www.upstaradown.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain www.upstaradown.com is registered by proxy through ENOM, INC. and was originally registered in May of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Miami Beach, Florida within the United States which resides on the Krypt Technologies network.
Remove Malware from www.upstaradown.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Florida, United States (US)

Create date:
Tuesday, May 06, 2014

Expires date:
Wednesday, May 06, 2015

Updated date:
Tuesday, May 06, 2014

ASN:
AS35908 VPLSNET - Krypt Technologies,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ClovermediaSL.E, PUP.PaymentsInteractiveSL.E, PUP.Tuguu.Clovermedia.Bundler (M)
100.00%

MicroWorld eScan
Gen:Variant.Adware.Kazy.374465, Gen:Variant.Application.Bundler.DomaIQ.8, Gen:Variant.Application.Bundler.DomaIQ.7
69.23%

McAfee
PUP-FJS!D8F20B08BE1A, PUP-FJV!1292BD0B45DB, PUP-FJV!30536FBB2EDB, PUP-FJV!410EDFC077AE, PUP-FJV!856CD5EB1CF7, PUP-FJV!B7C73AFE167C
69.23%

Malwarebytes
PUP.Optional.DomaIQ, PUP.Optional.BundleInstaller.A, PUP.Optional.Domalq
69.23%

Kaspersky
not-a-virus:AdWare.MSIL.DomaIQ, not-a-virus:AdWare.Win32.Lollipop
69.23%

Bitdefender
Gen:Variant.Adware.Kazy.374465, Gen:Variant.Application.Bundler.DomaIQ.8, Gen:Variant.Application.Bundler.DomaIQ.7
69.23%

Agnitum Outpost
PUA.Lollipop, PUA.DomaIQ
69.23%

F-Secure
Gen:Variant.Adware.Kazy.374465, Gen:Variant.Application.Bundler
69.23%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696, DomaIQ
69.23%

Avira AntiVirus
APPL/DomaIQ.Gen, Adware/Strictor.55983
69.23%

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious.H, PUP-FJV!410EDFC077AE, PUP-FJV!856CD5EB1CF7, PUP-FJV!B7C73AFE167C, CryptDomaIQ
69.23%

Sophos
DomainIQ pay-per install, Generic PUA KD, Generic PUA FN, Generic PUA JB
69.23%

G Data
Gen:Variant.Adware.Kazy.374465, Gen:Variant.Application.Bundler.DomaIQ
69.23%

Panda Antivirus
Trj/Genetic.gen, PUP/MultiToolbar.A
69.23%

AVG
DomaIQ_r.K, Win.Threat.Medium, Adware DomaIQ.DI
69.23%

The domain www.upstaradown.com has been seen to resolve to the following 2 IP addresses.

May 13, 2014

www.krypt.com
May 10, 2014

File downloads found at URLs served by www.upstaradown.com.

1 / 68      (Adware)
http://www.upstaradown.com/.../Java.exe  (a9b47f3147ec5324bf79139d578a7817)

1 / 68      (Adware)
http://www.upstaradown.com/.../Java.exe  (68cbb8cd64c7a99c69d00f4d62c97093)

1 / 68      (Adware)
http://www.upstaradown.com/.../Java.exe  (95c67529f4e61c8a0acaed62dbf89ef7)

36 / 68    (Adware)
http://www.upstaradown.com/.../Java.exe  (fc7aa6c6d445ca939e2eb3fa145cab38)

38 / 68    (Adware)
http://www.upstaradown.com/.../Java.exe  (6acaba6454b86af675d9cdfc76f54a8e)

35 / 68    (Adware)
http://www.upstaradown.com/.../Java.exe  (8c0b1b0fe95c9f8b1fa9534c47ccfe7b)

33 / 68    (Adware)
http://www.upstaradown.com/.../Java.exe  (ca6705e759cabe5e1e8a3d45307fda97)

28 / 68    (Adware)
http://www.upstaradown.com/.../Java.exe  (856cd5eb1cf7db713919604032002f7f)

1 / 68      (Adware)
http://www.upstaradown.com/.../Java.exe  (802f7524d502413534212df0d1ed556c)

26 / 68    (Adware)
http://www.upstaradown.com/.../Java.exe  (410edfc077ae54125079d255b73e1d73)

19 / 68    (Adware)
http://www.upstaradown.com/.../Java.exe  (30536fbb2edb0dff06a7d23e3aebb4f6)

19 / 68    (Adware)
http://www.upstaradown.com/.../Java.exe  (1292bd0b45dbc81c51152584e16f4c21)

24 / 68    (Adware)
http://www.upstaradown.com/.../Java.exe  (d8f20b08be1a06911439e41d054f2ebf)

URL:
http://www.upstaradown.com/

Google Analytics:
UA-69192

Title:
“upstaradown.com - Registered at Namecheap.com”

Web server:
nginx (ASP.NET,ARR/2.5,ASP.NET) (Version: 4.0.30319)

30 of 34 related domains

Remove Malware from www.upstaradown.com - Powered by Reason Core Security