home

downloadcdn.filebulldog.com

Somoto Ltd.  (via a Proxy Registrant)

Domain Information

The domain downloadcdn.filebulldog.com is registered by proxy through GODADDY.COM, LLC and was originally registered in August of 2010. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below). The domain is associated with the publisher Somoto Ltd. who is located in Tel Aviv, Israel.
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Sunday, August 8, 2010

Expires date:
Tuesday, August 8, 2017

Updated date:
Sunday, August 9, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
filebulldog.com

Whois:
3 filebulldog.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.BetterInstaller.Somoto.W, PUP.BetterInstaller.Somoto.AA, PUP.BetterInstaller.Somoto.U, PUP.SomotoIsrael.m, PUP.BetterInstaller.Somoto.BB, PUP.Somoto.Bundler (M), PUP.Somoto (M)
100.00%

ESET NOD32
Win32/Somoto, Win32/Somoto potentially unwanted
32.65%

F-Prot
W32/SomotoBetterInstaller.A, W32/Sefnit.C
30.61%

Clam AntiVirus
Adware.Somoto-1, Win.Adware.Somoto, Trojan.Agent-267630
30.61%

Dr.Web
Adware.Somoto.17, Adware.Downware.1184, Trojan.MulDrop4.11744
30.61%

VIPRE Antivirus
BetterInstaller, Trojan.Win32.Generic
30.61%

SUPERAntiSpyware
Adware.Somoto/Variant, Trojan.Agent/Gen-Muldrop
30.61%

AVG
AdInstaller.Somoto, Downloader
30.61%

Comodo Security
Application.Win32.Somoto.A
28.57%

Vba32 AntiVirus
Downloader.Agent, Signed-AdWare.BetterInternet.SomotoLtd, Downloader.Mazel
28.57%

Malwarebytes
PUP.Optional.Somoto
26.53%

avast!
Win32:Somoto-F [PUP], Win32:PUP-gen [PUP]
26.53%

Avira AntiVirus
APPL/Somoto.Gen2, APPL/Somoto.itv.602, APPL/Somoto.ITD.40, TR/Sefnit.R
26.53%

Sophos
Somoto BetterInstaller
26.53%

G Data
Win32.Application.Somoto, Application.Bundler.Somoto
26.53%

The domain downloadcdn.filebulldog.com has been seen to resolve to the following 505 IP addresses.

