lp.downloadsrv13.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain lp.downloadsrv13.com is registered by proxy through GODADDY.COM, LLC and was originally registered in September of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Remove Malware from lp.downloadsrv13.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Sunday, September 15, 2013

Expires date:
Thursday, September 15, 2016

Updated date:
Wednesday, September 16, 2015

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Root domain:

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.MaxSetup.j, PUP.Installer.clipqube.AA, PUP.Installer.InstallVibes.K, PUP.Installer.Bundlore.K, PUP.Installer.InstallVibes.F, PUP.CyberservicesBV.Y, PUP.Bundler.Bundlore, DownloadManager.Bundler.Air Software, PUP.Installer.InstallationSafe, PUP.Bundlore.Bundler, PUP.Amonitize.Installer (M), PUP.Yontoo.InstallVibes.Installer (M), PUP.Outbrowse.BEstinSTallTLl.Installer (M), PUP.Softpulse.DigitalPlugin.Bundler (M), Threat.Win.Reputation.IMP, PUP.Bundlore.Bundler (M)
97.06%

K7 Gateway Antivirus
Unwanted-Program , Trojan
55.88%

K7 AntiVirus
Unwanted-Program , Trojan
55.88%

VIPRE Antivirus
Threat.4150696, Threat.4754986, Threat.4890059, Trojan.Win32.Generic, Threat.5063330
55.88%

McAfee
Artemis!C5F659D694B0, Artemis!FE73BECFD24E, PUP-FDC, PUP-FJG, PUP-FLP, Cryptlore, PUP-FKW, PUP-FJA, Trojan.Artemis!A4EFCAC657A3
52.94%

Malwarebytes
PUP.Optional.InstallCore.A, PUP.Optional.ClipCube, PUP.Optional.Bundlore, PUP.Optional.AirAdInstaller, PUP.Optional.InstallVibes
52.94%

ESET NOD32
Win32/Bundlore.G potentially unwanted application, Win32/Bundlore.D potentially unwanted application, Win32/Bundlore.F potentially unwanted application
52.94%

AVG
InstallCore, Bundlo, Adware Skodna.Generic_r.IP, Adware Skodna.Generic_r.IS, Adware Generic_r.OC, Airsoftware, Adware Skodna.Generic_r.IO
50.00%

Avira AntiVirus
TR/Dropper.Gen, TR/Bundlore.D, APPL/Bundlore.ahdf, APPL/DownloadGuide.Gen2, APPL/Downloader.Gen, Adware/AirAdInstaller.aldw.4
50.00%

Antiy Labs AVL
Trojan/Win32.TSGeneric, RiskWare[Downloader:not-a-virus]/Win32.Agent, Trojan/Win32.TGeneric, GrayWare[AdWare:not-a-virus]/Win32.AirAdInstaller.cdgd
50.00%

Sophos
Install Core Click run software, Bundlore, PUA 'Bundlore', AirInstaller
47.06%

Dr.Web
Trojan.Packed.25266, Adware.Downware.2086, Adware.Downware.3180, Adware.Downware.4744, Adware.Downware.5119, Adware.Downware.2285
47.06%

McAfee Web Gateway
Artemis!C5F659D694B0, Artemis!FE73BECFD24E, PUP-FDC, Heuristic.BehavesLike.Win32.Suspicious.H, PUP-FLP, Cryptlore, PUP-FKW
47.06%

Comodo Security
UnclassifiedMalware, Application.Win32.Bundlore.C, Application.Win32.Agent.BUNE, Application.Win32.Bundlore.G, Application.Win32.Bundlore.H
47.06%

G Data
Win32.Application.InstallCore, Adware.Generic.944650, Trojan.Generic.11315617, Trojan.Generic.11476035, Trojan.Generic.11397605
44.12%

The domain lp.downloadsrv13.com has been seen to resolve to the following 34 IP addresses.

a184-28-17-186.deploy.static.akamaitechnologies.com
February 2, 2016

a23-0-160-97.deploy.static.akamaitechnologies.com
January 31, 2016

a23-0-160-96.deploy.static.akamaitechnologies.com
January 31, 2016

January 3, 2016

January 3, 2016

a184-28-17-169.deploy.static.akamaitechnologies.com
December 15, 2015

a184-28-17-218.deploy.static.akamaitechnologies.com
December 15, 2015

September 1, 2015

September 1, 2015

August 11, 2015

August 11, 2015

May 5, 2015

May 5, 2015

a23-3-13-82.deploy.static.akamaitechnologies.com
April 15, 2015

a23-3-13-10.deploy.static.akamaitechnologies.com
April 15, 2015

a23-15-9-32.deploy.static.akamaitechnologies.com
September 11, 2014

a23-15-9-58.deploy.static.akamaitechnologies.com
September 11, 2014

a23-15-7-144.deploy.static.akamaitechnologies.com
September 7, 2014

a23-15-7-154.deploy.static.akamaitechnologies.com
September 7, 2014

a23-0-160-66.deploy.static.akamaitechnologies.com
September 3, 2014

a23-0-160-33.deploy.static.akamaitechnologies.com
September 3, 2014

a23-3-13-202.deploy.static.akamaitechnologies.com
August 22, 2014

a23-3-13-226.deploy.static.akamaitechnologies.com
August 22, 2014

a23-62-6-184.deploy.static.akamaitechnologies.com
August 16, 2014

a23-62-6-179.deploy.static.akamaitechnologies.com
August 16, 2014

July 3, 2014

July 3, 2014

June 5, 2014

June 5, 2014

a23-67-242-19.deploy.static.akamaitechnologies.com
May 31, 2014

 
Showing 30 of 34 IP Addresses

File downloads found at URLs served by lp.downloadsrv13.com.

1 / 68      (Adware)
http://lp.downloadsrv13.com/.../setup.exe  (560ccdd09fba690092c2573d2ac42b08)

9 / 68      (Adware)
http://lp.downloadsrv13.com/download/.../?name=Robocop 2014 XVID AC3 ACAB.exe  (the walking dead season 4 hdtv complete + subtitles [yahsoft].exe)

9 / 68      (Adware)

9 / 68      (Adware)
http://lp.downloadsrv13.com/.../omp.exe  (the walking dead season 4 hdtv complete + subtitles [yahsoft].exe)

The following 616 files have been seen to comunicate with lp.downloadsrv13.com in live environments.

 
Latest 20 of 619 files

URL:
http://lp.downloadsrv13.com/

Title:
“Software Solutions”

Web server:
nginx/1.6.3

Remove Malware from lp.downloadsrv13.com - Powered by Reason Core Security