CLEAN MX realtime database    
public access query for virus URL statistics
Totally watched: Walker is running: 3(54) http://down.lanluobo.com:88/yxxz/yxfz/2012/hjdzymzs.exe

you have also some portals incidents open see: click here for these incidents (47)

Subscribe to the VirusWatch Mailing list, updated hourly

This database consists of Virus URI, collected and verified since Feb 2006
Tweet
If you detect URI'S concerning your netblock, already closed... you have made a good job, otherwise please close them as soon as possible.

to look at some nice charts, there are complete statisticsstatistics for this database
Attention: all URI'S are manually verified, but not cross-checked for real viruses function in this moment you make this query.(Sites may have been closed already..)
Our automatic Viruswalker process is scheduled every hour, so you may see now a incident and this one will be resolved later on.
So please keep on sending close-feedbacks to us...

if you have questions, criticism, wishes or ... do not hesitate to contact us at abuse@clean-mx.de
Our PBX is down you may reach us by cell phone +49 171 4802507 ...
Query as xml: Same query as xml output
TIMERS: Runtime Query: 0.0209 Seconds 10 hits
helpLine help#descendigascending helpDatedescendigascending helpCloseddescendigascending helphours helpcontributordescendigascending helpvirusnamedescendigascending helpURLdescendigascending helpip state helpresponsedescendigascending helpIp initialdescendigascending helpAS#descendigascending helpip reviewdescendigascending helpURLdescendigascending helpDomaindescendigascending helpcountrydescendigascending helpsourcedescendigascending helpemaildescendigascending helpinetnumdescendigascending helpnetnamedescendigascending helpdescrdescendigascending helpns1descendigascending helpns2descendigascending helpns3descendigascending helpns4descendigascending helpns5descendigascending helpURLdescendigascending
1 follow up this item(10835529) 10835529  2013-05-11 03:41:09     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (ef1751dcd3424782d4834293c9bdecbc)follow up this md5sum(ef1751dcd3424782d4834293c9bdecbc)follow up this malware() for scanner () in md5 table0/43 (0.0%) 
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://gobernacioncanar.gob.ec/  up Saved log of last contact as txt May 11 2013 09:34:15 CEST. SenderBaselookup 184.171.160.43 at virustotallookup 184.171.160.43 at Rus CERT university stuttgart germanylookup 184.171.160.43 at ARINfollow up this item(ip) in same window 184.171.160.43 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS20454) in networks tablefollow up this itemfollow up this AS (AS20454) as RSS-Feed AS20454 SenderBaselookup 184.171.160.43 at virustotallookup 184.171.160.43 at Rus CERT university stuttgart germanylookup 184.171.160.43 at ARINfollow up this item(review) in same window 184.171.160.43 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://gobernacioncanar.gob.ec/ lookup gob.ec at virustotalfollow up this domain(gob.ec) gob.ec follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@securedservers.com) as RSS-Feed abuse@securedservers.com follow up this itemfollow up this item 184.171.160.0 - 184.171.175.255 follow up this item SECUREDSERVERS follow up this item SECURED SERVERS LLC SSL-65 2353 W University Bldg A Tempe AZ 85281 follow up this item n2.nic.ec follow up this item sns-pb.isc.org follow up this item n3.dns.ec follow up this item n1.nic.ec follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://gobernacioncanar.gob.ec/
2 follow up this item(10798443) 10798443  2013-05-10 03:41:02     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (ef1751dcd3424782d4834293c9bdecbc)follow up this md5sum(ef1751dcd3424782d4834293c9bdecbc)follow up this malware() for scanner () in md5 table0/43 (0.0%) 
