home

s.ad127m.com

Domain Information

Server location:
Arizona, United States (US)

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Root domain:
ad127m.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Outbrowse.ClickYes.Bundler (M)
100.00%

The domain s.ad127m.com has been seen to resolve to the following IP address.

184.168.221.39
ip-184-168-221-39.ip.secureserver.net
April 21, 2016

File downloads found at URLs served by s.ad127m.com.

1 / 68      (Adware)
http://s.ad127m.com/event/click/0/pcuBDCWIwWDZeiS21Q-B-CpyhHSgDqSK2saDU3zpckDP6J8K3o0N1VwAoGeG5lC769aKg6vKLeYNJ-6__OMeeVXvzOIDMVGELOz1FCoYiAakl_3tGT3C_KJsR6Ui5NKwhvojEXMojDXrCQ1n9eliteht7oqBmzkeNhdxURBJm6vNqBkLd0Hi2ctsVAbFbCYy3tFasl1Buisj4dIe6hZNeeunotzJOKRFxFx1Mm67NCosQ6WBJ8S2xBrXgl-HDb7sqCNWVFTqqGp2oGJlgoH9qwWaJf2_3zr7Dd35RWYKv22pNiewJUrwyurUhvGsfmvCyFb9qoPcbGsbA9GpvCVZtHOZrVDggl1Lrrlx3XX4Ai8ureAtAO_AZ-E7f3kQzdufC7tW2Bgtc4yOauf-6vw4-7-5IbNHGnNkY6MAuoI/.../  (installer_adobe_flash_player_english.exe)

The following 11 files have been seen to comunicate with s.ad127m.com in live environments.

TCP » 184.168.221.39:80
tune_up.exe

TCP » 184.168.221.39:80
pre_service.exe

TCP » 184.168.221.39:80
online-guardian-v2.0.9.exe

TCP » 184.168.221.39:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.168.221.39:80
Launcher.EXE (Knight Empire)

TCP » 184.168.221.39:80
onlineguardian-v2.exe

TCP » 184.168.221.39:80
z4bnqt.exe (9IEVZ2V by 9IEVZ2)

TCP » 184.168.221.39:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 184.168.221.39:80
ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 184.168.221.39:80
idscservice.exe

TCP » 184.168.221.39:80
idscservice.exe (HZduz)

0107box.info

0108shop.info

0114shop.info

0116j.info

0118b.info

0118e.info

0120g.info

abstorage.ca

alpineload.info

autofamacr.com

blue1702.info

combosoftwarehome.com

down2208group.info

down3245.info

downloadbeam.info

downserver4.com

downward1209.info

ffmirror.com

files-download-109.com

getdesk1994.com

homepageupgrade.info

lotafaster.com

manymanager.com

mkscloud.com

neptunedesign.info

proforum.info

sbg-fwcms.com

sertave.info

sotec-colombia.com

terminalethernet.info

30 of 31 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.