52.84.125.44
server-52-84-125-44.iad16.r.cloudfront.net
September 15, 2016

52.84.125.205
server-52-84-125-205.iad16.r.cloudfront.net
September 13, 2016

52.84.125.189
server-52-84-125-189.iad16.r.cloudfront.net
September 13, 2016

52.84.125.182
server-52-84-125-182.iad16.r.cloudfront.net
September 13, 2016

52.84.125.41
server-52-84-125-41.iad16.r.cloudfront.net
September 13, 2016

52.84.125.20
server-52-84-125-20.iad16.r.cloudfront.net
September 13, 2016

52.84.125.228
server-52-84-125-228.iad16.r.cloudfront.net
September 4, 2016

52.84.125.253
server-52-84-125-253.iad16.r.cloudfront.net
September 1, 2016

52.84.125.117
server-52-84-125-117.iad16.r.cloudfront.net
August 29, 2016

52.84.125.25
server-52-84-125-25.iad16.r.cloudfront.net
August 23, 2016

52.84.125.104
server-52-84-125-104.iad16.r.cloudfront.net
August 23, 2016

52.84.125.141
server-52-84-125-141.iad16.r.cloudfront.net
August 22, 2016

52.84.125.130
server-52-84-125-130.iad16.r.cloudfront.net
August 22, 2016

52.84.125.23
server-52-84-125-23.iad16.r.cloudfront.net
August 22, 2016

52.84.125.18
server-52-84-125-18.iad16.r.cloudfront.net
August 22, 2016

52.84.125.4
server-52-84-125-4.iad16.r.cloudfront.net
August 22, 2016

52.84.125.254
server-52-84-125-254.iad16.r.cloudfront.net
August 22, 2016

52.84.125.223
server-52-84-125-223.iad16.r.cloudfront.net
August 22, 2016

52.84.125.204
server-52-84-125-204.iad16.r.cloudfront.net
August 22, 2016

54.192.19.126
server-54-192-19-126.iad12.r.cloudfront.net
August 16, 2016

54.192.19.103
server-54-192-19-103.iad12.r.cloudfront.net
August 16, 2016

54.192.19.73
server-54-192-19-73.iad12.r.cloudfront.net
August 16, 2016

54.192.19.47
server-54-192-19-47.iad12.r.cloudfront.net
August 16, 2016

54.192.19.6
server-54-192-19-6.iad12.r.cloudfront.net
August 16, 2016

54.192.19.232
server-54-192-19-232.iad12.r.cloudfront.net
August 16, 2016

54.192.19.175
server-54-192-19-175.iad12.r.cloudfront.net
August 16, 2016

52.84.125.180
server-52-84-125-180.iad16.r.cloudfront.net
August 13, 2016

52.84.125.177
server-52-84-125-177.iad16.r.cloudfront.net
August 13, 2016

52.84.125.170
server-52-84-125-170.iad16.r.cloudfront.net
August 13, 2016

52.84.125.138
server-52-84-125-138.iad16.r.cloudfront.net
August 13, 2016

 
Showing 30 of 505 IP Addresses

File downloads found at URLs served by downloadcdn.filebulldog.com.

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/f/.../iTunes_downloader_by_Downloadsourcees.exe  (17f417f551f3c487e83c430c31e5a9d1)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/c/.../Lexmark810Z812Z815Z816Z819Driver_downloader_by_Downloadnetpl.exe  (e013365afe405e1a9ae90d557b4c5d55)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/cli/.../DownloadPapers-cBCbo5Ho.exe  (e1361970b55b93d83ce9c08750300248)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/d/.../AutoDWGDXFViewer_downloader_by_Downloadnetpl.exe  (0c77258462724b412bc246915050fbc6)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/b/.../LexmarkPrinterX1110X1130X1140X1150X1155X1160X1170X1180X1185X1190X1195Driver_downloader_by_Downloadsourcenet.exe  (add25c7619ae73e8e8ac911634213dc5)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/cli/.../Issaq(2013)-DVDRip-XviD-1CDRip-[DDR]-4Fxdmenf.exe  (whitehousedownbrripxvid-etrg-bq1og6no.exe)

42 / 68    (Adware)
http://downloadcdn.filebulldog.com/installers/3/b/.../7ZipSetup-dx5xViZ.exe  (0bx_ia+o.exe)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/5/f/.../7ZipSetup-bhA48Qn.exe  (ed3f.tmp)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/6/.../MSIH55ME23RealtekPCIEEthernetDrivers_downloader_by_Downloadnetpl.exe  (f8cb923bc75cdd1d92253753eb27d759)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/a/.../VIAUSB20Driver_downloader_by_Downloadnetpl.exe  (67d838d4f1c32c5d49f8c4292ad37235)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/2/.../MicrosoftWindowsXPServicePack_downloader_by_Downloadnetpl.exe  (fac3b4aa0fb53cadcc0e45f29e27bf5d)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/f/.../VIA4in1Drivers_downloader_by_Downloadnetpl.exe  (99b982930397a9ed3a4abf7f2ded1f37)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/e/.../GigabyteVGAToolsGamerHud_downloader_by_Downloadnetpl.exe  (2b6cb906a1663db6e3069040395dd438)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/0/.../LexmarkZ510Z513Z515Z517Z601Z602Z603Z604Z605Z611Z612Z613Z614Z615Z617Driver_downloader_by_Downloadsourcees.exe  (2c859adc0c5e6e43fc6a1616e61b69bf)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/4/.../prince_of_persia_demozip_downloader_by_OneOnlineGames.exe  (d31180ad9d1909f423767970a0326352)

18 / 68    (Adware)
http://downloadcdn.filebulldog.com/installers/c/a/.../FLVPlayerSetup-bQGQofE.exe  (FLVPlayerSetup-1aOLpXY.exe)

