telexfree.zendesk.com

Zendesk, Inc.

Domain Information

The domain telexfree.zendesk.com registered by Zendesk, Inc. was initially registered in May of 2005 through TIERRANET INC. D/B/A DOMAINDISCOVER. Currently this domain has been known to host various forms of malware. The hosted servers are located in Washington, District of Columbia within the United States which resides on the Zendesk, Inc. network.
Registrar:
MARKMONITOR INC.

Server location:
District of Columbia, United States (US)

Create date:
Monday, May 16, 2005

Expires date:
Thursday, May 16, 2024

Updated date:
Wednesday, November 04, 2015

Root domain:

Scanner detections:
Malware distribution  (93% detected)

Scan engine
Details
Detections

McAfee
Artemis!013A12D9F0C0, Artemis!64D5D7B49966, RDN/Generic.dx!d2b, Artemis!3036AE0C4B9F, Artemis!092A0B67748C, Artemis!2155552D534E
85.71%

avast!
Win32:Malware-gen, Win32:Rootkit-gen [Rtk], SFX:Dropper-BS [Drp], Win32:Delf-TTP [Trj], Win32:Zbot-TZV [Trj], Win32:Dropper-gen [Drp]
85.71%

Kaspersky
HEUR:Trojan.Win32.Generic, HEUR:Trojan-Downloader.Win32.Generic, Trojan.Win32.Badur, Trojan-Banker.Win32.Banbra, Trojan-Spy.Win32.Zbot
85.71%

Baidu Antivirus
Trojan.Win32.Generic, Trojan.Win32.ProxyChanger, Trojan.Win32.Badur, Trojan.Win32.Banker, Trojan.Win32.Zbot
85.71%

IKARUS anti.virus
Trojan-Banker.Win32.Banbra, Trojan.Win32.Dynamer, Ransom.Win32.Reveton, Trojan.Win32.Badur, Trojan.Win32.ProxyChanger, Virus.Win32.Dropper
85.71%

AVG
Proxy, Downloader.Generic13, Generic36
85.71%

MicroWorld eScan
Trojan.Generic.9928795, Trojan.GenericKD.1603036, Gen:Variant.Symmi.43449, Trojan.Generic.11350465, Trojan.GenericKD.1702111, Gen:Variant.Symmi.40157, Trojan.GenericKDV.1409766, Gen:Variant.Graftor.141826, Gen:Variant.Symmi.37342, Trojan.Generic.11192453
78.57%

Bitdefender
Trojan.Generic.9928795, Trojan.GenericKD.1603036, Gen:Variant.Symmi.43449, Trojan.Generic.11350465, Trojan.GenericKD.1702111
78.57%

Emsisoft Anti-Malware
Trojan.Generic.9928795, Trojan.GenericKD.1603036, Gen:Variant.Symmi.43449, Trojan.Generic.11350465, Trojan.GenericKD.1702111
78.57%

Sophos
Mal/Generic-S, Troj/HkMain-CT
78.57%

Antiy Labs AVL
Trojan/Win32.Generic, Trojan/Win32.Badur, Trojan[Banker]/Win32.Banbra, Trojan[Spy]/Win32.Zbot, Trojan[Downloader:HEUR]/Win32.AGeneric
78.57%

G Data
Trojan.Generic.9928795, Trojan.GenericKD.1603036, Gen:Variant.Symmi.43449, Trojan.Generic.11350465, Trojan.GenericKD.1702111
78.57%

ESET NOD32
Win32/ProxyChanger.LX (variant), Win32/ProxyChanger.LZ (variant), Win32/ProxyChanger.QJ (variant), Win32/ProxyChanger.RT (variant)
78.57%

Fortinet FortiGate
W32/ProxyChanger.LX, W32/ProxyChanger.LZ!tr, W32/Badur.HAMD!tr, W32/ProxyChanger.QJ!tr, W32/Zbot.AAQ!tr, W32/Banbra.BFAX!tr
78.57%

Panda Antivirus
Suspicious file, Trj/CI.A, Trj/OCJ.F, Trj/Genetic.gen, Trj/OCJ.E
78.57%

The domain telexfree.zendesk.com has been seen to resolve to the following 2 IP addresses.

proxy.vip.pod5.iad1.zdsys.com
February 26, 2016

December 22, 2013

File downloads found at URLs served by telexfree.zendesk.com.

34 / 68    (Malware)

28 / 68    (Malware)

30 / 68    (Malware)

24 / 68    (Malware)

30 / 68    (Malware)

1 / 68      (inconclusive)

6 / 68      (Malware)

34 / 68    (Malware)

38 / 68    (Malware)

32 / 68    (Malware)

27 / 68    (Malware)

35 / 68    (Malware)

13 / 68    (Malware)

25 / 68    (Malware)

URL:
http://telexfree.zendesk.com/

SSL certificate subject:
CN=*.zendesk.com, OU=PremiumSSL Wildcard, O=Zendesk Inc., STREET=989 MARKET ST STE 300, L=San Francisco, S=California, PostalCode=94103, C=US

SSL certificate issuer:
CN=COMODO RSA Organization Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
nginx