dl2.vip0installer.com

Domain Registries Foundation

Domain Information

The domain dl2.vip0installer.com registered by Domain Registries Foundation was initially registered in December of 2015 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Limelight Networks, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Thursday, December 24, 2015

Expires date:
Saturday, December 24, 2016

Updated date:
Thursday, December 24, 2015

ASN:
AS22822 LLNW-AS Limelight Networks, INC. proxy AS object

Root domain:

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.InstallX, PUP.Bundler.InstallX, Threat.InstallX.Installer, PUP.InstallX.SafeInstall.Installer (M), PUP.InstallX.SafeInst.Installer (M)
96.30%

Dr.Web
Adware.Downware.9715, Adware.Downware.2512, Adware.Downware.9946, Adware.Downware.9371
96.30%

AVG
Generic_r, InstallIQ, Adware BundleApp
96.30%

Malwarebytes
PUP.Optional.SafeInstall.A
92.59%

K7 AntiVirus
Unwanted-Program , Trojan
92.59%

NANO AntiVirus
Riskware.Win32.Searcher.csnymk
92.59%

Kaspersky
not-a-virus:Downloader.NSIS.Agent
92.59%

Comodo Security
Application.Win32.InstallIQ.B
92.59%

VIPRE Antivirus
InstallIQ Installer, Threat.4783689
92.59%

Sophos
PUA 'InstallQ'
92.59%

Avira AntiVirus
APPL/InstallIQ.Gen4, PUA/InstallIQ.Gen4
92.59%

G Data
Gen:Variant.Application.Bundler.Graftor.155902, Win32.Application.InstallIQ, Application.Bundler.InstallIQ
92.59%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
92.59%

Panda Antivirus
Trj/Genetic.gen, Generic Suspicious, Trj/CI.A
92.59%

IKARUS anti.virus
PUA.InstallIQ, Win32.Heur, AdWare.InstallIQ
92.59%

The domain dl2.vip0installer.com has been seen to resolve to the following 4 IP addresses.

January 4, 2016

May 5, 2015

cdn-208-111-160-6.iad.llnw.net
February 26, 2015

cdn-208-111-161-254.iad.llnw.net
February 26, 2015

File downloads found at URLs served by dl2.vip0installer.com.

2 / 68      (false positives)

1 / 68      (Adware)

46 / 68    (Adware)

37 / 68    (Adware)

2 / 68      (false positives)

34 / 68    (Adware)

28 / 68    (Adware)

35 / 68    (Adware)

34 / 68    (Adware)

35 / 68    (Adware)

37 / 68    (Adware)

35 / 68    (Adware)

34 / 68    (Adware)

37 / 68    (Adware)

38 / 68    (Adware)

34 / 68    (Adware)

34 / 68    (Adware)

34 / 68    (Adware)

34 / 68    (Adware)

19 / 68    (Adware)

34 / 68    (Adware)

26 / 68    (Adware)

34 / 68    (Adware)

34 / 68    (Adware)

34 / 68    (Adware)

34 / 68    (Adware)

35 / 68    (Adware)

35 / 68    (Adware)

The following 85 files have been seen to comunicate with dl2.vip0installer.com in live environments.

 
Latest 20 of 135 files

URL:
http://dl2.vip0installer.com/

Title:
“vip0installer.com”

Web server:
Apache