home

downprov.gas-split.com

Corp New Ventures Services

Domain Information

The domain downprov.gas-split.com registered by Corp New Ventures Services was initially registered in October of 2015 through DOMAINCONTEXT, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Singapore, Singapore within Singapore which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
Registrar:
MAGNOLIA DOMAINS, LLC

Server location:
Singapore, Singapore (SG)

Create date:
Monday, October 19, 2015

Expires date:
Wednesday, October 19, 2016

Updated date:
Monday, October 26, 2015

ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Root domain:
gas-split.com

Whois:
3 gas-split.com records

Scanner detections:
Detections  (69% detected)

Scan engine
Details
Detections

VIPRE Antivirus
Threat.4657539, Trojan.Win32.Generic.pak!cobra
93.75%

Clam AntiVirus
Win.Adware.Amonetize-511, Win.Adware.Amonetize-703
87.50%

Comodo Security
Application.Win32.LoadMoney.IARS
75.00%

Trend Micro House Call
Suspicious_GEN.F47V0120, Suspicious_GEN.F47V0128, TROJ_GEN.R047H09B315, Suspicious_GEN.F47V0127, Suspicious_GEN.F47V0129, Suspicious_GEN.F47V0209
65.63%

Qihoo 360 Security
HEUR/QVM42.0.Malware.Gen, HEUR/QVM16.0.Malware.Gen, HEUR/QVM11.1.Malware.Gen
50.00%

avast!
Malware-gen, PUP-gen [PUP], Win32:Malware-gen, Win32:Trojan-gen, Win32:PUP-gen [PUP]
46.88%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize, UDS:DangerousObject.Multi.Generic, not-a-virus:AdWare.Win32.Amonetize
28.13%

Baidu Antivirus
Adware.Win32.Amonetize, PUA.Win32.Amonetize, PUA.Win32.AskToolbar
28.13%

NANO AntiVirus
Trojan.Nsis.Amonetize.dnxabb
25.00%

McAfee
Artemis!8EFE087C46A4, Artemis!085E52E743A9, Artemis!B32827EEAE1D, Artemis!66E18A4F12C1, Artemis!0C0D5116F37F, Artemis!8E5562B35464
21.88%

K7 AntiVirus
Adware
18.75%

Avira AntiVirus
Adware/Amonetize.289069, Adware/Amonetize.289159, ADWARE/AgentCV.A.11149, Adware/AgentCV.A.8508, ADWARE/AgentCV.A.11195
15.63%

G Data
Gen:Trojan.Heur2.FU.jD0@ayM0@hci, Win32.Trojan.Agent.K8TH6Q, Win32.Trojan.Agent.UXDSGZ
9.38%

ESET NOD32
Win32/Amonetize.DJ potentially unwanted, Win32/Amonetize.DK potentially unwanted
9.38%

Panda Antivirus
Generic Suspicious, Trj/CI.A
9.38%

The domain downprov.gas-split.com has been seen to resolve to the following 5 IP addresses.

204.11.56.48
December 23, 2015

141.8.225.244
October 19, 2015

208.91.197.108
August 11, 2015

104.28.23.82
May 4, 2015

104.28.22.82
May 4, 2015

File downloads found at URLs served by downprov.gas-split.com.

0 / 68
http://downprov.gas-split.com/p/.../cxc physics past papers_10924_i23197075_il345.exe  (0ef5299f9654705f9a1b59305b3881ae)

2 / 68      (PUP)
http://downprov.gas-split.com/p/.../keil uvision 4 full version with crack_10924_i23326461_il345.exe  (b1c3a3b34660caf852e4229efe01b201)

6 / 68      (inconclusive)
http://downprov.gas-split.com/p/.../lesley hazleton after the prophet_10924_i22935368_il345.exe  (cadwork 3d_10924_i22937116_il345.exe)

0 / 68
http://downprov.gas-split.com/p/.../muzica veche anii 60_10924_i22951045_il345.exe  (92f49bb07edbb30beb21a7d0b06c2247)

3 / 68      (inconclusive)
http://downprov.gas-split.com/p/.../curtain call the hits zip_10924_i23398678_il345.exe  (asus live update wont download_10924_i23398770_il345.exe)

1 / 68      (inconclusive)
http://downprov.gas-split.com/p/.../Cara Install Microsoft Office 2010 Professional Plus_10924_i23115421_il345.exe  (ce7f4b2693423c4582901c0f5bbe3720)

13 / 68    (PUP)
http://downprov.gas-split.com/p/.../orson pratt the seer_10924_i23190455_il345.exe  (minecraft 1.7.2 cracked [full installer] [online] [server list]_10924_i23191889_il345.exe)

7 / 68      (PUP)
http://downprov.gas-split.com/p/PWUnH0aAPXg0SsjMoK7-Pw,1422490726/.../Août 2014 PDF FRENCH_10924_i23108327_il345.exe  (le royaume des cieux film_10924_i23108712_il345.exe)

