download.cdn.jzip.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain download.cdn.jzip.com is registered by proxy through GODADDY.COM, LLC and was originally registered in November of 2000. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the nLayer Communications Internal/Backbone network.
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Thursday, November 02, 2000

Expires date:
Thursday, November 02, 2017

Updated date:
Wednesday, September 09, 2015

ASN:
AS4436 AS-GTT-4436 - nLayer Communications, Inc.,US

Root domain:

Google Safe Browsing:
malware,unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.BandooMedia.J, PUP.Optional.Installer.BandooMedia.T, PUP.Optional.Installer.T, PUP.Optional.Installer.Q, PUP.Installer.DiscordiaLimited.H, PUP.Discordia.Installer (M), Win32.Generic.Bandoo.Installer.Meta, PUP.Bandoo.BandooMedia.Installer (M), PUP.Bandoo.BandooMe.Installer (M), PUP.Bandoo (M)
100.00%

ESET NOD32
Win32/Toolbar.SearchSuite (variant)
50.00%

Dr.Web
Adware.Bandoo.12, Adware.Bandoo.13, Adware.Bandoo.11, Adware.Bandoo.3, Adware.Bandoo.7
47.22%

Trend Micro House Call
TROJ_GEN.F47V0314, TROJ_GEN.F47V0401, TROJ_GEN.F47V0312, Suspicious_GEN.F47V0617, Suspicious_GEN.F47V0723, TROJ_PAM_0000000299.T3
33.33%

Fortinet FortiGate
Adware/Toolbar, Riskware/Toolbar_SearchSuite, Riskware/SearchSuite, Riskware/Win64_SearchSuite, av_analysis
33.33%

NANO AntiVirus
Trojan.Win32.Downware.crewao
22.22%

Antiy Labs AVL
AdWare/Win32.Bandoo
19.44%

Filseclab Twister
W32.Toolbar.SearchSuite.hdph
19.44%

Rising Antivirus
PE:Trojan.Dropper!6.1BE
19.44%

AVG
MalSign.Generic, av_analysis
13.89%

Malwarebytes
PUP.Optional.Bandoo.A
11.11%

Emsisoft Anti-Malware
Riskware.Win32.Toolbar.SearchSuite.AMN
11.11%

Panda Antivirus
Trj/Chgt.A, Trj/Chgt.C, av_analysis
11.11%

IKARUS anti.virus
PUA.Bandoo, PUA.SearchSuite, av_analysis
11.11%

McAfee
Artemis!587378581006, Generic PUP.y, Artemis!128DE21C54CE
8.33%

The domain download.cdn.jzip.com has been seen to resolve to the following 66 IP addresses.

cdn-208-111-161-254.iad.llnw.net
April 4, 2016

cdn-208-111-160-6.iad.llnw.net
April 4, 2016

a23-220-148-8.deploy.static.akamaitechnologies.com
March 3, 2016

a23-0-160-88.deploy.static.akamaitechnologies.com
February 16, 2016

a23-0-160-97.deploy.static.akamaitechnologies.com
February 16, 2016

February 11, 2016

February 11, 2016

a23-220-148-41.deploy.static.akamaitechnologies.com
February 7, 2016

a23-220-148-18.deploy.static.akamaitechnologies.com
February 7, 2016

a23-15-7-131.deploy.static.akamaitechnologies.com
January 30, 2016

a96-6-113-226.deploy.akamaitechnologies.com
May 5, 2015

a96-6-113-161.deploy.akamaitechnologies.com
May 5, 2015

a173-223-204-90.deploy.static.akamaitechnologies.com
May 4, 2015

a173-223-204-83.deploy.static.akamaitechnologies.com
May 4, 2015

a173-223-205-114.deploy.static.akamaitechnologies.com
May 4, 2015

a173-223-205-40.deploy.static.akamaitechnologies.com
May 4, 2015

a184-26-44-106.deploy.static.akamaitechnologies.com
May 4, 2015

a184-26-44-98.deploy.static.akamaitechnologies.com
May 4, 2015

a184-25-157-80.deploy.static.akamaitechnologies.com
May 3, 2015

a184-25-157-82.deploy.static.akamaitechnologies.com
May 3, 2015

a23-67-243-56.deploy.static.akamaitechnologies.com
May 2, 2015

a184-29-105-177.deploy.static.akamaitechnologies.com
April 14, 2015

a184-50-229-153.deploy.static.akamaitechnologies.com
September 5, 2014

a184-50-229-167.deploy.static.akamaitechnologies.com
September 5, 2014

ip-69-31-29-191.nlayer.net
September 5, 2014

ip-69-31-29-199.nlayer.net
September 5, 2014

a23-77-208-176.deploy.static.akamaitechnologies.com
September 3, 2014

a23-77-208-160.deploy.static.akamaitechnologies.com
September 3, 2014

a23-62-6-40.deploy.static.akamaitechnologies.com
September 2, 2014

a23-62-6-43.deploy.static.akamaitechnologies.com
September 2, 2014

 
Showing 30 of 66 IP Addresses

File downloads found at URLs served by download.cdn.jzip.com.

1 / 68      (PUP)

1 / 68      (PUP)

17 / 68    (PUP)

17 / 68    (PUP)

4 / 68      (PUP)
http://download.cdn.jzip.com/.../jZipV1c.exe  (3896dc4dbabcff8a6777f58012644e35)

3 / 68      (PUP)

3 / 68      (PUP)

11 / 68    (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup.exe  (1d678d52e1b398b232a92cffa72e1cbf)

1 / 68      (PUP)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup.exe  (1231206a66e73cfe68fe2be1792d5a55)

15 / 68    (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

15 / 68    (PUP)

1 / 68      (PUP)

9 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup.exe  (fe362c3736b8cd1ff97c19bd211b87bb)

3 / 68      (PUP)

3 / 68      (PUP)

1 / 68      (PUP)

3 / 68      (PUP)

17 / 68    (PUP)

3 / 68      (PUP)

10 / 68    (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup.exe  (f99b95ff8ec41bbb7addf7ccedaa8f60)

1 / 68      (PUP)

3 / 68      (PUP)

1 / 68      (PUP)

9 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup.exe  (80517bca1287ebda55d586a4722b03bf)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r0-n.exe  (836ef1227dae03cf1b045ef2bbc4468c)

1 / 68      (PUP)

5 / 68      (PUP)

 
Latest 30 of 220 download URLs

The following 617 files have been seen to comunicate with download.cdn.jzip.com in live environments.

 
Latest 20 of 699 files

URL:
http://download.cdn.jzip.com/

Web server:
Apache