home

files4.downloadnet253.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain files4.downloadnet253.com is registered by proxy through GODADDY.COM, LLC and was originally registered in November of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Monday, November 16, 2015

Expires date:
Wednesday, November 16, 2016

Updated date:
Monday, November 16, 2015

Root domain:
downloadnet253.com

Whois:
1 downloadnet253.com record

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.DownloadAdmin.Groovecom.Installer (M), PUP.TomorrowSoftware.SpiralMedia.Bundler (M), PUP.DownloadAdmin.RazorEdgeMedia.Installer (M), PUP.DownloadAdmin.RazorEdg.Installer (M), PUP.DownloadAdmin.Grooveco.Installer (M), PUP.TomorrowSoftware.SpiralMe.Bundler (M)
100.00%

Bkav FE
W32.HfsAdware
31.25%

MicroWorld eScan
Gen:Variant.Application.Bundler.DownloadAdmin.4
31.25%

Zillya! Antivirus
Adware.BrowseFox.Win32.191000
31.25%

Bitdefender
Gen:Variant.Application.Bundler.DownloadAdmin.4
31.25%

K7 AntiVirus
Adware
31.25%

Agnitum Outpost
Riskware.Agent
31.25%

ESET NOD32
Win32/DownloadAdmin.P potentially unwanted (variant)
31.25%

Clam AntiVirus
Win.Trojan.Downloadadmin-248
31.25%

Rising Antivirus
PE:Adware.DownloadAdmin!1.A243 [F]
31.25%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.DownloadAdmin.4
31.25%

F-Secure
Gen:Variant.Application.Bundler
31.25%

Dr.Web
Trojan.Vittalia.1198
31.25%

VIPRE Antivirus
Trojan.Win32.Generic
31.25%

Fortinet FortiGate
Riskware/DownloadAdmin
31.25%

The domain files4.downloadnet253.com has been seen to resolve to the following 152 IP addresses.

184.51.126.106
a184-51-126-106.deploy.static.akamaitechnologies.com
August 28, 2016

23.219.88.159
a23-219-88-159.deploy.static.akamaitechnologies.com
August 25, 2016

23.219.88.158
a23-219-88-158.deploy.static.akamaitechnologies.com
August 25, 2016

23.219.88.176
a23-219-88-176.deploy.static.akamaitechnologies.com
August 24, 2016

23.50.225.19
a23-50-225-19.deploy.static.akamaitechnologies.com
August 24, 2016

104.96.221.80
a104-96-221-80.deploy.static.akamaitechnologies.com
July 22, 2016

104.96.220.203
a104-96-220-203.deploy.static.akamaitechnologies.com
July 22, 2016

23.15.9.58
a23-15-9-58.deploy.static.akamaitechnologies.com
July 7, 2016

23.15.9.18
a23-15-9-18.deploy.static.akamaitechnologies.com
July 7, 2016

23.15.8.89
a23-15-8-89.deploy.static.akamaitechnologies.com
July 5, 2016

65.158.47.152
June 28, 2016

216.156.199.51
216.156.199.51.ptr.us.xo.net
June 7, 2016

216.156.199.49
216.156.199.49.ptr.us.xo.net
June 7, 2016

173.205.24.162
June 6, 2016

173.205.24.169
June 6, 2016

23.15.5.208
a23-15-5-208.deploy.static.akamaitechnologies.com
May 25, 2016

23.15.5.214
a23-15-5-214.deploy.static.akamaitechnologies.com
May 25, 2016

23.15.5.130
a23-15-5-130.deploy.static.akamaitechnologies.com
May 25, 2016

96.16.98.27
a96-16-98-27.deploy.akamaitechnologies.com
May 25, 2016

104.96.220.192
a104-96-220-192.deploy.static.akamaitechnologies.com
May 18, 2016

23.62.6.96
a23-62-6-96.deploy.static.akamaitechnologies.com
May 18, 2016

23.62.6.74
a23-62-6-74.deploy.static.akamaitechnologies.com
May 18, 2016

104.96.221.114
a104-96-221-114.deploy.static.akamaitechnologies.com
May 17, 2016

104.96.220.210
a104-96-220-210.deploy.static.akamaitechnologies.com
May 16, 2016

104.96.220.235
a104-96-220-235.deploy.static.akamaitechnologies.com
May 16, 2016

104.96.220.227
a104-96-220-227.deploy.static.akamaitechnologies.com
May 16, 2016

104.96.220.226
a104-96-220-226.deploy.static.akamaitechnologies.com
May 16, 2016

104.96.220.216
a104-96-220-216.deploy.static.akamaitechnologies.com
May 16, 2016

104.96.220.193
a104-96-220-193.deploy.static.akamaitechnologies.com
May 16, 2016

104.96.220.209
a104-96-220-209.deploy.static.akamaitechnologies.com
May 16, 2016

 
Showing 30 of 152 IP Addresses

File downloads found at URLs served by files4.downloadnet253.com.

