| realcapitalgroup.ca
|
ns29.domaincontrol.com => 216.69.185.15
ns30.domaincontrol.com => 208.109.255.15
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.203
|
(AS26496) PAH-INC |
Trojan JS Nemucod |
2018-02-20
|
| url.plus
|
ns03.domaincontrol.com => 216.69.185.2
ns04.domaincontrol.com => 208.109.255.2
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.37
|
(AS16276) OVH |
Trojan |
2018-02-18
|
| telcomo.me
|
ns71.domaincontrol.com => 216.69.185.46
ns72.domaincontrol.com => 208.109.255.46
smtp.secureserver.net => 68.178.213.37
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Trojan |
2018-02-10
|
| ojala.ca
|
ns75.domaincontrol.com => 216.69.185.48
ns76.domaincontrol.com => 208.109.255.48
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 72.167.238.29
|
(AS26496) PAH-INC |
Trojan JS FakejQuery.A!bit |
2017-12-12
|
| www.raccoondamage.com
|
ns67.domaincontrol.com => 216.69.185.44
ns68.domaincontrol.com => 208.109.255.44
smtp.secureserver.net => 68.178.213.203
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Trojan JS FakejQuery.A!bit |
2017-11-30
|
| dophotography.nyc
|
ns64.domaincontrol.com => 208.109.255.42
ns63.domaincontrol.com => 216.69.185.42
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.37
|
(AS26496) PAH-INC |
Trojan JS Nemucod |
2017-11-02
|
| semblueinc.viewmyplans.com
|
ns2.quadkore7.com => 173.224.124.75
ns1.quadkore7.com => 209.126.105.197
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.37
|
(AS30083) SERVER4YOU |
Trojan JS |
2017-08-24
|
| events.eyoot.com
|
ns21.domaincontrol.com => 216.69.185.11
ns22.domaincontrol.com => 208.109.255.11
smtp.secureserver.net => 72.167.238.29
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Trojan JS |
2017-07-29
|
| bobrichardson.ca
|
ns48.domaincontrol.com => 208.109.255.24
ns47.domaincontrol.com => 216.69.185.24
smtp.secureserver.net => 68.178.213.203
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Trojan JS HideLink.A |
2017-02-23
|
| habitatinteriors.ca
|
ns67.domaincontrol.com => 216.69.185.44
ns68.domaincontrol.com => 208.109.255.44
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.203
|
(AS26496) PAH-INC |
Trojan JS/HTML |
2017-02-20
|
| etcmedia.co
|
ns67.domaincontrol.com => 216.69.185.44
ns68.domaincontrol.com => 208.109.255.44
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.37
|
(AS26496) PAH-INC |
Trojan JS |
2017-02-20
|
| completepharm.myezpharmacy.com
|
ns58.domaincontrol.com => 208.109.255.29
ns57.domaincontrol.com => 216.69.185.29
smtp.secureserver.net => 72.167.238.29
mailstore1.secureserver.net => 68.178.213.243
|
(AS13886) CLOUD-SOUTH |
Virus W2KM Cerber |
2017-02-06
|
| www.tradingstrategybuilder.com
|
ns09.domaincontrol.com => 216.69.185.5
ns10.domaincontrol.com => 208.109.255.5
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.203
|
(AS26496) PAH-INC |
Trojan JS Redir |
2017-01-14
|
| kharp.beijobags.com
|
ns36.domaincontrol.com => 208.109.255.18
ns35.domaincontrol.com => 216.69.185.18
smtp.secureserver.net => 72.167.238.29
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Trojan JS/HTML |
2017-01-03
|
| rbritton.beijobags.com
|
ns36.domaincontrol.com => 208.109.255.18
ns35.domaincontrol.com => 216.69.185.18
smtp.secureserver.net => 72.167.238.29
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Trojan JS/HTML (Heuristic) |
2017-01-02
|
| octa.me
|
ns70.domaincontrol.com => 208.109.255.45
ns69.domaincontrol.com => 216.69.185.45
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 72.167.238.29
|
(AS52173) MAKONIX |
Trojan JS/HTML |
2017-01-02
|
| lstirgus.beijobags.com
|
ns35.domaincontrol.com => 216.69.185.18
ns36.domaincontrol.com => 208.109.255.18
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.203
|
(AS26496) PAH-INC |
Trojan JS Redirector.QE |
2016-12-20
|
| lcook.beijobags.com
|
