» www.ftdownloads.com
Overview
Analysis
IPs Addresses (7)
Downloads (18)
Network (431)
Website Detail
Statistics

www.ftdownloads.com

Domains By Proxy, LLC (Proxy Registrant)

Domain Information

The domain www.ftdownloads.com is registered by proxy through GODADDY.COM, LLC and was originally registered in November of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Hollywood, Florida within the United States which resides on the Prolexic Technologies, Inc. network.

Registrant:

Domains By Proxy, LLC

Registrar:

GODADDY.COM, LLC

Server location:

Florida, United States (US)

Create date:

Wednesday, November 28, 2012

Expires date:

Monday, November 28, 2016

Updated date:

Saturday, January 9, 2016

ASN:

AS32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Prolexic Technologies, Inc.,US

Root domain:

ftdownloads.com

Whois:

2 ftdownloads.com records

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.TanjaMatkovic.L, PUP.CoolMirage.p, PUP.CoolMirage.Z, PUP.CoolMirage.t, PUP.CoolMirage.I, PUP.CoolMirage.Installer (M), PUP.CoolMirage (M)

100.00%

Malwarebytes

PUP.Optional.OneClickDownloader.A

41.67%

Trend Micro House Call

TROJ_GEN.F47V1024, TROJ_GEN.F47V1015, TROJ_GEN.F47V1103, TROJ_GEN.F47V1111

33.33%

Dr.Web

Adware.Downware.1263

33.33%

VIPRE Antivirus

CoolMirage Ltd

33.33%

Sophos

CoolMirage

25.00%

ESET NOD32

Win32/AdWare.1ClickDownload.AP

16.67%

McAfee

Artemis!CF5D23C1A808, Artemis!58816AAC41C1

16.67%

Comodo Security

Application.Win32.MCool.D

16.67%

nProtect

Trojan-Downloader/W32.Agent.304352

8.33%

Bkav FE

W32.Clod916.Trojan

8.33%

The domain www.ftdownloads.com has been seen to resolve to the following 7 IP addresses.

69.39.236.56

ip-69.39.236.56.hosted.by.gigenet.com

June 6, 2016

172.99.89.216

April 18, 2016

72.52.4.119

unknown.prolexic.com

February 28, 2016

184.168.221.96

ip-184-168-221-96.ip.secureserver.net

January 31, 2016

184.169.175.49

ec2-184-169-175-49.us-west-1.compute.amazonaws.com

July 31, 2014

204.236.130.106

ec2-204-236-130-106.us-west-1.compute.amazonaws.com

March 14, 2014

54.215.5.252

ec2-54-215-5-252.us-west-1.compute.amazonaws.com

March 14, 2014

File downloads found at URLs served by www.ftdownloads.com.

1 / 68 (Adware)

http://www.ftdownloads.com/download/product_download.php?file=http://uploading.com/files/.../www keto sex com ??? ????&name=www keto sex com ??? ????&pub=ftdowns&sp=1 ({blocked}.exe)

7 / 68 (Adware)

http://www.ftdownloads.com/.../crack_solidworks_2009_64bits.exe (peugeot_partner_2001-2002_instrukcja_obsługi_pl.exe)

1 / 68 (Adware)

http://www.ftdownloads.com/download/url.php?sp=1&name=Qba Tvbinaav-Zbmneg.zc3&dld=0&file=uggc://jjj.4funerq.pbz/zc3/.../Qba_Tvbinaav-Zbmneg.ugz?nss=7637829&pub=ftdown5npm (don_giovanni-mozart.exe)

1 / 68 (Adware)

http://www.ftdownloads.com/download/product_download.php?file=http://letitbit.net/download/1525508/.../Sunny_leone_s_watch_me.rar.html&name=Sunny_leone_s_watch_me&pub=ftdowns&sp=1 (sunny_leone_s_watch_me.exe)

1 / 68 (Adware)

http://www.ftdownloads.com/download/product_download.php?file=http://.../132634&name=Tsunade Hentai Video&pub=ftdowns12&sp=1 (tsunade_hentai_video.exe)

3 / 68 (Adware)

http://www.ftdownloads.com/.../USB_NBA_Mod_Kit.exe (vcw-stripes.exe)

1 / 68 (Adware)

http://www.ftdownloads.com/download/product_download.php?file=http://uploading.com/.../iHandy-Translator-Pro-v1-1-6-ipa&name=iHandy-Translator-Pro-v1-1-6-ipa&pub=ftdowns&sp=1 (ihandy-translator-pro-v1-1-6-ipa.exe)

6 / 68 (Adware)

http://www.ftdownloads.com/.../Kaspersky_Engine_Anti-GameGuard_6.3.exe (ma_hyeon_gwon_-_wonderful_day_baby-faced_beauty_ost.exe)

