downloadcdn.filebulldog.com

Somoto Ltd.  (via a Proxy Registrant)

Domain Information

The domain downloadcdn.filebulldog.com is registered by proxy through GODADDY.COM, LLC and was originally registered in August of 2010. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below). The domain is associated with the publisher Somoto Ltd. who is located in Tel Aviv, Israel.
Remove Malware from downloadcdn.filebulldog.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Sunday, August 08, 2010

Expires date:
Tuesday, August 08, 2017

Updated date:
Sunday, August 09, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

F-Prot
W32/SomotoBetterInstaller.A, W32/Sefnit.C
100.00%

Reason Heuristics
PUP.BetterInstaller.Somoto.AA, PUP.BetterInstaller.Somoto.W, PUP.BetterInstaller.Somoto.BB, PUP.BetterInstaller.Somoto.c, PUP.BetterInstaller.Somoto.j
100.00%

Malwarebytes
PUP.Optional.Somoto, PUP.Optional.Somoto.A
85.71%

K7 AntiVirus
Unwanted-Program , Trojan
85.71%

avast!
Win32:Somoto-F [PUP], PUP-gen [PUP], Win32:PUP-gen [PUP]
85.71%

Comodo Security
Application.Win32.Somoto.A
85.71%

ESET NOD32
Win32/Somoto
85.71%

AVG
AdInstaller.Somoto, Adware AdInstaller.Somoto
85.71%

Clam AntiVirus
Adware.Somoto-1, Trojan.Agent-267630
85.71%

Dr.Web
Adware.Somoto.17, Adware.Downware.1184, Trojan.MulDrop4.11744
85.71%

VIPRE Antivirus
BetterInstaller, Trojan.Win32.Generic, Threat.4150696
85.71%

SUPERAntiSpyware
Adware.Somoto/Variant, Trojan.Agent/Gen-Muldrop
85.71%

K7 Gateway Antivirus
Unwanted-Program
71.43%

G Data
Win32.Application.Somoto, Application.Bundler.Somoto
71.43%

Trend Micro House Call
TROJ_GEN.F47V0809, TROJ_GEN.F0C2C00A614, TROJ_GEN.F0C2C00AB14, TROJ_GEN.F47V1016, TROJ_GEN.R092H07KR13
71.43%

The domain downloadcdn.filebulldog.com has been seen to resolve to the following 355 IP addresses.

server-54-192-193-25.iad53.r.cloudfront.net
October 26, 2015

server-54-230-194-81.iad53.r.cloudfront.net
October 26, 2015

server-54-230-194-70.iad53.r.cloudfront.net
October 26, 2015

server-54-230-192-9.iad53.r.cloudfront.net
October 26, 2015

server-54-192-195-161.iad53.r.cloudfront.net
October 26, 2015

server-54-192-195-21.iad53.r.cloudfront.net
October 26, 2015

server-54-192-194-100.iad53.r.cloudfront.net
October 26, 2015

server-54-192-193-238.iad53.r.cloudfront.net
October 26, 2015

server-54-192-55-3.jfk6.r.cloudfront.net
May 5, 2015

server-54-192-54-87.jfk6.r.cloudfront.net
May 5, 2015

server-54-230-52-178.jfk6.r.cloudfront.net
May 5, 2015

server-54-230-53-83.jfk6.r.cloudfront.net
May 5, 2015

server-54-240-190-150.jfk6.r.cloudfront.net
May 5, 2015

server-54-230-53-70.jfk6.r.cloudfront.net
May 5, 2015

server-54-230-53-72.jfk6.r.cloudfront.net
May 5, 2015

server-54-230-53-69.jfk6.r.cloudfront.net
May 5, 2015

server-216-137-33-123.iad2.r.cloudfront.net
December 20, 2014

server-54-230-102-112.iad2.r.cloudfront.net
December 20, 2014

server-54-192-101-105.iad2.r.cloudfront.net
December 20, 2014

server-54-192-101-86.iad2.r.cloudfront.net
December 20, 2014

server-54-192-101-68.iad2.r.cloudfront.net
December 20, 2014

server-54-230-192-149.iad53.r.cloudfront.net
December 20, 2014

server-54-230-192-131.iad53.r.cloudfront.net
December 20, 2014

server-54-230-192-74.iad53.r.cloudfront.net
December 20, 2014

server-54-230-195-230.iad53.r.cloudfront.net
December 20, 2014

server-54-230-194-150.iad53.r.cloudfront.net
December 20, 2014

server-54-230-193-86.iad53.r.cloudfront.net
December 20, 2014

server-54-230-192-17.iad53.r.cloudfront.net
December 20, 2014

server-54-192-192-95.iad53.r.cloudfront.net
December 20, 2014

server-54-230-194-228.iad53.r.cloudfront.net
December 20, 2014

 
Showing 30 of 355 IP Addresses

File downloads found at URLs served by downloadcdn.filebulldog.com.

11 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

 
Latest 30 of 253 download URLs

The following 97 files have been seen to comunicate with downloadcdn.filebulldog.com in live environments.

 
Latest 20 of 127 files

URL:
http://downloadcdn.filebulldog.com/

Network:
Amazon Cloudfront

Web server:
nginx

Twitter:
Shares:  1

Statistics are for the previous month.

Remove Malware from downloadcdn.filebulldog.com - Powered by Reason Core Security