» m30.rwdaifs.ru
Overview
Analysis
IPs Addresses (1)
Downloads (1)
Website Detail
Related Domains (151)

m30.rwdaifs.ru

Private Person (Proxy Registrant)

Domain Information

The domain m30.rwdaifs.ru is registered by proxy through REGRU-RU and was originally registered in February of 2015. Currently this domain has been known to host various forms of malware. The hosted servers are located in Moscow, Moscow City within Russia which resides on the RIPE Network Coordination Centre network.

Registrant:

Private Person

Registrar:

REGRU-RU

Server location:

Moscow City, Russia (RU)

Create date:

Friday, February 13, 2015

Expires date:

Saturday, February 13, 2016

ASN:

AS197695 AS-REGRU _Domain names registrar REG.RU_, Ltd,RU

Root domain:

rwdaifs.ru

Whois:

1 rwdaifs.ru record

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

Reason Heuristics

Threat.Win.Reputation.IMP

100.00%

The domain m30.rwdaifs.ru has been seen to resolve to the following IP address.

194.58.56.107

February 26, 2016

File downloads found at URLs served by m30.rwdaifs.ru.

1 / 68 (Malware)

http://m30.rwdaifs.ru/.../exn.php?s=1171&idx=2&q=???????. ??? 35&blink=aHR0cDovL2RlcG9zaXRmaWxlcy5jb20vZmlsZXMvM2NwcWdiYzc3&h=0&gw=3 (барокко. том 35-7432747-3.exe)

URL:

http://m30.rwdaifs.ru/

Google Analytics:

UA-55552418

Title:

“Истёк срок регистрации доменаrwdaifs.ru”

Web server:

nginx

Related Domains

avast-skachatbesplatno.ru

30 of 151 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.