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://epmapasd.gob.ec/  up Saved log of last contact as txt May 10 2013 18:41:20 CEST. SenderBaselookup 200.105.237.82 at virustotallookup 200.105.237.82 at Rus CERT university stuttgart germanylookup 200.105.237.82 at LACNICfollow up this item(ip) in same window 200.105.237.82 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS22724) in networks tablefollow up this itemfollow up this AS (AS22724) as RSS-Feed AS22724 SenderBaselookup 200.105.237.82 at virustotallookup 200.105.237.82 at Rus CERT university stuttgart germanylookup 200.105.237.82 at LACNICfollow up this item(review) in same window 200.105.237.82 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://epmapasd.gob.ec/ lookup gob.ec at virustotalfollow up this domain(gob.ec) gob.ec follow up this itemfollow up this country (EC) as RSS-Feed EC follow up this itemfollow up this region (LACNIC) as RSS-Feed LACNIC follow up this itemfollow up this enail (roberto@punto.net.ec) as RSS-Feed roberto@punto.net.ec follow up this itemfollow up this item 200.105.224.0 - 200.105.239.255 follow up this item EC-PUSA-LACNIC follow up this item PUNTONET S.A.Amazonas y Pereira, 4545, Of. 4010000 - Quito - PIAmazonas 45 45 y Pereira Of. 401, 4545,0000 - Quito - PI follow up this item sns-pb.isc.org follow up this item n1.nic.ec follow up this item n3.dns.ec follow up this item n2.nic.ec follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://epmapasd.gob.ec/
3 follow up this item(10770580) 10770580  2013-05-09 12:11:29 2013-05-09 21:44:53 9.6 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
0/35 (0.0%) no vt result lookup in virustotal.com (f290f91ac75f9e9d220454c8be3ffd49)-->[http://www.virustotal.com/latest-report.html?resource=f290f91ac75f9e9d220454c8be3ffd49]follow up this md5sum(f290f91ac75f9e9d220454c8be3ffd49)follow up this itemfollow up this virusname (unknown_html) as RSS-Feedfollow up this malware(unknown_html) for scanner (undef) in md5 table0/35 (0.0%) unknown_html
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://municipiodemejia.gob.ec/  up No previous evidence recordedSaved evidence (46082 Bytes) of last contact as txt May 09 2013 20:27:51 CEST. closedSaved log of last contact as txt May 09 2013 21:18:19 CEST. SenderBaselookup 190.152.217.250 at virustotallookup 190.152.217.250 at Rus CERT university stuttgart germanylookup 190.152.217.250 at LACNICfollow up this item(ip) in same window 190.152.217.250 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS14420) in networks tablefollow up this itemfollow up this AS (AS14420) as RSS-Feed AS14420 SenderBaselookup 190.152.217.250 at virustotallookup 190.152.217.250 at Rus CERT university stuttgart germanylookup 190.152.217.250 at LACNICfollow up this item(review) in same window 190.152.217.250 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://municipiodemejia.gob.ec/ lookup gob.ec at virustotalfollow up this domain(gob.ec) gob.ec follow up this itemfollow up this country (EC) as RSS-Feed EC follow up this itemfollow up this region (LACNIC) as RSS-Feed LACNIC follow up this itemfollow up this enail (noc@andinanet.net) as RSS-Feed noc@andinanet.net follow up this itemfollow up this item 190.152.128.0 - 190.152.255.255 follow up this item EC-ANSA-LACNIC follow up this item CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EPJorge Drom y Gaspar de Villaroel, 954, 1 er Piso3110 - Quito - EC9 de Octubre N 24-113 y Cordero, s/n, esquina3110 - Quito - EC follow up this item n3.dns.ec follow up this item n1.nic.ec follow up this item sns-pb.isc.org follow up this item n2.nic.ec follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://municipiodemejia.gob.ec/
4 follow up this item(10523332) 10523332  2013-04-29 19:00:06     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
follow up this malware() for scanner () in md5 table 
