home

b.foresting.info

Whois Privacy Corp.

Domain Information

Currently this domain has been known to host various forms of malware. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network.
Registrar:
TLD Registrar Solutions Ltd.

Server location:
Dublin City, Ireland (IE)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
foresting.info

Whois:
3 foresting.info records

Scanner detections:
Malware distribution  (93% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.InstallCore.FC.Installer (M)
100.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.Kazy.605162, Adware.MultiPlug.KO
15.38%

ESET NOD32
Win32/Adware.MultiPlug.JS application, Win32/Adware.MultiPlug.JZ application
15.38%

F-Secure
Gen:Variant.Adware.Kazy, Adware.MultiPlug.KO
15.38%

McAfee
Program.MultiPlug-FXP
15.38%

avast!
Win32:MultiPlug-ZD [PUP], Win32:PUP-gen [PUP]
15.38%

Lavasoft Ad-Aware
Gen:Variant.Adware.Kazy.605162, Adware.MultiPlug.KO
15.38%

Sophos
PUA 'MultiPlug' (of type Adware)
15.38%

MicroWorld eScan
Gen:Variant.Adware.Kazy.605162, Adware.MultiPlug.KO
15.38%

Malwarebytes
PUP.Optional.MultiPlug
15.38%

K7 AntiVirus
Unwanted-Program
15.38%

F-Prot
W32/S-3914999c, W32/S-15b9c31e
15.38%

Bitdefender
Gen:Variant.Adware.Kazy.605162, Adware.MultiPlug.KO
15.38%

AhnLab V3 Security
PUP/Win32.MultiPlug
15.38%

G Data
Gen:Variant.Adware.Kazy.605162, Adware.MultiPlug.KO
15.38%

The domain b.foresting.info has been seen to resolve to the following 6 IP addresses.

185.53.178.24
July 15, 2016

185.53.177.8
July 2, 2016

54.72.130.67
ns1.ibspark.com
April 10, 2016

52.24.161.49
ec2-52-24-161-49.us-west-2.compute.amazonaws.com
July 1, 2015

54.149.241.47
ec2-54-149-241-47.us-west-2.compute.amazonaws.com
May 7, 2015

54.69.228.231
ec2-54-69-228-231.us-west-2.compute.amazonaws.com
May 7, 2015

File downloads found at URLs served by b.foresting.info.

1 / 68      (Malware)
http://b.foresting.info/v24431?self_redirect=0&product_name=Tekken 6&file size=&product_title=Tekken 6&installer_file_name=Tekken 6&product_file_name=Tekken 6.exe&product_download_url=http://psp-roms.freeroms.com/psp_roms/popular/tekken_6.zip&reffer=http://.../dm_download.php?system=PSP&game_id=42593&affiliate_id=psp&affiliate_id=psp  (003bf5d746c6d100f701222e941c4d66)

0 / 68
http://b.foresting.info/v24431?self_redirect=0&product_name=Kirby 64&file size=&product_title=Kirby 64&installer_file_name=Kirby 64&product_file_name=Kirby 64.exe&product_download_url=http://n64.freeroms.com/n64-roms/1/kirby64.zip&reffer=http://.../dm_download.php?system=N64&game_id=3570&affiliate_id=n64&affiliate_id=n64  (142993ff907174163a747054d427e27e)

1 / 68      (Malware)
http://b.foresting.info/v24431?self_redirect=0&product_name=<font><font>Megaman Battle Network 6 Cybeast Gregar</font></font>&file size=&product_title=<font><font>Megaman Battle Network 6 Cybeast Gregar</font></font>&installer_file_name=<font><font>Megaman Battle Network 6 Cybeast Gregar</font></font>&product_file_name=<font><font>Megaman Battle Network 6 Cybeast Gregar</font></font>.exe&product_download_url=http://download.freeroms.com/gameboy_advance_roms/megaman_battle_network_6_cybeast_gregar.zip&reffer=http://.../dm_download.php?system=Gameboy_Advance&game_id=23655&affiliate_id=gba&affiliate_id=gba  (_font__font_megaman battle network 6 cybeast gregar__font___font_.exe)

