» files.itemdb.com
Overview
Analysis
IPs Addresses (1)
Downloads (1)
Website Detail

files.itemdb.com

Network OperationsZZZ ChangeIP

Domain Information

The domain files.itemdb.com registered by Network OperationsZZZ ChangeIP was initially registered in March of 2001 through RETHEM HOSTING LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.

Registrant:

Network OperationsZZZ ChangeIP

Registrar:

RETHEM HOSTING LLC

Server location:

Noord-Holland, Netherlands (NL)

Create date:

Friday, March 30, 2001

Expires date:

Thursday, March 30, 2017

Updated date:

Monday, June 15, 2015

Root domain:

itemdb.com

Whois:

1 itemdb.com record

Google Safe Browsing:

unwanted

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

Dr.Web

BackDoor.Andromeda.614

100.00%

avast!

Win32:Evo-gen [Susp]

100.00%

Emsisoft Anti-Malware

Gen:Variant.Graftor.226237

100.00%

Lavasoft Ad-Aware

Gen:Variant.Graftor.226237

100.00%

Norman

Gen:Variant.Graftor.226237

100.00%

VIPRE Antivirus

Threat.5200289

100.00%

The domain files.itemdb.com has been seen to resolve to the following IP address.

85.159.208.24

li711-24.members.linode.com

January 4, 2016

File downloads found at URLs served by files.itemdb.com.

6 / 68 (Malware)

http://files.itemdb.com/.../4Shared_File_173721167.2015.exe (bd28dd8a91921df4e61c9c476d1abd68)

URL:

http://files.itemdb.com/

Title:

“Welcome to nginx!”

Web server:

nginx/1.4.6 (Ubuntu)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.