home

dl.hikvision.su

Private Person  (Proxy Registrant)

Domain Information

The domain dl.hikvision.su is registered by proxy through RUCENTER-REG-FID and was originally registered in October of 2009. Currently this domain has been known to host various forms of malware. The hosted servers are located in Saint Petersburg, Saint Petersburg City within Russia which resides on the RIPE Network Coordination Centre network.
Registrar:
RUCENTER-REG-FID

Server location:
Saint Petersburg City, Russia (RU)

Create date:
Tuesday, October 27, 2009

Expires date:
Thursday, October 27, 2016

ASN:
AS31321 STARTELECOMSPB-AS Startelecom Severo-Zapad JSC,RU

Root domain:
hikvision.su

Whois:
1 hikvision.su record

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

MicroWorld eScan
Trojan.Generic.12446647
100.00%

avast!
Win32:WrongInf-D [Susp]
100.00%

Bitdefender
Trojan.Generic.12446647
100.00%

Lavasoft Ad-Aware
Trojan.Generic.12446647
100.00%

F-Secure
Trojan.Generic.12446647
100.00%

Arcabit
Trojan.Generic.DBDEBB7
100.00%

G Data
Trojan.Generic.12446647
100.00%

AVG
Patched3_c
100.00%

The domain dl.hikvision.su has been seen to resolve to the following IP address.

81.222.82.236
February 20, 2016

File downloads found at URLs served by dl.hikvision.su.

8 / 68      (Malware)
http://dl.hikvision.su/.../iVMS-4200(v2.00).exe  (bbc5b93a3646b0ea203918961f3df551)

URL:
http://dl.hikvision.su/

Title:
“Добро пожаловать | Hikvision Digital Technologies”

Web server:
nginx/1.4.6 (Ubuntu) (PHP/5.5.9-1ubuntu4.14)

hikvision.ru

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.