home

stapi.maxrevinstaller.com

LiveSoftAction SRL

Domain Information

The domain stapi.maxrevinstaller.com registered by LiveSoftAction SRL was initially registered in March of 2014 through GANDI SAS. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
GANDI SAS

Server location:
Massachusetts, United States (US)

Create date:
Monday, March 10, 2014

Expires date:
Friday, March 10, 2017

Updated date:
Friday, January 29, 2016

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.,US

Root domain:
maxrevinstaller.com

Whois:
3 maxrevinstaller.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Sien (M), PUP.Sien.LiveSoft.Bundler (M)
100.00%

The domain stapi.maxrevinstaller.com has been seen to resolve to the following 58 IP addresses.

176.74.168.116
August 21, 2015

23.66.231.33
a23-66-231-33.deploy.static.akamaitechnologies.com
June 19, 2015

96.17.197.35
a96-17-197-35.deploy.akamaitechnologies.com
June 19, 2015

23.67.243.35
a23-67-243-35.deploy.static.akamaitechnologies.com
May 15, 2015

23.67.243.81
May 15, 2015

23.66.230.106
a23-66-230-106.deploy.static.akamaitechnologies.com
May 5, 2015

23.66.230.153
a23-66-230-153.deploy.static.akamaitechnologies.com
May 5, 2015

23.0.160.26
a23-0-160-26.deploy.static.akamaitechnologies.com
March 15, 2015

23.0.160.74
a23-0-160-74.deploy.static.akamaitechnologies.com
March 15, 2015

168.143.242.225
March 6, 2015

168.143.242.251
March 6, 2015

23.3.13.42
a23-3-13-42.deploy.static.akamaitechnologies.com
January 13, 2015

23.62.6.178
a23-62-6-178.deploy.static.akamaitechnologies.com
January 13, 2015

184.26.136.64
a184-26-136-64.deploy.static.akamaitechnologies.com
January 3, 2015

23.15.7.153
a23-15-7-153.deploy.static.akamaitechnologies.com
December 31, 2014

23.15.7.122
a23-15-7-122.deploy.static.akamaitechnologies.com
December 31, 2014

198.47.116.36
November 17, 2014

198.47.116.49
November 17, 2014

23.15.9.51
a23-15-9-51.deploy.static.akamaitechnologies.com
November 10, 2014

23.0.160.32
a23-0-160-32.deploy.static.akamaitechnologies.com
November 2, 2014

124.40.42.17
November 2, 2014

124.40.42.38
November 2, 2014

23.15.9.56
a23-15-9-56.deploy.static.akamaitechnologies.com
November 1, 2014

23.15.9.10
a23-15-9-10.deploy.static.akamaitechnologies.com
November 1, 2014

61.213.181.187
November 1, 2014

61.213.181.146
November 1, 2014

23.0.160.33
a23-0-160-33.deploy.static.akamaitechnologies.com
October 24, 2014

23.0.160.18
a23-0-160-18.deploy.static.akamaitechnologies.com
October 24, 2014

68.177.32.27
October 20, 2014

68.177.32.72
October 20, 2014

 
Showing 30 of 58 IP Addresses

File downloads found at URLs served by stapi.maxrevinstaller.com.

1 / 68      (Adware)
http://stapi.maxrevinstaller.com/api/.../setup.exe  (dying light.exe)

The following 423 files have been seen to comunicate with stapi.maxrevinstaller.com in live environments.

TCP » 23.3.13.200:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 23.62.6.178:80
browser.exe (Browser)

TCP » 23.3.13.200:80
GPlayer.exe (by Exent Technologies)

TCP » 23.62.6.178:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 23.62.6.176:80
browser.exe (Speed Browser by Long Mile Solutions)

TCP » 23.15.7.115:80
browser.exe (speed browser by Smart Applications)

TCP » 23.15.7.97:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 23.62.6.210:80
wikithemes.exe

TCP » 23.62.6.176:80
apptrailers.exe

TCP » 23.15.9.51:443
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 23.15.7.97:80
browser.exe (Browser)

TCP » 23.62.6.176:80
apptrailers.exe

TCP » 23.62.6.176:80
browser.exe (Speed Browser by Smart Applications)

TCP » 23.67.250.120:80
dailywiki.exe

TCP » 96.17.197.35:80
plugincontainer.exe

TCP » 23.62.6.210:80
wikithemes.exe

TCP » 23.15.9.56:443
bobrowser.exe (BoBrowser by The BoBrowser Authors)

TCP » 23.15.9.51:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 23.3.13.200:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 23.3.13.200:80
tmp5c5e.exe

 
Latest 20 of 446 files

URL:
http://stapi.maxrevinstaller.com/

Web server:
Microsoft-IIS/8.0 (ASP.NET) (Version: 4.0.30319)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.