home

www.dlbestbundles.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
dlbestbundles.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.Installer.Installer (M), PUP.InstallCore.Internet.Installer.Meta (M), PUP.InstallCore.FC.Installer (M)
100.00%

The domain www.dlbestbundles.com has been seen to resolve to the following 15 IP addresses.

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
July 14, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
July 14, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
July 14, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
July 14, 2016

54.191.246.249
ec2-54-191-246-249.us-west-2.compute.amazonaws.com
July 14, 2016

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
July 14, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
July 14, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 16, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 16, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 3, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 3, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 3, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 3, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 3, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 3, 2016

File downloads found at URLs served by www.dlbestbundles.com.

1 / 68      (PUP)
http://www.dlbestbundles.com/c?x=EbygOJZ vKuLmAqNXZDCbhESyRgDq9NNjo52ujBLI0I=&c=X1A1N0wtQ8x3RVqHQJvai96MNJQGC8pcf4ZiIwsFdL0x4dQ8qIFVSt77RMdF6ZS3WVQDG11Q KaVoSgTuXx91tt9xLEa3g4Gq kkSnZ4K5grFJ6zVBxKnWheK7h1yPAICHooQWqFSe TX27ou1jbbE37QdU/ ATcpOsWu9xxXBY=&fallback_url=http://.../download.php?id=836567351&downloadAs=installer_MKV_File_Player_sciagnij.exe  (49593cd666e7f837dfa3f0c841fe9376)

1 / 68      (Adware)
http://www.dlbestbundles.com/c?x=EFeUfolp34CltNG1dN5WATUB5MKzjqE5P8sUBBajFuw=&c=o3fqCiAN2NwVqae0f1u3b5iyzGthSUlVDlLRtF2V2AoAzlqZMnjUpY0xEY76QSwhswBbEJbpVoDDUlYZLqMftcW6wxKuWbkT9lT1lPCqQMWyiDZd6bW1jU/SIDDpEj3z&fallback_url=http://bi.sciagnij.pl/0/.../Evolution-2.26.2-2.msi&downloadAs=installer_Evolution_sciagnij.exe  (1d29d8cc5ad045cd8eb371008e654e1b)

1 / 68      (Adware)
http://www.dlbestbundles.com/c?x=GuT9dvFewwIlVG7ZcmgsXTskG2XiVJRB8ssWFcsvY6U=&c=PbML9eHGn4J2FTlVeuT9kOdEwJBIrmXi6PIm4DL86wi9BNzttlB3uVmOuwTLB9b/l5ABPx3PVE0zyDvlyQO/JFCX5IoeXXyvm8k9GBXwz9UxR0 Te7YWH8rMLTzjEIcfQzsyJcPVWGCwySUMWPpiRBnWsKNT79fB8xzsYQhCCbc=&fallback_url=http://www.sonycreativesoftware.com/download/.../vegaspro&downloadAs=installer_Sony_Vegas_Pro_sciagnij.exe  (440801b3c262d5a20f7f427de3ef487b)

1 / 68      (PUP)
http://www.dlbestbundles.com/c?x=EGv9aa0i74sZSx03P30vCcR3kHO5ZaKivMl7hx/sK74=&c=WU3ArQXMY/4Ek6gyt5faAeAWvgMovHS4st1PtIwNKEJtvQnXjSmlcVhN6LowjksrBrMfSvSX6SCnVsQkpbiDMmuF9BXBxHjb9e veo0wB/9pYErX2KXFmQJA1ZYn7eUdfyUwxEaVu3UyQFkIkVzvqe1USw7b8h7HfBVK7ktUJbI=&fallback_url=http://bi.sciagnij.pl/0/.../PhotoScape_V3.7.exe&downloadAs=installer_Photoscape_sciagnij.exe  (5575ae48dadada5fbc59729fb8d4bf92)

The following 23 files have been seen to comunicate with www.dlbestbundles.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.33.46.229:80
Client.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
browserair.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
e5be.tmp

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 52.38.209.219:80
client.exe

 
Latest 20 of 59 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.