home

files4.safelink9.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain files4.safelink9.com is registered by proxy through GODADDY.COM, LLC and was originally registered in December of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States which resides on the MCI Communications Services, Inc. d/b/a Verizon Business network.
Registrar:
GODADDY.COM, LLC

Server location:
Illinois, United States (US)

Create date:
Thursday, December 26, 2013

Expires date:
Monday, December 26, 2016

Updated date:
Sunday, December 27, 2015

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Root domain:
safelink9.com

Whois:
3 safelink9.com records

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.FullSpectrumInteractive.Y, PUP.Installer.FullSpectrumInteractive.BB, PUP.Installer.Groovecom.Y, PUP.Win.Reputation, PUP.FullSpectrumInteractive.Installer (M), PUP.DownloadAdmin.FullSpectrumInteractive.Installer (M), PUP.UPlayerMedia.Installer.Meta (M), PUP.DownloadAdmin.Groovecom.Installer (M), PUP.DownloadAdmin (M)
93.94%

VIPRE Antivirus
DownloadAdmin, Threat.4783369, Trojan.Win32.Generic, Threat.4150696
78.79%

Dr.Web
Adware.Downware.2220, Threat.Undefined, Adware.DAdmin.151, Trojan.Vittalia.2
75.76%

NANO AntiVirus
Trojan.Win32.Downware.crgjbr, Riskware.Win32.Downware.crgjbr, Riskware.Win32.Downware.djahkt, Trojan.Win32.DAdmin.djhtdm
66.67%

Sophos
Download Admin, Generic PUA OK, PUA 'Download Admin'
66.67%

ESET NOD32
Win32/DownloadAdmin, Win32/DownloadAdmin (variant), Win32/DownloadAdmin.G potentially unwanted
63.64%

AVG
MalSign.InstallC, Generic
51.52%

Avira AntiVirus
APPL/Downloader.Gen, ADWARE/Adware.Gen, TR/Trash.Gen, PUA/DownloadAdmin.Gen
45.45%

Trend Micro House Call
TROJ_GEN.F47V0211, TROJ_GEN.F47V0326, TROJ_GEN.F47V0525, Suspici.B577CD42, TROJ_GEN.F47V0507, TROJ_GEN.R047C0OK814
36.36%

F-Secure
Application.Bundler.I, Adware:W32/WebInstallBundle
36.36%

Malwarebytes
PUP.Optional.BundleInstaller.A, PUP.Optional.DownloadAdmin
30.30%

K7 AntiVirus
Unwanted-Program , Trojan
30.30%

avast!
Adware-OH [Adw], NSIS:Adware-OH [Adw], Win32:GenMalicious-AGK [Trj], Win32:GenMalicious-AGF [Trj], Malware-gen
27.27%

Agnitum Outpost
Riskware.Agent
27.27%

McAfee
Artemis!60BC40941F0A, Artemis!AE4749A366F2, Artemis!39114A1017B8, Artemis!5F7A1F7B4663, Trojan.Artemis!67DA572C248F, Artemis!E08ED8C62EE4
21.21%

The domain files4.safelink9.com has been seen to resolve to the following 54 IP addresses.

23.15.7.105
a23-15-7-105.deploy.static.akamaitechnologies.com
April 19, 2016

23.15.7.97
a23-15-7-97.deploy.static.akamaitechnologies.com
April 19, 2016

184.51.126.90
a184-51-126-90.deploy.static.akamaitechnologies.com
April 13, 2016

184.51.126.83
a184-51-126-83.deploy.static.akamaitechnologies.com
April 13, 2016

23.0.160.88
a23-0-160-88.deploy.static.akamaitechnologies.com
February 20, 2016

23.0.160.98
a23-0-160-98.deploy.static.akamaitechnologies.com
February 20, 2016

63.88.100.168
May 5, 2015

96.6.113.162
a96-6-113-162.deploy.akamaitechnologies.com
May 3, 2015

96.6.113.153
a96-6-113-153.deploy.akamaitechnologies.com
May 3, 2015

173.223.205.50
a173-223-205-50.deploy.static.akamaitechnologies.com
May 3, 2015

173.223.205.11
a173-223-205-11.deploy.static.akamaitechnologies.com
May 3, 2015

184.26.44.98
a184-26-44-98.deploy.static.akamaitechnologies.com
May 3, 2015

184.26.44.103
a184-26-44-103.deploy.static.akamaitechnologies.com
May 3, 2015

184.26.136.83
a184-26-136-83.deploy.static.akamaitechnologies.com
January 7, 2015

184.26.136.64
a184-26-136-64.deploy.static.akamaitechnologies.com
January 7, 2015

23.15.9.138
a23-15-9-138.deploy.static.akamaitechnologies.com
December 9, 2014

23.15.9.147
a23-15-9-147.deploy.static.akamaitechnologies.com
December 9, 2014

23.62.7.33
a23-62-7-33.deploy.static.akamaitechnologies.com
December 1, 2014

23.62.7.9
a23-62-7-9.deploy.static.akamaitechnologies.com
December 1, 2014

23.32.248.43
a23-32-248-43.deploy.static.akamaitechnologies.com
November 2, 2014

23.32.248.17
a23-32-248-17.deploy.static.akamaitechnologies.com
November 2, 2014

184.50.229.137
a184-50-229-137.deploy.static.akamaitechnologies.com
September 7, 2014

184.50.229.177
a184-50-229-177.deploy.static.akamaitechnologies.com
September 7, 2014

23.0.160.74
a23-0-160-74.deploy.static.akamaitechnologies.com
September 4, 2014

23.0.160.11
a23-0-160-11.deploy.static.akamaitechnologies.com
September 4, 2014

184.51.126.32
a184-51-126-32.deploy.static.akamaitechnologies.com
September 4, 2014

23.62.6.51
a23-62-6-51.deploy.static.akamaitechnologies.com
September 3, 2014

23.62.6.40
a23-62-6-40.deploy.static.akamaitechnologies.com
September 3, 2014

184.51.126.50
a184-51-126-50.deploy.static.akamaitechnologies.com
September 3, 2014

184.51.126.56
a184-51-126-56.deploy.static.akamaitechnologies.com
September 3, 2014

 
Showing 30 of 54 IP Addresses

File downloads found at URLs served by files4.safelink9.com.

