home

files5.freega.me

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain files5.freega.me is registered by proxy through GoDaddy.com, LLC R41-ME (146) and was originally registered in September of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
GoDaddy.com, LLC R41-ME (146)

Server location:
Texas, United States (US)

Create date:
Friday, September 30, 2011

Expires date:
Friday, September 30, 2016

Updated date:
Thursday, October 1, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:
freega.me

Whois:
3 freega.me records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Tightrope.Sanflex.Bundler (M), PUP.Tightrope.DownloadAdmin.Bundler (M), PUP.Tightrope.Bundler, PUP.Tightrope.Download.Bundler (M), PUP.Tightrope.Zoobam.Bundler (M), PUP.TomorrowSoftware.GOLDENBA.Bundler (M), PUP.Tightrope.Statscom.Bundler (M)
100.00%

The domain files5.freega.me has been seen to resolve to the following 4 IP addresses.

50.22.63.138
50.22.63.138-static.reverse.softlayer.com
December 1, 2014

50.22.63.140
50.22.63.140-static.reverse.softlayer.com
December 1, 2014

50.97.63.217
50.97.63.217-static.reverse.softlayer.com
April 11, 2014

108.168.160.45
108.168.160.45-static.reverse.softlayer.com
April 11, 2014

File downloads found at URLs served by files5.freega.me.

1 / 68      (Adware)
http://files5.freega.me/dl?bc=12720&geo  (cookingdash-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=10653&geo  (burgershop2-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=13620&geo  (mahjonggartifacts2-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=13614&geo  (mahjonggartifacts-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=13404&geo  (jewelquest3-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=580023&geo  (schoolmatespasttopresent-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=580215&geo  (thefalltrilogychapter1separation-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=13056&geo  (fishtycoon-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=6933&geo  (thetreasureofmontezuma2-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=10645&geo  (thetreasureofmontezuma-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=10641&geo  (jewelquest3-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=10651&geo  (jewelquest2-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=10673&geo  (farmmania2-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=12564&geo  (buildalot-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=13908&geo  (puzzleexpress-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=14064&geo  (slingosupreme-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=12972&geo  (farmfrenzy-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=6884&geo  (virtualfamilies-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=12600&geo  (cakemania-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=14634&geo  (zombiebowlorama-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=13668&geo  (minigolf-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=13878&geo  (planttycoon-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=13608&geo  (mahjongworld-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=10669&geo  (jewelquestmysteries2trailofmidnightheart-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=13704&geo  (mortimerbeckettandthetimeparadox-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=12810&geo  (dinerdash2-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=10643&geo  (7wondersii-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=13734&geo  (mysteryofsharkisland-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=10667&geo  (magicencyclopediamoonlight-setup.exe)

1 / 68      (Adware)
http://files5.freega.me/dl?bc=13428&geo  (jigsawworld-setup.exe)

 
Latest 30 of 90 download URLs

The following 236 files have been seen to comunicate with files5.freega.me in live environments.

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.63.217:80
TNT2User.exe (by Eshield)

TCP » 50.97.63.217:80
eshieldtoolbar.exe (by Eshield)

TCP » 50.22.63.138:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.140:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.140:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.138:80
update_31.exe (Fast Downloader Media)

TCP » 50.22.63.140:80
windowssoftwareupdater.exe (SoftwareUpdater)

TCP » 50.22.63.138:80
updateadmin.exe

TCP » 50.22.63.138:80
windowssoftwareupdater.exe (SoftwareUpdater)

TCP » 50.22.63.140:80
updateadmin.exe

TCP » 50.22.63.140:80
update_31.exe (Fast Downloader Media)

TCP » 50.22.63.138:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.138:80
netdownloader.exe

TCP » 50.22.63.140:80
netdownloader.exe

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.140:80
update_14.exe (Fast Downloader Media)

 
Latest 20 of 319 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.