home

initiatedownload.com

PERFECT PRIVACY, LLC  (Proxy Registrant)

Domain Information

The domain initiatedownload.com is registered by proxy through WILLAMETTENAMES.COM LLC and was originally registered in December of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the OVH Hosting, Inc. network.
Registrar:
WILLAMETTENAMES.COM LLC

Server location:
Quebec, Canada (CA)

Create date:
Wednesday, December 9, 2015

Expires date:
Friday, December 9, 2016

Updated date:
Wednesday, December 9, 2015

Whois:
2 initiatedownload.com records

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Adknowledge, PUP.Bundler.Adknowledge, PUP.Installer.HudsonExchangeGroup, Threat.Adknowledge.Bundler, PUP.Adknowledge.InstallBeta.Installer (M), PUP.Adknowledge.Seekinstall.Installer (M), PUP.Softpulse.PLUGINUP.Bundler (M), PUP.Adknowledge.Forwardd.Bundler (M)
100.00%

VIPRE Antivirus
Threat.4798837
65.00%

Vba32 AntiVirus
AdWare.iBryte, suspected of Trojan.Downloader.gen.h
65.00%

AhnLab V3 Security
PUP/Win32.IBryte
60.00%

ESET NOD32
Win32/Adware.iBryte.BY application, Win32/Adware.iBryte.BR application
55.00%

IKARUS anti.virus
not-a-virus:AdWare.iBryte, AdWare.AdPlugin
55.00%

avast!
Adware-gen [Adw], PUP-gen [PUP], Win32:Adware-gen [Adw]
50.00%

Avira AntiVirus
Adware/iBryte.A.410, ADWARE/iBryte.Gen7, APPL/OpenInst.pepri
50.00%

AVG
AdPlugin, Adware AdPlugin
50.00%

F-Secure
Gen:Variant.Adware.Jatif.112, Adware.iBryte.BR, Gen:Variant.Adware.Strictor.71370
50.00%

Zillya! Antivirus
Adware.iBryte.Win32.7081, Adware.iBryte.Win32.7561, Adware.iBryte.Win32.6485
45.00%

Dr.Web
Trojan.DownLoader12.24638, Trojan.DownLoader11.49473
45.00%

NANO AntiVirus
Riskware.Win32.IBryte.docfvq, Riskware.Win32.IBryte.dorjnx, Trojan.Win32.Buzus.djvkxq
45.00%

Clam AntiVirus
Win.Adware.Ibryte-7917, Win.Adware.Ibryte-8186, Win.Adware.71370
45.00%

Malwarebytes
PUP.Optional.Forward, PUP.Optional.IBryte
40.00%

The domain initiatedownload.com has been seen to resolve to the following 6 IP addresses.

5.39.99.50
June 21, 2016

167.114.156.214
ns513839.ip-167-114-156.net
April 19, 2016

5.39.99.51
April 14, 2016

5.39.99.52
April 1, 2016

50.19.244.90
ec2-50-19-244-90.compute-1.amazonaws.com
February 23, 2015

107.21.120.240
ec2-107-21-120-240.compute-1.amazonaws.com
February 23, 2015

File downloads found at URLs served by initiatedownload.com.

1 / 68      (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=Informer_Fwint_Desc-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (6fa0b793703da00ddcc56e8e457fbed7)

1 / 68      (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=Informer_Fwint_Desc-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (13190cd724f2332ce5a2cdf74a29697b)

1 / 68      (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=Informer_Fwint_Desc-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (878f46abfdfe07f17b91b8d934617689)

1 / 68      (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=fwint_7zip-informer-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (159403294381ab5a6ddb5b01e63824d0)

1 / 68      (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=informer_fwint_dnld-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (8f2b44c574da4ecd75890c5f7757ec71)

1 / 68      (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=Informer_Fwint_Desc-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (c6f77167a402f4521dee8064282b3e93)

1 / 68      (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=informer_fwint_dnld-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (2a546f548050fb7f1301d8e4573b7701)

1 / 68      (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=Informer_Fwint_Desc-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (79fde4987026ca7225c3292fa9a83656)

1 / 68      (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=Informer_Fwint_Desc-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (64113d05a51f6be7b8200c7024fd57b2)

1 / 68      (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=Informer_Fwint_Desc-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (1bcbcefd0a397b17312e5219f12b25d5)

1 / 68      (Adware)
http://initiatedownload.com/track/install?adprovider=dayz_fwint&source=fwint_dayz_7zip-us-display-728x90-default&dlink=http://secure.distapp11.com/o/.../setup.exe  (9e450f06cc848f3208a4674def6f5931)

