9a65ee9b9ffd2065876ff6f)follow up this itemfollow up this virusname (HTML%2FIFrame.OC.3) as RSS-Feedlookup Virusname at avirafollow up this malware(HTML%2FIFrame.OC.3) for scanner (avira) in md5 table15/46 (32.6%) HTML/IFrame.OC.3
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://beijing.net.br/  up No previous evidence recordedSaved evidence (9352 Bytes) of last contact as txt March 15 2013 21:02:53 CET. aliveSaved log of last contact as txt May 16 2013 01:26:12 CEST. SenderBaselookup 186.202.126.229 at virustotallookup 186.202.126.229 at Rus CERT university stuttgart germanylookup 186.202.126.229 at LACNICfollow up this item(ip) in same window 186.202.126.229 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS27715) in networks tablefollow up this itemfollow up this AS (AS27715) as RSS-Feed AS27715 SenderBaselookup 186.202.126.229 at virustotallookup 186.202.126.229 at Rus CERT university stuttgart germanylookup 186.202.126.229 at LACNICfollow up this item(review) in same window 186.202.126.229 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://beijing.net.br/ lookup beijing.net.br at virustotalfollow up this domain(beijing.net.br) beijing.net.br follow up this itemfollow up this country (BR) as RSS-Feed BR follow up this itemfollow up this region (LACNIC) as RSS-Feed LACNIC follow up this itemfollow up this enail (regcom@locaweb.com.br) as RSS-Feed regcom@locaweb.com.br follow up this itemfollow up this item 186.202.0.0 - 186.202.255.255 follow up this item 002.351.877/0001-52 follow up this item Locaweb Serviços de Internet S/A follow up this item b.sec.dns.br follow up this item a.sec.dns.br follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://beijing.net.br/
3 follow up this item(10516461) 10516461 Report false positive Report closed case make a suggestion 2013-04-29 13:22:52     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
1/46 (2.2%) TROJ_GEN.F47V0322 lookup in virustotal.com (02528d23aa2162d2a34b4ce8ef6c07ba)-->[http://www.virustotal.com/latest-report.html?resource=02528d23aa2162d2a34b4ce8ef6c07ba]lookup in threatexpert.comlookup the sha256(929ccbcb518631496e8bb53b6c47d019bde5ec0edb6a48189ca01fba1c388617) in comodo.comfollow up this md5sum(02528d23aa2162d2a34b4ce8ef6c07ba)follow up this itemfollow up this virusname (unknown_exe) as RSS-Feedfollow up this malware(unknown_exe) for scanner (undef) in md5 table1/46 (2.2%) unknown_exe
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.cheatsmachine.com.br/loader.e ...  up No previous evidence recordedSaved evidence (2668032 Bytes) of last contact as txt March 14 2013 19:55:50 CET. aliveSaved log of last contact as txt April 29 2013 15:27:51 CEST. SenderBaselookup 76.72.160.140 at virustotallookup 76.72.160.140 at Rus CERT university stuttgart germanylookup 76.72.160.140 at ARINfollow up this item(ip) in same window 76.72.160.140 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS17090) in networks tablefollow up this itemfollow up this AS (AS17090) as RSS-Feed AS17090 SenderBaselookup 76.72.160.140 at virustotallookup 76.72.160.140 at Rus CERT university stuttgart germanylookup 76.72.160.140 at ARINfollow up this item(review) in same window 76.72.160.140 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.cheatsmachine.com.br/loader.e ... lookup cheatsmachine.com.br at virustotalfollow up this domain(cheatsmachine.com.br) cheatsmachine.com.br follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (support@databasebydesignllc.com) as RSS-Feed support@databasebydesignllc.com follow up this itemfollow up this item 76.72.160.0 - 76.72.175.255 follow up this item DBDLLC-PHL-401 follow up this item Database by Design, LLC DBDL-2 401 N. Broad St Suite 450 Philadelphia PA 19108 follow up this item b.sec.dns.br follow up this item a.sec.dns.br follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.cheatsmachine.com.br/loader.e ...
