home

dl.babylon.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl.babylon.com is registered by proxy through GODADDY.COM, LLC and was originally registered in August of 1998. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States which resides on the SingleHop, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Illinois, United States (US)

Create date:
Saturday, August 1, 1998

Expires date:
Tuesday, July 31, 2018

Updated date:
Monday, January 21, 2013

ASN:
AS32475 SINGLEHOP-INC - SingleHop

Root domain:
babylon.com

Whois:
3 babylon.com records

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.VisualTools.H, PUP.VisualTools.P, PUP.Installer.Babylon.P, PUP.Installer.Babylon.L, PUP.Installer.Babylon.O, PUP.NextRadioTV.S, PUP.Babylon.Installer (M), PUP.Babylon (M), Win32.Generic, Threat.Win.Reputation.IMP, PUP.Babylon.Optional.Installer.Meta (M)
97.83%

ESET NOD32
Win32/Toolbar.Babylon (variant), Win32/Toolbar.Babylon.AD (variant)
63.04%

VIPRE Antivirus
Babylon
60.87%

Dr.Web
Adware.Toolbar.175, Adware.Downware.1733, Adware.Babylon.8, Adware.Toolbar.111, Adware.Plugin.145, Adware.Babylon.15, Adware.Toolbar.146, Adware.Babylon.36
58.70%

Agnitum Outpost
PUA.Toolbar.Babylon, Win32.Parite.B
58.70%

Malwarebytes
PUP.Optional.Babylon.A
52.17%

Trend Micro House Call
TROJ_GEN.F47V0508, TROJ_GEN.F47V1215, HV_ZYX_CB2402E8.TOMC, TROJ_SPNR.09LP12, TROJ_GEN.F47V1202, TROJ_GEN.F47V0428, TROJ_GEN.F47V1007
50.00%

Emsisoft Anti-Malware
Riskware.Win32.Toolbar.Babylon.AMN, Win32.Parite, Gen:Variant.Barys.7801
36.96%

Bkav FE
W32.Clod4a8.Trojan, W32.Clod95a.Trojan, W32.Clod8f1.Trojan, W32.Clod347.Trojan
32.61%

Comodo Security
UnclassifiedMalware
30.43%

McAfee
Artemis!2A1486FAA80C, Artemis!77445EC53390, W32/Pate.b, Artemis!E569050C46CA, Artemis!52C88A3FDD9C, Artemis!4F37F5D643A2
26.09%

NANO AntiVirus
Riskware.Win32.Babylon.craswq, Trojan.Win32.Downware.ctimdd, Riskware.Win32.Searcher.dotdbm
26.09%

Baidu Antivirus
Trojan.Win32.Toolbar, Virus.Win32.Parite.$b, Adware.Win32.Bbylon
26.09%

Norman
Babylon.A, Pinfi.A, W32/BabylonToolbar.J
26.09%

ViRobot
Win32.Parite.A, Trojan.Win32.A.Agent.67584.F
23.91%

The domain dl.babylon.com has been seen to resolve to the following 6 IP addresses.

173.236.48.139
July 22, 2013

184.154.40.59
July 22, 2013

184.154.151.19
July 22, 2013

198.143.175.67
July 22, 2013

173.236.91.147
July 22, 2013

216.104.42.91
July 22, 2013

File downloads found at URLs served by dl.babylon.com.

43 / 68    (Adware)
http://dl.babylon.com/files/Toolbars/.../MyBabylonTB.exe  (ddee6f5527ddd4a8b3e143c1f340eace)

10 / 68    (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (36efe840e365a7b6e36eabae08e6500c)

20 / 68    (Adware)
http://dl.babylon.com/site/files/.../Babylon10_setup.exe  (ecb907d255ef203ffb87668cf425442b)

11 / 68    (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (5fcc1c68177b5fea5529511226e3a515)

1 / 68      (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (a59548d86c4c605b5126149fe32d91ef)

2 / 68      (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (babylon10_setup_ns.exe)

18 / 68    (Adware)
http://dl.babylon.com/site/files/.../Babylon10_setup.exe  (832f7ddad26655377b1e98f46e151c81)

22 / 68    (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (5ba16cbef1ed072596d63da529e8d741)

11 / 68    (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (06c079945958696180d231d7be9abaf9)

1 / 68      (PUP)
http://dl.babylon.com/site/files/.../Babylon10_setup.exe  (babylon10_setup_ns.exe)

