home

ad.z5x.net

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain ad.z5x.net is registered by proxy through GODADDY.COM, LLC and was originally registered in November of 2005. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Omaha, Nebraska within the United States which resides on the Yahoo! Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Nebraska, United States (US)

Create date:
Wednesday, November 23, 2005

Expires date:
Friday, November 23, 2018

Updated date:
Tuesday, June 18, 2013

ASN:
AS36646 YAHOO-NE1 - Yahoo,US

Root domain:
z5x.net

Whois:
1 z5x.net record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.TUGUUSL.X, PUP.Awimba.W, PUP.Awimba.R, PUP.Tuguu.Awimba.Bundler (M), PUP.Conduit.Bundler (M), PUP.GadgetBox.saminves.Installer (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.Jottix.Jottixin.Installer (M), PUP.Jottix (M), PUP.GadgetBox (M)
100.00%

Malwarebytes
PUP.FakeFlash.Domaiq, Adware.DomaIQ
41.67%

avast!
NSIS:DomaIQ-C [PUP], MSIL:DomaIQ-F [PUP], Win32:PUP-gen [PUP], Win32:DomaIQ-AI [PUP], Win32:DomaIQ-I [PUP]
41.67%

Sophos
Generic PUA CF, DomainIQ pay-per install
41.67%

Comodo Security
Application.Win32.DomaIQ.~qk, Application.Win32.Downloader.Agent.WA, Application.Win32.DomaIq.~A, UnclassifiedMalware
41.67%

Dr.Web
Adware.W3i.29
41.67%

VIPRE Antivirus
DomaIQ
41.67%

Avira AntiVirus
APPL/DomaIQ.Gen
41.67%

ESET NOD32
Win32/DomaIQ
41.67%

K7 AntiVirus
Trojan , Riskware
33.33%

Norman
Suspicious_Gen4.ERZRG, Agent.AQDDL, Obfuscated.gen!r
33.33%

IKARUS anti.virus
AdWare.DomaIQ, AdWare.Win32.InstallIQ, APPL, Trojan.Win32.Ceatrg
33.33%

McAfee
Artemis!5F12D9812BF9, RDN/Generic PUP.x!bqj, Artemis!4E4727ABB7EF, Artemis!CB6DC09FCB8F
33.33%

Fortinet FortiGate
Riskware/DomaIQ.C!tr, W32/DomaIQ.C
33.33%

G Data
Adware.DomaIQ, Adware.Downloadware.AK, Win32.Application.DomalQ
25.00%

The domain ad.z5x.net has been seen to resolve to the following 4 IP addresses.

98.138.49.84
mpr2.ngd.vip.ne1.yahoo.com
February 23, 2016

98.138.49.44
mpr1.ngd.vip.ne1.yahoo.com
February 23, 2016

98.139.225.42
mpr1.ngd.vip.bf1.yahoo.com
February 6, 2014

98.139.225.43
mpr2.ngd.vip.bf1.yahoo.com
February 6, 2014

File downloads found at URLs served by ad.z5x.net.

1 / 68      (PUP)
http://ad.z5x.net/clk?3,eJydUMlugzAQ.RpuFHkZGyPUgwmhQg1QpzQVRwJmaYK6hIqUr69R0nxAn2Z5mvdmDoOpj2vigmYu0oCwx4SPqQZMmFdxsJHv-5iA57kcAdiZWpfrEXaZXN19ziqQC0LebVt5wV9f8CSWGq10W2zUZZS2weNVDZ53k.w.gkmckyuPY2lOtaGQIzsdVQ7BzfbwMmW5OqdhjDav0aHI4zHJo2PS4y6dl9l2SPN2zsIDS94kFOq2eW.b3Th-WFRaJDLxU2JSQ0P7wdk7Zc0HXfel03wZ6fRtSomZqEqOkOZYNJjuGWjhUiAVF6QiYCzUJDEftmg0WTTERCCL8M5QgRb2btgvLOFs6A==,  (xvidly_setup.exe)

1 / 68      (Adware)
http://ad.z5x.net/clk?3,eJydjW1vwiAUhX-N35qmDNE2zT5AWH0r2zS-xH5ZWGm1E2zHqmz--l1X4w.YCYHnnHvIRTgmeVTmUdQfqiiXBL.HCKuir1CpMPaCOI5ROAyiYYgI8VImNF2f29GcfZLFitGrkvFsPqeddnRF6aTj1.B6s6cZIbPb2E-zcUfMHtdb-n-xeurCG8M-B6t5SPXrZUF4wO41vtZiM62yDxGkS21eRqIVy0SLCu2fL4lJl6rKNqIv-MRlPDls3f3no-ft27bpYdp7SOA45.xcmq8f00g.rw1E1VEV336zhxI0BpXqYU5QhAdgWivzQ2EheSttbYqTrXV1Lv5q0OcAjbTSdKjlcXcqgEsLzgEgeK9BcPPBL7Aeeo4=,  (setup.exe)

