home

download.cdn.jzip.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain download.cdn.jzip.com is registered by proxy through GODADDY.COM, LLC and was originally registered in November of 2000. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the nLayer Communications Internal/Backbone network.
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Thursday, November 2, 2000

Expires date:
Thursday, November 2, 2017

Updated date:
Wednesday, September 9, 2015

ASN:
AS4436 AS-GTT-4436 - nLayer Communications, Inc.,US

Root domain:
jzip.com

Whois:
3 jzip.com records

Google Safe Browsing:
malware,unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.BandooMedia.J, PUP.Optional.Installer.BandooMedia.T, PUP.Optional.Installer.T, PUP.Optional.Installer.Q, PUP.Installer.DiscordiaLimited.H, PUP.Discordia.Installer (M), Win32.Generic.Bandoo.Installer.Meta, PUP.Bandoo.BandooMedia.Installer (M), PUP.Bandoo.BandooMe.Installer (M), PUP.Bandoo (M)
100.00%

ESET NOD32
Win32/Toolbar.SearchSuite (variant)
50.00%

Dr.Web
Adware.Bandoo.12, Adware.Bandoo.13, Adware.Bandoo.11, Adware.Bandoo.3, Adware.Bandoo.7
47.22%

Trend Micro House Call
TROJ_GEN.F47V0314, TROJ_GEN.F47V0401, TROJ_GEN.F47V0312, Suspicious_GEN.F47V0617, Suspicious_GEN.F47V0723, TROJ_PAM_0000000299.T3
33.33%

Fortinet FortiGate
Adware/Toolbar, Riskware/Toolbar_SearchSuite, Riskware/SearchSuite, Riskware/Win64_SearchSuite, av_analysis
33.33%

NANO AntiVirus
Trojan.Win32.Downware.crewao
22.22%

Rising Antivirus
PE:Trojan.Dropper!6.1BE
19.44%

AVG
MalSign.Generic, av_analysis
13.89%

Malwarebytes
PUP.Optional.Bandoo.A
11.11%

Emsisoft Anti-Malware
Riskware.Win32.Toolbar.SearchSuite.AMN
11.11%

Panda Antivirus
Trj/Chgt.A, Trj/Chgt.C, av_analysis
11.11%

IKARUS anti.virus
PUA.Bandoo, PUA.SearchSuite, av_analysis
11.11%

McAfee
Artemis!587378581006, Generic PUP.y, Artemis!128DE21C54CE
8.33%

VIPRE Antivirus
Trojan.Win32.Generic
8.33%

Kaspersky
not-a-virus:AdWare.Win32.BHO, not-a-virus:WebToolbar.Win64.SearchSuite
8.33%

The domain download.cdn.jzip.com has been seen to resolve to the following 66 IP addresses.

208.111.161.254
cdn-208-111-161-254.iad.llnw.net
April 4, 2016

208.111.160.6
cdn-208-111-160-6.iad.llnw.net
April 4, 2016

23.220.148.8
a23-220-148-8.deploy.static.akamaitechnologies.com
March 3, 2016

23.0.160.88
a23-0-160-88.deploy.static.akamaitechnologies.com
February 16, 2016

23.0.160.97
a23-0-160-97.deploy.static.akamaitechnologies.com
February 16, 2016

168.143.242.224
February 11, 2016

168.143.242.227
February 11, 2016

23.220.148.41
a23-220-148-41.deploy.static.akamaitechnologies.com
February 7, 2016

23.220.148.18
a23-220-148-18.deploy.static.akamaitechnologies.com
February 7, 2016

23.15.7.131
a23-15-7-131.deploy.static.akamaitechnologies.com
January 30, 2016

96.6.113.226
a96-6-113-226.deploy.akamaitechnologies.com
May 5, 2015

96.6.113.161
a96-6-113-161.deploy.akamaitechnologies.com
May 5, 2015

173.223.204.90
a173-223-204-90.deploy.static.akamaitechnologies.com
May 4, 2015

173.223.204.83
a173-223-204-83.deploy.static.akamaitechnologies.com
May 4, 2015

173.223.205.114
a173-223-205-114.deploy.static.akamaitechnologies.com
May 4, 2015

173.223.205.40
a173-223-205-40.deploy.static.akamaitechnologies.com
May 4, 2015

184.26.44.106
a184-26-44-106.deploy.static.akamaitechnologies.com
May 4, 2015

184.26.44.98
a184-26-44-98.deploy.static.akamaitechnologies.com
May 4, 2015

184.25.157.80
a184-25-157-80.deploy.static.akamaitechnologies.com
May 3, 2015

184.25.157.82
a184-25-157-82.deploy.static.akamaitechnologies.com
May 3, 2015

23.67.243.56
a23-67-243-56.deploy.static.akamaitechnologies.com
May 2, 2015

184.29.105.177
a184-29-105-177.deploy.static.akamaitechnologies.com
April 14, 2015

184.50.229.153
a184-50-229-153.deploy.static.akamaitechnologies.com
September 5, 2014

