API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 30th, 2015
963
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.88 KB | None | 0 0
raw download clone embed print report
  1. 2015/12/29_20:55 www.laprovinciadifermo.com/ 37.187.192.130 mail.laprovinciadifermo.com. compromised site leads to Angler EK Registrant info@phoenixmultimedia.it 16276 FR
  2. 2015/12/29_20:55 www.casabrisadelestero.com/index.php 209.200.227.122 commodus.lunariffic.com. compromised site leads to Angler EK Registrar Abuse Contact domainabuse@tucows.com 15244 US
  3. 2015/12/28_20:16 yigitakcali.com/dbsys.php 160.153.16.29 ip-160-153-16-29.ip.secureserver.net. Teslacrypt ransomware c&c Registrant mahoni_17@hotmail.com 26496 US
  4. 2015/12/28_20:16 srimahaphotschool.com/dbsys.php 119.59.120.21 ns105.hostinglotus.net. Teslacrypt ransomware c&c Registrant savitree_jomsree@hotmail.com 56067 TH
  5. 2015/12/28_20:16 itstock.hu/media/system/images/modal/dbsys.php 195.70.38.249 kelet.itware.hu. Teslacrypt ransomware c&c - 5588 HU
  6. 2015/12/28_20:16 betterhomeandgardenideas.com/dbsys.php 192.185.52.247 - Teslacrypt ransomware c&c - 20013 US
  7. 2015/12/28_20:16 smartguyit.com/dbsys.php 192.254.184.68 - Teslacrypt ransomware c&c - 46606 US
  8. 2015/12/28_19:01 wonderph.com/dbsys.php 160.153.54.66 ip-160-153-54-66.ip.secureserver.net. Teslacrypt ransomware c&c - 26496 US
  9. 2015/12/28_19:01 rent-a-lounge.ch/vb7gfpbd.php?id=10024606 85.10.198.133 tux239.loginserver.ch. gate to Angler EK - 24940 DE
  10. 2015/12/28_19:01 www.pro-media.gr/ 209.172.50.113 e-tripolis.gr. compromised site leads to Angler EK - 32613 CA
  11. 2015/12/28_17:07 www.soyter.pl/ 109.95.152.187 v187.c3.dhosting.pl. compromised site leads to Angler EK kontakt@nazwa.pl 48896 PL
  12. 2015/12/26_15:50 shean76.net/mine/castnew/login.php 167.114.208.229 server.gennetworks.in. Keybase keylogger web panel Registrant huayeahtax@gmail.com 16276 CA
  13. 2015/12/26_15:50 lucianowebpeace.com/web/login.php 104.37.168.4 - Keybase keylogger web panel Registrar Abuse Contact abuse@tldregistrarsolutions.com 62838 US
  14. 2015/12/26_15:47 tazzatti.com/web/login.php 104.37.168.4 - Keybase keylogger web panel - 62838 US
  15. 2015/12/26_15:34 www.hitekshop.vn/login.php 112.78.2.101 mb2d101.vdrs.net. Keybase keylogger web panel - 45538 VN
  16. 2015/12/26_13:54 www.ozowarac.com/kb/keybase/login.php 198.105.221.5 mail5.bulls.unisonplatform.com. Keybase keylogger web panel Registrant OZOWARAC@YAHOO.COM 36351 US
  17. 2015/12/26_13:42 www.ozowarac.com/P_O/Purchase_Order.zip 198.105.221.5 mail5.bulls.unisonplatform.com. Zeus trojan inside zip file - 36351 US
  18. 2015/12/26_13:31 www.ozowarac.com/me/config.bin 198.105.221.5 mail5.bulls.unisonplatform.com. Zeus config file Registrant OZOWARAC@YAHOO.COM 36351 US
  19. 2015/12/26_13:26 www.cennoworld.com/Purchase_Order/Purchase_Order.zip 198.105.221.5 mail5.bulls.unisonplatform.com. Zeus trojan inside zip file Registrant ozowara@yahoo.com 36351 US
