home

dl1.downloadmanager143.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl1.downloadmanager143.com is registered by proxy through GODADDY.COM, LLC and was originally registered in September of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Semenyih, Selangor within Malaysia which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Registrar:
GODADDY.COM, LLC

Server location:
Selangor, Malaysia (MY)

Create date:
Wednesday, September 2, 2015

Expires date:
Friday, September 2, 2016

Updated date:
Wednesday, September 2, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
downloadmanager143.com

Whois:
1 downloadmanager143.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.DownloadAdmin.RazorEdgeMedia.Installer (M), PUP.DownloadAdmin.RazorEdg.Installer (M), PUP.DownloadAdmin (M)
100.00%

avast!
Win32:Downloader-WDK [PUP]
28.57%

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.DownloadAdmin
28.57%

F-Secure
Riskware.Gen:Variant.Application.Bundler
28.57%

ESET NOD32
Win32/DownloadAdmin.N potentially unwanted application
28.57%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.DownloadAdmin.4
28.57%

VIPRE Antivirus
Threat.4150696
28.57%

Norman
Gen:Variant.Application.Bundler.DownloadAdmin.4
28.57%

MicroWorld eScan
Gen:Variant.Application.Bundler.DownloadAdmin.4
28.57%

K7 AntiVirus
Unwanted-Program
28.57%

Bitdefender
Gen:Variant.Application.Bundler.DownloadAdmin.4
28.57%

Dr.Web
Trojan.Vittalia.485
28.57%

G Data
Gen:Variant.Application.Bundler.DownloadAdmin
28.57%

McAfee
Program.DownloadAdmin
28.57%

Vba32 AntiVirus
SScope.Downware.DownloadAdmin
28.57%

The domain dl1.downloadmanager143.com has been seen to resolve to the following IP address.

52.89.22.175
ec2-52-89-22-175.us-west-2.compute.amazonaws.com
October 25, 2015

File downloads found at URLs served by dl1.downloadmanager143.com.

1 / 68      (PUP)
http://dl1.downloadmanager143.com/dl?bc=1194953&pid=TR&brand=7zip.tv&s=msn&c=7Ziptv_7Zip_US_Content21&country=US&variation=newbc&zTmp=1&newbc=1194953  (7zip-setup.exe)

1 / 68      (PUP)
http://dl1.downloadmanager143.com/dl?bc=1194955&pid=TR&brand=openoffice.fm&s=MSN&c=openoffice.fm_suite&country=GB&variation=newbc&newbc=1194955&zTmp=1  (openofficesuite-setup.exe)

1 / 68      (PUP)
http://dl1.downloadmanager143.com/dl?bc=1194953&pid=TR&brand=7zip.tv&s=msn&c=7Ziptv_7Zip_US_Exact&country=US&variation=newbc&newbc=1194953&zTmp=1  (7zip-setup.exe)

19 / 68    (PUP)
http://dl1.downloadmanager143.com/download/.../dl?bc=1194953&pid=TR&brand=7zip.tv&s=msn&c=7Ziptv_7Zip_US_Content21&country=US&variation=newbc&cb=76995729&osName=Windows&osVersion=7&browserName=Chrome&browserVersion=45&zTmp=1&executable=1194939  (7zip-setup.exe)

19 / 68    (PUP)
http://dl1.downloadmanager143.com/dl?bc=1194953&pid=TR&brand=7zip.tv&s=msn&c=7Ziptv_7Zip_US_Exact&country=US&variation=newbc&zTmp=1&geo=&newbc=1194953  (7zip-setup.exe)

1 / 68      (PUP)
http://dl1.downloadmanager143.com/dl?bc=1194953&pid=TR&brand=7zip.tv&s=msn&c=7Ziptv_7Zip_US_Exact&country=US&variation=newbc&geo=&newbc=1194953&zTmp=1  (7zip-setup.exe)

1 / 68      (PUP)
http://dl1.downloadmanager143.com/dl?bc=1194953&pid=TR&brand=7zip.tv&s=msn&c=7Ziptv_7Zip_US_Phrase&country=US&variation=newbc&geo=&newbc=1194953&zTmp=1  (7zip-setup.exe)

URL:
http://dl1.downloadmanager143.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Apache-Coyote/1.1

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.