» jp.download366.info
Overview
Analysis
IPs Addresses (6)
Downloads (5)
Website Detail
Related Domains (6)

jp.download366.info

Domains By Proxy, LLC (Proxy Registrant)

Domain Information

The domain jp.download366.info is registered by proxy through GoDaddy.com, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.

Registrant:

Domains By Proxy, LLC

Registrar:

GoDaddy.com, LLC

Server location:

Virginia, United States (US)

ASN:

AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

download366.info

Whois:

2 download366.info records

Google Safe Browsing:

unwanted

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Installer.BechiroSL.G, PUP.Installer.SETUPPROCESS.P, PUP.Installer.AppsInstallerSL.H, PUP.Solimba.Firseria.Bundler (M), PUP.Solimba (M)

100.00%

VIPRE Antivirus

DownloadMR

40.00%

Sophos

Solimba Installer

40.00%

G Data

Win32.Application.Morstar

40.00%

Vba32 AntiVirus

Downware.Morstar

40.00%

ESET NOD32

Win32/FirseriaInstaller (variant)

40.00%

NANO AntiVirus

Trojan.Win32.Morstar.creklv

20.00%

Kaspersky

not-a-virus:Downloader.Win32.Morstar

20.00%

Agnitum Outpost

PUA.Downloader

20.00%

Comodo Security

Application.Win32.Bechiro.BDC

20.00%

Dr.Web

Trojan.DownLoader11.3516

20.00%

Avira AntiVirus

TR/Dropper.Gen

20.00%

Rising Antivirus

PE:PUF.FirseriaInstaller@CV!1.9C54

20.00%

IKARUS anti.virus

not-a-virus:Downloader.Win32.Morstar

20.00%

Fortinet FortiGate

Adware/Firseria

20.00%

The domain jp.download366.info has been seen to resolve to the following 6 IP addresses.

52.20.26.1

ec2-52-20-26-1.compute-1.amazonaws.com

August 15, 2016

52.86.173.174

ec2-52-86-173-174.compute-1.amazonaws.com

April 21, 2016

54.210.177.99

ec2-54-210-177-99.compute-1.amazonaws.com

April 21, 2016

54.243.100.6

ec2-54-243-100-6.compute-1.amazonaws.com

May 5, 2014

23.21.247.193

ec2-23-21-247-193.compute-1.amazonaws.com

May 5, 2014

54.243.28.226

January 6, 2014

File downloads found at URLs served by jp.download366.info.

1 / 68 (Adware)

http://jp.download366.info/openofficeorg/download/.../1133 (apache openoffice.exe)

1 / 68 (Adware)

http://jp.download366.info/dvdfab/download/.../890 (dvdfab.exe)

8 / 68 (Adware)

http://jp.download366.info/imgburn/download/.../49 (imgburn.exe)

16 / 68 (Adware)

http://jp.download366.info/glary-utilities/download/.../75 (glary utilities.exe)

1 / 68 (Adware)

http://jp.download366.info/dvdfab/download/.../890 (dvdfab.exe)

URL:

http://jp.download366.info/

Google Analytics:

UA-18063553

Title:

“Download366”

Network:

Amazon Web Services (AWS), running an EC2 instance

Web server:

nginx

Related Domains

download366.co

download366.com

download366.net

free-download-now.com

interdescargas.com

winportal.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.