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://bomberosesmeraldas.gob.ec/ No log recorded undef SenderBaselookup 190.152.217.250 at virustotallookup 190.152.217.250 at Rus CERT university stuttgart germanylookup 190.152.217.250 at LACNICfollow up this item(review) in same window 190.152.217.250 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://bomberosesmeraldas.gob.ec/ lookup gob.ec at virustotalfollow up this domain(gob.ec) gob.ec       follow up this itemfollow up this item  follow up this item  follow up this item  follow up this item n2.nic.ec follow up this item n3.dns.ec follow up this item sns-pb.isc.org follow up this item n1.nic.ec follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://bomberosesmeraldas.gob.ec/
5 follow up this item(10323831) 10323831  2013-04-22 09:00:41 2013-04-22 12:08:06 3.1 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
0/34 (0.0%) virustotal no evidence lookup in virustotal.com (b90df34d7ce69425f4813ca01d098b76)-->[http://www.virustotal.com/latest-report.html?resource=b90df34d7ce69425f4813ca01d098b76]follow up this md5sum(b90df34d7ce69425f4813ca01d098b76)follow up this itemfollow up this virusname (unknown_html) as RSS-Feedfollow up this malware(unknown_html) for scanner (undef) in md5 table0/34 (0.0%) unknown_html
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://mail.setec.gob.ec/  up No previous evidence recordedSaved evidence (69561 Bytes) of last contact as txt April 22 2013 10:54:02 CEST. closedSaved log of last contact as txt April 22 2013 11:03:17 CEST. SenderBaselookup 186.3.91.114 at virustotallookup 186.3.91.114 at Rus CERT university stuttgart germanylookup 186.3.91.114 at LACNICfollow up this item(ip) in same window 186.3.91.114 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS19169) in networks tablefollow up this itemfollow up this AS (AS19169) as RSS-Feed AS19169 SenderBaselookup 186.3.91.114 at virustotallookup 186.3.91.114 at Rus CERT university stuttgart germanylookup 186.3.91.114 at LACNICfollow up this item(review) in same window 186.3.91.114 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://mail.setec.gob.ec/ lookup gob.ec at virustotalfollow up this domain(gob.ec) gob.ec follow up this itemfollow up this country (EC) as RSS-Feed EC follow up this itemfollow up this region (LACNIC) as RSS-Feed LACNIC follow up this itemfollow up this enail (hostmaster@TELCONET.NET) as RSS-Feed hostmaster@TELCONET.NET follow up this itemfollow up this item 186.3.91.96 - 186.3.91.127 follow up this item  follow up this item Clientes Quito follow up this item sns-pb.isc.org follow up this item n3.dns.ec follow up this item n2.nic.ec follow up this item n1.nic.ec follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://mail.setec.gob.ec/
6 follow up this item(10317191) 10317191  2013-04-21 18:00:48 2013-04-22 13:02:54 19 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
0/34 (0.0%) virustotal no evidence lookup in virustotal.com (b90df34d7ce69425f4813ca01d098b76)-->[http://www.virustotal.com/latest-report.html?resource=b90df34d7ce69425f4813ca01d098b76]follow up this md5sum(b90df34d7ce69425f4813ca01d098b76)follow up this itemfollow up this virusname (unknown_html) as RSS-Feedfollow up this malware(unknown_html) for scanner (undef) in md5 table0/34 (0.0%) unknown_html
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://mail.setec.gob.ec  up No previous evidence recordedSaved evidence (69561 Bytes) of last contact as txt April 21 2013 19:15:09 CEST. closedSaved log of last contact as txt April 21 2013 19:24:18 CEST. SenderBaselookup 186.3.91.114 at virustotallookup 186.3.91.114 at Rus CERT university stuttgart germanylookup 186.3.91.114 at LACNICfollow up this item(ip) in same window 186.3.91.114 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS19169) in networks tablefollow up this itemfollow up this AS (AS19169) as RSS-Feed AS19169 SenderBaselookup 186.3.91.114 at virustotallookup 186.3.91.114 at Rus CERT university stuttgart germanylookup 186.3.91.114 at LACNICfollow up this item(review) in same window 186.3.91.114 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://mail.setec.gob.ec lookup gob.ec at virustotalfollow up this domain(gob.ec) gob.ec follow up this itemfollow up this country (EC) as RSS-Feed EC follow up this itemfollow up this region (LACNIC) as RSS-Feed LACNIC follow up this itemfollow up this enail (hostmaster@TELCONET.NET) as RSS-Feed hostmaster@TELCONET.NET follow up this itemfollow up this item 186.3.91.96 - 186.3.91.127 follow up this item  follow up this item Clientes Quito follow up this item sns-pb.isc.org follow up this item n1.nic.ec follow up this item n3.dns.ec follow up this item n2.nic.ec follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://mail.setec.gob.ec
