dl.downc468.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl.downc468.com is registered by proxy through GODADDY.COM, LLC and was originally registered in August of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Remove Malware from dl.downc468.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Wednesday, August 28, 2013

Expires date:
Thursday, August 28, 2014

Updated date:
Thursday, August 29, 2013

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.FIRSERIASL.N, PUP.Installer.AppsInstallerSL.T, PUP.FIRSERIASL.P, PUP.FIRSERIASL.Q, PUP.Installer.Firseria.T, PUP.FIRSERIASL.V, PUP.Solimba
88.89%

Sophos
Solimba Installer, PUA 'Solimba Installer'
77.78%

Avira AntiVirus
APPL/Firseria.Gen, TR/Dropper.Gen, APPL/Solimba.Gen, TR/Trash.Gen, TR/Crypt.ULPM.Gen
77.78%

Malwarebytes
PUP.Optional.Firseria, PUP.Optional.BundleInstaller.A, PUP.Optional.Rapiddown, PUP.BundleInstaller.A
66.67%

Dr.Web
Adware.Downware.1433, Trojan.MulDrop5.4401, Adware.Toolbar.237, Trojan.DownLoader10.52315
66.67%

VIPRE Antivirus
Trojan.Win32.Generic, DownloadMR, Threat.4782980, Threat.4150696
66.67%

AVG
AdInstaller.Firseria, MalSign.Solimba, Adware AdInstaller.Firseria
66.67%

avast!
Win32:PUP-gen [PUP], Win32:Firseria-A [PUP]
66.67%

K7 AntiVirus
Backdoor , Unwanted-Program , Trojan
55.56%

K7 Gateway Antivirus
Unwanted-Program , Trojan
55.56%

Kaspersky
not-a-virus:Downloader.Win32.Morstar, not-a-virus:Downloader.Win32.Firser
55.56%

Comodo Security
TrojWare.Win32.Trojan.Obfuscated.~EN, Application.Win32.Solimba.J
55.56%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Troj.DownMorstar.k.(kcloud)
55.56%

AhnLab V3 Security
PUP/Win32.Firseria, PUP/Win32.FirseriaInstaller
55.56%

G Data
Adware.Agent.NTS, Win32.Application.FirseriaInstaller, Gen:Application.Bundler.Firseria
55.56%

The domain dl.downc468.com has been seen to resolve to the following 22 IP addresses.

ip-50-63-202-65.ip.secureserver.net
September 7, 2014

a23-67-243-72.deploy.static.akamaitechnologies.com
May 1, 2014

May 1, 2014

May 1, 2014

a23-67-243-32.deploy.static.akamaitechnologies.com
April 20, 2014

April 20, 2014

a23-67-243-98.deploy.static.akamaitechnologies.com
April 20, 2014

April 20, 2014

a23-67-243-97.deploy.static.akamaitechnologies.com
April 20, 2014

a23-67-244-32.deploy.static.akamaitechnologies.com
March 27, 2014

a23-67-244-83.deploy.static.akamaitechnologies.com
March 27, 2014

a23-67-244-8.deploy.static.akamaitechnologies.com
March 27, 2014

a23-67-244-49.deploy.static.akamaitechnologies.com
March 27, 2014

a23-67-244-27.deploy.static.akamaitechnologies.com
March 27, 2014

a23-67-244-43.deploy.static.akamaitechnologies.com
March 27, 2014

a23-67-244-10.deploy.static.akamaitechnologies.com
March 27, 2014

a23-67-244-50.deploy.static.akamaitechnologies.com
March 27, 2014

a23-67-244-41.deploy.static.akamaitechnologies.com
March 27, 2014

a23-67-250-137.deploy.static.akamaitechnologies.com
February 14, 2014

a23-67-250-145.deploy.static.akamaitechnologies.com
February 14, 2014

November 26, 2013

November 26, 2013

File downloads found at URLs served by dl.downc468.com.

36 / 68    (Adware)
http://dl.downc468.com/n/.../Avast! Free Antivirus.exe  (37c2d17bfc20d7ba41dbce0f3c9c4207)

37 / 68    (Adware)

37 / 68    (Adware)
http://dl.downc468.com/n/.../AVS_Media_Player.exe  (8ed8b1b28058971269eee14c603a9518)

33 / 68    (Adware)

4 / 68      (PUP)

10 / 68    (Adware)
http://dl.downc468.com/g/.../cheat_engine_dsetup.exe  (14cab05b1b004a449d0e56e789fc9cf9)

24 / 68    (Adware)

35 / 68    (Adware)

1 / 68      (Adware)
http://dl.downc468.com/g/.../cheat_engine_dsetup.exe  (1ab3898af15a2f4579ad9eeeb245d1a4)

2 / 68      (Adware)
http://dl.downc468.com/n/.../Express Files.exe  (61e1f04e10fe2163140f4bcb916d6c9a)

The following 209 files have been seen to comunicate with dl.downc468.com in live environments.

 
Latest 20 of 211 files

URL:
http://dl.downc468.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)

Alexa:
Global rank:  240,246
Backlinks:  77

Statistics are for the previous month (Alexa statistics are for entire downc468.com).

Remove Malware from dl.downc468.com - Powered by Reason Core Security