30 / 68    (Adware)
http://downloadcdn.filebulldog.com/installers/c/7/.../7ZipSetup-6dTbnnD.exe  (7zipsetup-0atf7ou.exe)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/8/.../Barcelona2012byRoca_downloader_by_Ffonts.exe  (34640ddafb2c2e4cd6e5d537c56f92f1)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/a/.../GeniusKidsDesignerDriver_downloader_by_Downloadsourcefr.exe  (879209df006b392ed6bea99ad27fa9df)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/9/.../DauphinNormal_downloader_by_Fonts101.exe  (75b9b072ac928632dec7d6d8d23ddbef)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/2/.../PasswordsPro_downloader_by_Downloadnetpl.exe  (b2b83a069db88fff301ca421ad6c9308)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/cli/.../hottorrents-5ijJgg1y.exe  (38ebc2aba40b964efb7c3f7aa7a6c2a9)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/3/.../AmericanaDreamsSC_downloader_by_Ffonts.exe  (cdd8f8bef53856327e075fa74436f661)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/c/.../AmericanaDreams_downloader_by_Ffonts.exe  (7af81b04f78c769742490c8b8f1661e9)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/d/.../PDFtoDWGConverter_downloader_by_Downloadnetpl.exe  (648e0920857a2434677fd89204eb551b)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/1/.../WilliamShakespeareWF_downloader_by_Fonts101.exe  (42bd5eb0424fd1bf51a21b572e3eb8e0)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/d/.../DeerHunter2005_downloader_by_Downloadnetpl.exe  (1150482_setup.exe)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/9/.../FreePDFCompressor_downloader_by_Downloadnetpl.exe  (9f5d6c188124d3f7edbde9f11fd1d2c4)

1 / 68      (Adware)
http://downloadcdn.filebulldog.com/installers/8/.../ProactiveSystemPasswordRecovery_downloader_by_Downloadnetpl.exe  (d32bdcbebd4152d9a064ff5000adbc5a)

23 / 68    (Adware)
http://downloadcdn.filebulldog.com/installers/cli/.../DownloadPapers_downloader-2GOZ4Pmm.exe  (installfont_downloader-48sszp9u.exe)

 
Latest 30 of 300 download URLs

The following 450 files have been seen to comunicate with downloadcdn.filebulldog.com in live environments.

TCP » 52.84.125.141:443
Client.exe

TCP » 54.230.50.18:443
online-guardian-v2.0.9.exe

TCP » 54.230.53.166:443
online-guardian-v2.0.9.exe

TCP » 54.230.53.16:443
online-guardian-v2.0.9.exe

TCP » 54.230.50.18:443
online-guardian-v2.0.9.exe

TCP » 54.192.19.168:443
u1603.exe

TCP » 54.230.50.18:443
online-guardian-v2.exe

TCP » 54.230.81.44:80
saber.exe

TCP » 52.85.142.35:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.230.50.18:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.230.50.18:443
apptrailers.exe

TCP » 54.230.81.44:80
uncheckitupdate.exe (Uncheckit Module by EVANGEL TECHNOLOGY (HK) LIMITED)

TCP » 54.230.55.31:443
UCBrowser.exe (by UCWeb)

TCP » 54.230.53.166:443
online-guardian-v2.0.9.exe

TCP » 54.230.53.16:443
online-guardian-v2.0.9.exe

TCP » 54.230.50.18:443
onlineguardian-v2.exe

TCP » 54.192.19.73:443
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 52.85.142.51:443
UCBrowser.exe (by UCWeb)

TCP » 54.192.19.122:80
browser.exe (Browser)

TCP » 54.192.19.215:80
saber.exe

 
Latest 20 of 1,066 files

URL:
http://downloadcdn.filebulldog.com/

Network:
Amazon Cloudfront

Web server:
nginx

filesfrog.com

pccleanuputility.com

down1oads.com

softigloo.com

downloadab.com

frogdownload.com

betterinstaller.com

bisrv.com

bigspeedpro.com

softingo.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.