7 follow up this item(10211834) 10211834  2013-04-17 08:20:03 2013-04-17 23:00:36 14.7 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
0/46 (0.0%) lookup in virustotal.com (66e0fa6d53b659e865aa00e67a8c232c)-->[http://www.virustotal.com/latest-report.html?resource=66e0fa6d53b659e865aa00e67a8c232c]follow up this md5sum(66e0fa6d53b659e865aa00e67a8c232c)follow up this itemfollow up this virusname (unknown_html) as RSS-Feedfollow up this malware(unknown_html) for scanner (undef) in md5 table0/46 (0.0%) unknown_html
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://gobernacionorellana.gob.ec/  up No previous evidence recordedSaved evidence (39972 Bytes) of last contact as txt April 17 2013 16:25:04 CEST. closedSaved log of last contact as txt April 17 2013 16:25:04 CEST. SenderBaselookup 199.180.112.145 at virustotallookup 199.180.112.145 at Rus CERT university stuttgart germanylookup 199.180.112.145 at ARINfollow up this item(ip) in same window 199.180.112.145 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS46664) in networks tablefollow up this itemfollow up this AS (AS46664) as RSS-Feed AS46664 SenderBaselookup 199.180.112.145 at virustotallookup 199.180.112.145 at Rus CERT university stuttgart germanylookup 199.180.112.145 at ARINfollow up this item(review) in same window 199.180.112.145 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://gobernacionorellana.gob.ec/ lookup gob.ec at virustotalfollow up this domain(gob.ec) gob.ec follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (liquidlayer22@gmail.com) as RSS-Feed liquidlayer22@gmail.com follow up this itemfollow up this item 199.180.112.0 - 199.180.112.255 follow up this item VOLUM-ARIN follow up this item LiquidLayer LIQUI-43 422 Prescott Avenue Scranton PA 18510 follow up this item n2.nic.ec follow up this item sns-pb.isc.org follow up this item n3.dns.ec follow up this item n1.nic.ec follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://gobernacionorellana.gob.ec/
8 follow up this item(10209702) 10209702  2013-04-17 05:10:09 2013-04-18 05:10:09 24 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
follow up this malware() for scanner () in md5 table 
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.montecristi.gob.ec/  down No previous evidence recordedNo evidence recorded deadNo log recorded undef SenderBaselookup 199.180.112.145 at virustotallookup 199.180.112.145 at Rus CERT university stuttgart germanylookup 199.180.112.145 at ARINfollow up this item(review) in same window 199.180.112.145 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.montecristi.gob.ec/ lookup gob.ec at virustotalfollow up this domain(gob.ec) gob.ec       follow up this itemfollow up this item  follow up this item  follow up this item  follow up this item n2.nic.ec follow up this item sns-pb.isc.org follow up this item n1.nic.ec follow up this item n3.dns.ec follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.montecristi.gob.ec/
9 follow up this item(10099246) 10099246  2013-04-13 16:41:27 2013-04-14 04:45:56 12.1 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (f61760c55a9d03de283156b242f6f5c8)follow up this md5sum(f61760c55a9d03de283156b242f6f5c8)follow up this itemfollow up this virusname (NA) as RSS-Feedfollow up this malware(NA) for scanner (undef) in md5 table0/43 (0.0%) NA
