downloadcdn.filebulldog.com

Somoto Ltd.  (via a Proxy Registrant)

Domain Information

The domain downloadcdn.filebulldog.com is registered by proxy through GODADDY.COM, LLC and was originally registered in August of 2010. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below). The domain is associated with the publisher Somoto Ltd. who is located in Tel Aviv, Israel.
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Sunday, August 08, 2010

Expires date:
Tuesday, August 08, 2017

Updated date:
Sunday, August 09, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.BetterInstaller.Somoto.W, PUP.BetterInstaller.Somoto.AA, PUP.BetterInstaller.Somoto.U, PUP.SomotoIsrael.m, PUP.BetterInstaller.Somoto.BB, PUP.Somoto.Bundler (M), PUP.Somoto (M)
100.00%

ESET NOD32
Win32/Somoto, Win32/Somoto potentially unwanted
32.65%

F-Prot
W32/SomotoBetterInstaller.A, W32/Sefnit.C
30.61%

Clam AntiVirus
Adware.Somoto-1, Win.Adware.Somoto, Trojan.Agent-267630
30.61%

Dr.Web
Adware.Somoto.17, Adware.Downware.1184, Trojan.MulDrop4.11744
30.61%

VIPRE Antivirus
BetterInstaller, Trojan.Win32.Generic
30.61%

SUPERAntiSpyware
Adware.Somoto/Variant, Trojan.Agent/Gen-Muldrop
30.61%

AVG
AdInstaller.Somoto, Downloader
30.61%

Comodo Security
Application.Win32.Somoto.A
28.57%

Vba32 AntiVirus
Downloader.Agent, Signed-AdWare.BetterInternet.SomotoLtd, Downloader.Mazel
28.57%

Malwarebytes
PUP.Optional.Somoto
26.53%

avast!
Win32:Somoto-F [PUP], Win32:PUP-gen [PUP]
26.53%

Avira AntiVirus
APPL/Somoto.Gen2, APPL/Somoto.itv.602, APPL/Somoto.ITD.40, TR/Sefnit.R
26.53%

Sophos
Somoto BetterInstaller
26.53%

G Data
Win32.Application.Somoto, Application.Bundler.Somoto
26.53%

The domain downloadcdn.filebulldog.com has been seen to resolve to the following 505 IP addresses.

server-52-84-125-44.iad16.r.cloudfront.net
September 15, 2016

server-52-84-125-205.iad16.r.cloudfront.net
September 13, 2016

server-52-84-125-189.iad16.r.cloudfront.net
September 13, 2016

server-52-84-125-182.iad16.r.cloudfront.net
September 13, 2016

server-52-84-125-41.iad16.r.cloudfront.net
September 13, 2016

server-52-84-125-20.iad16.r.cloudfront.net
September 13, 2016

server-52-84-125-228.iad16.r.cloudfront.net
September 4, 2016

server-52-84-125-253.iad16.r.cloudfront.net
September 1, 2016

server-52-84-125-117.iad16.r.cloudfront.net
August 29, 2016

server-52-84-125-25.iad16.r.cloudfront.net
August 23, 2016

server-52-84-125-104.iad16.r.cloudfront.net
August 23, 2016

server-52-84-125-141.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-130.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-23.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-18.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-4.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-254.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-223.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-204.iad16.r.cloudfront.net
August 22, 2016

server-54-192-19-126.iad12.r.cloudfront.net
August 16, 2016

server-54-192-19-103.iad12.r.cloudfront.net
August 16, 2016

server-54-192-19-73.iad12.r.cloudfront.net
August 16, 2016

server-54-192-19-47.iad12.r.cloudfront.net
August 16, 2016

server-54-192-19-6.iad12.r.cloudfront.net
August 16, 2016

server-54-192-19-232.iad12.r.cloudfront.net
August 16, 2016

server-54-192-19-175.iad12.r.cloudfront.net
August 16, 2016

server-52-84-125-180.iad16.r.cloudfront.net
August 13, 2016

server-52-84-125-177.iad16.r.cloudfront.net
August 13, 2016

server-52-84-125-170.iad16.r.cloudfront.net
August 13, 2016

server-52-84-125-138.iad16.r.cloudfront.net
August 13, 2016

 
Showing 30 of 505 IP Addresses

File downloads found at URLs served by downloadcdn.filebulldog.com.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

19 / 68    (Adware)

33 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

25 / 68    (Adware)

 
Latest 30 of 300 download URLs

The following 450 files have been seen to comunicate with downloadcdn.filebulldog.com in live environments.

 
Latest 20 of 1,066 files

URL:
http://downloadcdn.filebulldog.com/

Network:
Amazon Cloudfront

Web server:
nginx