The domain dl.s0ftpzivrubajjui.net is registered by proxy through DYNADOT, LLC and was originally registered in November of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Server location:
Dublin City, Ireland (IE)
Create date:
Monday, November 24, 2014
Expires date:
Thursday, November 24, 2016
Updated date:
Thursday, December 17, 2015
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.
Scanner detections:
Detections (98% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.FIRSERIASL.G, PUP.Installer.FIRSERIASL.X, PUP.Installer.FIRSERIASL.N, PUP.Installer.FIRSERIASL.O, PUP.Installer.FIRSERIASL.P, PUP.Installer.FIRSERIASL.L, PUP.Solimba.FIRSERIA.Bundler (M), PUP.Solimba.Bundler, PUP.Solimba (M)
100.00%
VIPRE Antivirus
Threat.4782980, Threat.4758821, Adware.Firseria, Solimba
17.02%
Dr.Web
Trojan.DownLoader11.24441, Trojan.MulDrop5.34677
17.02%
Malwarebytes
PUP.Optional.Firseria
17.02%
Vba32 AntiVirus
Downware.Morstar
17.02%
AVG
Generic, BundleApp
17.02%
Panda Antivirus
Adware/Firseria
17.02%
Emsisoft Anti-Malware
Application.Bundler.Firseria.M, Trojan.Generic.11635227
17.02%
MicroWorld eScan
Application.Bundler.Firseria.M
17.02%
K7 AntiVirus
Unwanted-Program
17.02%
Agnitum Outpost
PUA.Solimba, PUA.Firseria
17.02%
Bitdefender
Application.Bundler.Firseria.M
17.02%
NANO AntiVirus
Riskware.Win32.Fiseria.ddnzzd, Trojan.Win32.MulDrop5.dcygsx
17.02%
Lavasoft Ad-Aware
Application.Bundler.Firseria.M
17.02%
Comodo Security
Application.Win32.Firseria.AFGH, Application.Win32.Firseria.MAP
17.02%
The domain dl.s0ftpzivrubajjui.net has been seen to resolve to the following 10 IP addresses.
ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
April 3, 2016
a184-51-126-34.deploy.static.akamaitechnologies.com
September 6, 2014
a184-51-126-74.deploy.static.akamaitechnologies.com
September 6, 2014
a23-67-242-97.deploy.static.akamaitechnologies.com
August 12, 2014
a23-67-242-120.deploy.static.akamaitechnologies.com
August 12, 2014
a23-67-243-83.deploy.static.akamaitechnologies.com
August 12, 2014
a23-67-243-41.deploy.static.akamaitechnologies.com
August 12, 2014
File downloads found at URLs served by dl.s0ftpzivrubajjui.net.
Latest 30 of 52 download URLs
The following 361 files have been seen to comunicate with dl.s0ftpzivrubajjui.net in live environments.
URL:
http://dl.s0ftpzivrubajjui.net/
Google Analytics:
UA-48689684
Title:
“s0ftpzivrubajjui.net”
Network:
Amazon Web Services (AWS), running an EC2 instance
Related Domains
30 of 618 related domains