19 / 68    (Adware)
http://dl.babylon.com/site/files/.../Babylon10_setup.exe  (b855222561d6f7d96eabd1abc03f0a19)

2 / 68      (Adware)
http://dl.babylon.com/site/files/.../Babylon10_setup.exe  (babylon10_setup_ns.exe)

1 / 68      (Malware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (fe3809c7a079763fcbae70289b757883)

1 / 68      (Adware)
http://dl.babylon.com/site/files/.../Babylon10_setup.exe  (d4b87bd9ea3267893fb53e32c7278d7b)

11 / 68    (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (abb307a0c305aac35815cddbbc5bca22)

1 / 68      (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (8ee6901ac0b26027b45381acb59c564f)

1 / 68      (Adware)
http://dl.babylon.com/site/files/.../Babylon8_setup.exe  (6c38f77c088e2db243e59f835bc37b44)

6 / 68      (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (b13ecddd0f3b3f579ecadde574e075b0)

6 / 68      (Adware)
http://dl.babylon.com/files/prtnrp/.../DownloadManager611.exe  (220b31f0e7b64b4662c891c15e182b0d)

9 / 68      (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (241cd850b49552ccbf756ea8e84c3298)

1 / 68      (Adware)
http://dl.babylon.com/site/files/.../Babylon10_setup.exe  (5ba7e27dbeec9859a3d1e31c6375111a)

22 / 68    (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (d0114c260ef9c6cad5d1eb082d0609ac)

2 / 68      (Adware)
http://dl.babylon.com/files/.../Babylon10_setup_ns.exe  (f1ebee9bf9b32f20dbb4669401a32fbb)

8 / 68      (Adware)
http://dl.babylon.com/site/files/.../Babylon10_setup.exe  (babylon10_setup_ns.exe)

22 / 68    (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (61621c0a18d110cf3c09fe6550fe7a31)

2 / 68      (Adware)
http://dl.babylon.com/site/files/.../Babylon10_setup_ns.exe  (f1ebee9bf9b32f20dbb4669401a32fbb)

6 / 68      (Adware)
http://dl.babylon.com/files/prtnrp/.../DeltaTB.exe  (eb2764885565b6c01cb32e5f51f213b3)

19 / 68    (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (6812d5fa4c9cf7642ed612e3325f3b18)

17 / 68    (Adware)
http://dl.babylon.com/site/files/.../Babylon9_setup.exe  (08c7db463a347e77b92184acdb1a6d4e)

1 / 68      (Adware)
http://dl.babylon.com/files/prtnrp/.../wmp11-windowsxp-x86-FR-FR.exe  (0669b9ea66116fdc34fd5a23af97153e)

 
Latest 30 of 255 download URLs

The following 12 files have been seen to comunicate with dl.babylon.com in live environments.

TCP » 198.143.175.67:80
setup.exe (Setup Module by Babylon)

TCP » 198.143.175.67:80
setup.exe (Setup Module by Babylon)

TCP » 173.236.48.139:80
setup.exe (Setup Module by Babylon)

TCP » 173.236.48.139:80
setup.exe (Setup Module by Babylon)

TCP » 173.236.48.139:80
setup.exe (Setup Module by Babylon)

TCP » 173.236.48.139:80
setup.exe (Setup Module by Babylon)

TCP » 198.143.175.67:80
setup.exe (Setup Module by Babylon)

TCP » 198.143.175.67:80
setup.exe (Setup Module by Babylon)

TCP » 173.236.48.139:80
setup.exe (Setup Module by Babylon)

TCP » 198.143.175.67:80
setup.exe (Setup Module by Babylon)

TCP » 173.236.48.139:80
setup.exe (Setup Module by Babylon)

TCP » 198.143.175.67:80
setup.exe (Setup Module by Babylon)

TCP » 173.236.48.139:80
setup.exe (Setup Module by Babylon)

TCP » 198.143.175.67:80
setup.exe (Setup Module by Babylon)

TCP » 198.143.175.67:80
setup.exe (Setup Module by Babylon)

TCP » 198.143.175.67:80
setup.exe (Setup Module by Babylon)

TCP » 198.143.175.67:80
setup.exe (Setup Module by Babylon)

TCP » 216.104.42.91:80
babylon.exe (Babylon Client by Babylon)

URL:
http://dl.babylon.com/

Web server:
nginx/0.8.54

cdn-services.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.