4 follow up this item(10193347) 10193347 Report false positive Report closed case make a suggestion 2013-04-16 19:00:29 OVERDUE! Overdue!796.8 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
3/46 (6.5%) HTML:Script-inf HTML:Script-inf lookup in virustotal.com (80d578de6bf98e476f9c8c4ebc6982b3)-->[http://www.virustotal.com/latest-report.html?resource=80d578de6bf98e476f9c8c4ebc6982b3]follow up this md5sum(80d578de6bf98e476f9c8c4ebc6982b3)follow up this itemfollow up this virusname (HTML%3AScript-inf) as RSS-Feedfollow up this malware(HTML%3AScript-inf) for scanner (Avast) in md5 table3/46 (6.5%) HTML:Script-inf
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.direitoemquestao.com.br/2011/ ...  up No previous evidence recordedSaved evidence (142932 Bytes) of last contact as txt April 16 2013 17:28:39 CEST. aliveSaved log of last contact as txt April 17 2013 18:22:47 CEST. SenderBaselookup 173.194.70.121 at virustotallookup 173.194.70.121 at Rus CERT university stuttgart germanylookup 173.194.70.121 at ARINfollow up this item(ip) in same window 173.194.70.121 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS15169) in networks tablefollow up this itemfollow up this AS (AS15169) as RSS-Feed AS15169 SenderBaselookup 173.194.70.121 at virustotallookup 173.194.70.121 at Rus CERT university stuttgart germanylookup 173.194.70.121 at ARINfollow up this item(review) in same window 173.194.70.121 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.direitoemquestao.com.br/2011/ ... lookup direitoemquestao.com.br at virustotalfollow up this domain(direitoemquestao.com.br) direitoemquestao.com.br follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (arin-contact@google.com) as RSS-Feed arin-contact@google.com follow up this itemfollow up this item 173.194.0.0 - 173.194.255.255 follow up this item GOOGLE follow up this item Google Inc. GOGL 1600 Amphitheatre Parkway Mountain View CA 94043 follow up this item b.sec.dns.br follow up this item a.sec.dns.br follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.direitoemquestao.com.br/2011/ ...
5 follow up this item(9983606) 9983606 Report false positive Report closed case make a suggestion 2013-04-06 06:54:55 OVERDUE! Overdue!1048.9 follow up this itemfollow up this contributor (csirt) as RSS-Feed sub31possible lookup Evidence at malwaredomainlist.com
15/46 (32.6%) Trojan.Iframe.CCW IFrame.gen TROJ_GEN.F47V0406 HTML:Iframe-ABI [Trj] Trojan.Iframe.CCW Trojan.Iframe.CCW (B) TrojWare.JS.Iframe.HC Trojan.Iframe.CCW JS/iFrame.cch Mal/Iframe-F Trojan.Iframe.CCW Trojan.IFrame HTML/Iframe.CCW!tr lookup in virustotal.com (6eed9691fd7e2f1c574890d3e7bf1df3)-->[http://www.virustotal.com/latest-report.html?resource=6eed9691fd7e2f1c574890d3e7bf1df3]follow up this md5sum(6eed9691fd7e2f1c574890d3e7bf1df3)follow up this itemfollow up this virusname (JS%2FiFrame.cch) as RSS-Feedfollow up this malware(JS%2FiFrame.cch) for scanner (AntiVir) in md5 table15/46 (32.6%) JS/iFrame.cch
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://vestibular.facc.com.br/index.php? ...  up No previous evidence recordedSaved evidence (14797 Bytes) of last contact as txt April 06 2013 14:07:57 CEST. aliveSaved log of last contact as txt April 06 2013 14:00:57 CEST. SenderBaselookup 186.209.193.172 at virustotallookup 186.209.193.172 at Rus CERT university stuttgart germanylookup 186.209.193.172 at LACNICfollow up this item(ip) in same window 186.209.193.172 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS262746) in networks tablefollow up this itemfollow up this AS (AS262746) as RSS-Feed AS262746 SenderBaselookup 186.209.193.172 at virustotallookup 186.209.193.172 at Rus CERT university stuttgart germanylookup 186.209.193.172 at LACNICfollow up this item(review) in same window 186.209.193.172 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://vestibular.facc.com.br/index.php? ... lookup facc.com.br at virustotalfollow up this domain(facc.com.br) facc.com.br follow up this itemfollow up this country (BR) as RSS-Feed BR follow up this itemfollow up this region (LACNIC) as RSS-Feed LACNIC follow up this itemfollow up this enail (bianchini@netcon.com.br) as RSS-Feed bianchini@netcon.com.br follow up this itemfollow up this item 186.209.192.0 - 186.209.207.255 follow up this item 002.475.600/0001-31 follow up this item Internet Servicos Ltda. follow up this item b.sec.dns.br follow up this item a.sec.dns.br follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://vestibular.facc.com.br/index.php? ...
Click here for other vital incidents


for query you may use wildcard=% or placeholder=_
response
domain
url
virusname
md5
ip
review
score
as
id
scanner
recent
descr
email
netname
inetnum
source
country
nsx
ns1
ns2
ns3
ns4
ns5
sub
sort
# of items to display

Protected by clean MX [Valid RSS] Valid HTML 4.01 Transitional CSS ist valide!
Access is provided for free and subject to these Terms and Conditions.