dwn-ld.ru

Private Person  (Proxy Registrant)

Domain Information

The domain dwn-ld.ru is registered by proxy through REGRU-REG-RIPN and was originally registered in May of 2013. Currently this domain has been known to host various forms of malware. The hosted servers are located in Utrecht, Utrecht within Netherlands which resides on the RIPE Network Coordination Centre network.
Registrar:
REGRU-REG-RIPN

Server location:
Utrecht, Netherlands (NL)

Create date:
Tuesday, May 21, 2013

Expires date:
Wednesday, May 21, 2014

ASN:
AS35415 WEBAZILLA Webazilla B.V.,NL

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.MailRu., Win32.Generic.MailRu.Meta, (M)
95.35%

K7 Gateway Antivirus
Trojan
4.65%

K7 AntiVirus
Trojan
4.65%

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
4.65%

Vba32 AntiVirus
BScope.Downware.LMN
4.65%

ESET NOD32
Win32/Kryptik.BZSH.Gen
4.65%

AVG
Win32/Heur
4.65%

The domain dwn-ld.ru has been seen to resolve to the following IP address.

profitraf.ru
April 16, 2014

File downloads found at URLs served by dwn-ld.ru.

 
Latest 30 of 43 download URLs

URL:
http://dwn-ld.ru/

Web server:
nginx (PHP/5.3.19)