1 / 68      (PUP)
http://ad.z5x.net/clk?3,eJydjN1Og0AQhZ-GOyTszLIsIV4sAoaktGJRQu-2sC1QG63Q0vTpXYL2ATyZOfNl.gj6WCFApVSldpQxRnyCCmyobIlg2r7vg4eEug5Dc5VFMhro-0o8PZxuWSAmBUXzuhez.uqkFz55HJ.35SKbW1ySZqawWMej-L-CkV.TX04SoV.tQy7W46FPQhrc156XbVmkWB7f7EUR0VURDWkef6QtaZdd5Czyim7y-pDm5TUtNl2Z3S8fTbMZhi8DhQGxjlvdHemlP90uVm.Jmh1V3Upr961H.VmbIjsXPCB0C8i3tqwloRLA454LjuJKr6BOcBgxMB4NDAkyZgBrNLqMa.rU9AOns27g,  (xvidly_setup.exe)

1 / 68      (PUP)
http://ad.z5x.net/clk?3,eJydjt0KgkAUhF9IorO7WbJ0cVQsy7UfNLM7c00zSypD6unLlB6g72LOwHCYAco1NhgCS4CROIoISA40IXJPpBxKpc851.oaqIQyUKjlq2gs54satzRjOjZMT8Y6xZbvDVu.HDWqm6kXb7rYTfV56ww.hzv-j5Ff9a4HbcT6U22OcFU9no7X7WowZ4Xwwmf4cnMnsLIwsCvhWYU4QrbL44ETiJcwfVhM1ieX2FTUv8-xokSHKrnJsr4UZSR7cXl-Az3gVig=,  (xvidly_setup.exe)

1 / 68      (Adware)
http://ad.z5x.net/clk?3,eJylTdlugzAQ.Bq.ocgXh4X6YMcgJQ3kKFWbvEQcDtCSlBRHOb4-RqTtB3S0Ws3MjmYR8WGGlJc7FO8wo0qlPiLFzkYoQ4xa0Pd9BKntUuRA11qE-ZmLj.GSj19V3QneY5ofX858QNmvycAXXr8Dme2z98c9LsXzwCQscMD.AaZE.qDmn-kvpcerI12xBIrflAxwdJtWMY7o7C24RjLXURI2UQ3pRq6aWTIh6.3SnidrOk82n.Ff.5NlVVq3gHCAQzM6LTs0utmX0UFp49rYg.2FhGmx1ddWASLTAmDHyK6-9ZJAeMG2STmdynX9dTAexZQwho3XnrLt6bsxHsAUuOJHu.IObgFx5Q==,  (setup.exe)

16 / 68    (Adware)
http://ad.z5x.net/clk?3,eJydTcuKg0AQ.BpvEpweZ1RkD2N8RIgaQSJ6WVx1fSBJdh2Ima.fESUfsEXTVFVXUwjb2NCh-kKtrhnfFgZiI9wa1KSE0EbVbNvGRDMsChqAevHrJwu8Pu2OxTx6DlsRLafsyTZ0LGSs2PjFXLfj.fyKMt0sC6ZmT6ZusOf-hSMgp965rJT9nWuy8poEzag771hQvJI8XJI8ns55iApR8yjzp2hAQ5nF.TljIh4LUY7XIQk8EXfvzw9V7Tl.KJgp4MvhVTejgyDL4dZy6RIwtfWC.ar55K9Hq2C3ahSgUs6DWKUB5mLJEJ3bmg.3m7R0jLEF6A--zGon,  (flashplayer_v.107001446c.exe)

