dl.ez-downlaod.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl.ez-downlaod.com is registered by proxy through GODADDY.COM, LLC and was originally registered in February of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from dl.ez-downlaod.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Thursday, February 27, 2014

Expires date:
Saturday, February 27, 2016

Updated date:
Tuesday, April 14, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OUTBROWSE.H, PUP.Ezdownload.H, PUP.Bundler.Adlogica
100.00%

NANO AntiVirus
Trojan.Win32.Generic.cthmwf
100.00%

Dr.Web
Adware.Downware.2081, Trojan.Packed.27643, Threat.Undefined
100.00%

AVG
MalSign.Generic, Adware MultiBundle.M
88.89%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696, Threat.4784459
72.22%

Sophos
OutBrowse Revenyou, PUA 'OutBrowse Revenyou'
66.67%

Avira AntiVirus
APPL/Downloader.Gen, APPL/OutBrowse.lwasp, PUA/Outbrowse.Gen
66.67%

Malwarebytes
PUP.Optional.OutBrowse
61.11%

ESET NOD32
Win32/OutBrowse
55.56%

K7 Gateway Antivirus
Unwanted-Program
55.56%

K7 AntiVirus
Unwanted-Program
55.56%

Fortinet FortiGate
Riskware/OutBrowse
55.56%

ESET NOD32
Win32/OutBrowse.G potentially unwanted application, Win32/OutBrowse.Q potentially unwanted application, Win32/OutBrowse.M potentially unwanted application
44.44%

McAfee Web Gateway
Adware-OutBrowse, BehavesLike.Win32.AdwareOutBrowse.dc
38.89%

McAfee
Adware-OutBrowse, Program.Adware-OutBrowse
33.33%

The domain dl.ez-downlaod.com has been seen to resolve to the following 13 IP addresses.

May 3, 2015

ec2-54-243-147-204.compute-1.amazonaws.com
November 30, 2014

ec2-54-225-131-91.compute-1.amazonaws.com
November 10, 2014

ec2-54-243-165-18.compute-1.amazonaws.com
September 6, 2014

ec2-54-225-234-12.compute-1.amazonaws.com
September 4, 2014

ec2-54-235-86-178.compute-1.amazonaws.com
June 9, 2014

ec2-23-21-74-165.compute-1.amazonaws.com
May 30, 2014

ec2-23-23-188-231.compute-1.amazonaws.com
May 21, 2014

ec2-23-23-147-248.compute-1.amazonaws.com
May 1, 2014

ec2-107-20-163-6.compute-1.amazonaws.com
April 20, 2014

ec2-184-73-213-74.compute-1.amazonaws.com
April 13, 2014

ec2-50-17-236-38.compute-1.amazonaws.com
April 11, 2014

ec2-23-23-158-3.compute-1.amazonaws.com
April 11, 2014

File downloads found at URLs served by dl.ez-downlaod.com.

The following file have been seen to comunicate with dl.ez-downlaod.com in live environments.

URL:
http://dl.ez-downlaod.com/

Title:
“ez-downlaod.com”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Apache

Remove Malware from dl.ez-downlaod.com - Powered by Reason Core Security