» www.farmheartgift.com
Overview
IPs Addresses (16)
Downloads (2)
Network (10)

www.farmheartgift.com

Domain Information

Server location:

Washington, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

farmheartgift.com

The domain www.farmheartgift.com has been seen to resolve to the following 16 IP addresses.

server-52-85-142-127.iad12.r.cloudfront.net

April 6, 2016

server-52-85-142-119.iad12.r.cloudfront.net

April 6, 2016

server-52-85-142-96.iad12.r.cloudfront.net

April 6, 2016

server-52-85-142-91.iad12.r.cloudfront.net

April 6, 2016

server-52-85-142-89.iad12.r.cloudfront.net

April 6, 2016

server-52-85-142-73.iad12.r.cloudfront.net

April 6, 2016

server-52-85-142-242.iad12.r.cloudfront.net

April 6, 2016

server-52-85-142-162.iad12.r.cloudfront.net

April 6, 2016

server-54-192-195-47.iad53.r.cloudfront.net

February 1, 2016

server-54-192-195-37.iad53.r.cloudfront.net

February 1, 2016

server-54-192-195-12.iad53.r.cloudfront.net

February 1, 2016

server-54-192-195-248.iad53.r.cloudfront.net

February 1, 2016

server-54-192-195-153.iad53.r.cloudfront.net

February 1, 2016

server-54-192-195-116.iad53.r.cloudfront.net

February 1, 2016

server-54-192-195-87.iad53.r.cloudfront.net

February 1, 2016

server-54-192-195-85.iad53.r.cloudfront.net

February 1, 2016

File downloads found at URLs served by www.farmheartgift.com.

6 / 68 (Malware)

http://www.farmheartgift.com/.../installer.exe (8d5b2c8c55badc868f204f4bfdd34c6c)

4 / 68 (inconclusive)

http://www.farmheartgift.com/.../installer.exe (d29625fc037ab4e229b475de27cf2cf4)

The following 10 files have been seen to comunicate with www.farmheartgift.com in live environments.

TCP » 52.85.142.127:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.89:80

browser.exe (Browser)

TCP » 52.85.142.96:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.96:443

citrio.exe (Citrio by CatalinaGroup)

TCP » 52.85.142.119:443

onlineguardian-v2.exe

TCP » 52.85.142.119:80

TCP » 52.85.142.96:443

whatsapptime.exe

TCP » 52.85.142.242:80

Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.142.91:443

TCP » 52.85.142.96:443

safeguardapp.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.