The domain www.down4load.com registered by Free Downloader was initially registered in May of 2013 through DOMAIN.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Manassas, Virginia within the United States which resides on the Leaseweb USA, Inc. network.
Registrant:
Free Downloader
Registrar:
DOMAIN.COM, LLC
Server location:
Virginia, United States (US)
Create date:
Friday, May 31, 2013
Expires date:
Tuesday, May 31, 2016
Updated date:
Saturday, August 8, 2015
ASN:
AS30633 LEASEWEB-US - Leaseweb USA, Inc.,US
Google Safe Browsing:
unwanted
Scanner detections:
Detections (96% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.InstallCore.T, PUP.WorldSetup.L, PUP.ISfreemium.L, PUP.STMSetup.M, PUP.STMSetup.L, PUP.ironSource, Threat.Installer.MaxSetup, PUP.installCore.STMSetup.Installer (M), PUP.installCore.MaxSetup (M), PUP.installCore.ISfreemium (M), PUP.installCore.WorldSetup (M), PUP.installCore.STMSetup (M), PUP.installCore.ISfreemi (M), PUP.installCore.Extended (M), PUP.installCore.WorldSet (M), PUP.installCore.Extended.Installer (M), PUP.installCore (M)
82.00%
VIPRE Antivirus
InstallCore, Threat.4837543, Threat.5063361, Threat.4786018, Threat.4788237
30.00%
Dr.Web
Trojan.Packed.24524, Trojan.MulDrop5.10078, Trojan.Packed.25266, Trojan.Siggen6.54687
30.00%
Malwarebytes
PUP.Optional.Freemium.A, PUP.Optional.InstallCore, PUP.Optional.InstallCore.A
26.00%
K7 AntiVirus
Unwanted-Program
26.00%
Sophos
Install Core Click run software, PUA 'Install Core Click run software'
24.00%
Comodo Security
Application.Win32.Agent.AP, Application.Win32.Installcore.WS, Application.Win32.Installcore.GGET, UnclassifiedMalware, Application.Win32.Agent.AH
24.00%
Avira AntiVirus
Adware/InstallCore.asike, ADWARE/InstallCore.Gen7, Adware/InstallCore.ahd.1, ADWARE/InstallCore.Gen9, PUA/InstallCore.Gen7
22.00%
F-Prot
W32/InstallCore.R3.gen, W32/A-6c5f2e7b, W32/A-dbe1ec51, W32/VB.AD.gen
22.00%
McAfee
Artemis!ED9BDC84F915, Artemis!415629593568, Artemis!BBB8CF126CFA, Artemis!896308AE98E5, CryptInno, Artemis!97E9FAA7CB0D, Artemis!BDF1AB4B172D
20.00%
Vba32 AntiVirus
Downware.InstallCore
20.00%
Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
18.00%
ESET NOD32
Win32/InstallCore.DK (variant), Win32/InstallCore.BY (variant), Win32/InstallCore.BY potentially unwanted (variant), Win32/InstallCore.FM
16.00%
Bkav FE
W32.Clod32d.Trojan, W32.HfsAdware, W32.Clod526.Trojan
14.00%
ESET NOD32
Win32/InstallCore.JE.gen potentially unwanted application, Win32/InstallCore.ON potentially unwanted application, Win32/InstallCore.PO potentially unwanted application, Win32/InstallCore.BY potentially unwanted application
14.00%
The domain www.down4load.com has been seen to resolve to the following 3 IP addresses.
108.61.24.23.constant.com
August 11, 2015
108.61.140.19.choopa.net
August 17, 2014
down4load.com
January 10, 2014
File downloads found at URLs served by www.down4load.com.
URL:
http://www.down4load.com/
Google Analytics:
UA-40230645
Title:
“down4load.com - The latest software for free”
Description:
“Get the latest versions of famous software products for free.”
Web server:
Apache (Phusion Passenger 4.0.59)
Statistics are for the previous month.
Related Domains