184.50.229.167
a184-50-229-167.deploy.static.akamaitechnologies.com
September 5, 2014

69.31.29.191
ip-69-31-29-191.nlayer.net
September 5, 2014

69.31.29.199
ip-69-31-29-199.nlayer.net
September 5, 2014

23.77.208.176
a23-77-208-176.deploy.static.akamaitechnologies.com
September 3, 2014

23.77.208.160
a23-77-208-160.deploy.static.akamaitechnologies.com
September 3, 2014

23.62.6.40
a23-62-6-40.deploy.static.akamaitechnologies.com
September 2, 2014

23.62.6.43
a23-62-6-43.deploy.static.akamaitechnologies.com
September 2, 2014

 
Showing 30 of 66 IP Addresses

File downloads found at URLs served by download.cdn.jzip.com.

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r113-n-bf.exe  (d812cdd5b67ca0b761df1d86048910f2)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r136-n-bi.exe  (de58a1d313b583e1ab4e3ce147188829)

14 / 68    (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r276-w-bi.exe  (jzipsetup-r279-n-bf.exe)

14 / 68    (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r113-n-bi.exe  (jzipsetup-r279-n-bf.exe)

4 / 68      (PUP)
http://download.cdn.jzip.com/.../jZipV1c.exe  (3896dc4dbabcff8a6777f58012644e35)

3 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r284-n-bi.exe  (jzipsetup-r230-n-bi.exe)

3 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r231-n-bf.exe  (jzipsetup-r230-n-bi.exe)

9 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup.exe  (1d678d52e1b398b232a92cffa72e1cbf)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r32-n-bi.exe  (a65d2464cc526cc42438944837423e33)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup.exe  (1231206a66e73cfe68fe2be1792d5a55)

13 / 68    (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r373-n-bf.exe  (jzipsetup-r286-n-bc.exe)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r9-n-bi.exe  (fc1c937832b9558152683fb55dbf6ea5)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r3-n-bi.exe  (0cf29a39c22367adc88e013f7465abc8)

13 / 68    (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r312-n-bi.exe  (jzipsetup-r286-n-bc.exe)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r8-n-bi.exe  (1358345d06281f1ed63a3016c9cd654a)

7 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup.exe  (fe362c3736b8cd1ff97c19bd211b87bb)

3 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r291-w-bi.exe  (jZipSetup-r100-w-bc.exe)

3 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r279-n-bf.exe  (jzipsetup-r230-n-bi.exe)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r428-n-bi.exe  (0a756a8bd1a9cf8a4079afa79222bead)

3 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r182-n-bf.exe  (jZipSetup-r100-w-bc.exe)

14 / 68    (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r230-n-bi.exe  (jzipsetup-r279-n-bf.exe)

3 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r284-n-bc.exe  (jzipsetup-r230-n-bi.exe)

8 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup.exe  (f99b95ff8ec41bbb7addf7ccedaa8f60)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r279-n-bi.exe  (8f495b1e13044329d2e63320a8444eb0)

3 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r264-w-bi.exe  (jZipSetup-r100-w-bc.exe)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r136-n-bf.exe  (318bf627a2b3517e9ebe2c2437f9699e)

7 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup.exe  (80517bca1287ebda55d586a4722b03bf)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r0-n.exe  (836ef1227dae03cf1b045ef2bbc4468c)

1 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r170-n-bf.exe  (df98f7770b2bef8e55b67560389c34a7)

5 / 68      (PUP)
http://download.cdn.jzip.com/cdn/r/.../jZipSetup-r100-w-bi.exe  (jzipsetup-r237-n-bc.exe)

 
Latest 30 of 220 download URLs

The following 617 files have been seen to comunicate with download.cdn.jzip.com in live environments.

TCP » 208.111.161.254:80
AppVerifierapc.exe (AppApcVerifier)

TCP » 208.111.160.6:80
AppVerifierapc.exe (AppApcVerifier)

TCP » 208.111.161.254:80
crossbrowse.exe (Crossbrowse)

TCP » 184.26.44.106:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.106:80
crossbrowse.exe (Crossbrowse)

TCP » 208.111.160.6:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 208.111.161.254:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.98:80
cpx.exe (Google Embedded Application)

TCP » 23.15.7.137:80
browser.exe (Browser)

TCP » 208.111.161.254:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 208.111.160.6:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 208.111.160.6:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 208.111.160.6:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 208.111.161.254:80
Patcher.exe (Audition Patcher by Axeso5.com)

TCP » 184.26.44.98:443
dailywiki.exe

TCP » 208.111.161.254:80
sysmon.exe (SysMon)

TCP » 184.26.44.98:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 208.111.160.6:80
SimpleMalwareProtector.exe (Simple Malware Protector by SimpleStar)

TCP » 208.111.161.254:80
AdvancedSystemProtector.exe (ASP)

TCP » 208.111.160.6:80
AdvancedSystemProtector.exe (ASP)

 
Latest 20 of 699 files

URL:
http://download.cdn.jzip.com/

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.