See: https://www.whatsmydns.net/#A/img.uptodown.net
and: https://www.whatsmydns.net/#A/23.62.61.18
re: http://www.statsgator.co.uk/62203-211-98-70-195.html
Delegation Delegation not found at parent.
No delegation could be found at the parent, making your zone unreachable from the Internet.
Not enough nameserver information was found to test the zone img.uptodown.net, but an IP address lookup succeeded in spite of that.
VW alert: Up(nil): unknown_html ARIN US ip-admin at akamai.com 23.62.61.18 to 23.62.61.18 uptodown dot net htxp://img.uptodown.net/icons/internet-connection-repair-tool.png
Flagged by SOPHOS: https://www.virustotal.com/en/url/c97ef3cd37615316657c2ce79aba523507553ae4d0201b7eadda3cc9f6e30f59/analysis/1382023538/
IDS alert for same IP on executable download files: http://urlquery.net/report.php?id=6912202
pol
Has link with: link with sweetpack/sweet im download, a known PUP adware
http://www.mywot.com/en/scorecard/sweetpacks.com?utm_source=addon&utm_content=popup-donuts
toolbar and startpage hackware, (thanks, Pondus, for info link)
But it also is to show the migration of the DNS: 92.242.140.1 for https://www.whatsmydns.net/#A/23.62.61.18 from a server in Pasdena
Danger - read: http://www.broadbandreports.com/forum/r26367238-Earthlink-may-have-stopped.
while we have 93.155.105.142 from the server in St. Petersburg → http://urlquery.net/report.php?id=1885053
This due to a mimatch for OpenDNS: It tells you that IP address 92.242.140.1 is the one OpenDNS sees that DNS lookups coming from.
polonus