1 / 68      (Adware)
http://ad.z5x.net/clk?3,eJydUF1TgkAU.TW8OczdL4RhelhCtPEjLcrgTXcRsAxLEvXXd1et7K3pzs6ec-6958AsYT4Xc7FYLMDJxFwrBT5hGQClek68Fvi-z7jLgOHhre1035d9ej1ugg9x9xBIU70XMsnlqXJ5I.vq1B-75u52byv3qTmNdUDUiQVv6eOZ.qtCUMWX.0ZKzM9DV957VSlDHvysJZAuJU-W6XIw7RySpaqHcfQyLIGn04QNYsXTeFSO4g4bHRQkk2.nVauo67XFpEUjPPuZ3tiHTFe2qlaoUVIEZbFoZrGQcE-0HW6x4NUoaAPSHVLK4dhW5zYAAQ8sen0hWJDjlLtISiSmQRCNpsaGWJsNwhzhAnAwk-0x0BTuBBtUgvHLqBUShtgcFy-yPxAr3d.F5XC9cvVqMI4WvSSc6KgTWe0OIUAJ-ZX5V8fBfMEWFH.KI0I4xAXqeDh4xsHv92yaxq63Wb4.v-d2jtemqJq6eM9m2l4XuBvV6MMk8gnIJrUp,  (setup.exe)

20 / 68    (Adware)
http://ad.z5x.net/clk?3,eJydjVFvgjAUhX8Nb4RAa4GG7OEyqJFI5yZK5M1CQ0UrRMnY-PXDsPkD9uXk5tzcc3IdHCyonESRR4kvnAoFDpYEO4QKXJp2EASIujZysOt65o26EbxValmHxWf2HsIDLtushpkaYoDD7Df-Y4Zsg762v-exTM6zeyV7vYP.E1rex59fAQzT68gHK6n3u3ERPmOR0mlztgvNLut8NfD80KcZu6Qnm6S6aNZ5PPImURzFhDfwzetn88U0Vd93BgYDsUnH6m4NUmhpla2ednG8XuXN6tQUYV17N3Akhh.nPl-l,  (flashplayer_v.91400801a.exe)

22 / 68    (Adware)
http://ad.z5x.net/clk?3,eJy1kF1vgjAUhn8Nd4a0py3SkF0UwWVGWNycy3ZDypfgEBFQnL9-bWaiS3a1ZCdNzznPez7SYuIgoJxzllJbIoCcOJikCZJxDBkfIcdxMGeAbZuANZo9vVaT5-XxceEyXH64QlvYDM.i1h4uHgl3IdzJvvDni2.ivhSrS1TJKRV.N4.5p5t9gxBrzxZZfN8OHnKvZQsIvVUVwqyYL6si8NZ9sJxWQYnY-zJUzB.CjUBvWx-Cs8.C64K7UdH3jUGEAVN14s2uyPfHTcLMzpSptc3SUpp5q6VEXYAAj6kKMEGEYMyIDZxaHMZgI0ops.lYTyJqGP05WqbmmZ3MOutV0vWqRKZR.9lkBvHKvJXbzABLoa48a0QQOgFDinVlrwFGjFg21yBL-nJXR8ku1cLu0JIDtgZro7RY1lFeya7QHSpvDnHUqke0qic61Fmtm9JfRIX-6Se-ALOetRU=,  (flashplayer_v.46495191c.exe)

1 / 68      (PUP)
http://ad.z5x.net/clk?3,eJydkttuozAQhp-GuxD5BAahXkBI2t0G0kZIaXrnAEsIB1OgofD0HSdoD7c7Bv.fHBiPLDB1-CkRwrIR5qdfhFDbwTSlIo5pzOkCOY6DTeu2mL3w3sbn9WNXPmWrfIhiz1X2FByjzL2b0uc5.mKpfe3WTfLz9Z72qfE-U9pXc.C.bMU.Xn.MDDrA0b7lvvnXYHdh3u-yx30RRu60i.bl9rC5HA.rPog2ZZDjPLyE520Us.coKYLDER-nstr9OeBhce77RqOuRjbwjCLpllOayGUsK.DBJSCxRjdCo77NDYyQRr0vcAhDnANnwJgToFgR4gjMYFwjq78c6uWQVd.WcxVgp9DGQPD6FihREdD-1pWaJrdMZDKIXNs5Vd0zQAPQrfUnQGZKMzLKS7LlVcH2gwinKtwXvcbXiGCG1YBCzQA6qVGWBjMph1-C2hbFhKuOBST-vZFhGJbd-Splnc13cpKy6EAbmfbtCEAQtqlh6d1nVYl21LO0FW2iV6Iu01E.y6bI607vmjavMyj.BkeCtFM=,  (freeutilities.exe)

