204.11.56.48

Confluence Networks Inc

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 204.11.56.48 is Confluence Networks Inc and located in Tortola within VG. Currently there are 408 domain names that utilize this address. While the physical location of the server hosting the address is located in British Virgin Islands, Confluence Networks Inc is registered in Road Town, Tortola. The primary domain hosted by this IP is www.online-video-accelerator.com along with 407 other domains which are known adware distribution web sites.
Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Dr.Web
Adware.Downware.1833, Adware.Downware.2081, Adware.Downware.1263, Adware.Downware.3933, Adware.Downware.3925, Threat.Undefined, Adware.Downware.6586
80.49%

Reason Heuristics
PUP.Installer.Amonetizeltd.GG, PUP.InstallLabltd.P, PUP.Installer.OUTBROWSE.F, PUP.OUTBROWSE.N, PUP.OUTBROWSE.F, PUP.OUTBROWSE.L, PUP.OUTBROWSE.E, PUP.FastDownloads.G, PUP.Installer.OutBrowse.F, PUP.Installer.BundloreLimited.F, PUP.MaxigetLimited.Y, PUP.MaxigetLimited.P, PUP.FileVerified.O, PUP.New IT Limited, PUP.New IT Limited.Maxiget
78.05%

Malwarebytes
PUP.Optional.Monetizer, PUP.Optional.InstallMonetizer, PUP.Optional.Amonetize, PUP.Optional.OneClickDownloader.A, PUP.Optional.Amonetize.A
75.61%

ESET NOD32
Win32/Amonetize.AA (variant), Win32/Amonetize.AD (variant), Win32/Amonetize.AJ (variant), Win32/OutBrowse, Win32/Amonetize.AS (variant)
58.54%

NANO AntiVirus
Riskware.Nsis.Tron.cvleaj, Trojan.Win32.Generic.cthmwf, Riskware.Win32.Downware.dedwtz, Trojan.Win32.Badur.djjutj, Riskware.Win32.Downware.djhyre
56.10%

AVG
MalSign.Generic, InstallC, Generic_r, MalSign.OutBrowse, Bundlo, Adware Generic5.CHSX.dropper
53.66%

McAfee
Artemis!61B0F21DCE77, Adware-Amonetize!9468B3566BA3, Artemis!0B496C37A93A, Artemis!464F7A8A3D64, Artemis!9017882E8D17, Artemis!02A8E61B1281, Artemis!7FD876E99F37
41.46%

VIPRE Antivirus
Trojan-Downloader.Win32.Agent, Amonetize, Conduit, CoolMirage Ltd, OutBrowse, Threat.4823950, Threat.4150696, Bundlore
39.02%

Trend Micro House Call
TROJ_GEN.F47V0102, TROJ_GEN.R0CBH07AB14, TROJ_GEN.F47V0123, TROJ_GEN.F47V0122, TROJ_GEN.F47V0322, TROJ_GEN.F47V0327, TROJ_GEN.F47V0410
36.59%

Avira AntiVirus
APPL/Amonetize.hsn.55, ADWARE/Adware.Gen2, APPL/Downloader.Gen, APPL/CoolMirage.Gen, APPL/Downloader.Gen9, TR/Agent.84000
34.15%

The following domains resolved to the IP address 204.11.56.48.

Latest 50 of 408 domains

File URLs download from 204.11.56.48.

12 / 68    (Adware)

29 / 68    (Adware)
https://4sd.files-download-71.com/.../Maple 9.5.exe  (6534e427349c6dd51449e6d67674877b)

20 / 68    (Adware)
http://cdn.videos-free-download.com/.../setup.exe  (ed77abd0d0781ef9f60ae9642229e85e)

16 / 68    (Adware)
https://4sd.files-download-71.com/.../4shared_Desktop.exe  (d14501e0be1ba591b99ac8cdd0cbdbda)

33 / 68    (Adware)

7 / 68      (Adware)

10 / 68    (Adware)
http://www.torntv-downloader.com/.../torrent.exe  (mp3_-_192kbps_oasis_-_stop_the_clocks.exe)

7 / 68      (Adware)

4 / 68      (Adware)
http://www.torntv-downloader.com/.../Blues_Clues_ABCtime.exe  (pretty_little_liars_s05e02_hdtv_x264_lol[ettv].exe)

9 / 68      (Adware)

11 / 68    (Adware)

 
Latest 30 of 13,222 download URLs

The following 2 files have been seen to comunicate with this IP address in live environments.

TCP port 80

TCP port 80

The geographical location of this IP address.

Country:
VG (VG)

Region:
British Virgin Islands

City:
Road Town

Coordinates:
18.4167, -64.6167

The ARIN network assigned organization for IP address 204.11.56.48.

Org name:
Confluence Networks Inc

Org identifier:
CN

Org country:
VG (VG)

Org region:
Tortola

Org city:
Road Town

Org address:
3rd Floor, Omar Hodge Building, Wickhams

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
NetRange: 204.11.56.0 - 204.11.59.255
CIDR: 204.11.56.0/22
NetName: CONFLUENCE-NETWORKS--TX3
NetHandle: NET-204-11-56-0-1
Parent: NET204 (NET-204-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS40034
Organization: Confluence Networks Inc (CN)
RegDate: 2012-09-24
Updated: 2012-09-24
Comment: Hosted in Austin TX.
Comment: Abuse :
Comment: abuse@confluence-networks.com
Comment: +1-917-386-6118
Ref: http://whois.arin.net/rest/net/NET-204-11-56-0-1

OrgName: Confluence Networks Inc
OrgId: CN
Address: 3rd Floor, Omar Hodge Building, Wickhams
Address: Cay I, P.O. Box 362
City: Road Town
StateProv: Tortola
PostalCode: VG1110
Country: VG
RegDate: 2011-04-07
Updated: 2011-07-05
Ref: http://whois.arin.net/rest/org/CN

OrgAbuseHandle: ABUSE3065-ARIN
OrgAbuseName: Abuse Admin
OrgAbusePhone: +1-917-386-6118
OrgAbuseEmail: abuse@confluence-networks.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE3065-ARIN

OrgTechHandle: TECHA29-ARIN
OrgTechName: Tech Admin
OrgTechPhone: +1-415-358-0858
OrgTechEmail: ipadmin@confluence-networks.com
OrgTechRef: http://whois.arin.net/rest/poc/TECHA29-ARIN

OrgNOCHandle: NOCAD51-ARIN
OrgNOCName: NOC Admin
OrgNOCPhone: +1-415-462-7734
OrgNOCEmail: noc@confluence-networks.com
OrgNOCRef: http://whois.arin.net/rest/poc/NOCAD51-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
40034

ASName:
CONFLUENCE-NETWORK-INC - Confluence Networks Inc,VG

ASHandle:
AS40034

Remove Malware from 204.11.56.48 - Powered by Reason Core Security