home

ini.ttu98fei.com

qinglunguo

Domain Information

The domain ini.ttu98fei.com registered by qinglunguo was initially registered in March of 2015 through ENAME TECHNOLOGY CO., LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Zhuhai, Guangdong within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
ENAME TECHNOLOGY CO., LTD.

Server location:
Guangdong, China (CN)

Create date:
Monday, March 30, 2015

Expires date:
Wednesday, March 30, 2016

Updated date:
Tuesday, May 12, 2015

ASN:
AS58543 CHINATELECOM-GUANGDONG-IDC Guangdong,CN

Root domain:
ttu98fei.com

Whois:
1 ttu98fei.com record

Google Safe Browsing:
malware

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

MicroWorld eScan
Application.Generic.1270411
100.00%

McAfee
Artemis!9E794D29B942
100.00%

Malwarebytes
PUP.Optional.Chinad.C
100.00%

Zillya! Antivirus
Downloader.Adload.Win32.19638
100.00%

K7 AntiVirus
Adware
100.00%

Trend Micro House Call
Suspicious_GEN.F47V0512
100.00%

avast!
Win32:Adware-gen [Adw]
100.00%

Lavasoft Ad-Aware
Application.Generic.1270411
100.00%

VIPRE Antivirus
Trojan.Win32.Generic
100.00%

ESET NOD32
Win32/Adware.WDJiange (variant)
100.00%

IKARUS anti.virus
PUA.WDJiange
100.00%

The domain ini.ttu98fei.com has been seen to resolve to the following IP address.

183.61.16.141
May 15, 2015

File downloads found at URLs served by ini.ttu98fei.com.

11 / 68    (PUP)
http://ini.ttu98fei.com/hezi/.../setup_hh-043.exe  (f_00022e)

URL:
http://ini.ttu98fei.com/

Title:
“403 Forbidden”

Web server:
nginx/1.4.2

xiaoxinrili.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.