home

dt.39photo.net

wujunyi

Domain Information

The domain dt.39photo.net registered by wujunyi was initially registered in March of 2016 through 22NET, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Zhenjiang, Jiangsu within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
22NET, INC.

Server location:
Jiangsu, China (CN)

Create date:
Wednesday, March 23, 2016

Expires date:
Thursday, March 23, 2017

Updated date:
Wednesday, March 23, 2016

ASN:
AS23650 CHINANET-JS-AS-AP AS Number for CHINANET jiangsu province backbone, CN

Root domain:
39photo.net

Whois:
1 39photo.net record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/Adware.Eszjuxuan.B application
62.50%

Reason Heuristics
Adware.Eszjuxuan, PUP.TopTools (M)
62.50%

Dr.Web
Adware.TopTools.26, Adware.TopTools.41
62.50%

Baidu Antivirus
Win32.Adware.Eszjuxuan
37.50%

MicroWorld eScan
Gen:Variant.Adware.Razy.63718
25.00%

Bitdefender
Gen:Variant.Adware.Razy.63718
25.00%

ESET NOD32
Win32/Adware.Eszjuxuan (variant)
25.00%

Lavasoft Ad-Aware
Gen:Variant.Adware.Razy.63718
25.00%

F-Secure
Gen:Variant.Adware.Razy
25.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.Razy.63718
25.00%

Arcabit
Trojan.Adware.Razy.DF8E6
25.00%

AhnLab V3 Security
PUP/Win32.Eszjuxuan.C1485445
25.00%

IKARUS anti.virus
PUA.Eszjuxuan
25.00%

G Data
Gen:Variant.Adware.Razy.63718
25.00%

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
12.50%

The domain dt.39photo.net has been seen to resolve to the following IP address.

222.186.39.3
May 24, 2016

File downloads found at URLs served by dt.39photo.net.

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=278  (setup_303roz.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=277  (game_284mgo.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=277  (douxie_033xwz.exe)

1 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=278  (setup_278b1u.exe)

12 / 68    (PUP)
http://dt.39photo.net/rd.aspx?id=277  (game_264a0g.exe)

13 / 68    (PUP)
http://dt.39photo.net/rd.aspx?id=209  (setup_262zz6.exe)

12 / 68    (PUP)
http://dt.39photo.net/rd.aspx?id=278  (game_264a0g.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=209  (setup_266lf2.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=278  (game_284f7e.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=285  (game_284f7e.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=277  (game_284f7e.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=209  (douxie_033xwz.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=264  (setup_266lf2.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=278  (setup_266lf2.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=285  (setup_266lf2.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=297  (douxie_033xwz.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=278  (douxie_033xwz.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=277  (setup_266lf2.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=210  (setup_266lf2.exe)

3 / 68      (PUP)
http://dt.39photo.net/rd.aspx?id=181  (douxie_033xwz.exe)

URL:
http://dt.39photo.net/

Web server:
Microsoft-IIS/6.0 (ASP.NET)

fglighting.net

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.