dl.downe468.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl.downe468.com is registered by proxy through GODADDY.COM, LLC and was originally registered in August of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Remove Malware from dl.downe468.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Wednesday, August 28, 2013

Expires date:
Friday, August 28, 2015

Updated date:
Friday, August 29, 2014

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Root domain:

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.FIRSERIASL.L, PUP.FIRSERIASL.S, PUP.FIRSERIASL.O, PUP.PortalProgramas.H, PUP.PortalProgramas.M, PUP.PortalProgramas.N, PUP.FIRSERIASL.K, PUP.FIRSERIASL.Q, PUP.FIRSERIASL.V, PUP.FIRSERIASL.M, Threat.Solimba.Bundler
100.00%

Malwarebytes
PUP.Optional.Firseria, PUP.Optional.FirSeriaInstaller
41.67%

Kaspersky
not-a-virus:Downloader.Win32.Morstar, not-a-virus:Downloader.Win32.Firser
41.67%

Sophos
Solimba Installer, PUA 'Solimba Installer'
41.67%

Comodo Security
Application.Win32.Solimba.J
41.67%

VIPRE Antivirus
DownloadMR, Threat.4895151, Threat.4150696
41.67%

G Data
Adware.Agent.NUA, Gen:Application.Bundler.Firseria
41.67%

Rising Antivirus
PE:PUF.FirseriaInstaller@CV!1.9C54, PE:PUF.FirseriaInstaller@CV!1.5C42
41.67%

AVG
AdInstaller.Firseria, Adware AdInstaller.Firseria, Adware BundleApp.U
41.67%

Agnitum Outpost
Adware.Agent, PUA.Firseria
33.33%

Avira AntiVirus
TR/Dropper.Gen, APPL/Firseria.Gen, TR/Crypt.ULPM.Gen
33.33%

AhnLab V3 Security
PUP/Win32.FirseriaInstaller
33.33%

Fortinet FortiGate
Adware/Firseria, Adware/Sality.MO
33.33%

avast!
Win32:Firseria-A [PUP]
33.33%

Dr.Web
Adware.Downware.1433, Trojan.DownLoader10.62400
33.33%

The domain dl.downe468.com has been seen to resolve to the following 20 IP addresses.

a23-67-250-139.deploy.static.akamaitechnologies.com
May 6, 2015

a23-67-250-99.deploy.static.akamaitechnologies.com
May 6, 2015

a23-62-7-43.deploy.static.akamaitechnologies.com
January 9, 2015

a23-62-7-41.deploy.static.akamaitechnologies.com
January 9, 2015

a23-62-6-41.deploy.static.akamaitechnologies.com
December 1, 2014

a23-62-6-57.deploy.static.akamaitechnologies.com
December 1, 2014

a23-0-160-74.deploy.static.akamaitechnologies.com
October 24, 2014

a23-0-160-72.deploy.static.akamaitechnologies.com
October 24, 2014

February 6, 2014

February 6, 2014

a23-66-231-33.deploy.static.akamaitechnologies.com
January 12, 2014

a23-66-231-64.deploy.static.akamaitechnologies.com
January 12, 2014

December 29, 2013

December 29, 2013

a23-67-244-67.deploy.static.akamaitechnologies.com
December 28, 2013

a23-67-244-34.deploy.static.akamaitechnologies.com
December 28, 2013

December 26, 2013

December 26, 2013

a23-67-243-97.deploy.static.akamaitechnologies.com
December 11, 2013

a23-67-243-67.deploy.static.akamaitechnologies.com
December 11, 2013

File downloads found at URLs served by dl.downe468.com.

35 / 68    (Adware)

35 / 68    (Adware)
http://dl.downe468.com/n/3.0.25/.../Adobe Reader.exe  (dc92afccfdab99384fae8ddec44a8b0d)

31 / 68    (Adware)

30 / 68    (Adware)

0 / 68
http://dl.downe468.com/n/3.0.19.4/.../BitTorrent.exe  (0503267a22aa6b193452a7a2e0122322)

0 / 68
http://dl.downe468.com/n/3.0.19.5/.../BitTorrent.exe  (0503267a22aa6b193452a7a2e0122322)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl.downe468.com/n/3.0.25/.../3D Analyze.exe  (9ee505d175ac62530a4f69e804f01d35)

1 / 68      (Adware)
http://dl.downe468.com/n/3.0.23.11/.../driver genius.exe  (b94dad2923919a70393cebbabf414282)

1 / 68      (Adware)
http://dl.downe468.com/n/3.0.25/.../WiFi Auditor.exe  (6b2f8d616d1e4f625354fbebf55028db)

1 / 68      (Adware)
http://dl.downe468.com/n/3.0.25/.../Wifiway.exe  (0f0a4ee7d846b15cec42bc831d460079)

1 / 68      (Adware)
http://dl.downe468.com/n/3.0.23.11/.../PDF Download.exe  (3293bff0c0d6c468737df9720ee3da13)

17 / 68    (Adware)

1 / 68      (Adware)
http://dl.downe468.com/n/3.0.23.11/.../SpeedFan.exe  (b0e6f7223717abcaae0369c4789fc6fe)

The following 150 files have been seen to comunicate with dl.downe468.com in live environments.

 
Latest 20 of 152 files

URL:
http://dl.downe468.com/

Web server:
AkamaiGHost

Remove Malware from dl.downe468.com - Powered by Reason Core Security