1 / 68      (Adware)
http://initiatedownload.com/track/install?adprovider=dayz_fwint&source=fwint_dayz_7zip-us-display-728x90-default&dlink=http://secure.distapp11.com/o/.../setup.exe  (96667af73ccba59893c129e5a279ae92)

26 / 68    (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=fwint_7zip-informer-300x250-us-display&dlink=http://secure.distapp11.com/o/.../Setup.exe  (4d30fb5d057a44d5e97f839d04ce62f1)

0 / 68
http://initiatedownload.com/track/install?adprovider=dayz_fwint&source=fwint_dayz_7zip-us-display-728x90-default&dlink=http://secure.distapp11.com/o/.../setup.exe  (7ccdb06729e2731af9d0dfbd86b437de)

68 / 68    (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=Informer_Fwint_Desc-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (9435b95efdd49de6b9e08cd2999f9845)

54 / 68    (Adware)
http://initiatedownload.com/track/install?adprovider=dayz_fwint&source=fwint_dayz_7zip-us-display-728x90-default&dlink=http://secure.distapp11.com/o/.../setup.exe  (17aa80138c8df6a8ba6dbb81eca24505)

3 / 68      (PUP)
http://initiatedownload.com/track/install?adprovider=dayz_fwint&source=fwint_dayz_7zip-us-display-728x90-default&dlink=http://secure.distapp11.com/o/.../setup.exe  (26704e626b1186b03a7d8fa0127165cb)

30 / 68    (Adware)
http://initiatedownload.com/track/install?adprovider=dayz_fwint&source=fwint_dayz_7zip-us-display-728x90-default&dlink=http://secure.distapp11.com/o/.../setup.exe  (3e34703a426f70d96179cfd15d79037f)

17 / 68    (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=Informer_Fwint_Desc-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (8031af3063df4da562bb670742ccedd0)

10 / 68    (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=Informer_Fwint_Desc-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (750d99aed0ccf316af1e96402bd8f552)

10 / 68    (Adware)
http://initiatedownload.com/track/install?adprovider=informer_fwint&source=Informer_Fwint_Desc-300x250-us-display&dlink=http://secure.distapp11.com/o/.../setup.exe  (ea8975a602cbda882ec5127210b828b7)

The following 36 files have been seen to comunicate with initiatedownload.com in live environments.

TCP » 167.114.156.214:3333
webproxy.exe

TCP » 167.114.156.214:80
setup_info.exe

TCP » 167.114.156.214:80
tencent.exe (by Tencent)

TCP » 167.114.156.214:80
rs.exe

TCP » 167.114.156.214:80
loader.exe (Updater by SOFTWARE AGILITY LIMITED)

TCP » 167.114.156.214:80
win.exe (SendStat Module)

TCP » 167.114.156.214:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 167.114.156.214:80
ProxyFinder.EXE (Proxy Finder Enterprise Edition Application)

TCP » 167.114.156.214:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 167.114.156.214:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 167.114.156.214:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 167.114.156.214:80
deamon.exe

TCP » 167.114.156.214:80
run_css.exe

TCP » 167.114.156.214:1177
pirater facebook v1.0.exe

TCP » 167.114.156.214:80
Updater.exe (Updater)

TCP » 167.114.156.214:80
internet tv.exe

TCP » 167.114.156.214:80
kingtranslatesetup.exe (KingTranslate by Bandoo Media Inc)

TCP » 167.114.156.214:80
kingtranslatesetup-r0-n-bc.exe (KingTranslate by Koyote-Lab)

TCP » 167.114.156.214:80
ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 167.114.156.214:80
Updater.exe (Updater)

 
Latest 20 of 41 files

URL:
http://initiatedownload.com/

Google Analytics:
UA-19309218

Title:
“initiatedownload.com - This website is for sale! - initiatedownload Resources and Information.”

Description:
“This website is for sale! initiatedownload.com is your first and best source for information about initiatedownload . Here you will also find topics relating to issues of general interest. We hope you find what you are looking for!”

Web server:
Apache/2.2.22 (Debian)

1-vinstaller.com

123mplayer.com

7s9nzohf.com

ad131m.com

amateurporntubed.com

applicationcube.com

check-live.com

checkupdatenow.com

cloudbox03.com

cloudbox06.com

cloudbox40.com

coolsoftwaredownloads.com

datacardbar.info

datingsweater.com

dbtalk.net

deliciousgoldfish.com

differentdownload.com

downloadcobol.com

downloadcobra.com

downloadcocci.com

downloadd.org

downloadinator.com

ex-soft.net

extremetrucker.com

fastupdate24.com

fetch-files.com

flashupdatenow.com

freeapplocationdownloads.com

freedownloadbrushes.com

generaldownload.com

30 of 93 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.