files4.safelink9.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain files4.safelink9.com is registered by proxy through GODADDY.COM, LLC and was originally registered in December of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States which resides on the MCI Communications Services, Inc. d/b/a Verizon Business network.
Registrar:
GODADDY.COM, LLC

Server location:
Illinois, United States (US)

Create date:
Thursday, December 26, 2013

Expires date:
Monday, December 26, 2016

Updated date:
Sunday, December 27, 2015

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Root domain:

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.FullSpectrumInteractive.Y, PUP.Installer.FullSpectrumInteractive.BB, PUP.Installer.Groovecom.Y, PUP.Win.Reputation, PUP.FullSpectrumInteractive.Installer (M), PUP.DownloadAdmin.FullSpectrumInteractive.Installer (M), PUP.UPlayerMedia.Installer.Meta (M), PUP.DownloadAdmin.Groovecom.Installer (M), PUP.DownloadAdmin (M)
93.94%

VIPRE Antivirus
DownloadAdmin, Threat.4783369, Trojan.Win32.Generic, Threat.4150696
78.79%

Dr.Web
Adware.Downware.2220, Threat.Undefined, Adware.DAdmin.151, Trojan.Vittalia.2
75.76%

NANO AntiVirus
Trojan.Win32.Downware.crgjbr, Riskware.Win32.Downware.crgjbr, Riskware.Win32.Downware.djahkt, Trojan.Win32.DAdmin.djhtdm
66.67%

Sophos
Download Admin, Generic PUA OK, PUA 'Download Admin'
66.67%

ESET NOD32
Win32/DownloadAdmin, Win32/DownloadAdmin (variant), Win32/DownloadAdmin.G potentially unwanted
63.64%

AVG
MalSign.InstallC, Generic
51.52%

Avira AntiVirus
APPL/Downloader.Gen, ADWARE/Adware.Gen, TR/Trash.Gen, PUA/DownloadAdmin.Gen
45.45%

McAfee Web Gateway
Artemis!60BC40941F0A, Artemis!AE4749A366F2, BehavesLike.Win32.Downloader.bc, Artemis!39114A1017B8, BehavesLike.Win32.Downloader.cc
42.42%

Trend Micro House Call
TROJ_GEN.F47V0211, TROJ_GEN.F47V0326, TROJ_GEN.F47V0525, Suspici.B577CD42, TROJ_GEN.F47V0507, TROJ_GEN.R047C0OK814
36.36%

F-Secure
Application.Bundler.I, Adware:W32/WebInstallBundle
36.36%

Malwarebytes
PUP.Optional.BundleInstaller.A, PUP.Optional.DownloadAdmin
30.30%

K7 AntiVirus
Unwanted-Program , Trojan
30.30%

K7 Gateway Antivirus
Unwanted-Program , Trojan
30.30%

avast!
Adware-OH [Adw], NSIS:Adware-OH [Adw], Win32:GenMalicious-AGK [Trj], Win32:GenMalicious-AGF [Trj], Malware-gen
27.27%

The domain files4.safelink9.com has been seen to resolve to the following 54 IP addresses.

a23-15-7-105.deploy.static.akamaitechnologies.com
April 19, 2016

a23-15-7-97.deploy.static.akamaitechnologies.com
April 19, 2016

a184-51-126-90.deploy.static.akamaitechnologies.com
April 13, 2016

a184-51-126-83.deploy.static.akamaitechnologies.com
April 13, 2016

a23-0-160-88.deploy.static.akamaitechnologies.com
February 20, 2016

a23-0-160-98.deploy.static.akamaitechnologies.com
February 20, 2016

May 5, 2015

a96-6-113-162.deploy.akamaitechnologies.com
May 3, 2015

a96-6-113-153.deploy.akamaitechnologies.com
May 3, 2015

a173-223-205-50.deploy.static.akamaitechnologies.com
May 3, 2015

a173-223-205-11.deploy.static.akamaitechnologies.com
May 3, 2015

a184-26-44-98.deploy.static.akamaitechnologies.com
May 3, 2015

a184-26-44-103.deploy.static.akamaitechnologies.com
May 3, 2015

a184-26-136-83.deploy.static.akamaitechnologies.com
January 7, 2015

a184-26-136-64.deploy.static.akamaitechnologies.com
January 7, 2015

a23-15-9-138.deploy.static.akamaitechnologies.com
December 9, 2014

a23-15-9-147.deploy.static.akamaitechnologies.com
December 9, 2014

a23-62-7-33.deploy.static.akamaitechnologies.com
December 1, 2014

a23-62-7-9.deploy.static.akamaitechnologies.com
December 1, 2014

a23-32-248-43.deploy.static.akamaitechnologies.com
November 2, 2014

a23-32-248-17.deploy.static.akamaitechnologies.com
November 2, 2014

a184-50-229-137.deploy.static.akamaitechnologies.com
September 7, 2014

a184-50-229-177.deploy.static.akamaitechnologies.com
September 7, 2014

a23-0-160-74.deploy.static.akamaitechnologies.com
September 4, 2014

a23-0-160-11.deploy.static.akamaitechnologies.com
September 4, 2014

a184-51-126-32.deploy.static.akamaitechnologies.com
September 4, 2014

a23-62-6-51.deploy.static.akamaitechnologies.com
September 3, 2014

a23-62-6-40.deploy.static.akamaitechnologies.com
September 3, 2014

a184-51-126-50.deploy.static.akamaitechnologies.com
September 3, 2014

a184-51-126-56.deploy.static.akamaitechnologies.com
September 3, 2014

 
Showing 30 of 54 IP Addresses

File downloads found at URLs served by files4.safelink9.com.

 
Latest 30 of 273 download URLs

The following 974 files have been seen to comunicate with files4.safelink9.com in live environments.

 
Latest 20 of 1,024 files