home

www.directdownloader2.com

New Ventures Services Corp.

Domain Information

The domain www.directdownloader2.com registered by New Ventures Services Corp. was initially registered in July of 2014 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Incapsula Inc network.
Registrar:
FINDYOUADOMAIN.COM LLC

Server location:
Virginia, United States (US)

Create date:
Wednesday, July 30, 2014

Expires date:
Saturday, July 30, 2016

Updated date:
Tuesday, March 1, 2016

ASN:
AS19551 INCAPSULA - Incapsula Inc,US

Root domain:
directdownloader2.com

Whois:
3 directdownloader2.com records

Scanner detections:
Detections  (91% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.DDLR.Installer (M), PUP (M)
90.91%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
9.09%

F-Secure
Application:W32/Generic.70053c248f!Online
9.09%

The domain www.directdownloader2.com has been seen to resolve to the following 7 IP addresses.

192.230.92.93
192.230.92.93.ip.incapdns.net
September 17, 2016

199.83.132.93
199.83.132.93.ip.incapdns.net
July 10, 2016

104.130.124.96
May 31, 2016

208.91.197.197
March 2, 2016

141.8.226.14
January 3, 2016

199.58.162.69
February 7, 2014

199.58.162.52
February 7, 2014

File downloads found at URLs served by www.directdownloader2.com.

1 / 68      (PUP)
http://www.directdownloader2.com/download.php?url=aHR0cDovL3d3dy50b3JyZW50cy5uZXQgL2Rvd24vIDQ3MzM4NC50b3JyZW50&name=Antalya x - aerosoft  (antalya_x_-_aerosoft.exe)

1 / 68      (PUP)
http://www.directdownloader2.com/download.php?url=aHR0cDovL3d3dy50b3JyZW50cy5uZXQvZG93bi8xODQ2MTE0LnRvcnJlbnQ=&name=Football manager 2012 [pc] [crack keygen]  (football_manager_2012_pc_crackkeygen.exe)

1 / 68      (PUP)
http://www.directdownloader2.com/download.php?url=aHR0cDovL3d3dy50b3JyZW50cy5uZXQgL2Rvd24vIDIwMzM2NDMudG9ycmVudA==&name=The hobbit an unexpected journey (2012)  (the_hobbit_an_unexpected_journey_2012.exe)

1 / 68      (PUP)
http://www.directdownloader2.com/download.php?url=aHR0cDovL3d3dy50b3JyZW50cy5uZXQgL2Rvd24vIDIwNzUwMDUudG9ycmVudA==&name=The hobbit: an unexpected journey (2012) english xvid ac3 avi  (the_hobbit_an_unexpected_journey_2012_english_xvid_ac3_avi.exe)

1 / 68      (PUP)
http://www.directdownloader2.com/download.php?url=aHR0cDovL3d3dy50b3JyZW50cy5uZXQgL2Rvd24vIDIwODAwODkudG9ycmVudA==&name=The hobbit an unexpected journey [2012] dvd-rip  (the_hobbit_an_unexpected_journey_2012_dvd-rip.exe)

1 / 68      (PUP)
http://www.directdownloader2.com/download.php?name=Battle Royale [2000] DC 720p BRRip H264 AC3 - CODY&url=aHR0cDovL3d3dy50b3JyZW50aG91bmQuY29tL3RvcnJlbnQvNjZjMjRmZThlOTFiZTVjMDY2NzdmY2RiNzdkNWM2YmUzNjgxMDYxNQ==  (battle_royale_2000_dc_720p_brrip_h264_ac3_-_cody.exe)

1 / 68      (PUP)
http://www.directdownloader2.com/download.php?name=Close Combat VI - Cross of Iron&url=aHR0cDovL3d3dy50b3JyZW50aG91bmQuY29tL3RvcnJlbnQvNGZhMWEzNjhiOTM4YTRjOTY1MDYwNWViYmExMGJjMDNjZTQ3ZGQ4Nw==  (close_combat_vi_-_cross_of_iron.exe)

1 / 68      (PUP)
http://www.directdownloader2.com/download.php?url=aHR0cDovL3d3dy50b3JyZW50cy5uZXQgL2Rvd24vIDEzMzczMzUudG9ycmVudA==&name=Close combat iii - cross of iron  (close_combat_iii_-_cross_of_iron.exe)

1 / 68      (PUP)
http://www.directdownloader2.com/download.php?name=Pharaon - Jeu - Fr&url=aHR0cDovL3d3dy50b3JyZW50aG91bmQuY29tL3RvcnJlbnQvZGRkZDE3MTM3ZjliMGFkY2Q1M2M0MTJkMGUzMWI1MGY2YWZhM2VkNg==  (pharaon_-_jeu_-_fr.exe)

1 / 68      (PUP)
http://www.directdownloader2.com/download.php?name=Sky Angel Vol.80 : Mei Haruka (2009, DVD.xvid) - super celeb&url=aHR0cDovL3d3dy50b3JyZW50aG91bmQuY29tL3RvcnJlbnQvYjNlNTM5Y2YxOTQwOTg5ZGE0NWMyMmNhYmYzMzMyNjFkNDJkYmFjYQ==  (sky_angel_vol.80__mei_haruka_2009_dvd.xvid_-_super_celeb.exe)

2 / 68      (false positives)
http://www.directdownloader2.com/download.php?name=Miles Davis "Time After Time" Live 2CD&url=aHR0cDovL3d3dy50b3JyZW50aG91bmQuY29tL3RvcnJlbnQvOWMyNGM2ZmQ2N2VkYjQyMjRiN2E2OWIxMzU5ZmVmMDZjYzI0MGNiNA==  (wrar420.exe)

The following 5 files have been seen to comunicate with www.directdownloader2.com in live environments.

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 141.8.226.14:80
google-bookmarks.crx

URL:
http://www.directdownloader2.com/

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.