d6qpl3kt25h85.cloudfront.net

Amazon.com, Inc

Domain Information

The domain d6qpl3kt25h85.cloudfront.net registered by Amazon.com, Inc was initially registered in April of 2008 through MARKMONITOR INC.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
MARKMONITOR INC.

Server location:
Virginia, United States (US)

Create date:
Friday, April 25, 2008

Expires date:
Tuesday, April 25, 2017

Updated date:
Tuesday, February 25, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.I, Win32.Generic.GreenTreeApplicationssrl.Installer.Meta, PUP.GreenTree.Installer.Meta (M), PUP.GreenTree (M)
100.00%

nProtect
Trojan/W32.Agent.104760.C
13.64%

Avira AntiVirus
APPL/Widgi.opqa, ADWARE/Widgi.102704.2
13.64%

Bkav FE
W32.HfsAdware
13.64%

Trend Micro House Call
TROJ_GEN.R0C1H05LE14, TROJ_GEN.R0C1H07CH15
13.64%

K7 AntiVirus
Adware
9.09%

ESET NOD32
Win32/Toolbar.Widgi potentially unwanted
9.09%

Kaspersky
not-a-virus:HEUR:Downloader.Win32.Generic
9.09%

NANO AntiVirus
Trojan.Nsis.DownLoader12.dqgtta, Riskware.Win32.AdLoad.dxemmd
9.09%

Dr.Web
Adware.Downware.12103, Adware.Downware.10873
9.09%

VIPRE Antivirus
Trojan.Win32.Generic
9.09%

G Data
Win32.Trojan.Agent.JQ5AGL, Win32.Adware.YTDownloader
9.09%

Baidu Antivirus
PUA.Win32.Toolbar
9.09%

Panda Antivirus
Generic Suspicious
9.09%

Quick Heal
Downloader.Generic.r5 (Not a Virus)
9.09%

The domain d6qpl3kt25h85.cloudfront.net has been seen to resolve to the following 124 IP addresses.

server-54-230-193-155.iad53.r.cloudfront.net
September 16, 2016

server-54-230-193-125.iad53.r.cloudfront.net
September 16, 2016

server-54-230-193-102.iad53.r.cloudfront.net
September 16, 2016

server-54-230-193-37.iad53.r.cloudfront.net
September 16, 2016

server-54-230-193-242.iad53.r.cloudfront.net
September 16, 2016

server-54-230-193-213.iad53.r.cloudfront.net
September 16, 2016

server-54-230-193-176.iad53.r.cloudfront.net
September 16, 2016

server-54-230-193-171.iad53.r.cloudfront.net
September 16, 2016

server-52-84-125-225.iad16.r.cloudfront.net
September 15, 2016

server-52-84-125-105.iad16.r.cloudfront.net
September 15, 2016

server-52-84-125-95.iad16.r.cloudfront.net
September 15, 2016

server-52-84-125-86.iad16.r.cloudfront.net
September 15, 2016

server-52-84-125-81.iad16.r.cloudfront.net
September 15, 2016

server-52-84-125-77.iad16.r.cloudfront.net
September 15, 2016

server-52-84-125-47.iad16.r.cloudfront.net
September 15, 2016

server-52-84-125-117.iad16.r.cloudfront.net
August 28, 2016

server-52-84-125-64.iad16.r.cloudfront.net
August 28, 2016

server-52-84-125-53.iad16.r.cloudfront.net
August 28, 2016

server-52-84-125-12.iad16.r.cloudfront.net
August 28, 2016

server-52-84-125-238.iad16.r.cloudfront.net
August 28, 2016

server-52-84-125-122.iad16.r.cloudfront.net
August 28, 2016

server-52-84-125-48.iad16.r.cloudfront.net
August 19, 2016

server-52-84-125-33.iad16.r.cloudfront.net
August 19, 2016

server-52-84-125-9.iad16.r.cloudfront.net
August 19, 2016

server-52-84-125-205.iad16.r.cloudfront.net
August 19, 2016

server-52-84-125-162.iad16.r.cloudfront.net
August 19, 2016

server-52-84-125-104.iad16.r.cloudfront.net
August 19, 2016

server-52-84-125-99.iad16.r.cloudfront.net
August 19, 2016

server-52-84-125-71.iad16.r.cloudfront.net
August 19, 2016

server-54-192-19-41.iad12.r.cloudfront.net
August 18, 2016

 
Showing 30 of 124 IP Addresses

File downloads found at URLs served by d6qpl3kt25h85.cloudfront.net.

The following 193 files have been seen to comunicate with d6qpl3kt25h85.cloudfront.net in live environments.

 
Latest 20 of 432 files

URL:
http://d6qpl3kt25h85.cloudfront.net/

Network:
Amazon Cloudfront

SSL certificate subject:
CN=*.cloudfront.net, O="Amazon.com, Inc.", L=Seattle, S=Washington, C=US

SSL certificate issuer:
CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Web server:
CloudFront