home

www.win-rar.com

Burak Canboy

Domain Information

The domain www.win-rar.com registered by Burak Canboy was initially registered in July of 2001 through EPAG DOMAINSERVICES GMBH. Currently this domain has been known to host various forms of malware. The hosted servers are located in London, England within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
EPAG DOMAINSERVICES GMBH

Server location:
England, United Kingdom (GB)

Create date:
Friday, July 27, 2001

Expires date:
Wednesday, July 27, 2016

Updated date:
Tuesday, July 28, 2015

ASN:
AS16276 OVH OVH SAS,FR

Root domain:
win-rar.com

Whois:
5 win-rar.com records

Scanner detections:
Malware distribution  (52% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Generic.Variant
100.00%

The domain www.win-rar.com has been seen to resolve to the following 3 IP addresses.

5.135.104.99
May 3, 2015

188.165.226.206
ns313207.ip-188-165-226.eu
September 27, 2014

217.70.129.244
July 22, 2013

File downloads found at URLs served by www.win-rar.com.

1 / 68      (Malware)
http://www.win-rar.com/fileadmin/winrar-versions/.../wrar531.exe  (eab1fc3a9c2db9b9fa867ee1a2cd8c57)

0 / 68
http://www.win-rar.com/fileadmin/.../wrar520.exe  (ab230a200a7bfbf659bf70c37b437fa5)

0 / 68
http://www.win-rar.com/fileadmin/winrar-versions/.../winrar-x64-531.exe  (d85d5d453d9b2c1db672e1f9577369fc)

0 / 68
http://www.win-rar.com/fileadmin/winrar-versions/.../wrar531fr.exe  (609b08cbc3ba232b23dcb7fc8ebcefb8)

1 / 68      (Malware)
http://www.win-rar.com/fileadmin/winrar-versions/.../wrar531pl.exe  (68687a826629258f3cd6c8a539384d96)

0 / 68
http://www.win-rar.com/fileadmin/.../winrar-x64-53br.exe  (38b03e2d4248d4ea24cd01c37e4bbf12)

0 / 68
http://www.win-rar.com/fileadmin/.../wrar521br.exe  (efd8e111aad23a053080161234070cea)

0 / 68
http://www.win-rar.com/fileadmin/.../winrar-x64-420id.exe  (26832cfd50b1604a3a9560f261ab0108)

0 / 68
http://www.win-rar.com/fileadmin/winrar-versions/.../wrar521.exe  (f8f4853d69ef42dfe5446fdfe898617e)

0 / 68
http://www.win-rar.com/fileadmin/winrar-versions/.../wrar530.exe  (614f1d2e30600ba4a2fdbd786cfd5cda)

0 / 68
http://www.win-rar.com/fileadmin/winrar-versions/partners/.../wrar531.exe  (4e2753fd77b16d757fe1693ed9a830fd)

0 / 68
http://www.win-rar.com/fileadmin/.../wrar520ru.exe  (cb1e92c175cc3953c00a845aef66a714)

0 / 68
http://www.win-rar.com/fileadmin/.../winrar-x64-520.exe  (44108c2a1df3979618f7dbb51751ede7)

0 / 68
http://www.win-rar.com/fileadmin/winrar-versions/.../winrar-x64-531br.exe  (542160cee76ff7ba80e00334c5cadb9d)

1 / 68      (Malware)
http://www.win-rar.com/fileadmin/winrar-versions/.../wrar531es.exe  (4e38a5d3f196c560ff78973cd1542cc6)

0 / 68
http://www.win-rar.com/fileadmin/winrar-versions/.../wrar521it.exe  (3a1700bae108a224a88c2fc6d7b7b9ab)

The following 3 files have been seen to comunicate with www.win-rar.com in live environments.

TCP » 188.165.226.206:80
softonicdownloader_pour_winrar.exe (Application Installer)

TCP » 217.70.129.244:80
WinRAR.exe (WinRAR by Alexander Roshal)

TCP » 217.70.129.244:80
WajamInternetEnhancer.exe (Wajam Internet Enhancer by Wajam Internet Technologies)

URL:
http://www.win-rar.com/

Google Analytics:
UA-21578486

Title:
“WinRAR download and support: Start”

Web server:
Apache

Facebook:
Likes:  49
Shares:  586
Comments:  75

Statistics are for the previous month.

winrar.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.