home

dl.d0wnpzivrubajjui.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl.d0wnpzivrubajjui.com is registered by proxy through GODADDY.COM, LLC and was originally registered in September of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Northern Ireland, United Kingdom (GB)

Create date:
Thursday, September 19, 2013

Expires date:
Saturday, September 19, 2015

Updated date:
Tuesday, October 7, 2014

Root domain:
d0wnpzivrubajjui.com

Whois:
2 d0wnpzivrubajjui.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Solimba.FIRSERIA.Bundler (M), PUP.Solimba.SETUPPRO.Bundler (M), PUP.Solimba.Condesti (M), PUP.Solimba.RAPIDDOW.Bundler (M), PUP.Solimba.PortalPr.Bundler (M), PUP.Solimba (M), PUP.Solimba.Bundler
98.00%

VIPRE Antivirus
Threat.55332
2.00%

Microsoft Security Essentials
Threat.Undefined
2.00%

avast!
Win32:Gardih
2.00%

Dr.Web
Win32.HLLP.Jeefo.36352
2.00%

F-Prot
W32/Jeefo.A
2.00%

ESET NOD32
Win32/Jeefo.A virus
2.00%

AVG
Win32/Hidrag.A
2.00%

McAfee
Virus.W32/Jeefo.e
2.00%

Emsisoft Anti-Malware
Win32.Jeefo
2.00%

Norman
Win32.Jeefo.B
2.00%

Kaspersky
Virus.Win32.Hidrag
2.00%

The domain dl.d0wnpzivrubajjui.com has been seen to resolve to the following 37 IP addresses.

92.242.140.21
unallocated.barefruit.co.uk
May 21, 2015

96.6.113.75
a96-6-113-75.deploy.akamaitechnologies.com
May 3, 2015

96.6.113.121
a96-6-113-121.deploy.akamaitechnologies.com
May 3, 2015

23.15.7.122
a23-15-7-122.deploy.static.akamaitechnologies.com
February 15, 2015

23.15.7.104
a23-15-7-104.deploy.static.akamaitechnologies.com
February 15, 2015

23.62.6.91
a23-62-6-91.deploy.static.akamaitechnologies.com
September 18, 2014

23.62.7.17
a23-62-7-17.deploy.static.akamaitechnologies.com
September 7, 2014

23.62.7.66
a23-62-7-66.deploy.static.akamaitechnologies.com
September 7, 2014

23.62.6.97
a23-62-6-97.deploy.static.akamaitechnologies.com
September 3, 2014

23.62.6.80
a23-62-6-80.deploy.static.akamaitechnologies.com
September 3, 2014

184.51.126.56
a184-51-126-56.deploy.static.akamaitechnologies.com
August 17, 2014

184.51.126.25
a184-51-126-25.deploy.static.akamaitechnologies.com
August 17, 2014

23.0.160.65
a23-0-160-65.deploy.static.akamaitechnologies.com
August 16, 2014

23.0.160.35
a23-0-160-35.deploy.static.akamaitechnologies.com
August 16, 2014

23.67.250.96
a23-67-250-96.deploy.static.akamaitechnologies.com
April 14, 2014

23.67.242.114
a23-67-242-114.deploy.static.akamaitechnologies.com
April 11, 2014

23.67.242.121
a23-67-242-121.deploy.static.akamaitechnologies.com
April 11, 2014

23.67.242.129
a23-67-242-129.deploy.static.akamaitechnologies.com
April 11, 2014

23.67.250.91
a23-67-250-91.deploy.static.akamaitechnologies.com
April 4, 2014

23.67.250.106
a23-67-250-106.deploy.static.akamaitechnologies.com
April 4, 2014

204.93.33.24
March 19, 2014

204.93.33.17
March 19, 2014

23.67.242.80
a23-67-242-80.deploy.static.akamaitechnologies.com
March 3, 2014

23.67.242.72
a23-67-242-72.deploy.static.akamaitechnologies.com
March 3, 2014

23.0.165.90
a23-0-165-90.deploy.static.akamaitechnologies.com
January 28, 2014

23.0.165.67
a23-0-165-67.deploy.static.akamaitechnologies.com
January 28, 2014

23.67.243.90
January 23, 2014

63.88.100.161
January 14, 2014

63.88.100.139
January 14, 2014

23.67.244.144
a23-67-244-144.deploy.static.akamaitechnologies.com
January 10, 2014

 
Showing 30 of 37 IP Addresses

File downloads found at URLs served by dl.d0wnpzivrubajjui.com.

