The domain freempr9.jrcaaa.com is registered by proxy through SOLUCIONES CORPORATIVAS IP, SL and was originally registered in September of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Madrid, Madrid within Spain which resides on the RIPE Network Coordination Centre network.
Registrant:
Only contact by email, all postal mail will be rejected
Registrar:
SOLUCIONES CORPORATIVAS IP, SL
Server location:
Madrid, Spain (ES)
Create date:
Tuesday, September 23, 2014
Expires date:
Friday, September 23, 2016
Updated date:
Tuesday, August 25, 2015
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.AstroDeliveryFriedCookie.e, PUP.FreeSoftware.e, PUP.CodeTechno.FF, PUP.Tightrope.Bundler, PUP.Installer.InstallCore.ironSource, PUP.Installer.FreeSoftware, PUP.DownloadAdmin.CodeTechno.Installer (M), PUP.Air Software.InstallerSetup (M), PUP.Tightrope.Sanflex.Bundler (M), PUP.InstallCore.FC.Installer (M), PUP.Outbrowse.ClickYes.Bundler (M), PUP.DownloadAdmin.CodeTech.Installer (M), PUP.Outbrowse.Outborwse.Installer (M), PUP.Air Software.Installe.Installer (M), PUP.Outbrowse (M), PUP.DownloadAdmin (M), PUP.InstallCore.FC (M), PUP.Air Software (M)
100.00%
VIPRE Antivirus
InstallCore, Vittalia Installer, Trojan.Win32.Generic, DownloadAdmin, Threat.4786018, Threat.4782551, Threat.4150696, Threat.4782985
34.09%
Malwarebytes
PUP.Optional.FriedCookie, PUP.Optional.BundleInstaller, PUP.Optional.DownloadAdmin, PUP.Optional.InstallCore, PUP.Optional.AirInstall
31.82%
Dr.Web
Trojan.InstallCore.15, Adware.Downware.2220, Trojan.DownLoad3.35287, Adware.Iminent.4
27.27%
Avira AntiVirus
ADWARE/InstallCore.Gen7, ADWARE/InstallCore.Gen9, ADWARE/Adware.Gen, APPL/InstallCo.ewbs, PUA/InstallCore.Gen, TR/Dropper.Gen
27.27%
ESET NOD32
Win32/InstallCore.RO (variant), Win32/InstallCore.RZ (variant), Win32/InstallCore.SC (variant), Win32/DownloadAdmin (variant)
25.00%
Trend Micro House Call
Suspicious_GEN.F47V1120, Suspicious_GEN.F47V1201, Suspicious_GEN.F47V1205, Suspicious_GEN.F47V1202, Suspicious_GEN.F47V1203
20.45%
Sophos
Generic PUA NP, Generic PUA NG, Generic PUA NI, Generic PUA IB, PUA 'InstallCore ToDownload', Generic PUA KN, Download Admin
20.45%
K7 AntiVirus
Unwanted-Program , Trojan
20.45%
Baidu Antivirus
Adware.Win32.InstallCore
11.36%
Qihoo 360 Security
Win32/Virus.Adware.94c, Win32/Virus.Adware.f22, HEUR/QVM42.0.Malware.Gen
11.36%
McAfee
Artemis!277182093948, Artemis!E512F6F1B7E4, Artemis!062B257A9C36, Artemis!71FDA62E4885, Artemis!AF3E0231E84F
11.36%
Agnitum Outpost
Riskware.Agent, PUA.InstallCore, PUA.AirAd
11.36%
NANO AntiVirus
Riskware.Win32.Downware.djahkt, Riskware.Win32.InstallCore.dnqbyw, Riskware.Win32.Iminent.djreap
11.36%
The domain freempr9.jrcaaa.com has been seen to resolve to the following 5 IP addresses.
152.130.70.109.factoriadigital.com
January 6, 2016
rack24u4.hispaweb.net
May 2, 2015
File downloads found at URLs served by freempr9.jrcaaa.com.
Latest 30 of 449 download URLs
URL:
http://freempr9.jrcaaa.com/
Google Analytics:
UA-49362613
Web server:
nginx/1.4.6 (Ubuntu) (PHP/5.5.9-1ubuntu4.14)
Related Domains