  20. 2015/12/26_13:12 www.goooglesecurity.com/Purchase_Order/Purchase_Order.zip 85.159.237.150 150.237.159.85.in-addr.arpa Zeus trojan inside zip file Emmanuel emma / ozowarac@yahoo.com 43350 NL
  21. 2015/12/26_13:12 www.cennoworld.com/ur/config.bin 198.105.221.5 mail5.bulls.unisonplatform.com. Zeus config file Registrant ozowara@yahoo.com 36351 US
  22. 2015/12/23_18:52 www.schluckspecht.com/ 62.75.229.120 titan464.startdedicated.net. compromised site leads to Angler EK Registrar Abuse Contact domain-abuse@psi-usa.info 8972 DE
  23. 2015/12/23_18:52 www.agrimont.cz/ 95.168.204.225 masakrator.zikum.cz. compromised site leads to Angler EK Libor Král / info@zikum.cz 39392 CZ
  24. 2015/12/23_18:52 www.ax-electronic.de/ 81.169.145.172 wac.rzone.de. compromised site leads to Angler EK hostmaster@strato.de 6724 DE
  25. 2015/12/23_18:52 www.wohnmoebel-blog.de/ 85.13.147.213 dd29530.kasserver.com. compromised site leads to Angler EK info@all-inkl.com 34788 DE
  26. 2015/12/23_18:52 www.mangiamando.com/ 81.31.147.60 jmhlmd14.colt-engine.it. compromised site leads to Angler EK Registrar Abuse Contact domainabuse@tucows.com 47242 IT
  27. 2015/12/23_18:52 www.schillinger-beregnungsanlagen.de/ 213.214.28.47 28-47.rzfr.de. compromised site leads to Angler EK mark@net-base.de 12610 DE
  28. 2015/12/23_12:54 pepol.flaviocastro.eu/ 162.216.6.171 newserver.datadns100.com. Paypal phishing NOT DISCLOSED! / - 29802 US
  29. 2015/12/22_07:09 www.lambrusco.it/ 95.110.174.125 kscrb.kosmosol.it. compromised site leads to Angler EK - 31034 IT
  30. 2015/12/21_13:35 www.bergsaker.se/ 62.119.81.150 flava.se. compromised site leads to Angler EK - 2119 SE
  31. 2015/12/21_13:35 www.tzwl.de/ 85.214.103.1 tzwl.de. compromised site leads to Angler EK admin@tzwl.de 6724 DE
  32. 2015/12/20_11:22 www.diamondgrp.co.uk/language/en-GB/ppl/usam7/ 75.125.234.114 mx1.vitay.info. Paypal phishing Stephen Makin / - 21844 US
  33. 2015/12/20_11:22 www.diamondgrp.co.uk/includes/phpmailer/index.htm 75.125.234.114 mx1.vitay.info. Paypal phishing Stephen Makin / - 21844 US
  34. 2015/12/20_11:16 eeps.me/ 208.67.23.26 h155.cpanellogin.net. ESET phishing WhoisGuard Protected / 16c2a1b16681459e91467194536acdbf.protect@whoisguard.com 3257 US
  35. 2015/12/18_15:46 imagesrv.onestate9786.com/info.php 74.117.183.100 100.64/26.183.117.74.in-addr.arpa. Teslacrypt ransomware c&c Registrar Abuse Contact Email:compliance_abuse@webnic.cc 40824 US
  36. 2015/12/17_21:19 - 46.30.43.191/yoyo.e vz105156.eurodir.ru. Cryptowall ransomware - 35415 RU
  37. 2015/12/17_21:01 - 46.30.43.191/Statement.jpg vz105156.eurodir.ru. javascript downloader - 35415 RU
  38. 2015/12/16_19:58 iamthewinnerhere.com/80.exe? 185.69.152.145 - Teslacrypt ransomware Registrar Abuse Contact Email:compliance_abuse@webnic.cc 200000 UA
  39. 2015/12/16_19:58 whatdidyaysay.com/80.exe? 84.200.52.18 18.0-127.52.200.84.in-addr.arpa. Teslacrypt ransomware Registrar Abuse Contact Email:compliance_abuse@webnic.cc 31400 DE