1 / 68      (Malware)
http://b.foresting.info/v24431?self_redirect=0&product_name=Super Mario Advance 4 - Super Mario Bros. 3 (V1.1)&file size=&product_title=Super Mario Advance 4 - Super Mario Bros. 3 (V1.1)&installer_file_name=Super Mario Advance 4 - Super Mario Bros. 3 (V1.1)&product_file_name=Super Mario Advance 4 - Super Mario Bros. 3 (V1.1).exe&product_download_url=http://download.freeroms.com/gameboy_advance_roms/super_mario_advance_4super_mario_bros._3_(v1.1).zip&reffer=http://.../dm_download.php?system=Gameboy_Advance&game_id=23607&affiliate_id=gba&affiliate_id=gba  (9ccd6a38aca8fe859b206209412a73de)

1 / 68      (Malware)
http://b.foresting.info/v24431?self_redirect=0&product_name=WWF SmackDown! 2 - Know Your Role&file size=&product_title=WWF SmackDown! 2 - Know Your Role&installer_file_name=WWF SmackDown! 2 - Know Your Role&product_file_name=WWF SmackDown! 2 - Know Your Role.exe&product_download_url=http://psx1.freeroms.com/psx_roms/wa/wwf_smackdown!_2_-_know_your_role.zip&reffer=http://.../dm_download.php?system=PSX&game_id=36922&affiliate_id=psx&affiliate_id=psx  (4aa35e4d4098c19362fcdbc4382c7ae0)

1 / 68      (Malware)
http://b.foresting.info/v24431?self_redirect=0&product_name=Breath Of Fire&file size=&product_title=Breath Of Fire&installer_file_name=Breath Of Fire&product_file_name=Breath Of Fire.exe&product_download_url=http://download.freeroms.com/gameboy_advance_roms/breath_of_fire.zip&reffer=http://.../dm_download.php?system=Gameboy_Advance&game_id=23337&affiliate_id=gba&affiliate_id=gba  (d1b9c7dea5aaf8414813ec08e10dffa9)

1 / 68      (Malware)
http://b.foresting.info/v24431?self_redirect=0&product_name=Banjo-Kazooie&file size=&product_title=Banjo-Kazooie&installer_file_name=Banjo-Kazooie&product_file_name=Banjo-Kazooie.exe&product_download_url=http://n64.freeroms.com/n64-roms/1/banjokazooie.zip&reffer=http://.../dm_download.php?system=N64&game_id=3505&affiliate_id=n64&affiliate_id=n64  (29bc688b066251f63635b404fee880c9)

1 / 68      (Malware)
http://b.foresting.info/v24431?self_redirect=0&product_name=Fire Emblem - Path of Radiance&file size=&product_title=Fire Emblem - Path of Radiance&installer_file_name=Fire Emblem - Path of Radiance&product_file_name=Fire Emblem - Path of Radiance.exe&product_download_url=http://gc.freeroms.com/gamecube_roms/popular/fire_emblem_-_path_of_radiance.zip&reffer=http://.../dm_download.php?system=Nintendo_Gamecube&game_id=38637&affiliate_id=nintendo_gamecube&affiliate_id=nintendo_gamecube  (4389ffeaeaff261b93d0447e013f33d5)

1 / 68      (Adware)
http://b.foresting.info/v2111?self_redirect=0&product_name=Pokemon Colosseum&file size=&product_title=Pokemon Colosseum&installer_file_name=Pokemon Colosseum&product_file_name=Pokemon Colosseum.exe&product_download_url=http://gc.freeroms.com/gamecube_roms/popular/pokemon_colosseum.zip&reffer=http://.../dm_download.php?system=Nintendo_Gamecube&game_id=38841&affiliate_id=nintendo_gamecube&affiliate_id=nintendo_gamecube  (icreinstall_pokemon_colosseum.exe)

