home

www.babylon.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain www.babylon.com is registered by proxy through GODADDY.COM, LLC and was originally registered in August of 1998. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States which resides on the SingleHop, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Illinois, United States (US)

Create date:
Saturday, August 1, 1998

Expires date:
Tuesday, July 31, 2018

Updated date:
Monday, January 21, 2013

ASN:
AS32475 SINGLEHOP-INC - SingleHop

Root domain:
babylon.com

Whois:
2 babylon.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Babylon.P, PUP.Installer.Babylon.V, PUP.Installer.Babylon.S, PUP.Babylon.Installer, PUP.Babylon.BabylonSoftware.Installer (M), PUP.Babylon.Installer (M), PUP.Babylon.BabylonS.Installer (M), PUP.Babylon.Optional (M), PUP.Babylon (M), Threat.Win.Reputation.IMP
100.00%

Dr.Web
Adware.Babylon.10, Adware.Downware.1733, Adware.Babylon.8, Adware.Babylon.25, Adware.Searcher.2766, Adware.Babylon.36
80.00%

ESET NOD32
Win32/Toolbar.Babylon (variant), Win32/Toolbar.Babylon.AD (variant)
76.67%

Trend Micro House Call
TROJ_GEN.F47V0801, TROJ_GEN.F47V1103, TROJ_GEN.F47V1215, TROJ_GEN.F47V0207, TROJ_GEN.F47V0403, TROJ_GEN.F47V0413, TROJ_GEN.F47V0508, TROJ_GEN.F47V0205
70.00%

Agnitum Outpost
Trojan.Agent, PUA.Toolbar.Babylon
70.00%

Baidu Antivirus
Adware.Win32.Bbylon, Trojan.Win32.Toolbar
70.00%

NANO AntiVirus
Trojan.Win32.Babylon.csuksh, Riskware.Win32.Babylon.craswq, Trojan.Win32.Downware.ctimdd, Riskware.Win32.Searcher.dotdbm
63.33%

McAfee
Artemis!5880209E62DF, Artemis!77445EC53390, Artemis!630D92816E04, Artemis!E569050C46CA, Artemis!B88B3030AB5C, Artemis!52C88A3FDD9C, Artemis!8B06BEF7E43A, Artemis!8EE88F4F4FE2, Artemis!FE50457FD6E3
60.00%

VIPRE Antivirus
Babylon, Trojan.Win32.Generic
56.67%

Fortinet FortiGate
Riskware/Toolbar_Babylon, Riskware/FirseriaInstaller
56.67%

Malwarebytes
PUP.Optional.Babylon.A, PUP.Optional.ToolBarInstaller.A
46.67%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen
36.67%

Bkav FE
W32.Clodcfc.Trojan, W32.Clod95a.Trojan
36.67%

Comodo Security
UnclassifiedMalware
33.33%

Emsisoft Anti-Malware
Riskware.Win32.Toolbar.Babylon.AMN
33.33%

The domain www.babylon.com has been seen to resolve to the following 9 IP addresses.

69.175.64.72
LB2200.babylon.com
April 18, 2016

198.20.96.179
ba-sh-nl-dc1-.005.com
April 18, 2016

65.60.2.78
ba-sh-us-dc4-010.babylon.com
October 24, 2014

107.6.141.14
ba-sh-nl-dc-006.babylon.com
April 3, 2014

198.20.96.174
ba-sh-nl-dc1-.003.com
March 28, 2014

69.175.51.134
ba-sh-us-dc1-020.babylon.com
March 28, 2014

69.175.87.109
singhop0002.babylon.com
December 22, 2013

81.93.185.145
eul2400033-pip3.eu.verio.net
December 22, 2013

83.231.195.23
eul3300035-sip3.eu.verio.net
December 22, 2013

File downloads found at URLs served by www.babylon.com.

1 / 68      (Malware)
http://www.babylon.com/.../download.cgi?type=100&d=a392d856abf38106ebdaafa1a54f407f  (babylon10_setup_ns.exe)

19 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=100  (babylon10_setup.exe)

19 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=100&lang=1  (babylon10_setup.exe)

1 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&affID=115107  (babylon10_setup_ns.exe)

8 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=643ea316f414b0f17a31064111561fda&hclink=1  (babylon10_setup_ns.exe)

2 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=9eaf2935f44988e2ef264ba4675efb14&hclink=1  (babylon10_setup_ns.exe)

13 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=0bfcb8630394d408d80506895506d273  (babylon10_setup_ns.exe)

3 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=d2d580aedda800df3d9fbe1827175bf4  (babylon10_setup_ns.exe)

8 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=cb1d61a34bc126e93ae9abd91e9d25ff  (babylon10_setup_ns.exe)

