Domain > downloadactivation.com

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to downloadactivation.com

MD5	A/V
843e61d945ba7d6b959e63e519b14493	[TROJ_FAKEAV.BMC] [AdWare.iBryte] [Adware/IBryte] [Downloader.NSIS]
2acd6bc89101526060286f7ec89bac65
a3bf935fbc2486af6f73f27f39ba5ac9
06149a9ff4e2ec20a2a7627a7489d001	[PUP.Optional.OptimumInstaller.A] [Trojan.Packed!eWEj06YGDpo] [Trojan.Win32.Badur.hukn] [Trojan.Win32.Badur.cxpjye] [Application.Win32.iBryte.WRP] [Trojan.Packed.26508] [Win32.Adware.Ibryte.I] [PE:Malware.iBryte!6.192B] [Riskware/IBryte] [Win32/Trojan.5a2]
acb81f39198ace16a700f9f8e6e9b252
1194c9a680b101da281975c9bbdb1166	[Packed.Win32.TDSS.2!O] [PUP.Optional.OptimumInstaller.A] [Trojan.Win32.Badur.cxnrwx] [PE:Malware.iBryte!6.192B] [Application.Win32.IBryte.Z] [Trojan.Packed.26508] [Artemis!1194C9A680B1] [Win32.Adware.Ibryte.I] [Riskware/IBryte] [AdPlugin.JE]
c817f7c5223a3e63c6b2e380e6e6eb86
50bbdbffdf28ff0b406407f702906e0f	[Packed.Win32.TDSS.2!O] [Artemis!50BBDBFFDF28] [PUP.Optional.OptimumInstaller.A] [PUA.Downloader!] [Application.Win32.IBryte.X] [Trojan.Packed.26508] [Adware/iBryte.Z] [Win32.Application.PremiumInstaller.C] [AdPlugin.GC] [Win32/Virus.Downloader.dbe]
48a058e3f4fd7adef124ef7c2147bd26	[Packed.Win32.TDSS.2!O] [PUP.Optional.OptimumInstaller.A] [Trojan.Win32.Badur.cxnsau] [Trojan.Badur!] [Application.Win32.IBryte.Z] [Adware/iBryte.rfa.13] [AdWare.AdPlugin] [Riskware/IBryte] [AdPlugin.IY] [Win32/Trojan.e6d]
352320dd88b6013c476d4c5d81948849	[Packed.Win32.TDSS.2!O] [PUP.Optional.OptimumInstaller.A] [Trojan.Win32.Zusy.cylohe] [not-a-virus:AdWare.Win32.iBryte.jgi] [PE:Malware.iBryte!6.197B] [Win32.Troj.iBryte.j.(kcloud)]
27060dfdceaa43eefbc30dc09b97ba49	[PUP.Optional.Ibryte] [Riskware/IBryte]
0d0cad0e3d9a8d6d707c1042eee40186
fda3d3542859f1485ff76ba19a7be000
52eae4cb3f9df6acf7fbf0184ed93369	[Packed.Win32.TDSS.2!O] [Artemis!52EAE4CB3F9D] [PUP.Optional.OptimumInstaller.A] [PUA.Downloader!] [Trojan.Win32.IBryte.cwpxbb] [ApplicUnwnt] [Trojan.Packed.26508] [Win32.Application.PremiumInstaller.C] [AdPlugin.FQ] [Win32/Virus.Downloader.dbe]
ae9fcd2688df29231255150c2ce2f9fa	[Packed.Win32.TDSS.2!O] [PUP.Optional.OptimumInstaller.A] [Trojan.Packed!zVHmMrwImtA] [Application.Win32.iBryte.WRP] [Trojan.Packed.26508]
2b4bf19bde7065d52c11b7a38e3b2071	[Application.Bundler.OptimumInstaller.K] [Adware.iBryte.DK4] [PUP.Optional.OptimumInstaller.A] [PUA.iBryte!] [W32/A-3b6734a7!Eldorado] [Win.Adware.Ibryte-1319] [not-a-virus:AdWare.Win32.iBryte.jgi] [Riskware.Win32.IBryte.dchwid] [Application.Bundler.OptimumInstaller] [BackDoor.Kuluoz.4] [Adware.iBryte.Win32.1304] [BehavesLike.Win32.IBryte.dh] [Adware/iBryte.hake] [APPL/OpenInst.pepuc] [GrayWare[AdWare:not-a-virus]/Win32.iBryte.jgi] [Win32.Troj.iBryte.j.(kcloud)] [PUP/Win32.IBryte] [IBryte] [Signed-Adware.iBryte] [Win32.Adware.Bp-installer.Jblm] [Adware/IBryte] [Adware.Win32.iBryte.BAL]
82b98945fab39587d840d4ce9b3ee7e2	[Packed.Win32.TDSS.2!O] [Artemis!82B98945FAB3] [PUP.Optional.OptimumInstaller.A] [Application.Win32.iBryte.WRP] [Trojan.Packed.26508] [Win32.Adware.Ibryte.I] [PE:Malware.iBryte!6.192B] [AdWare.iBryte] [Riskware/IBryte] [AdPlugin.IO]
495818eca80b228ed41df8537818353c
844ea8683c4462ae9dd50c3139629728	[PUP.Optional.Ibryte] [not-a-virus:AdWare.Win32.iBryte.dkrh] [PUA.iBryte!] [Trojan.DownLoad3.33238] [GrayWare[AdWare:not-a-virus]/Win32.iBryte] [Win32.Troj.iBryte.dk.(kcloud)] [PE:Malware.iBryte!6.1936] [Riskware/IBryte] [AdPlugin.HP]
75e1c946590b34a1d3f9fde17eeca2f9	[Packed.Win32.TDSS.2!O] [PUP.Optional.OptimumInstaller.A] [Trojan.Win32.Zusy.cylohe] [Trojan.Packed!c1VcxMAjxW0] [PE:Malware.iBryte!6.197B] [Application.Win32.iBryte.WRP] [Trojan.Packed.26807] [PUP/Win32.OptimumInstaller] [PUP/iBryte] [Win32/AdWare.iBryte.AH]

