The domain cdn4.downloadaxel.com is registered by proxy through Moniker Online Services and was originally registered in February of 2015. Currently this domain has been known to host various forms of malware. The hosted servers are located in Seattle, Washington within the United States. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrant:
Moniker Privacy Services
Registrar:
Moniker Online Services
Server location:
Washington, United States (US)
Create date:
Monday, February 9, 2015
Expires date:
Thursday, February 9, 2017
Updated date:
Sunday, January 24, 2016
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Google Safe Browsing:
unwanted
Scanner detections:
Malware distribution (98% detected)
Scan engine
Details
Detections
ESET NOD32
Win32/Ramnit.A virus, Win32/Virut.NBP virus, Win32/Ramnit.H virus, Win32/Amonetize.QK potentially unwanted application, Win32/Amonetize.NL potentially unwanted application, Win32/Amonetize.QM potentially unwanted application, Win32/Amonetize.QR potentially unwanted application
50.00%
Reason Heuristics
Threat.Win.Reputation.IMP, Adware.Bundler.Meta (M), Adware.Amonetize.Installer, Adware.Amonetize.fixwaretch.Installer.Meta (M), Adware.Amonetize (M), Threat.Generic.Variant, Adware.Amonetize.DotaPit.Meta (M), Adware.Bundler.Stamford.Meta (M)
50.00%
Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize, Virus.Win32.Nimnul, Virus.Win32.Virut
48.00%
avast!
Win32:RmnDrp, Win32:Virtu-A, Win32:Adware-gen [Adw]
46.00%
Microsoft Security Essentials
Worm:Win32/NeksMiner.A, Threat.Undefined
44.00%
Dr.Web
Win32.Rmnet, Win32.Virut.56, Trojan.Amonetize.11143, Win32.Rmnet.8, Trojan.Amonetize.12789
42.00%
F-Prot
W32/Ramnit.B, W32/Swizzor.A.gen, W32/Ramnit.E
42.00%
Emsisoft Anti-Malware
Gen:Variant.Mikey.27312, Win32.Ramnit, Win32.Virtob.Gen.12, Win32.Ramnit.N, Gen:Variant.Adware.MPlug.38
36.00%
McAfee
Virus.W32/Ramnit.a, Virus.W32/Virut.n.gen, Trojan.Artemis!61ECAA551E98
36.00%
F-Secure
Application:W32/Generic.70053c248f!Online, Win32.Ramnit, Win32.Ramnit.N, Riskware.Application.Bundler.Amonetize, Trojan.Heur2.RP.Du0@aGe!uUoi
34.00%
AVG
Win32/Ramnit.A, Win32/Zbot.G
32.00%
Norman
Win32.Ramnit, Win32.Virtob.Gen.12, Win32.Ramnit.N
30.00%
Sophos
Generic PUA LC (PUA), Virus 'W32/Patched-I'
10.00%
VIPRE Antivirus
Threat.4726519
8.00%
Bitdefender
Gen:Variant.Mikey.27312
2.00%
The domain cdn4.downloadaxel.com has been seen to resolve to the following 78 IP addresses.
server-52-84-125-31.iad16.r.cloudfront.net
July 1, 2016
server-52-84-125-13.iad16.r.cloudfront.net
July 1, 2016
server-52-84-125-232.iad16.r.cloudfront.net
July 1, 2016
server-52-84-125-209.iad16.r.cloudfront.net
July 1, 2016
server-52-84-125-182.iad16.r.cloudfront.net
July 1, 2016
server-52-84-125-146.iad16.r.cloudfront.net
July 1, 2016
server-52-84-125-121.iad16.r.cloudfront.net
July 1, 2016
server-52-84-125-45.iad16.r.cloudfront.net
July 1, 2016
server-52-85-131-181.iad53.r.cloudfront.net
June 6, 2016
server-52-85-131-137.iad53.r.cloudfront.net
June 6, 2016
server-52-85-131-188.iad53.r.cloudfront.net
June 6, 2016
server-52-85-131-23.iad53.r.cloudfront.net
May 16, 2016
server-52-85-131-193.iad53.r.cloudfront.net
May 16, 2016
server-52-85-131-140.iad53.r.cloudfront.net
May 16, 2016
server-52-85-131-103.iad53.r.cloudfront.net
May 16, 2016
server-52-85-131-75.iad53.r.cloudfront.net
May 16, 2016
server-52-85-131-60.iad53.r.cloudfront.net
May 16, 2016
server-52-85-131-37.iad53.r.cloudfront.net
May 16, 2016
server-52-84-125-52.iad16.r.cloudfront.net
May 16, 2016
server-52-84-125-34.iad16.r.cloudfront.net
May 16, 2016
server-52-84-125-200.iad16.r.cloudfront.net
May 16, 2016
server-52-84-125-188.iad16.r.cloudfront.net
May 16, 2016
server-52-84-125-170.iad16.r.cloudfront.net
May 16, 2016
server-52-84-125-85.iad16.r.cloudfront.net
May 16, 2016
server-52-84-125-80.iad16.r.cloudfront.net
May 16, 2016
server-52-84-125-54.iad16.r.cloudfront.net
May 16, 2016
server-52-85-142-181.iad12.r.cloudfront.net
April 21, 2016
server-52-85-142-47.iad12.r.cloudfront.net
April 21, 2016
server-52-85-142-227.iad12.r.cloudfront.net
April 21, 2016
server-52-85-131-10.iad53.r.cloudfront.net
April 20, 2016
Showing 30 of 78 IP Addresses
File downloads found at URLs served by cdn4.downloadaxel.com.
The following 52 files have been seen to comunicate with cdn4.downloadaxel.com in live environments.
URL:
http://cdn4.downloadaxel.com/
Network:
Amazon Cloudfront