freempr9.jrcaaa.com

Only contact by email, all postal mail will be rejected  (Proxy Registrant)

Domain Information

The domain freempr9.jrcaaa.com is registered by proxy through SOLUCIONES CORPORATIVAS IP, SL and was originally registered in September of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Madrid, Madrid within Spain which resides on the RIPE Network Coordination Centre network.
Registrar:
SOLUCIONES CORPORATIVAS IP, SL

Server location:
Madrid, Spain (ES)

Create date:
Tuesday, September 23, 2014

Expires date:
Friday, September 23, 2016

Updated date:
Tuesday, August 25, 2015

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.AstroDeliveryFriedCookie.e, PUP.FreeSoftware.e, PUP.CodeTechno.FF, PUP.Tightrope.Bundler, PUP.Installer.InstallCore.ironSource, PUP.Installer.FreeSoftware, PUP.DownloadAdmin.CodeTechno.Installer (M), PUP.Air Software.InstallerSetup (M), PUP.Tightrope.Sanflex.Bundler (M), PUP.InstallCore.FC.Installer (M), PUP.Outbrowse.ClickYes.Bundler (M), PUP.DownloadAdmin.CodeTech.Installer (M), PUP.Outbrowse.Outborwse.Installer (M), PUP.Air Software.Installe.Installer (M), PUP.Outbrowse (M), PUP.DownloadAdmin (M), PUP.InstallCore.FC (M), PUP.Air Software (M)
100.00%

VIPRE Antivirus
InstallCore, Vittalia Installer, Trojan.Win32.Generic, DownloadAdmin, Threat.4786018, Threat.4782551, Threat.4150696, Threat.4782985
34.09%

Malwarebytes
PUP.Optional.FriedCookie, PUP.Optional.BundleInstaller, PUP.Optional.DownloadAdmin, PUP.Optional.InstallCore, PUP.Optional.AirInstall
31.82%

AVG
Generic
31.82%

Dr.Web
Trojan.InstallCore.15, Adware.Downware.2220, Trojan.DownLoad3.35287, Adware.Iminent.4
27.27%

Avira AntiVirus
ADWARE/InstallCore.Gen7, ADWARE/InstallCore.Gen9, ADWARE/Adware.Gen, APPL/InstallCo.ewbs, PUA/InstallCore.Gen, TR/Dropper.Gen
27.27%

ESET NOD32
Win32/InstallCore.RO (variant), Win32/InstallCore.RZ (variant), Win32/InstallCore.SC (variant), Win32/DownloadAdmin (variant)
25.00%

Trend Micro House Call
Suspicious_GEN.F47V1120, Suspicious_GEN.F47V1201, Suspicious_GEN.F47V1205, Suspicious_GEN.F47V1202, Suspicious_GEN.F47V1203
20.45%

Sophos
Generic PUA NP, Generic PUA NG, Generic PUA NI, Generic PUA IB, PUA 'InstallCore ToDownload', Generic PUA KN, Download Admin
20.45%

K7 AntiVirus
Unwanted-Program , Trojan
20.45%

Baidu Antivirus
Adware.Win32.InstallCore
11.36%

Qihoo 360 Security
Win32/Virus.Adware.94c, Win32/Virus.Adware.f22, HEUR/QVM42.0.Malware.Gen
11.36%

McAfee
Artemis!277182093948, Artemis!E512F6F1B7E4, Artemis!062B257A9C36, Artemis!71FDA62E4885, Artemis!AF3E0231E84F
11.36%

Agnitum Outpost
Riskware.Agent, PUA.InstallCore, PUA.AirAd
11.36%

NANO AntiVirus
Riskware.Win32.Downware.djahkt, Riskware.Win32.InstallCore.dnqbyw, Riskware.Win32.Iminent.djreap
11.36%

The domain freempr9.jrcaaa.com has been seen to resolve to the following 5 IP addresses.

152.130.70.109.factoriadigital.com
January 6, 2016

November 19, 2015

July 23, 2015

rack24u4.hispaweb.net
May 2, 2015

November 29, 2014

File downloads found at URLs served by freempr9.jrcaaa.com.

1 / 68      (PUP)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (PUP)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (PUP)

1 / 68      (PUP)

6 / 68      (Adware)

11 / 68    (Adware)

6 / 68      (Adware)

19 / 68    (Adware)

12 / 68    (Adware)

7 / 68      (Adware)

12 / 68    (Adware)

15 / 68    (PUP)

13 / 68    (Adware)

11 / 68    (Adware)

14 / 68    (Adware)

8 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (PUP)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (Adware)

 
Latest 30 of 449 download URLs

URL:
http://freempr9.jrcaaa.com/

Google Analytics:
UA-49362613

Title:
“Flash Player”

Web server:
nginx/1.4.6 (Ubuntu) (PHP/5.5.9-1ubuntu4.14)