Whois

Property	Value
Email	54270fcau1r34a0i@5225b4d0pi3627q9.whoisprivacycorp.com
NameServer	NS-128.AWSDNS-16.COM
Created	2014-03-24 00:00:00
Changed	2015-02-21 00:00:00
Expires	2017-03-24 00:00:00
Registrar	INTERNET.BS CORP.

DNS Resolutions

Date	IP Address
2014-04-04	107.20.229.169 (ClassC)
2014-05-07	23.23.170.210 (ClassC)
2014-06-17	23.23.170.210 (ClassC)
2014-06-26	54.221.212.36 (ClassC)
2014-06-27	54.221.212.36 (ClassC)
2014-10-16	107.22.193.188 (ClassC)
2014-12-11	107.22.193.188 (ClassC)
2015-01-11	23.23.154.116 (ClassC)
2015-01-11	50.17.208.223 (ClassC)
2015-03-03	54.221.234.65 (ClassC)
2015-03-03	54.243.212.152 (ClassC)
2015-03-29	50.19.236.48 (ClassC)
2015-05-31	54.225.160.115 (ClassC)
2015-06-06	23.21.208.114 (ClassC)
2015-06-24	23.21.93.71 (ClassC)
2016-04-13	23.23.176.5 (ClassC)
2016-05-04	50.16.236.148 (ClassC)
2016-10-05	23.21.206.16 (ClassC)
2016-10-07	23.21.77.229 (ClassC)
2016-10-25	23.21.237.24 (ClassC)
2017-03-28	54.72.130.67 (ClassC)
2018-06-06	204.11.56.48 (ClassC)
2018-07-13	208.91.197.46 (ClassC)
2018-08-30	54.174.45.28 (ClassC)
2018-09-11	52.7.6.73 (ClassC)
2018-10-04	52.6.46.72 (ClassC)
2018-10-09	52.87.45.42 (ClassC)
2018-10-18	52.5.251.20 (ClassC)
2018-10-18	52.55.164.156 (ClassC)
2018-10-20	54.144.21.246 (ClassC)
2018-10-27	52.22.89.169 (ClassC)
2018-10-27	52.3.123.192 (ClassC)
2020-08-20	23.20.239.12 (ClassC)
2021-02-20	3.223.115.185 (ClassC)
2021-12-28	34.205.242.146 (ClassC)
2022-01-18	3.130.253.23 (ClassC)
2024-02-17	52.86.6.113 (ClassC)
2024-04-16	3.19.116.195 (ClassC)
2024-05-07	3.130.204.160 (ClassC)
2024-05-30	3.18.7.81 (ClassC)
2024-06-07	3.94.41.167 (ClassC)
2024-07-08	54.161.222.85 (ClassC)
2024-07-20	54.209.32.212 (ClassC)
2024-08-16	3.140.13.188 (ClassC)
2024-09-13	18.119.154.66 (ClassC)
2024-09-21	52.71.57.184 (ClassC)
2024-09-27	44.207.39.65 (ClassC)
2024-09-27	18.235.170.27 (ClassC)
2024-09-29	184.73.212.51 (ClassC)
2024-11-24	170.178.183.18 (ClassC)
2024-11-25	70.32.1.32 (ClassC)
2025-01-14	103.224.212.213 (ClassC)
2025-03-13	103.224.212.250 (ClassC)
2025-10-26	103.224.212.111 (ClassC)
2025-11-29	52.223.13.41 (ClassC)
2025-12-15	103.224.182.214 (ClassC)

Port 80

Subdomains

Date	Domain	IP
www.downloadactivation.com	2014-12-21	54.221.212.36

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]