home

sr.systweak.com

WHOIS PRIVACY PROTECTION SERVICE, INC.  (Proxy Registrant)

Domain Information

The domain sr.systweak.com is registered by proxy through ENOM, INC. and was originally registered in September of 2001. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.
Registrar:
ENOM, INC.

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Friday, September 28, 2001

Expires date:
Sunday, September 28, 2025

Updated date:
Monday, March 28, 2016

ASN:
AS16265 LEASEWEB LeaseWeb B.V.

Root domain:
systweak.com

Whois:
2 systweak.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Systweak.Installer.Meta (L), PUP.Systweak.ThePhone.Installer.Meta (L), PUP.Softpulse (M)
100.00%

The domain sr.systweak.com has been seen to resolve to the following 4 IP addresses.

216.144.252.122
122-252-144-216.static.reverse.lstn.net
March 2, 2016

216.245.196.82
82-196-245-216.static.reverse.lstn.net
January 27, 2016

198.204.239.26
November 29, 2014

95.211.209.50
WIN-U6LRFVJHUID
December 22, 2013

File downloads found at URLs served by sr.systweak.com.

1 / 68      (PUP)
http://sr.systweak.com/.../?x-src=afterdownloadcp&x-cam=ad_12590_cp1  (rcpafterdownloadcp_ad_7898_cp1.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-src=afterdownloadcp_ntb&x-cam=ad_28736_cpntb2  (rcpafterdownloadcp_ntb_ad_2088_cpntb2.exe)

1 / 68      (PUP)
http://sr.systweak.com/downloadmmnew/.../rcpsetup_matomynew_20ljYL05qtyLdEZq1fIjAs1u6vLB000..exe  (rcpsetup_matomynew_20lhf53ibkhjvdi31b8ojd1u7xam000..exe)

1 / 68      (Adware)
http://sr.systweak.com/download_mm.aspx?x-at=my2271  (setup.exe)

1 / 68      (PUP)
https://sr.systweak.com/speedtest/.../?x-at=RC1;PL;L;1  (rcpsetupst_rc1_zz_l_1.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-src=marm1&x-cam=marm1454010150us_perionsweet  (rcpsetupmarm1_marm18812se_t4pc.exe)

1 / 68      (PUP)
http://sr.systweak.com/.../?x-at=ds132150  (rcpsetupdsnr_ds367212.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-src=marm1&x-cam=marm1359828615id  (rcpsetupmarm1_marm10ca.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-src=afterdownloadcp_ntb&x-cam=ad_677_cpntb1  (rcpafterdownloadcp_ntb_ad_733_cpntb1.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-src=mapp1&x-cam=mapp11945918it  (rcpsetupmapp1_mapp12275682id.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-cam=apnnew2_1909212_it  (rcpsetupapnnew_apnnew2_2761097_us.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-at=mynew2271-20kpj357kAC4Ifxn1fpcMt1vPqv1000.  (rcpmmnew_mynew40945-20lptz4m3ytbyxx91frguy1vrzue000.exe)

1 / 68      (PUP)
http://sr.systweak.com/download_mm.aspx?x-at=my559441  (rcpsetup_matomy_my40945.exe)

1 / 68      (PUP)
http://sr.systweak.com/downloadmmnew/.../rcpsetup_matomynew_20kpB72YM.wypTBo1uFAtJ1u7OU5000..exe  (rcpsetup_matomynew_20lhf53ibkhjvdi31b8ojd1u7xam000..exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-src=mapp1&x-cam=mapp12783371latam  (rcpsetupmapp1_mapp12275682my.exe)

1 / 68      (PUP)
http://sr.systweak.com/speedtest/.../?x-at=RC1;US;W;0  (rcpsetupst_rc1_zz_l_1.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-src=mapp1&x-cam=mapp12133961gr  (7ad1687af1b2ba9bc70bb5e7e0e76f7c.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-src=marm1&x-cam=marm12996131ca  (rcpsetupmarm1_marm1376194549be_adroi.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-src=marm&x-cam=marm454008343mx  (rcpsetupmarm_marm453041071fr_sterk.exe)

1 / 68      (PUP)
http://sr.systweak.com/downloadmr/.../rcpsetupmapp_mapp1536004.exe  (1afa129fe5d481a1d9b2861d121633d2)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-src=mapp3&x-cam=mapp32239505za  (rcpsetupmapp3_mapp32239505za.exe)

1 / 68      (PUP)
http://sr.systweak.com/.../?x-src=mapp1&x-cam=mapp11664626  (rcpsetupmapp1_mapp11664626.exe)

1 / 68      (PUP)
http://sr.systweak.com/downloadapptv/.../rcpsetupg_apptv2-apptv5122598.exe  (23e2114802b09a835d037bfc95f3a6c7)

1 / 68      (PUP)
http://sr.systweak.com/downloadmmnew/.../rcpsetup_matomynew_20kpj34aeMho5jiB1msRtr1uj8tn000..exe  (rcpsetup_matomynew_20l3fn2j1eul.wao2emdhf1ujiht000..exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-at=ds454014516  (rcpsetupdsnr_ds454014516.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-cam=apnnew2_1193426_my  (rcpsetupapnnew_apnnew2_1466925_mx.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-cam=apnnew2_1945914_ar_lot  (b9b786efeac66a6fdad59abc665449b8.exe)

1 / 68      (PUP)
http://sr.systweak.com/.../?x-src=mapp1&x-cam=mapp11637942  (rcpsetupmapp1_mapp11615870.exe)

1 / 68      (PUP)
https://sr.systweak.com/.../?x-cam=apnnew2_2056488_it_bp  (b9b786efeac66a6fdad59abc665449b8.exe)

1 / 68      (PUP)
http://sr.systweak.com/.../?x-src=afterdownloadcp&x-cam=ad_7893_cp1  (rcpafterdownloadcp_ad_16601_cp1.exe)

 
Latest 30 of 1,889 download URLs

The following 69 files have been seen to comunicate with sr.systweak.com in live environments.

TCP » 216.144.252.122:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 216.144.252.122:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 216.144.252.122:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 216.144.252.122:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 216.144.252.122:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 95.211.209.50:443
citrio.exe (Citrio by CatalinaGroup)

TCP » 216.144.252.122:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 216.144.252.122:80
UCBrowser.exe (by UCWeb)

TCP » 216.144.252.122:80
setup_wtp.tmp

TCP » 216.144.252.122:80
UCBrowser.exe (by UCWeb)

TCP » 95.211.209.50:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 216.144.252.122:80
UCBrowser.exe (by UCWeb)

TCP » 216.144.252.122:80
unins000.exe

TCP » 216.144.252.122:80
uran.exe (Uran by uCoz Media and Chromium Authors)

TCP » 216.144.252.122:80
setup_wtp.tmp

TCP » 216.144.252.122:80
setup.tmp

TCP » 216.144.252.122:80
setup.tmp

TCP » 216.144.252.122:80
wtupr_i.tmp

TCP » 216.144.252.122:80
UCBrowser.exe (by UCWeb)

TCP » 216.144.252.122:80
setup_wtp.tmp

 
Latest 20 of 74 files

URL:
http://sr.systweak.com/

Web server:
Microsoft-IIS/8.5 (ASP.NET)

Facebook:
Shares:  1

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.