  40. 2015/12/16_19:58 whatdidyaysay.com/97.exe? 84.200.52.18 18.0-127.52.200.84.in-addr.arpa. Teslacrypt ransomware Registrar Abuse Contact Email:compliance_abuse@webnic.cc 31400 DE
  41. 2015/12/16_15:24 iamthewinnerhere.com/97.exe 185.69.152.145 - Teslacrypt ransomware Registrar Abuse Contact Email:compliance_abuse@webnic.cc 200000 UA
  42. 2015/12/16_10:39 yeukydrant.com/h908/bvn4854.exe 78.129.252.19 - trojan Registrar Abuse Contact Email:compliance_abuse@webnic.cc 20860 GB
  43. 2015/12/16_10:39 eielectronics.ie/ 92.51.242.105 server.reminders4.me. compromised site leads to Angler EK - 31122 IE
  44. 2015/12/15_14:41 bvb-fanabteilung.de 151.80.217.26 - compromised site leads to Angler EK info@sportsandbytes.de 16276 IT
  45. 2015/12/15_11:43 www.zoo-palmyre.fr/ 213.186.33.85 full-cdn-01.cluster003.ovh.net. compromised site leads to EK smeys@wanadoo.fr 16276 FR
  46. 2015/12/15_08:04 www.gjewellery.com/ 212.150.101.229 vraviv.drubit.com. compromised site leads to EK Registrar Abuse Contact compliance@domain-inc.net 1680 IL
  47. 2015/12/14_22:05 crosserbike.com/components/com_jshopping/tables/misc.php 193.169.188.205 node3.abriz.com.ua. Teslacrypt ransomware c&c Registrar Abuse Contact abuse@ukrnames.com 21219 UA
  48. 2015/12/14_22:05 ventureabove.com/misc.php 108.167.182.248 - Teslacrypt ransomware c&c - 20013 US
  49. 2015/12/14_22:05 isi.ac.id/wp-content/plugins/advanced-excerpt/misc.php 50.87.108.170 50-87-108-170.unifiedlayer.com. Teslacrypt ransomware c&c - 46606 US
  50. 2015/12/14_22:05 appytown.com.au/wp-content/plugins/cherry-plugin/misc.php 192.185.156.156 192-185-156-156.unifiedlayer.com. Teslacrypt ransomware c&c Yvette Buhagiar / Visit whois.ausregistry.com.au for Web based WhoIs 20013 US
  51. 2015/12/14_22:05 www.drteachme.com/wp-content/plugins/theme-check/misc.php 198.154.254.250 glulife.glulife.com. Teslacrypt ransomware c&c Registrant ENOM@VIZMOTION.COM 46606 US
  52. 2015/12/14_22:05 www.veronaspine.com/wp-content/plugins/user-role-editor/misc.php 69.175.2.106 kona.zingserve.com. Teslacrypt ransomware c&c - 32475 US
  53. 2015/12/14_22:05 miracleworld1.com/91.exe? 83.69.233.102 bestplatnaya-ufa.ru. Teslacrypt ransomware Registrar Abuse Contact Email:compliance_abuse@webnic.cc 28762 RU
  54. 2015/12/14_22:05 firstwetakemanhat.com/91.exe? 23.249.171.38 - Teslacrypt ransomware Registrar Abuse Contact Email:compliance_abuse@webnic.cc 36352 US
  55. 2015/12/14_22:05 miracleworld1.com/80.exe? 83.69.233.102 bestplatnaya-ufa.ru. Teslacrypt ransomware Registrar Abuse Contact Email:compliance_abuse@webnic.cc 28762 RU
  56. 2015/12/14_22:05 firstwetakemanhat.com/80.exe? 23.249.171.38 - Teslacrypt ransomware Registrar Abuse Contact Email:compliance_abuse@webnic.cc 36352 US
  57. 2015/12/14_11:44 www.teahaz-ajandek.hu 79.172.210.80 dnet.dolphinet.hu. compromised site leads to exploit kit - 61998 HU
  58. 2015/12/11_13:00 www.costoffuel.co.uk/ 80.87.5.66 c015-web01.vmhost.kcpweb.net. compromised site leads to exploit kit Matthew Carroll / - 6859 GB
