home

ri.dblende.space

Domain Information

Server location:
Washington, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
dblende.space

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.IStartSurf
100.00%

The domain ri.dblende.space has been seen to resolve to the following 8 IP addresses.

52.84.125.89
server-52-84-125-89.iad16.r.cloudfront.net
July 15, 2016

52.84.125.57
server-52-84-125-57.iad16.r.cloudfront.net
July 15, 2016

52.84.125.232
server-52-84-125-232.iad16.r.cloudfront.net
July 15, 2016

52.84.125.214
server-52-84-125-214.iad16.r.cloudfront.net
July 15, 2016

52.84.125.182
server-52-84-125-182.iad16.r.cloudfront.net
July 15, 2016

52.84.125.171
server-52-84-125-171.iad16.r.cloudfront.net
July 15, 2016

52.84.125.162
server-52-84-125-162.iad16.r.cloudfront.net
July 15, 2016

52.84.125.116
server-52-84-125-116.iad16.r.cloudfront.net
July 15, 2016

File downloads found at URLs served by ri.dblende.space.

1 / 68      (PUP)
http://ri.dblende.space/?ses=126869238913059200  (wwe 2k16 pc game free download.exe)

The following 21 files have been seen to comunicate with ri.dblende.space in live environments.

TCP » 52.84.125.57:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.162:80
browser.exe (speed browser by Smart Applications)

TCP » 52.84.125.116:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.89:443
UCBrowser.exe (by UCWeb)

TCP » 52.84.125.116:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.57:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.84.125.162:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.84.125.171:80
ssn.exe (ssn)

TCP » 52.84.125.171:443
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.89:80
Trezaa.Service.exe (Trezaa.Service by Microsoft)

TCP » 52.84.125.89:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.116:80
browser.exe (Browser)

TCP » 52.84.125.182:80
Trezaa.Service.exe (Trezaa.Service by Microsoft)

TCP » 52.84.125.214:80
Weather.exe (WeatherBug Desktop by AWS Convergence Technologies)

TCP » 52.84.125.232:443
Client.exe

TCP » 52.84.125.232:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.57:443
whatsapptime.exe

TCP » 52.84.125.57:80
browser.exe (Speed Browser by Long Mile Solutions)

TCP » 52.84.125.57:443
browser.exe (Speed Browser by Long Mile Solutions)

TCP » 52.84.125.89:443
clearscreenplayerbrowser.exe

 
Latest 20 of 52 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.