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.3/.../Microsoft PowerPoint Viewer.exe  (261e12aebdf699944ade19e443abb348)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.3/.../Prezi Desktop.exe  (ae6c943928278f19fb89fe45aec32cb0)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/.../FLV_Media_Player.exe  (e350ff194af1bb4b190a207f411fe6f8)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.28.3/.../Counter Strike.exe  (0379c1ad3ac2a59a778235ec8625b5ba)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/.../Avast! Free Antivirus.exe  (c231cbb18da5ebe9b38e0cda2888f234)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/.../LEGO Racers.exe  (2d287e5ef638ac0cd5f31256bff50078)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/.../Skype.exe  (f3f7c6c6fd718bb9f8823aeb3c1e63d6)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.4/.../home4english.exe  (8d7dd8f27d6f90b9a6984c97dd85570c)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.3/.../Google Earth.exe  (7f2add32d0405667f0f466ecf67c665d)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/.../AVS_Media_Player.exe  (06ec031ee11ec70f82865bcf885f1bf0)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/.../Avast! Free Antivirus.exe  (f2374234b239d18020462ec7ac85d3fc)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/.../Netcut.exe  (48495102f195bd8f62b46677b68f7cdf)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.3/.../GTA San Andreas Multiplayer Server.exe  (27a63bf16f72e6fbca15723679d82c04)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.4/.../AVS_Media_Player.exe  (928d17b977bb6b0f0a6d6799f90ab26f)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/.../FLV_Media_Player.exe  (9d52015d679bd37356ccceddbb8a120f)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/.../FLV_Media_Player.exe  (dea628e1356abaf3719023ceb7c402f2)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.3/.../avast! Free Antivirus.exe  (2121f69dcdfd27cbdc21bd1f49ada0d4)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/.../FLV_Media_Player.exe  (2d559401f125ee82d26ecac5c7ecc0b5)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.28.3/.../WIFI Key Generator.exe  (a8f7ec93749eb8ef08ed1bdb1fe8dbe7)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.4/.../Emu Loader.exe  (7609dd382368abeff5c8f310a29d206c)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/.../avast.exe  (50f086ea10195db2367a6f943dcdb04f)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.3/.../Disegno di Giardini ed Esteriori 3D.exe  (a6dac9279f3b4677543e7de31df47f27)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.28.3/.../Test.exe  (40bca229a7be34b0b0da6c4e7c2fe478)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.3/.../Need for Speed Undercover Desafío.exe  (22cbf2cba1137190f23c80fc58a069cc)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.3/.../Clicktionary English-German-English.exe  (958ea6a51a07427a799539fd7b9096cb)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.3/.../GTA Mexico City.exe  (dc1c4978a7756b8121c22c69cf6a109c)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.26.3/.../yaho 115 yaho messenger.exe  (03baa9eae25feeb07e6d76645f026d29)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.28.3/.../Microsoft Encarta.exe  (8d2afae7d0e82a8a6b94e7514308ee9f)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/.../Minecraft.exe  (1227331bc07dafa7953f2d008385111d)

1 / 68      (Adware)
http://dl.d0wnpzivrubajjui.com/n/3.0.28.3/.../Adobe Photoshop.exe  (546ece837ea3e04c0db75b2e1a04bc56)

 
Latest 30 of 180 download URLs

The following 567 files have been seen to comunicate with dl.d0wnpzivrubajjui.com in live environments.

TCP » 92.242.140.21:80
smelled.exe (Smelled)

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80
marini.exe (Marini)

TCP » 184.51.126.56:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.56:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 184.51.126.56:80
browser.exe (Speed Browser by Smart Applications)

TCP » 23.15.7.104:80
browser.exe (Browser)

TCP » 92.242.140.21:443
client.exe (ClientWrapper)

TCP » 92.242.140.21:80
thebrowser.exe (TheBrowser by Goobzo)

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 184.51.126.56:80
Weather.exe (WeatherBug Desktop by AWS Convergence Technologies)

TCP » 23.15.7.104:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 92.242.140.21:443
WindowService.exe (WindowService)

TCP » 92.242.140.21:443
ciuninstall.exe

TCP » 92.242.140.21:1866
jutched.exe

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80
masterupdater.exe

TCP » 184.51.126.25:80
Agent.exe (Battle.net Update Agent by Blizzard Entertainment)

TCP » 184.51.126.25:80
ippenodjaoidmkkfdlmdhofiebnpjddb.crx

TCP » 184.51.126.25:80
nedmkhahhppfofnniinaggmabnngddjk.crx

 
Latest 20 of 579 files

URL:
http://dl.d0wnpzivrubajjui.com/

Web server:
nginx/1.0.15

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.