The domain 68174.get-wn.net registered by Starline Alliance LTD. was initially registered in September of 2014 through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the DFW Internet Services, Inc. network.
Registrant:
Starline Alliance LTD.
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Server location:
Noord-Holland, Netherlands (NL)
Create date:
Monday, September 22, 2014
Expires date:
Tuesday, September 22, 2015
Updated date:
Monday, September 22, 2014
ASN:
AS35415 WEBAZILLA Webazilla B.V.,NL
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Dr.Web
Trojan.Packed.29217
100.00%
VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696, Winner Solutions
100.00%
Bitdefender
Gen:Variant.Graftor.162037, Gen:Variant.Kazy.473220
100.00%
F-Secure
Gen:Variant.Graftor.162037, Gen:Variant.Kazy.473220
100.00%
Avira AntiVirus
APPL/Downloader.Gen4, TR/Kazy.2297856
100.00%
G Data
Gen:Variant.Graftor.162037, Gen:Variant.Kazy.473220
100.00%
ESET NOD32
Win32/bmMedia.DN (variant), Win32/bmMedia.EI
100.00%
AVG
Downloader, Win.Threat.Medium, Generic
100.00%
Reason Heuristics
PUP.SOFTON.h, PUP.Installer.SAASMIKRO.N
100.00%
avast!
Win32:Dropper-gen [Drp]
66.67%
Lavasoft Ad-Aware
Gen:Variant.Graftor.162037
66.67%
Emsisoft Anti-Malware
Gen:Variant.Graftor.162037
66.67%
F-Prot
W32/A-f5ab4d7a
66.67%
Qihoo 360 Security
Malware.QVM20.Gen
33.33%
MicroWorld eScan
Gen:Variant.Kazy.473220
33.33%
The domain 68174.get-wn.net has been seen to resolve to the following IP address.
File downloads found at URLs served by 68174.get-wn.net.
URL:
http://68174.get-wn.net/
Google Analytics:
UA-37292325
Title:
“DownloadFileSetup downloading...”
Web server:
nginx (PHP/5.3.10-1ubuntu3.9)
Related Domains