home

cdn.backupgrid.net

DOTCOMINTERNETMARKETING

Domain Information

The domain cdn.backupgrid.net registered by DOTCOMINTERNETMARKETING was initially registered in September of 2011 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in London, England within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
ENOM, INC.

Server location:
England, United Kingdom (GB)

Create date:
Tuesday, September 27, 2011

Expires date:
Tuesday, September 27, 2016

Updated date:
Tuesday, September 27, 2011

ASN:
AS54104 AS-NETDNA - netDNA,US

Root domain:
backupgrid.net

Whois:
1 backupgrid.net record

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Bundle.Installer.Meta (L), PUP.Bundler.Installer.Installer.Meta (L), PUP.AffiliateBundler.Installer.Meta (M), PUP.BundledOffer.Installer.Installer.Meta (M)
92.00%

Kaspersky
UDS:DangerousObject.Multi.Generic, Trojan-Downloader.Win32.Genome, not-a-virus:RiskTool.Win32.MyPCBackup
10.00%

Baidu Antivirus
Adware.Win32.Genome, PUA.Win32.MyPCBackup
8.00%

VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic
8.00%

Dr.Web
Threat.Undefined, Program.Unwanted.713, Detection.Undefined
8.00%

Panda Antivirus
Trj/CI.A, Generic Suspicious
6.00%

ESET NOD32
Win32/MyPCBackup.E potentially unwanted application
6.00%

SUPERAntiSpyware
PUP.BundleInstaller
6.00%

NANO AntiVirus
Riskware.Nsis.Unwanted.dshbdc
6.00%

AVG
PCBackup
6.00%

K7 AntiVirus
Riskware
4.00%

McAfee
RDN/Generic Downloader.x!nh, Artemis!F9E3F03451EC
4.00%

Trend Micro House Call
TROJ_GEN.R021C0OE415, TROJ_GEN.R021H07EC15
4.00%

avast!
Win32:Malware-gen, Dropper-gen [Drp]
4.00%

ViRobot
Trojan.Win32.A.Downloader.162529[h], Trojan.Win32.A.Downloader.170380[h]
4.00%

The domain cdn.backupgrid.net has been seen to resolve to the following 3 IP addresses.

94.31.29.41
94.31.29.41.IPYX-077437-ZYO.above.net
June 7, 2016

94.31.29.237
94.31.29.237.IPYX-077437-ZYO.above.net
November 29, 2014

108.161.187.56
November 1, 2014

File downloads found at URLs served by cdn.backupgrid.net.

1 / 68      (PUP)
http://cdn.backupgrid.net/aff_setup.exe  (0a966f3fc2a498ea5c6c9bd2a38a6819)

The following 23 files have been seen to comunicate with cdn.backupgrid.net in live environments.

TCP » 94.31.29.41:80
aff_setup.exe

TCP » 94.31.29.41:80
adv_33.exe

TCP » 94.31.29.41:80
cloud_backup_setup.exe

TCP » 94.31.29.41:80
partner_setup.exe

TCP » 94.31.29.41:80
c_b_setup_new.exe

TCP » 94.31.29.237:80
Updater.exe (Updater_mpcb by Microsoft)

TCP » 94.31.29.41:80
sitpl_wdrh.exe

TCP » 94.31.29.41:80
cloud_backup_setup.exe

TCP » 94.31.29.41:80
aff_setup.exe

TCP » 94.31.29.41:80
_c_b_setup.tmp.exe

TCP » 94.31.29.41:80
mpb58ea.tmp.exe

TCP » 94.31.29.41:80
cloud_backup_setup_silentinstalloffer.exe

TCP » 94.31.29.237:80
backupsetup.exe

TCP » 94.31.29.41:80
aff_setup.exe

TCP » 94.31.29.41:80
cloud_backup_setup_cpa.exe

TCP » 94.31.29.41:80
cloud_backup_setup.exe

TCP » 94.31.29.41:80
aff_setup.exe

TCP » 94.31.29.41:80
cloud_backup_setup_downloadpageoffer.exe

TCP » 94.31.29.41:80
aff_setup.exe

TCP » 94.31.29.41:80
aff_setup.exe

 
Latest 20 of 24 files

URL:
http://cdn.backupgrid.net/

SSL certificate subject:
CN=*.backupgrid.net, OU=Domain Control Validated

SSL certificate issuer:
CN=AlphaSSL CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Web server:
NetDNA-cache/2.2

backupcdn.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.