  59. 2015/12/11_10:50 kochstudiomaashof.de/media/misc.php 213.185.88.133 veoserver05.de. Teslacrypt ransomware c&c info@veonet.eu 29354 DE
  60. 2015/12/11_10:21 www.garageport.dk/ 77.66.124.110 web10.redhost.dk. compromised site leads to exploit kit - 16245 DK
  61. 2015/12/11_07:46 - 46.151.52.231/87.exe? - Teslacrypt ransomware - 42861 UA
  62. 2015/12/11_07:46 soft2webextrain.com/87.exe? 149.202.234.190 - Teslacrypt ransomware Registrar Abuse Contact Email:compliance_abuse@webnic.cc 16276 FR
  63. 2015/12/10_07:23 - 46.151.52.196/80.exe? - Teslacrypt ransomware - 42861 UA
  64. 2015/12/10_07:23 - 46.151.52.196/86.exe? - Teslacrypt ransomware - 42861 UA
  65. 2015/12/09_14:17 softextrain64.com/86.exe? 192.227.158.229 192-227-158-229-host.hostbrew.com. Teslacrypt ransomware Registrar Abuse Contact Email:compliance_abuse@webnic.cc 36352 US
  66. 2015/12/08_16:36 garrityasphalt.com/media/misc.php 50.62.123.1 p3nlhg674c1674.shr.prod.phx3.secureserver.net. Teslacrypt ransomware c&c Registrar Abuse Contact abuse@web.com 26496 US
  67. 2015/12/08_16:36 grupograndes.com/media/misc.php 192.163.250.195 server.grupograndes.com. Teslacrypt ransomware c&c Registrar Abuse Contact abuse@web.com 46606 US
  68. 2015/12/08_16:36 grassitup.com/media/misc.php 50.63.71.1 p3nlhg358c1358.shr.prod.phx3.secureserver.net. Teslacrypt ransomware c&c - 26496 US
  69. 2015/12/08_16:36 graysonacademy.com/media/misc.php 173.201.96.1 p3nlhg47c087.shr.prod.phx3.secureserver.net. Teslacrypt ransomware c&c - 26496 US
  70. 2015/12/08_16:36 gjesdalbrass.no/media/misc.php 83.143.81.14 serve020.servetheworld.net. Teslacrypt ransomware c&c Email Address..............: dag@dcind.no 34989 NO
  71. 2015/12/08_16:36 crown.essaudio.pl/media/misc.php 89.161.139.233 v023347.home.net.pl. Teslacrypt ransomware c&c - 12824 PL
  72. 2015/12/08_15:33 www.utilisersonmac.com/ 213.186.33.82 basic-cdn-01.cluster013.ovh.net. compromised site leads to exploit kit Registrar Abuse Contact abuse@ovh.net 16276 FR
  73. 2015/12/08_15:33 - 46.151.52.197/85.exe? - ransomware - 42861 UA
  74. 2015/12/08_13:59 www.vastagbel.hu/ 92.43.203.156 s22.mediacenter.hu. compromised site leads to exploit kit - 5588 HU
  75. 2015/12/07_11:12 www.elbacom.com/ 195.3.124.25 - compromised site leads to Angler EK - 8447 AT
  76. 2015/12/03_12:58 www.carvoeiro.com/ 195.154.216.188 195-154-216-188.rev.poneytelecom.eu. compromised site leads to Angler EK - 12876 FR
  77. 2015/12/02_12:37 www.syes.eu/ 2.228.70.140 - compromised site leads to Angler EK NOT DISCLOSED! / support@register.it 12874 IT
  78. 2015/12/02_12:37 www.wiiux.de/ 87.230.43.141 vwp2887.webpack.hosteurope.de. compromised site leads to Angler EK info@hosteurope.de 20773 DE
  79. 2015/12/02_11:24 www.mcs-selection.it/ 80.91.49.52 - compromised site leads to Angler EK - 35130 IT
  80. 2015/12/02_10:20 kick-dieburg.de/ 85.13.141.192 dd21906.kasserver.com. compromised site leads to Angler EK info@all-inkl.com 34788 DE
