home

topdistribute.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain topdistribute.com is registered by proxy through GODADDY.COM, LLC and was originally registered in February of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Sunday, February 8, 2015

Expires date:
Thursday, February 8, 2018

Updated date:
Tuesday, February 9, 2016

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Whois:
2 topdistribute.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Qihoo 360 Security
Win32/Trojan.Dropper.302, HEUR/QVM42.1.Malware.Gen, Win32/Trojan.Dropper.594, Win32/Trojan.Dropper.992, Win32/Trojan.Dropper.b4e
65.79%

Avira AntiVirus
TR/Dropper.A.1736, TR/Dropper.A.8102, TR/Dropper.A.8117, TR/Dropper.A.9028, TR/Dropper.A.9393, TR/Dropper.A.9686, TR/Dropper.A.9754
63.16%

Kaspersky
UDS:DangerousObject.Multi.Generic, not-a-virus:AdWare.Win32.Similagro
44.74%

AVG
Generic_r, Generic6
42.11%

Comodo Security
Application.Win32.AdWare.Similagro.EA, ApplicUnwnt
42.11%

Reason Heuristics
PUP.Win.Reputation, PUP.Similar.ZoomWebLists.Installer.Meta (M)
39.47%

AhnLab V3 Security
PUP/Win32.OutBrowse
34.21%

NANO AntiVirus
Trojan.Win32.Ransom.dtleij, Riskware.Win32.Similagro.dvxtoh
34.21%

ESET NOD32
Win32/Adware.Similagro
34.21%

McAfee
Artemis!71677BF2DD6C, Artemis!F95F2F4078A9, Artemis!779856011F9F, Artemis!D777918222CD, Artemis!51F531D58878, Trojan.Artemis!A593045E0708, Artemis!C5A600621BB6, Artemis!D4A01275A654
28.95%

Baidu Antivirus
Adware.Win32.Similagro
23.68%

avast!
Win32:Dropper-gen [Drp]
18.42%

Fortinet FortiGate
W32/Eldorado.3471!tr, Riskware/Similagro
10.53%

K7 AntiVirus
Adware
10.53%

VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic
7.89%

The domain topdistribute.com has been seen to resolve to the following IP address.

184.168.221.41
ip-184-168-221-41.ip.secureserver.net
February 1, 2016

File downloads found at URLs served by topdistribute.com.

7 / 68      (PUP)
http://topdistribute.com/.../offer_7960.exe  (e6469a4e7a80e2aa7bd445505e422f44)

The following 14 files have been seen to comunicate with topdistribute.com in live environments.

TCP » 184.168.221.41:80
ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 184.168.221.41:80
kns8e8f.tmp

TCP » 184.168.221.41:80
online-guardian-v2.0.9.exe

TCP » 184.168.221.41:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.168.221.41:80
apptrailers.exe

TCP » 184.168.221.41:80
Client.exe

TCP » 184.168.221.41:80
Aurora.exe (Aurora by AuroraBrowser.COM)

TCP » 184.168.221.41:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 184.168.221.41:80
ContentFinder.exe (ContentFinder by ContentFinder Company)

TCP » 184.168.221.41:587
wrk.exe

TCP » 184.168.221.41:80
kns3949.tmp

TCP » 184.168.221.41:80
kns1098.tmp

TCP » 184.168.221.41:80
onlineguardian-v2.exe

TCP » 184.168.221.41:80
kns4956.tmp

URL:
http://topdistribute.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)

0105design.info

0113app.info

0123c.info

adrttt.com

avimediaconverter.com

bearshare-install.com

blioreader.com

carddownmanage.com

ddlmedia.info

dealpop.us

displayware.info

down1209group.info

down1702group.info

downloaddiad.com

downloader-50.com

downloadsireigheesae.com

downloadsrv13.com

drop1209.info

encouragemanager.com

fazendabrasil.info

floodinstalled.com

focusprogram.info

freefacta.com

freepdftowordconverter.net

ftdownloader.com

glts247.com

hardwarelogic.info

location0102.info

preactordownloads.com

premiumsafe.info

30 of 40 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.