1 / 68      (PUP)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=75199&cb=-138305353&executable=1197357  (additionaloffers-setup.exe)

24 / 68    (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=85831&cb=1439326984  (additionaloffers-setup.exe)

1 / 68      (PUP)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=75981&cb=789133685&executable=1197357  (kmpaddedcode_oppercd.exe)

1 / 68      (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=75825&cb=2043517014  (additionaloffers-setup.exe)

1 / 68      (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=74441&cb=-1556434427  (kmpaddedcode_oppercd.exe)

1 / 68      (PUP)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=74441&cb=2087649344&executable=1197357  (kmpaddedcode_oppercd.exe)

1 / 68      (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=74485&cb=-1055364356  (kmpaddedcode_oppercd.exe)

23 / 68    (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=85123&cb=-420126812  (additionaloffers-setup.exe)

1 / 68      (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=76521&cb=-1641943457  (additionaloffers-setup.exe)

21 / 68    (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=77443&cb=-1191615232  (kmpaddedcode_oppercd.exe)

23 / 68    (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=74353&cb=262707600  (additionaloffers-setup.exe)

1 / 68      (PUP)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=74797&cb=-806428923&executable=1197357  (additionaloffers-setup.exe)

1 / 68      (PUP)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=75981&cb=1591047483&executable=1197357  (kmpaddedcode_oppercd.exe)

23 / 68    (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=84325&cb=-2090374539  (additionaloffers-setup.exe)

23 / 68    (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=74353&cb=-2047445424  (additionaloffers-setup.exe)

18 / 68    (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=75045&cb=1771424512  (kmpaddedcode_oppercd.exe)

21 / 68    (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=74485&cb=-568749922  (kmpaddedcode_oppercd.exe)

1 / 68      (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=87441&cb=977381442&executable=1198105  (kmpaddedcode_oppercd.exe)

1 / 68      (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=74441&cb=-157130464  (kmpaddedcode_oppercd.exe)

1 / 68      (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=74441&cb=-1652885753  (kmpaddedcode_oppercd.exe)

1 / 68      (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=84481&cb=156575374  (additionaloffers-setup.exe)

1 / 68      (PUP)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=77443&cb=1851244614&executable=1197357  (additionaloffers-setup.exe)

23 / 68    (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=75981&cb=-1088124687  (additionaloffers-setup.exe)

1 / 68      (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=74353&cb=1164305923&executable=1198105  (kmpaddedcode_oppercd.exe)

1 / 68      (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=74441&cb=-1213522861  (kmpaddedcode_oppercd.exe)

23 / 68    (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=84325&cb=45985331  (additionaloffers-setup.exe)

1 / 68      (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=76521&cb=-363614273&executable=1198105  (kmpaddedcode_oppercd.exe)

1 / 68      (PUP)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=74485&cb=-1684778293&executable=1197357  (additionaloffers-setup.exe)

21 / 68    (Adware)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=77443&cb=-1076824948  (kmpaddedcode_oppercd.exe)

1 / 68      (PUP)
http://files4.downloadnet253.com/dl-pure/.../?bc=1188307&checksum=84325&cb=-915476980&executable=1197357  (additionaloffers-setup.exe)

 
Latest 30 of 829 download URLs

The following 1137 files have been seen to comunicate with files4.downloadnet253.com in live environments.

TCP » 184.51.126.74:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.112.235.19:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 184.51.126.99:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.50:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.80:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.74:80
browser.exe (Browser)

TCP » 184.51.126.107:443
kometa.exe (Kometa by Kometa Authors)

TCP » 184.51.126.82:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.82:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.104:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 23.219.88.176:80
DTM_2.exe (DTM_2)

TCP » 184.51.126.89:443
kometa.exe (Kometa by Kometa Authors)

TCP » 184.51.126.90:443
kometa.exe (Kometa by Kometa Authors)

TCP » 184.51.126.99:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.89:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.83:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.80:80
plugin.exe

TCP » 184.51.126.49:80
updateadmin.exe

TCP » 184.51.126.104:80
plugin.exe

TCP » 184.51.126.90:80
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 1,361 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.