13 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=ba2f7881b26e1bca80882bb11d4736c7  (babylon10_setup.exe)

2 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=dfecabfe3932385985e611f06e01b43a  (babylon10_setup_ns.exe)

19 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=38916be96e35847b7f170ec2380621cb  (babylon10_setup.exe)

33 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=7404&trkupdate=[intrk:hp]  (babylon10_setup.exe)

2 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=81a60953528d1f69c1d9231000c38db5&hclink=1  (babylon10_setup_ns.exe)

13 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=8f9f2d1338570b406b973e780ee73d3d  (babylon10_setup.ussafe.exe)

18 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=82db5911b798a75ca1c7f186ba5c4710  (babylon10_setup.exe)

8 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=7416&d=5626707f8887068de49b5526c07e9b51  (babylon10_setup.exe)

14 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=6b6806fbb6d2cc0c8b21736fe43a4189  (babylon10_setup.exe)

8 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=ccc1b48439fbe88f5e49a3c1d45768c1  (babylon10_setup_ns.exe)

20 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=7404&d=3a89863ca8424a490fa8af5ab32194d5&trkupdate=[intrk:hp]  (babylon10_setup.exe)

3 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=e93f48090165c5e4e8e5bcda313ec45c  (babylon10_setup_ns.exe)

13 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=7c3340f8fd4c57f7bb3c0f8c769dc5e3  (babylon10_setup.exe)

7 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&affID=14353  (babylon10_setup_ns.exe)

1 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=0d41571952fd3ad393623353d7a93f53  (babylon10_setup.exe)

1 / 68      (PUP)
http://www.babylon.com/.../download.cgi?type=100&d=6d3d47e6119558bec2f5eb02c829e798  (babylon10_setup_ns.exe)

1 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=b6ed1175bef57900dd6ec0c6d6f03b8c  (babylon10_setup.exe)

2 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=ce27fd4f5dff93686ce808cb85478a3f  (babylon10_setup_ns.exe)

14 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=a6f7e97b1ef79f375b42b2566fcaf288  (babylon10_setup.exe)

2 / 68      (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=34073f9d638b30c3c602a89224aef63a&hclink=1  (babylon10_setup_ns.exe)

10 / 68    (Adware)
http://www.babylon.com/.../download.cgi?type=100&d=2acbcea3dfda2a344b074192e94bc5be  (babylon10_setup.exe)

 
Latest 30 of 1,014 download URLs

The following 78 files have been seen to comunicate with www.babylon.com in live environments.

TCP » 198.20.96.179:80
Uninstbb.exe (Uninstall Module by Babylon)

TCP » 107.6.141.14:80
Uninstbb.exe (Uninstall Module by Babylon)

TCP » 107.6.141.14:80
Babylon.exe (Babylon Client by Babylon Software)

TCP » 198.20.96.179:80
setup.exe (Setup Module by Babylon)

TCP » 65.60.2.78:80
setup.exe (Setup Module by Babylon)

TCP » 65.60.2.78:80
Babylon.exe (Babylon Client by Babylon Software)

TCP » 69.175.51.134:80
Babylon.exe (Babylon Client by Babylon Software)

TCP » 69.175.64.72:80
Setup32.exe (Setup Module by Babylon)

TCP » 69.175.64.72:80
setup.exe (Setup Module by Babylon)

TCP » 69.175.51.134:80
Babylon.exe (Babylon Client by Babylon Software)

TCP » 107.6.141.14:80
uninstbb.exe

TCP » 107.6.141.14:80
setup.exe (Setup Module by Babylon)

TCP » 69.175.51.134:80
Setup32.exe (Setup Module by Babylon)

TCP » 65.60.2.78:80
Babylon.exe (Babylon Client by Babylon Software)

TCP » 65.60.2.78:80
Setup32.exe (Setup Module by Babylon)

TCP » 69.175.64.72:80
setup.exe (Setup Module by Babylon)

TCP » 69.175.51.134:80
setup.exe (Setup Module by Babylon)

TCP » 69.175.51.134:80
setup.exe (Setup Module by Babylon)

TCP » 69.175.51.134:80
Uninstbb.exe (Uninstall Module by Babylon Software)

TCP » 69.175.51.134:80
Babylon.exe (Babylon Client by Babylon Software)

 
Latest 20 of 172 files

URL:
http://www.babylon.com/

Google Analytics:
UA-71137434

Title:
“Babylon - Investments, Monetization”

Description:
“Babylon translator and dictionary for PC and Mac is the world's leading translation software, providing instant translation in over 77 languages”

Web server:
server/01006d

Facebook:
Likes:  4,694
Shares:  6,184
Comments:  1,005

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.