6 / 68      (PUP)
http://downprov.gas-split.com/p/JrGRgbuRk96Ic4KohXYcDA,1422493408/.../Août 2014 PDF FRENCH_10924_i23129505_il345.exe  (son zouk_10924_i22904656_il345.exe)

8 / 68      (PUP)
http://downprov.gas-split.com/p/.../bordertown dvd torrent.zip_10924_i22731410_il345.exe  (spyhunter 4 crack serial full version free download_10924_i22737829_il345.exe)

0 / 68
http://downprov.gas-split.com/p/uJXUpDRAroRk5n9EiSSjIg,1422492439/.../Août 2014 PDF FRENCH_10924_i23121908_il345.exe  (bba6b9cfeeeeb012989d85d6c81e4023)

0 / 68
http://downprov.gas-split.com/p/oH4teuXn6k9P01DPdMixfw,1422492544/.../Août 2014 PDF FRENCH_10924_i23122769_il345.exe  (a81da15faebefccc01dff0518e788207)

6 / 68      (PUP)
http://downprov.gas-split.com/p/.../transformice multihack v3 8_10924_i22827447_il345.exe  (ab87e42a4f6bd4f444d97df6898233b4)

6 / 68      (inconclusive)
http://downprov.gas-split.com/p/.../cadwork 3d_10924_i22937116_il345.exe  (54ab48f3eb36d2345da7995e830edada)

6 / 68      (PUP)
http://downprov.gas-split.com/p/.../best cracked servers 1.7.10_10924_i23002580_il345.exe  (malayalam tv channels software_10924_i23004686_il345.exe)

12 / 68    (PUP)
http://downprov.gas-split.com/p/.../play pokemon online no gold_10924_i23127419_il345.exe  (age of kings 2 b2125 b5013_10924_i23125681_il345.exe)

9 / 68      (PUP)
http://downprov.gas-split.com/p/.../schematic drawing software_10924_i23064585_il345.exe  (4fb195d24ae3a289a3b81d5bede487f2)

6 / 68      (PUP)
http://downprov.gas-split.com/p/.../masked rider ryuki games_10924_i22847961_il345.exe  (7586ba2d87458e87a47f893b9ee39384)

5 / 68      (inconclusive)
http://downprov.gas-split.com/p/.../cape chemistry past papers_10924_i23035147_il345.exe  (ati radeon drivers window 7_10924_i23033195_il345.exe)

8 / 68      (PUP)
http://downprov.gas-split.com/p/.../gdz 2 klas f m rvknd l v olyanitska matematika 1384968899_10924_i22739554_il345.exe  (spyhunter 4 crack serial full version free download_10924_i22737829_il345.exe)

6 / 68      (PUP)
http://downprov.gas-split.com/p/.../gdz 2 klas f m rvknd l v olyanitska matematika 1384968899_10924_i22735915_il345.exe  (e6d74576298604a06e1466b6a311f0cf)

3 / 68      (PUP)
http://downprov.gas-split.com/p/.../contoh gambar globalisasi budaya_10924_i23222465_il345.exe  (6908bddf68a45ab78e535c86150ac8b3)

8 / 68      (PUP)
http://downprov.gas-split.com/p/.../définition col legno musique_10924_i22727828_il345.exe  (spyhunter 4 crack serial full version free download_10924_i22737829_il345.exe)

5 / 68      (PUP)
http://downprov.gas-split.com/p/.../crack digital film tools ez mask 2.0_10924_i23102735_il345.exe  (trojan remover and crack_10924_i23104494_il345.exe)

7 / 68      (PUP)
http://downprov.gas-split.com/p/.../CD DVD Tools.rar_10924_i23062473_il345.exe  (1711e09a7f400bfe27db339f69f30caa)

6 / 68      (PUP)
http://downprov.gas-split.com/p/.../massage intake forms_10924_i22762688_il345.exe  (be4b6b32a1bd4c3c0459a11168f1c544)

9 / 68      (PUP)
http://downprov.gas-split.com/p/.../dom kennedy mixtapes_10924_i23213396_il345.exe  (e86cf877dc5bec1824fe6e2f6b7b0555)

6 / 68      (PUP)
http://downprov.gas-split.com/p/.../john frusciante shadows collide with people_10924_i22946173_il345.exe  (c351b26de028acc127e1b562b05fe8fd)

5 / 68      (PUP)
http://downprov.gas-split.com/p/.../boxer dogs for sale in ireland_10924_i22744537_il345.exe  (password ifeelmyself crack_10924_i22740541_il345.exe)

11 / 68    (PUP)
http://downprov.gas-split.com/p/.../jpedal crack_10924_i23051365_il345.exe  (8e5562b35464663120ad37b1c3b084db)

 
Latest 30 of 43 download URLs

The following 2 files have been seen to comunicate with downprov.gas-split.com in live environments.

TCP » 204.11.56.48:80
chrome.crx

TCP » 204.11.56.48:80
chrome.crx

URL:
http://downprov.gas-split.com/

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.