ns35.domaincontrol.com => 216.69.185.18
ns36.domaincontrol.com => 208.109.255.18
smtp.secureserver.net => 68.178.213.203
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Trojan JS/HTML (Heuristic) |
2016-12-18
|
| cqa.827882.net
|
ns04.domaincontrol.com => 208.109.255.2
ns03.domaincontrol.com => 216.69.185.2
smtp.secureserver.net => 68.178.213.37
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Trojan Dynamer |
2016-12-14
|
| sandiegonyeevents.club
|
ns55.domaincontrol.com => 216.69.185.28
ns56.domaincontrol.com => 208.109.255.28
smtp.secureserver.net => 68.178.213.203
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Compromised website |
2016-12-11
|
| dlucero.beijobags.com
|
ns35.domaincontrol.com => 216.69.185.18
ns36.domaincontrol.com => 208.109.255.18
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.203
|
(AS26496) PAH-INC |
Trojan JS/HTML (Heuristic) |
2016-12-11
|
| change.instantairdash.com
|
ns44.domaincontrol.com => 208.109.255.22
ns43.domaincontrol.com => 216.69.185.22
smtp.secureserver.net => 68.178.213.203
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Phishing |
2016-11-22
|
| greenpages.guide
|
ns55.domaincontrol.com => 216.69.185.28
ns56.domaincontrol.com => 208.109.255.28
smtp.secureserver.net => 68.178.213.37
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Trojan JS Redir |
2016-11-05
|
| jjsalesltd.ca
|
ns03.domaincontrol.com => 216.69.185.2
ns04.domaincontrol.com => 208.109.255.2
smtp.secureserver.net => 72.167.238.29
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Trojan JS/HTML (Heuristic) |
2016-10-25
|
| vogoldman.beijobags.com
|
ns35.domaincontrol.com => 216.69.185.18
ns36.domaincontrol.com => 208.109.255.18
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.37
|
(AS26496) PAH-INC |
Trojan JS/HTML (Heuristic) |
2016-10-25
|
| nbaker.beijobags.com
|
ns35.domaincontrol.com => 216.69.185.18
ns36.domaincontrol.com => 208.109.255.18
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.37
|
(AS26496) PAH-INC |
Trojan JS/HTML (Heuristic) |
2016-10-25
|
| lroberts.beijobags.com
|
ns36.domaincontrol.com => 208.109.255.18
ns35.domaincontrol.com => 216.69.185.18
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 72.167.238.29
|
(AS26496) PAH-INC |
Trojan JS/HTML (Heuristic) |
2016-10-25
|
| dwigley.beijobags.com
|
ns35.domaincontrol.com => 216.69.185.18
ns36.domaincontrol.com => 208.109.255.18
smtp.secureserver.net => 68.178.213.203
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Trojan JS/HTML (Heuristic) |
2016-10-25
|
| oprt.booblg.com
|
ns11.domaincontrol.com => 216.69.185.6
ns12.domaincontrol.com => 208.109.255.6
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.37
|
(AS45102) CNNIC-ALIBABA-CN-NET-AP |
Trojan |
2016-10-24
|
| scgi.ebay.com.https.zedataro.com
|
ns62.domaincontrol.com => 208.109.255.32
ns61.domaincontrol.com => 216.69.185.32
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 72.167.238.29
|
(AS16010) RUSTAVI2 |
Phishing |
2016-10-12
|
| installs.cpa-install.com
|
elle.ns.cloudflare.com => 173.245.58.110
carl.ns.cloudflare.com => 173.245.59.106
smtp.secureserver.net => 72.167.238.29
mailstore1.secureserver.net => 68.178.213.243
|
(AS16276) OVH |
Virus |
2017-03-23
|
| go-assist.me
|
ns23.domaincontrol.com => 216.69.185.12
ns24.domaincontrol.com => 208.109.255.12
smtp.secureserver.net => 68.178.213.37
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Pony botnet controller |
2016-10-03
|
| fullglass.ca
|
ns27.domaincontrol.com => 216.69.185.14
ns28.domaincontrol.com => 208.109.255.14
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 72.167.238.29
|
(AS26496) PAH-INC |
Trojan JS/HTML |
2016-09-28
|
| expatguidetomoney.goldsteinongelt.com
|
ns15.domaincontrol.com => 216.69.185.8
ns16.domaincontrol.com => 208.109.255.8
smtp.secureserver.net => 68.178.213.37