9 / 68 (Adware)

http://www.ftdownloads.com/.../Leila_Fletcher_-_Piano_Course_-_Book_1.exe (100_plugin_photoshop_free.exe)

9 / 68 (Adware)

http://www.ftdownloads.com/.../Starbound_-_We_Can_Make_It.exe (100_plugin_photoshop_free.exe)

8 / 68 (Adware)

http://www.ftdownloads.com/.../S5ex2j_Despicable_Me_2_2013_720p_BRRip_x264_AAC_DiVERSiTY.exe (00000000)

1 / 68 (Adware)

http://www.ftdownloads.com/.../DownloadSetup.exe (adobe_photoshop_cs3.part1.exe)

7 / 68 (Adware)

http://www.ftdownloads.com/.../CWM_048.exe (peugeot_partner_2001-2002_instrukcja_obsługi_pl.exe)

1 / 68 (Adware)

http://www.ftdownloads.com/download/product_download.php?file=http://uploading.com/files/.../warhammer fantasy 8th edition empire&name=warhammer fantasy 8th edition empire&pub=ftdowns12&sp=1 (warhammer_fantasy_8th_edition_empire.exe)

9 / 68 (Adware)

http://www.ftdownloads.com/.../QbjaybnqFrghc.exe (100_plugin_photoshop_free.exe)

7 / 68 (Adware)

http://www.ftdownloads.com/.../Peugeot_Partner_2001-2002_Instrukcja_Obslugi_PL.exe (peugeot_partner_2001-2002_instrukcja_obsługi_pl.exe)

7 / 68 (Adware)

http://www.ftdownloads.com/.../Peugeot_Partner_2001-2002_Instrukcja_Obslugi_PL.exe (peugeot_partner_2001-2002_instrukcja_obsługi_pl.exe)

7 / 68 (Adware)

http://www.ftdownloads.com/.../Peugeot_Partner_2001-2002_Instrukcja_Obslugi_PL.exe (peugeot_partner_2001-2002_instrukcja_obsługi_pl.exe)

The following 431 files have been seen to comunicate with www.ftdownloads.com in live environments.

TCP » 69.39.236.56:80

globalupdate.exe (globalUpdate Update by globalUpdate)

TCP » 184.168.221.96:80

jingling.exe

TCP » 184.168.221.96:80

jingling.exe

TCP » 69.39.236.56:8888

popdeals.exe (Today)

TCP » 69.39.236.56:80

9fe7cfbf-5cc9-4391-a512-8a764fd807c3-1-7.exe (CinemaPlus-3.2cV20.05 by Cinema PlusV20.05)

TCP » 69.39.236.56:80

9fe7cfbf-5cc9-4391-a512-8a764fd807c3-5.exe (CinemaPlus-3.2cV20.05 by Cinema PlusV20.05)

TCP » 69.39.236.56:80

1573.exe (SavePass 1.1 by OB)

TCP » 69.39.236.56:80

9fe7cfbf-5cc9-4391-a512-8a764fd807c3-3.exe (CinemaPlus-3.2cV20.05 by Cinema PlusV20.05)

TCP » 69.39.236.56:80

6054.exe (SavePass 1.1 by OB)

TCP » 69.39.236.56:80

5dfde4f5-80af-4a98-8da4-e95b948f183d-10.exe (Ge-Force by Webar)

TCP » 69.39.236.56:80

a4bc936c-5e01-43ed-9315-bef9a4ae2675-10.exe (SavePass 1.1 by OB)

TCP » 69.39.236.56:80

pricehorse.exe (by Pay By Ads)

TCP » 69.39.236.56:80

tbhcn.exe (tcbhn by Blabbers Communications)

TCP » 69.39.236.56:80

d488e0ef-38ce-4f88-bb4a-7a53ee6d0463-1-7.exe (CinemaPlus-4.5vV22.05 by Cinema PlusV22.05)

TCP » 184.168.221.96:80

jingling.exe

TCP » 69.39.236.56:80

dailybee.exe

TCP » 184.168.221.96:80

crossbrowse.exe (Crossbrowse)

TCP » 69.39.236.56:80

024a6571-2a4e-4467-b299-604f4b85d0bf-7.exe (CinemaPlus-4.5vV23.05 by Cinema PlusV23.05)

TCP » 69.39.236.56:80

avast.exe

TCP » 69.39.236.56:80

shopwit.exe (by Pay By Ads)

Latest 20 of 475 files

URL:

http://www.ftdownloads.com/

Title:

“ftdownloads.com - ftdownloads Resources and Information.”

Description:

“ftdownloads.com is your first and best source for all of the information you’re looking for. From general topics to more of what you would expect to find here, ftdownloads.com has it all. We hope you find what you are searching for!”

Web server:

Microsoft-IIS/7.5 (ASP.NET)

Facebook:

Shares: 4

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.