1 / 68      (Malware)
http://b.foresting.info/v2111?self_redirect=0&product_name=Batman&file size=&product_title=Batman&installer_file_name=Batman&product_file_name=Batman.exe&product_download_url=http://download.freeroms.com/nes_roms/01/batman.zip&reffer=http://.../dm_download.php?system=NES&game_id=641&affiliate_id=nes&affiliate_id=nes  (427f8ca5bdcc33bb82b053af0d724006)

1 / 68      (Malware)
http://b.foresting.info/v2111?self_redirect=0&product_name=Snowboard Kids 2&file size=&product_title=Snowboard Kids 2&installer_file_name=Snowboard Kids 2&product_file_name=Snowboard Kids 2.exe&product_download_url=http://n64.freeroms.com/n64-roms/2/snowboardkids2.zip&reffer=http://.../dm_download.php?system=N64&game_id=3884&affiliate_id=n64&affiliate_id=n64  (1d7e2b78e389cc162f8e8946c09a1b24)

1 / 68      (Malware)
http://b.foresting.info/v24431?self_redirect=0&product_name=Super Mario Bros. 3&file size=&product_title=Super Mario Bros. 3&installer_file_name=Super Mario Bros. 3&product_file_name=Super Mario Bros. 3.exe&product_download_url=http://download.freeroms.com/nes_roms/08/super_mario_bros._3.zip&reffer=http://.../dm_download.php?system=NES&game_id=26276&affiliate_id=nes&affiliate_id=nes  (b1ec146aab035c7904c40dd9fd2ae932)

27 / 68    (PUP)
http://b.foresting.info/v2111?self_redirect=0&product_name=Pokemon Mystic (Silver Hack)&file size=&product_title=Pokemon Mystic (Silver Hack)&installer_file_name=Pokemon Mystic (Silver Hack)&product_file_name=Pokemon Mystic (Silver Hack).exe&product_download_url=http://download.freeroms.com/gameboy_color_roms/pokemon_mystic_(silver_hack).zip&reffer=http://.../dm_download.php?system=Gameboy_Color&game_id=22046&affiliate_id=gameboy_color&affiliate_id=gameboy_color  (e54c.exe)

17 / 68    (PUP)
http://b.foresting.info/v2111?self_redirect=0&product_name=Mortal Kombat 4&file size=&product_title=Mortal Kombat 4&installer_file_name=Mortal Kombat 4&product_file_name=Mortal Kombat 4.exe&product_download_url=http://n64.freeroms.com/n64-roms/3/mortalkombat4.zip&reffer=http://.../dm_download.php?system=N64&game_id=4039&affiliate_id=n64&affiliate_id=n64  (3df1e641fdc35d8f12761a289c9c5d39)

The following 148 files have been seen to comunicate with b.foresting.info in live environments.

TCP » 54.72.130.67:80
simplefilesupdater.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall12590625.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall5322109.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall190602.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
googleupdate.exe

TCP » 54.72.130.67:80
browserserver.exe

TCP » 54.72.130.67:80
sm.exe (System Monitor)

TCP » 54.72.130.67:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.72.130.67:80
uninstall129231.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
sfupdater.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 54.72.130.67:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 54.72.130.67:80
pepperzip.exe

TCP » 54.72.130.67:80
internetenhancer.exe (Internet Enhancer)

TCP » 54.72.130.67:80
ssn.exe (ssn)

TCP » 54.72.130.67:443
mintcast_updater_service.exe (AutomaticUpdater)

TCP » 54.72.130.67:80
yacqq.exe

 
Latest 20 of 160 files

URL:
http://b.foresting.info/

Google Analytics:
UA-48689684

Title:
“foresting.info”

Web server:
nginx

1337xproxy.in

1clickdownloader.com

1dschool.com

1flymusic.com

1freesoftwareonline.com

215115638.com

360adstrack.com

4god.biz

4shared.net

55tjk.com

acidco.net

adexprt.me

adjalauto.com

adsclever.com

adsobject.com

adsservingowl.biz

adtrkx.com

africa-2010.com

agamefix.com

aiprosoft.com

alawar.it

all-baza.com

alwayswindcat.com

aminst.net

angelijah.com

angelijah.net

antivirus-gratuit.pro

anyras.com

app-mak.com

appapia.com

30 of 618 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.