1 / 68      (PUP)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=-193830631  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=176681&bc=919437&country=GB&cb=-1074716326  (uplayermediaplayer-setup.exe)

11 / 68    (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=41737&bc=919437&country=FR&cb=565474059  (uplayermediaplayer-setup.exe)

1 / 68      (Adware)
http://files4.safelink9.com/download/.../dl?s=cpx&c=affiliate&brand=uplayer.us.com&pid=cpx&aid=228&bc=896274&country=US&cb=-327575853  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files4.safelink9.com/download/.../dl?bc=969091&pid=xertive&brand=uplayer.us.com&aid=PUTPUBIDHERE&s=xertive&country=US&cb=2099323808&zTmp=1  (uplayermediaplayer-setup.exe)

9 / 68      (PUP)
http://files4.safelink9.com/download/.../dl?s=cpx&brand=uplayer.us.com&pid=cpx&aid=674&bc=969819&country=US&cb=-1351031801  (uplayermediaplayer-setup.exe)

12 / 68    (PUP)
http://files4.safelink9.com/download/.../dl?s=w4&brand=uplayer.us.com&pid=w4&aid=104074&bc=951917&country=US&cb=142973637  (uplayermediaplayer-setup.exe)

10 / 68    (PUP)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=582531&bc=919437&country=US&cb=-59129255  (uplayermediaplayer-setup.exe)

10 / 68    (PUP)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=1590455237  (uplayermediaplayer-setup.exe)

10 / 68    (PUP)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=-1994477941  (uplayermediaplayer-setup.exe)

10 / 68    (PUP)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=2110353086  (uplayermediaplayer-setup.exe)

7 / 68      (PUP)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=-863418326  (uplayermediaplayer-setup.exe)

16 / 68    (Adware)
http://files4.safelink9.com/download/.../dl?s=xertive&brand=uplayer.us.com&pid=xertive&aid=PUTPUBIDHERE&bc=969091&country=US&cb=-1402159639&zTmp=1  (uplayermediaplayer-setup.exe)

14 / 68    (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=41737&bc=919437&country=FR&cb=-407665886  (uplayermediaplayer-setup.exe)

6 / 68      (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=-1850596037  (uplayermediaplayer-setup.exe)

6 / 68      (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=-566708326  (uplayermediaplayer-setup.exe)

6 / 68      (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=-1020850400  (uplayermediaplayer-setup.exe)

6 / 68      (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=1599859869  (uplayermediaplayer-setup.exe)

6 / 68      (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=-2009607296  (uplayermediaplayer-setup.exe)

6 / 68      (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=-1143021896  (uplayermediaplayer-setup.exe)

6 / 68      (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=-338142846  (uplayermediaplayer-setup.exe)

6 / 68      (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=1384148128  (uplayermediaplayer-setup.exe)

6 / 68      (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=1326090921  (uplayermediaplayer-setup.exe)

8 / 68      (PUP)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=-1824466794  (uplayermediaplayer-setup.exe)

11 / 68    (Adware)
http://files4.safelink9.com/download/.../dl?bc=969091&pid=xertive&brand=uplayer.us.com&aid=PUTPUBIDHERE&s=xertive&country=US&cb=649523183&zTmp=1  (uplayermediaplayer-setup.exe)

11 / 68    (Adware)
http://files4.safelink9.com/download/.../dl?bc=969091&pid=xertive&brand=uplayer.us.com&aid=PUTPUBIDHERE&s=xertive&country=US&cb=-736158550&zTmp=1  (Setup.exe)

16 / 68    (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=-1187531022  (uplayermediaplayer-setup.exe)

14 / 68    (Adware)
http://files4.safelink9.com/download/.../dl?bc=969091&pid=xertive&brand=uplayer.us.com&aid=PUTPUBIDHERE&s=xertive&country=US&cb=-1363487249&osName=Windows&osVersion=7&browserName=Chrome&browserVersion=39&zTmp=1  (uplayermediaplayer-setup.exe)

5 / 68      (Adware)
http://files4.safelink9.com/download/.../dl?s=matomy&brand=uplayer.us.com&pid=matomy&aid=30679&bc=919437&country=US&cb=-231075051  (uplayermediaplayer-setup.exe)

15 / 68    (Adware)
http://files4.safelink9.com/download/.../dl?bc=969091&pid=xertive&brand=uplayer.us.com&aid=PUTPUBIDHERE&s=xertive&country=US&cb=2092619885&zTmp=1  (uplayermediaplayer-setup.exe)

 
Latest 30 of 273 download URLs

The following 974 files have been seen to comunicate with files4.safelink9.com in live environments.

TCP » 184.26.44.103:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.50:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.98:80
cpx.exe (Google Embedded Application)

TCP » 184.51.126.90:443
kometa.exe (Kometa by Kometa Authors)

TCP » 184.51.126.83:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.103:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.90:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.83:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.98:443
dailywiki.exe

TCP » 184.51.126.90:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.98:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.50:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.56:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.83:443
messengertime.exe

TCP » 184.26.44.103:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.103:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 23.15.7.97:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 184.51.126.90:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.98:80
dailywiki.exe

TCP » 184.51.126.83:443
whatsapptime.exe

 
Latest 20 of 1,024 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.