home

shoppingsuggestion.com

See PrivacyGuardian.org  (Proxy Registrant)

Domain Information

The domain shoppingsuggestion.com is registered by proxy through NAMESILO, LLC and was originally registered in August of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Atlanta, Georgia within the United States which resides on the RamNode LLC network.
Registrar:
NAMESILO, LLC

Server location:
Georgia, United States (US)

Create date:
Sunday, August 30, 2015

Expires date:
Tuesday, August 30, 2016

Updated date:
Friday, September 18, 2015

ASN:
AS3842 RAMNODE - RamNode LLC,US

Whois:
1 shoppingsuggestion.com record

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.WhiteSeaMedia.D, PUP.Startup.WhiteSeaMedia.H, PUP.Installer.WhiteSeaMedia.G, PUP.WhiteSeaMedia.I, PUP.WhiteSeaMedia.Installer (M)
83.33%

Dr.Web
Trojan.BtcMine.221, DLOADER.Trojan
66.67%

VIPRE Antivirus
Backdoor.Win32.Ircbot.gen, Trojan.Win32.Generic
66.67%

Trend Micro House Call
TROJ_GEN.F47V1214, TROJ_GEN.F47V1202, TROJ_GEN.R0CCC0UAV14
50.00%

McAfee
Artemis!52EE82A48F0A, Artemis!97FDE2519F0C
33.33%

avast!
Win32:BitCoinMiner-FE [Trj]
16.67%

Kaspersky
Trojan.Win32.Agent
16.67%

MicroWorld eScan
Gen:Variant.Zusy.79275
16.67%

Malwarebytes
PUP.BitCoinMiner
16.67%

K7 AntiVirus
Trojan
16.67%

Norman
Agent.BAEUI
16.67%

Bitdefender
Gen:Variant.Zusy.79275
16.67%

SUPERAntiSpyware
Trojan.Agent/Gen-CoinMiner
16.67%

Lavasoft Ad-Aware
Gen:Variant.Zusy.79275
16.67%

Emsisoft Anti-Malware
Gen:Variant.Zusy.79275
16.67%

The domain shoppingsuggestion.com has been seen to resolve to the following 6 IP addresses.

185.53.177.6
August 28, 2016

107.161.23.204
parking.namesilo.com
July 23, 2016

167.114.213.199
parking.namesilo.com
July 23, 2016

164.132.212.72
parking.namesilo.com
July 23, 2016

54.72.9.51
ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
April 5, 2016

185.53.177.8
February 21, 2016

File downloads found at URLs served by shoppingsuggestion.com.

29 / 68    (Adware)
http://shoppingsuggestion.com/.../update7.exe  (wupdater.exe)

0 / 68
http://shoppingsuggestion.com/.../Shopping Suggestion.packed.exe  (0d9d88c61a5372e99839bdbb986361a0)

5 / 68      (Adware)
http://shoppingsuggestion.com/.../setupa.exe  (217.exe)

3 / 68      (Adware)
http://shoppingsuggestion.com/.../setupa.exe  (428b28b11ad4656f72b3965204ec8b98)

4 / 68      (Adware)
http://shoppingsuggestion.com/.../GPUTemp5.exe  (gputemp.exe)

1 / 68      (Adware)
http://shoppingsuggestion.com/.../setupa.exe  (caf242c51465a9f39e6a265109e477c1)

The following 225 files have been seen to comunicate with shoppingsuggestion.com in live environments.

TCP » 54.72.9.51:80
toolbarupdaterservice.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
onedrvup.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
247843.ftf (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.51:80
1799877.exe

TCP » 54.72.9.51:80
IEError.exe (IEError)

TCP » 54.72.9.51:80
install_flashplayer14x32_x64md_aaa_aih.exe (bon joueur)

TCP » 54.72.9.51:80
optimizerproinstaller.exe (Optimizer Pro v3.2 by PCUtilities Software Limited)

TCP » 54.72.9.51:80
charles.exe (by Apple)

TCP » 54.72.9.51:80
onedrv.exe

TCP » 54.72.9.51:80
IEError.exe (IEError)

TCP » 54.72.9.51:80
updater27793.exe (CouponDropDown Plugin by Innovative Apps)

TCP » 54.72.9.51:80
install_flashplayer16x33_masp_aaa_aih.exe (by Apple)

TCP » 54.72.9.51:80
toolbarupdaterservice.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
g.jpg

TCP » 54.72.9.51:80
smlb.jpg

TCP » 164.132.212.72:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 54.72.9.51:80
smlb.jpg

 
Latest 20 of 236 files

February 28, 2016
downloads.shoppingsuggestion.com

URL:
http://shoppingsuggestion.com/

Google Analytics:
UA-48689684

Title:
“shoppingsuggestion.com”

Web server:
nginx

1337xproxy.in

1clickdownloader.com

1dschool.com

1flymusic.com

1freesoftwareonline.com

215115638.com

360adstrack.com

4god.biz

4shared.net

55tjk.com

acidco.net

adexprt.me

adjalauto.com

adsclever.com

adsobject.com

adsservingowl.biz

adtrkx.com

africa-2010.com

agamefix.com

aiprosoft.com

alawar.it

all-baza.com

alwayswindcat.com

aminst.net

angelijah.com

angelijah.net

antivirus-gratuit.pro

anyras.com

app-mak.com

appapia.com

30 of 618 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.