The domain i1.reportbox3.info is registered by proxy through GoDaddy.com, LLC. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network. The domain is associated with the publisher WEB PICK - INTERNET HOLDINGS LTD who is located in Ramat Hasharon, Israel.
Registrar:
GoDaddy.com, LLC
Server location:
Arizona, United States (US)
ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US
Scanner detections:
Detections (86% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.EliDahan.R, Unnamed.Threat.19, Unnamed.Threat.25, PUP.Installer.EliDahan.J, PUP.EZDownloader.Installer.M, Unnamed.Threat.75, PUP.Installer.SIENSA.H, (M), Adware.Gadget.Installer (M)
77.78%
Malwarebytes
PUP.Optional.SProtect.A, PUP.Optional.EZDownloader.A, PUP.Optional.MultiPlug.A, PUP.Optional.BetterSoft.A, PUP.Optional.OptimizePro.A, PUP.Optional.DoctoAntiVirus.A
52.78%
Bkav FE
W32.Clod46e.Trojan, W32.Clod364.Trojan, W32.Clod005.Trojan, W32.Cloddb2.Trojan, W32.Clodd3f.Trojan, W32.Clod5ca.Trojan, W32.Clod33f.Trojan, W32.Clod7f1.Trojan, W32.Clodcb6.Trojan, W32.Clodf28.Trojan, HW32.CDB, W32.Clod6fc.Trojan, HW32.Stranacty
50.00%
Comodo Security
Application.Win32.SProtect.GT, Application.Win32.Bundledz.C, Heur.Suspicious, UnclassifiedMalware, ApplicUnwnt, Application.Win32.InstalleRex.KG
47.22%
VIPRE Antivirus
Sprotector, Trojan.Win32.Generic, Trojan.Win32.Generic!SB.0, Iminent, Elex Installer, Amonetize
47.22%
McAfee
Artemis!38F61D046E57, Artemis!2041AF161372, Artemis!1D283DD3AE23, Artemis!0E73D05D7066, RDN/Generic BackDoor!hk, Artemis!1A6B07B7220F, RDN/Generic PUP.z!co
44.44%
Trend Micro House Call
TROJ_GEN.R0CBH0AHR13, ADW_SPROTECT, ADW_EMOTICONS, TROJ_GEN.F47V0611, TROJ_SPNR.29L213, TROJ_GEN.F47V0501, TROJ_GEN.F47V0312, TROJ_GEN.F47V0729, TROJ_GEN.F47V0919
44.44%
ESET NOD32
Win32/TrojanDownloader.Agent.AFD (variant), Win32/Duckegg, Win32/SProtector (variant), Win32/InstalleRex, Win32/Adware.SpeedingUpMyPC (variant)
41.67%
MicroWorld eScan
Adware.Agent.NRJ, Adware.Generic.545897, Adware.Generic.551876, Trojan.Generic.KD.866500, Win32/Adware.SpeedingUpMyPC.A, Adware.Agent.NRE, ADSPY/AdSpy.Gen, Adware.Generic.594059
38.89%
Sophos
Generic PUA BD, BProtector, Mal/Generic-S, Generic PUA AE, Troj/Bdoor-BFO, Generic PUA OA, Elex, Generic PUA GN, Amonetize
36.11%
Dr.Web
Adware.BGuard.11, Trojan.DownLoad3.30962, Adware.BGuard.12, Trojan.DownLoad3.17034, Trojan.StartPage.55555, Adware.Downware.1020
36.11%
Baidu Antivirus
Trojan.Win32.Agent, Trojan.Win32.Duckegg, Trojan.Win32.Downloader, Trojan.Win32.Kaidos, Trojan.Win32.StartPage, Trojan.Win32.Toolbar
36.11%
G Data
Adware.Agent.NRJ, Adware.Generic.545897, Adware.Generic.551876, Win32.Application.InstalleRex, Trojan.Agent.AZPB, Adware.Agent.NRE
30.56%
avast!
Win32:Adware-AYT [PUP], NSIS:SProtector-A [PUP], Win32:Adware-BCA [Adw], Win32:Adware-BCH [Adw], Win32:SProtector-G [PUP]
27.78%
Panda Antivirus
Adware/TSUploader, Trj/Genetic.gen, W32/Vobfus.GEP.worm, Trj/CI.A, Trj/OCJ.C
27.78%
The domain i1.reportbox3.info has been seen to resolve to the following 2 IP addresses.
ip-184-168-221-35.ip.secureserver.net
February 3, 2016
File downloads found at URLs served by i1.reportbox3.info.
Latest 30 of 37 download URLs
The following 74 files have been seen to comunicate with i1.reportbox3.info in live environments.
URL:
http://i1.reportbox3.info/
Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)
Related Domains