home

www.download.chip.eu.download-sponsor.de

Domain Information

Server location:
Bayern, Germany (DE)

ASN:
AS24940 HETZNER-AS Hetzner Online AG,DE

Root domain:
download-sponsor.de

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ThinkLAB.Bundler (M)
100.00%

The domain www.download.chip.eu.download-sponsor.de has been seen to resolve to the following 2 IP addresses.

148.251.198.119
www2.thinklabs-cluster.de
June 23, 2016

148.251.198.118
www1.thinklabs-cluster.de
June 23, 2016

File downloads found at URLs served by www.download.chip.eu.download-sponsor.de.

1 / 68      (PUP)
http://www.download.chip.eu.download-sponsor.de/?lastchange=8259f801238316d38f4315388cbc1f1e&pid=dcu&cid=3970196&camps=3963626134393465323536343637346235636531333234366165326333336164&campsel=39636261343934653235363436373462356365313332343661653263333361642D6D61696E3A312C39636261343934653235363436373462356365313332343661653263333361642D7365617263683A312C39636261343934653235363436373462356365313332343661653263333361642D686F6D653A312C&euid=51ffa7403935dc46a1b77d60&source=pl  (mobilne-gadu-gadu-3-3-3.exe)

1 / 68      (PUP)
http://www.download.chip.eu.download-sponsor.de/?lastchange=e9a73de6f330bf0a4073b745abc09dc9&pid=dcu&cid=6672516&camps=3963626134393465323536343637346235636531333234366165326333336164&campsel=39636261343934653235363436373462356365313332343661653263333361642D6D61696E3A302C39636261343934653235363436373462356365313332343661653263333361642D7365617263683A302C39636261343934653235363436373462356365313332343661653263333361642D686F6D653A302C&euid=40f3ee945922070ead5568f4&source=pl  (directx-11.exe)

1 / 68      (PUP)
http://www.download.chip.eu.download-sponsor.de/?lastchange=61189b87bf3377f1f1891fd432556ddb&pid=dcu&cid=6788524&camps=3963626134393465323536343637346235636531333234366165326333336164&campsel=39636261343934653235363436373462356365313332343661653263333361642D6D61696E3A312C39636261343934653235363436373462356365313332343661653263333361642D7365617263683A312C39636261343934653235363436373462356365313332343661653263333361642D686F6D653A312C&euid=30e4ff08ce71bdb41bb5dbcf&source=pl  (winrar-64-bit-4-20.exe)

The following 44 files have been seen to comunicate with www.download.chip.eu.download-sponsor.de in live environments.

TCP » 148.251.198.118:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.119:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.119:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.118:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.119:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.119:80
ocs_v71a.exe (OCS)

TCP » 148.251.198.118:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.119:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.118:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.118:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.118:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.119:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.119:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.118:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.118:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.119:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.118:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.119:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

TCP » 148.251.198.119:80
ocs_v71b.exe (OCS)

TCP » 148.251.198.118:80
dmr_72.exe (CHIP Secured Installer by Chip Digital GmbH)

 
Latest 20 of 71 files

chip.de

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.