The domain downloads.shoppingsuggestion.com is registered by proxy through NAMESILO, LLC and was originally registered in August of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Registrant:
See PrivacyGuardian.org
Server location:
Dublin City, Ireland (IE)
Create date:
Sunday, August 30, 2015
Expires date:
Tuesday, August 30, 2016
Updated date:
Friday, September 18, 2015
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.
Google Safe Browsing:
unwanted
Scanner detections:
Detections (90% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Startup.WhiteSeaMedia.H, PUP.Installer.WhiteSeaMedia.G, PUP.Installer.WhiteSeaMedia.I, PUP.WhiteSeaMedia.D, PUP.WhiteSeaMedia.H
90.00%
VIPRE Antivirus
Backdoor.Win32.Ircbot.gen, Trojan.Win32.Generic
80.00%
Dr.Web
Trojan.BtcMine.221, Trojan.DownLoader9.14651
70.00%
avast!
Win32:BitCoinMiner-FC [Trj], Win32:BitCoinMiner-FE [Trj]
65.00%
McAfee
Artemis!2E99F4134CB2, Artemis!F48BE0D9D7F0, Artemis!3A5C8781F32D, Artemis!52EE82A48F0A, Artemis!3934F6AE093A, Artemis!4984E24035DD, Artemis!7401069E17F1, Artemis!46D95B452500, Artemis!B5040CE994C6, Artemis!7A14A7B92FE9
60.00%
Trend Micro House Call
TROJ_GEN.F47V1129, TROJ_GEN.F47V0101, TROJ_GEN.F47V1213, TROJ_GEN.F47V1214, PAK_Generic.016, TROJ_GEN.F47V0114, TROJ_GEN.F47V1223
60.00%
AVG
CoinMiner, BitCoinMiner.B, MalSign.Generic, Win32/DH, Win32/PolyCrypt
50.00%
Emsisoft Anti-Malware
Trojan.Downloader.JQGJ, Trojan.Win32.Miner, Gen:Variant.Strictor.49187, Adware.XpAntivirus.AJ, Gen:Variant.Zusy.79593
40.00%
IKARUS anti.virus
Trojan-Downloader, Win32.BitCoinMiner, Win32.SuspectCrc
40.00%
G Data
Trojan.Downloader.JQGJ, Gen:Variant.Strictor.49187, Win32.Trojan.Agent.B4D2N2, Gen:Variant.Zusy.79593
35.00%
Norman
CoinMiner.S, Downloader
35.00%
Vba32 AntiVirus
Trojan.Miner.abi, suspected of Trojan.Downloader.gen.h
35.00%
MicroWorld eScan
Trojan.Downloader.JQGJ, Gen:Variant.Strictor.49187, Gen:Variant.Zusy.79593
30.00%
Bitdefender
Trojan.Downloader.JQGJ, Gen:Variant.Strictor.49187, Gen:Variant.Zusy.79593
30.00%
Lavasoft Ad-Aware
Trojan.Downloader.JQGJ, Gen:Variant.Strictor.49187, Gen:Variant.Zusy.79593
30.00%
The domain downloads.shoppingsuggestion.com has been seen to resolve to the following 3 IP addresses.
ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
April 5, 2016
File downloads found at URLs served by downloads.shoppingsuggestion.com.
The following 218 files have been seen to comunicate with downloads.shoppingsuggestion.com in live environments.
URL:
http://downloads.shoppingsuggestion.com/
Google Analytics:
UA-48689684
Title:
“shoppingsuggestion.com”
Network:
Amazon Web Services (AWS), running an EC2 instance
Related Domains
30 of 618 related domains