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://bomberosmachachi.gob.ec/  up No previous evidence recordedSaved evidence (3882 Bytes) of last contact as txt April 14 2013 04:45:55 CEST. deadSaved log of last contact as txt April 14 2013 04:45:55 CEST. SenderBaselookup 174.142.32.168 at virustotallookup 174.142.32.168 at Rus CERT university stuttgart germanylookup 174.142.32.168 at ARINfollow up this item(ip) in same window 174.142.32.168 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS32613) in networks tablefollow up this itemfollow up this AS (AS32613) as RSS-Feed AS32613 SenderBaselookup 174.142.32.168 at virustotallookup 174.142.32.168 at Rus CERT university stuttgart germanylookup 174.142.32.168 at ARINfollow up this item(review) in same window 174.142.32.168 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://bomberosmachachi.gob.ec/ lookup gob.ec at virustotalfollow up this domain(gob.ec) gob.ec follow up this itemfollow up this country (CA) as RSS-Feed CA follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@noc.privatedns.com) as RSS-Feed abuse@noc.privatedns.com follow up this itemfollow up this item 174.142.0.0 - 174.142.255.255 follow up this item IWEB-BLK-06 follow up this item iWeb Technologies Inc. GIT-20 20, place du Commerce Montreal QC H3E-1Z6 follow up this item n1.nic.ec follow up this item n2.nic.ec follow up this item sns-pb.isc.org follow up this item n3.dns.ec follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://bomberosmachachi.gob.ec/
10 follow up this item(10024155) 10024155  2013-04-10 08:40:28 2013-04-10 10:20:35 1.7 follow up this itemfollow up this contributor (csirt) as RSS-Feed sub31possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (6e9afa74a6863f819b226bc6bd657f04)follow up this md5sum(6e9afa74a6863f819b226bc6bd657f04)follow up this itemfollow up this virusname (js%2Fiframe.rs.gen+%28exact%29) as RSS-Feedfollow up this malware(js%2Fiframe.rs.gen+%28exact%29) for scanner () in md5 table0/43 (0.0%) js/iframe.rs.gen (exact)
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://web2.congope.gob.ec/sigconcope  up No previous evidence recordedSaved evidence (127683 Bytes) of last contact as txt April 10 2013 10:20:33 CEST. deadSaved log of last contact as txt April 10 2013 10:20:33 CEST. SenderBaselookup 186.42.186.42 at virustotallookup 186.42.186.42 at Rus CERT university stuttgart germanylookup 186.42.186.42 at LACNICfollow up this item(ip) in same window 186.42.186.42 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS14420) in networks tablefollow up this itemfollow up this AS (AS14420) as RSS-Feed AS14420 SenderBaselookup 186.42.186.42 at virustotallookup 186.42.186.42 at Rus CERT university stuttgart germanylookup 186.42.186.42 at LACNICfollow up this item(review) in same window 186.42.186.42 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://web2.congope.gob.ec/sigconcope lookup gob.ec at virustotalfollow up this domain(gob.ec) gob.ec follow up this itemfollow up this country (EC) as RSS-Feed EC follow up this itemfollow up this region (LACNIC) as RSS-Feed LACNIC follow up this itemfollow up this enail (noc@andinanet.net) as RSS-Feed noc@andinanet.net follow up this itemfollow up this item 186.42.128.0 - 186.42.255.255 follow up this item EC-ANSA-LACNIC follow up this item CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EPJorge Drom y Gaspar de Villaroel, 954, 1 er Piso3110 - Quito - ECJorge Drom y Gaspar de Villaroel, s/n, esquina3110 - Quito - EC follow up this item sns-pb.isc.org follow up this item n3.dns.ec follow up this item n1.nic.ec follow up this item n2.nic.ec follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://web2.congope.gob.ec/sigconcope
Click here for other already closed incidents for your domain (gob.ec)

Click here for other vital incidents


for query you may use wildcard=% or placeholder=_
response
domain
url
virusname
md5
ip
review
score
as
id
scanner
recent
descr
email
netname
inetnum
source
country
nsx
ns1
ns2
ns3
ns4
ns5
sub
sort
# of items to display

Protected by clean MX [Valid RSS] Valid HTML 4.01 Transitional CSS ist valide!
Access is provided for free and subject to these Terms and Conditions.