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Trojan JS/HTML |
2016-09-21
|
| skat.danamn.com
|
ns66.domaincontrol.com => 208.109.255.43
ns65.domaincontrol.com => 216.69.185.43
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 72.167.238.29
|
(AS38197) SUNHK-DATA-AS-AP |
Virus |
2017-03-23
|
| tang.danamn.com
|
ns66.domaincontrol.com => 208.109.255.43
ns65.domaincontrol.com => 216.69.185.43
smtp.secureserver.net => 72.167.238.29
mailstore1.secureserver.net => 68.178.213.243
|
(AS38197) SUNHK-DATA-AS-AP |
Virus |
2017-03-23
|
| upd-6rztygyt4uxdujp.a660d996de04720d07d8.xyz
|
ns18.domaincontrol.com => 208.109.255.9
ns17.domaincontrol.com => 216.69.185.9
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.203
|
(AS7979) SERVERS |
Virus |
2017-03-23
|
| bv.truecompassdesigns.net
|
ns32.domaincontrol.com => 208.109.255.16
ns31.domaincontrol.com => 216.69.185.16
smtp.secureserver.net => 68.178.213.203
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Virus |
2017-03-23
|
| upd-dpwbtgpdoo.a660d996de04720d07d8.xyz
|
ns18.domaincontrol.com => 208.109.255.9
ns17.domaincontrol.com => 216.69.185.9
smtp.secureserver.net => 68.178.213.37
mailstore1.secureserver.net => 68.178.213.243
|
(AS7979) SERVERS |
Virus |
2017-03-23
|
| cyjz188-ik0pg.cyjz188.com
|
ns29.domaincontrol.com => 216.69.185.15
ns30.domaincontrol.com => 208.109.255.15
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 72.167.238.29
|
(AS55933) CLOUDIE-AS-AP |
Virus |
2017-03-23
|
| cyjz188-1jd46.cyjz188.com
|
ns29.domaincontrol.com => 216.69.185.15
ns30.domaincontrol.com => 208.109.255.15
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.203
|
(AS55933) CLOUDIE-AS-AP |
Virus VBS Ramnit.C |
2017-03-25
|
| dlnjic.filecondo.com
|
ns34.domaincontrol.com => 208.109.255.17
ns33.domaincontrol.com => 216.69.185.17
smtp.secureserver.net => 72.167.238.29
mailstore1.secureserver.net => 68.178.213.243
|
(AS23884) PROENNET-AS |
Trojan |
2016-09-14
|
| ultra.academy
|
ns48.domaincontrol.com => 208.109.255.24
ns47.domaincontrol.com => 216.69.185.24
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.37
|
(AS36351) SOFTLAYER |
Phishing |
2016-09-06
|
| quosybasla.tropicaltales.com
|
ns38.domaincontrol.com => 208.109.255.19
ns37.domaincontrol.com => 216.69.185.19
smtp.secureserver.net => 68.178.213.37
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Malicious URL |
2016-08-30
|
| lagibenku.barbarabrancaccio.com
|
ns53.domaincontrol.com => 216.69.185.27
ns54.domaincontrol.com => 208.109.255.27
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 72.167.238.29
|
(AS26496) PAH-INC |
Malicious URL |
2016-08-30
|
| more.wchang.net
|
ns26.domaincontrol.com => 208.109.255.13
ns25.domaincontrol.com => 216.69.185.13
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 68.178.213.203
|
(AS26496) PAH-INC |
Malicious URL |
2016-08-30
|
| ltoltyshordi.thegloryrealmministries.net
|
ns36.domaincontrol.com => 208.109.255.18
ns35.domaincontrol.com => 216.69.185.18
smtp.secureserver.net => 68.178.213.37
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Malicious URL |
2016-08-30
|
| cochucopro.aspenfilmworks.com
|
ns58.domaincontrol.com => 208.109.255.29
ns57.domaincontrol.com => 216.69.185.29
smtp.secureserver.net => 72.167.238.29
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Malicious URL |
2016-08-30
|
| level.mormontempleweddingphotography.com
|
ns47.domaincontrol.com => 216.69.185.24
ns48.domaincontrol.com => 208.109.255.24
smtp.secureserver.net => 68.178.213.203
mailstore1.secureserver.net => 68.178.213.243
|
(AS26496) PAH-INC |
Malicious URL |
2016-08-30
|
| popular.robertgreim.com
|
ns45.domaincontrol.com => 216.69.185.23
ns46.domaincontrol.com => 208.109.255.23
mailstore1.secureserver.net => 68.178.213.243
smtp.secureserver.net => 72.167.238.29
|
(AS26496) PAH-INC |
Malicious URL |
2016-08-30
|
