» go.padsdelivery.com
Overview
Analysis
IPs Addresses (12)
Downloads (8)
Website Detail

go.padsdelivery.com

Whois Privacy (enumDNS dba)

Domain Information

The domain go.padsdelivery.com registered by Whois Privacy (enumDNS dba) was initially registered in April of 2014 through EURODNS S.A. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.

Registrant:

Whois Privacy (enumDNS dba)

Registrar:

EURODNS S.A

Server location:

Noord-Holland, Netherlands (NL)

Create date:

Thursday, April 10, 2014

Expires date:

Monday, April 10, 2017

Updated date:

Friday, February 26, 2016

ASN:

AS35415 WEBZILLA Webzilla B.V.,NL

Root domain:

padsdelivery.com

Whois:

3 padsdelivery.com records

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.PCFaster (L), PUP.Installer.TEHSNABSTROY.d, PUP.AstroDeliveryFriedCookie.e

100.00%

Dr.Web

Adware.Downware.8012, Trojan.InstallCore.15

33.33%

Avira AntiVirus

ADWARE/Adware.Gen, ADWARE/InstallCore.Gen7

33.33%

ESET NOD32

Win32/Amonetize.BM (variant), Win32/InstallCore.RO (variant)

33.33%

AVG

Generic

33.33%

Qihoo 360 Security

Win32/Application.c7d, Win32/Virus.Adware.94c

33.33%

NANO AntiVirus

Riskware.Win32.Amonetize.ddtnan

16.67%

Kaspersky

not-a-virus:AdWare.Win32.Amonetize

16.67%

Bitdefender

Gen:Variant.Application.Bundler.Amonetize.12

16.67%

Agnitum Outpost

PUA.Amonetize

16.67%

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.Amonetize.12

16.67%

AhnLab V3 Security

PUP/Win32.Amonetize

16.67%

G Data

Gen:Variant.Application.Bundler.Amonetize.12

16.67%

McAfee

Artemis!950E4FBCE159

16.67%

Malwarebytes

PUP.Optional.FriedCookie

16.67%

The domain go.padsdelivery.com has been seen to resolve to the following 12 IP addresses.

May 25, 2016

May 25, 2016

May 25, 2016

May 25, 2016

v-6-07-4-d5395-230.webazilla.com

November 25, 2015

November 25, 2015

November 29, 2014

November 29, 2014

November 29, 2014

November 29, 2014

November 29, 2014

November 29, 2014

File downloads found at URLs served by go.padsdelivery.com.

13 / 68 (Adware)

http://go.padsdelivery.com/ck.php?oaparams=2__bannerid=95328__zoneid=22685__OXLCA=1__cb=907f95484e__oadest=http://.../?id=p191&sub=ar&name=File.Download&nor=1&subid=${SUBID} (downloadsetup__7818_i1194465443_il5.exe)

1 / 68 (PUP)

http://go.padsdelivery.com/ck.php?oaparams=2__bannerid=125708__zoneid=86854__OXLCA=1__cb=abd6135a8a__oadest=http://apx.rdkt.avazutracking.net/.../redirect.php?apxcode=891489&id=eToam3jMIWuXKN2QeOjMIWuXeU4aK5-0N-0N&dv1=${SUBID} (pc_faster_setup_mini_e99_6906495116.exe)

13 / 68 (Adware)

http://go.padsdelivery.com/ck.php?oaparams=2__bannerid=129720__zoneid=100995__OXLCA=1__cb=4818942828__oadest=http://.../?page=flowplayerregister&a_aid=5194f9ebcca72&a_bid=72491354&clickid=${SUBID}&pubid=100995 (installer_adobe_flash_player_english.exe)

1 / 68 (PUP)

http://go.padsdelivery.com/ck.php?oaparams=2__bannerid=125712__zoneid=60911__OXLCA=1__cb=a4b309f22b__oadest=http://apx.rdkt.avazutracking.net/.../redirect.php?apxcode=891489&id=eToam3jMIWuXKN2ne3jMIWuXeU4aK5-0N-0N&dv1=${SUBID} (pc_faster_setup_mini_b98_7380973651.exe)

1 / 68 (PUP)

http://go.padsdelivery.com/ck.php?oaparams=2__bannerid=125804__zoneid=78393__OXLCA=1__cb=76396606b2__oadest=http://apx.irck.avazutracking.net/.../redirect.php?apxcode=891489&id=eToam3jMIWuXKN2QeRjMIWuXeU4aK5-0N-0N&dv1=${SUBID} (pc_faster_setup_mini_i67_6029300102.exe)

1 / 68 (PUP)

http://go.padsdelivery.com/ck.php?oaparams=2__bannerid=140737__zoneid=62394__OXLCA=1__cb=ff429cc0c0__oadest=http://apx.rdkt.avazutracking.net/.../redirect.php?apxcode=891489&id=eToam3jMIWuXKN2ne3jMIWuXeU4aK5-0N-0N&dv1=${SUBID} (pc_faster_setup_mini_b98_7380973651.exe)

1 / 68 (PUP)

http://go.padsdelivery.com/ck.php?oaparams=2__bannerid=125706__zoneid=92610__OXLCA=1__cb=18669bcf84__oadest=http://apx.rdkt.avazutracking.net/.../redirect.php?apxcode=891489&id=eToam3jMIWuXKN2QeOjMIWuXeU4aK5-0N-0N&dv1=${SUBID} (pc_faster_setup_mini_e99_6906495116.exe)

1 / 68 (PUP)

http://go.padsdelivery.com/ck.php?oaparams=2__bannerid=142290__zoneid=60911__OXLCA=1__cb=a19cd859f8__oadest=http://apx.irck.avazutracking.net/.../redirect.php?apxcode=891489&id=eToam3jMIWuXKN2QKzjMIWuXeU4aK5-0N-0N&dv1=${SUBID} (pc_faster_setup_mini_s241_7198520607.exe)

URL:

http://go.padsdelivery.com/

Title:

“Google”

Description:

“Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for.”

SSL certificate subject:

CN=go.padsdelivery.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)15, OU=GT62030710

SSL certificate issuer:

CN=RapidSSL SHA256 CA - G3, O=GeoTrust Inc., C=US

Web server:

gws

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.