22 / 68    (Adware)
http://ad.z5x.net/clk?3,eJydjVtvgkAQhX8Nb8QMeyekD6srhgRKUWwjb7sgF4vpRSykv75rNPrek5mTLzNnMh4O.LIERn2CmW9qTlDg4cqIylSkNC4EQeBx4Bj5ArlpttTLgbymchHBZjuXFy37aSNvauRDL-Liq.Dc7OLsOhLaa6-keh0S-X.NRzElN44iOdrXSsjFkJuzgvk9psI-XSVToRqI83dSqHJI8rBPOqBFvu7jfN0lb1vyfNhBcYwgze6XT67bDsOng6WDQlu.6Ms78cNPPc5OM12x477q9Kz-tqvT2RrlpSZUE2Ba7zn4lNa4FKYGTZkxVNsIto18Dg4ORwcrDzPmINZa5ExY-rD0B1vTbq8=,  (flashplayer_v.46495191c.exe)

21 / 68    (Adware)
http://ad.z5x.net/clk?3,eJydjcsOgjAQRX8ITV9ISeNiKoIYWl8oqUsBiwTjRkX9et9-gGcxObm5M4OpQDx3fYY9jxaoxBsuMC1KQtyCk56DhBDE7.kep5wRx1J5ArBmBIMIXw8SXuhoAR8sDL8KU.6cUgbxeN6-I9KZb98WdCchg.8ZeGf5fRXH8LhvAw7GzxtWI.mrRcY12arRma6StNmrWh1VGjZqhytdL9ski6m-KaLTGVNEXdb2t9l3nDvIO03C,  (player_v.58961052c.exe)

20 / 68    (Adware)
http://ad.z5x.net/clk?3,eJydUF2LgzAQ.DW-icRsYhW5h7RB8Ki2Hh699M0mfvVMLSoU.PUX6x19v2HZmdldGFgXwg2WELibChBVFCkIXSgJXIIAUbBRGIZACDLG94j9znCzg5EfH2yk12TLFqQjz2u24snxqo.-0qNIkMPX777K6GVVO3HDGfs.eNx..GmT9zDR3GezwDSbyfZ19j2La0YOvGv2p6hLuJyS3HCLiNDnZp.HkM6fOD0lbpLX9PwKeLPtZpruFjALR6YKNTpaF7e2cGSvn4NqKHTp3JtJdxZEUlrAq8HC3lTURmo9dq0qB2ex2OsHZYZAAcB8E.0ArZpq9A==,  (flashplayer_v.91400801a.exe)

20 / 68    (Adware)
http://ad.z5x.net/clk?3,eJylTl1PgzAU.TW8IWkpVAjxoQgs6jpdghKeDCvlS2gJlJHt18vG1B.gyc29J-ecnFyIPBNbMEOsYNjBNrCwBxHPgMNQjmwdeJ4HAXJs18JYP31MT4QI93UmidmEPrmicONyZeRyX9iqvzmX.RhxX-zn1b4jStyS2bR5J.9AsZnTG11eWvrLwCHjeaIysPzfVMDsXbK3aEPBNnlu6DlUNI5aWsM6TaKvbRzOu4aAtIu6NKaA.vU.6HqlVK8hopnRMiwXRnXq-dAPspOKG0x2izxWcs5HMYwt64ccfjoAGJXqWg1Fh2PJJZM511AwjZqJD8dWskzVUtxUaNoQ4PurNfC8Hn50CL8Bykt4-w==,  (flashplayer_v.115743234c.exe)

The following 168 files have been seen to comunicate with ad.z5x.net in live environments.

TCP » 98.139.225.43:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 98.139.225.43:443
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 98.139.225.43:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 98.139.225.43:80
NexGuard.exe (NexCafé by Nextar)

TCP » 98.138.49.44:80
client.exe

TCP » 98.139.225.43:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 98.138.49.44:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 98.139.225.43:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 98.138.49.44:80
NexGuard.exe (NexCafé by Nextar)

TCP » 98.138.49.44:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 98.138.49.44:443
browser.exe (speed browser by Smart Applications)

TCP » 98.138.49.44:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 98.139.225.43:443
browser.exe (speed browser by Smart Applications)

TCP » 98.138.49.44:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 98.139.225.43:443
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 98.139.225.43:443
wikithemes.exe

TCP » 98.138.49.44:443
browser.exe (Browser)

TCP » 98.138.49.44:443
browser.exe (speed browser by Smart Applications)

TCP » 98.138.49.44:443
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 98.138.49.44:443
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 309 files

URL:
http://ad.z5x.net/

Web server:
ATS

Compete.com:
US visitors:  1,807

Statistics are for the previous month.

adnetwork.net

adorika.com

adserverplus.com

avazu.net

bannerconnect.net

reduxmedia.com

xertivemedia.com

xtendmedia.com

yahoo.com

yieldmanager.com

globaltakeoff.net

reachjunction.com

tblamnetwork.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.