  81. 2015/12/01_11:29 www.startfrei-online.de/ 134.119.2.175 139773.rmn.net. compromised site leads to Angler EK hostmaster@domainfactory.de 34011 NO
  82. 2015/12/01_11:29 - 80.56.78.200/connect/de/cgi-bin/ f78200.upc-f.chello.nl. Paypal phishing - 6830 NL
  83. 2015/11/30_14:18 dalamantransferservicesrentacar.com/89u87/454sd.exe 94.73.149.130 94-73-149-130.cizgi.net.tr. trojan Registrar Abuse Contact abuse@nicproxy.com 34619 TR
  84. 2015/11/30_10:20 www.imagerieduroc.com/ 83.143.18.95 ds95.digital-network.net. compromised site leads to EK Registrar Abuse Contact abuse@ovh.net 34235 FR
  85. 2015/11/30_09:15 summonerswarskyarena.info/sea-emperor/ 50.62.112.1 p3nlhg644c1644.shr.prod.phx3.secureserver.net. compromised site leads to Angler EK Seet Leng / lengstocks@yahoo.com 26496 US
  86. 2015/11/30_08:37 www.globalspecialties.com/ 54.215.140.211 ec2-54-215-140-211.us-west-1.compute.amazonaws.com. compromised site leads to Angler EK - 16509 US
  87. 2015/11/27_07:03 www.cc-isobus.com/ 195.60.109.14 mail.cc-isobus.org. compromised site leads to Angler EK Registrar Abuse Contact abuse@key-systems.net 12371 DE
  88. 2015/11/20_13:22 www.blinkgroup.com/ 50.87.13.55 50-87-13-55.unifiedlayer.com. compromised site leads to Angler EK - 46606 US
  89. 2015/11/20_09:51 www.keyfuture.com/ 46.252.150.171 171.150.252.46.netsons.net. compromised site leads to Angler EK Registrar Abuse Contact domainabuse@tucows.com 60087 IT
  90. 2015/11/18_09:13 www.praxisdranton.de/ 85.13.142.149 dd23004.kasserver.com. compromised site leads to Angler EK falk@upf.de 34788 DE
  91. 2015/11/17_09:45 prowoodsrl.it/ 5.150.143.208 board14.linux.kolst.it. compromised site leads to Angler EK - 5602 IT
  92. 2015/11/03_13:06 screenshot-saves.com/6ap25m/ 37.140.192.212 server67.hosting.reg.ru. Trojan.Backdoor Registrar Abuse Contact abuse@reg.ru 197695 RU
  93. 2015/11/03_08:24 earthcontrolsys.com/abuse_report.php?issviews.com 69.50.210.69 - Trojan.Backdoor Registrant info@earthcontrolsys.com 18866 US
  94. 2015/10/24_03:50 - 155.133.18.117/38yes3.exe ptr-155.133.18.117.vmline.pl. Trojan.Andromeda - 197226 DE
  95. 2015/10/24_03:50 - 155.133.18.117/nut50a403.exe ptr-155.133.18.117.vmline.pl. Trojan.Andromeda - 197226 DE
  96. 2015/10/24_03:50 - 155.133.18.117/235fjrgoneXyeia1c3v1e3e1e2w4c3e1a3j7a3z4a1f2a1a2z1a3a4e1a2ba2a1w3.exe ptr-155.133.18.117.vmline.pl. Trojan.Andromeda - 197226 DE
  97. 2015/10/24_03:50 - 155.133.18.117/goldenbet403.exe ptr-155.133.18.117.vmline.pl. Trojan.Andromeda - 197226 DE
  98. 2015/10/24_03:50 - 155.133.18.117/121fjrgoneXyeia1c3v1e3e1e2w4c3e1a3j7a3z4a1f2a1a2z1a3a4e1a2ba2a1w3.exe ptr-155.133.18.117.vmline.pl. Trojan.Andromeda - 197226 DE
  99. 2015/10/16_07:41 lunaticjazz.com 69.163.200.161 apache2-bongo.koechlin.dreamhost.com. Trojan.Ramnit Registrant jotawagner@gmail.com 26347 US
  100. 2015/10/16_07:33 www.smartscan.ro 85.9.27.130 s13v.webindex.ro. compromised site leads to exploit kit - 5588 RO
  101.  
  102. Page 0 1 ... 33
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!