home

dl.filesfordownloadfaster.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl.filesfordownloadfaster.com is registered by proxy through GODADDY.COM, LLC and was originally registered in January of 2016. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Morristown, New Jersey within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
New Jersey, United States (US)

Create date:
Monday, January 11, 2016

Expires date:
Wednesday, January 11, 2017

Updated date:
Thursday, April 7, 2016

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.,US

Root domain:
filesfordownloadfaster.com

Whois:
2 filesfordownloadfaster.com records

Google Safe Browsing:
malware

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.EilioDevelopmentssl.O, PUP.Solimba.EilioDevelopments.Installer (M), PUP.Solimba.EilioDev.Bundler (M), PUP.Solimba.EilioDev.Installer (M), PUP.Solimba (M)
85.71%

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.Kazy.132995
28.57%

Dr.Web
Trojan.DownLoader11.24441
28.57%

Kaspersky
not-a-virus:Downloader.Win32.Morstar
28.57%

MicroWorld eScan
Gen:Variant.Application.Bundler.Kazy.132995
28.57%

Malwarebytes
PUP.Optional.Solimba
28.57%

NANO AntiVirus
Trojan.Win32.Morstar.dfgpsr
28.57%

Bitdefender
Gen:Variant.Application.Bundler.Kazy.132995
28.57%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.Kazy.132995
28.57%

F-Secure
Gen:Variant.Application.Bundler
28.57%

Avira AntiVirus
APPL/Firseria.Gen8
28.57%

G Data
Gen:Variant.Application.Bundler.Kazy.132995
28.57%

Vba32 AntiVirus
Downware.Morstar
28.57%

AVG
Adware BundleApp, Generic
28.57%

Panda Antivirus
Trj/CI.A
28.57%

The domain dl.filesfordownloadfaster.com has been seen to resolve to the following 6 IP addresses.

213.247.47.190
May 20, 2016

174.137.132.28
April 15, 2016

23.72.83.64
a23-72-83-64.deploy.static.akamaitechnologies.com
October 9, 2014

23.72.83.41
a23-72-83-41.deploy.static.akamaitechnologies.com
October 9, 2014

184.29.106.105
a184-29-106-105.deploy.static.akamaitechnologies.com
September 27, 2014

184.29.106.121
a184-29-106-121.deploy.static.akamaitechnologies.com
September 27, 2014

File downloads found at URLs served by dl.filesfordownloadfaster.com.

1 / 68      (Adware)
http://dl.filesfordownloadfaster.com/n/.../Governor of Poker 2.exe  (2feea8e9f78cb6d0eb59ee4bd0631a65)

1 / 68      (Adware)
http://dl.filesfordownloadfaster.com/n/.../File_installer.exe  (aae31457b6e32a2edb03d47ba96b2a3e)

1 / 68      (Adware)
http://dl.filesfordownloadfaster.com/n/3.1.22.18.6/.../FLV_Media_Player.exe  (05376f6d261a19e318cc4e12703314f7)

1 / 68      (Adware)
http://dl.filesfordownloadfaster.com/n/.../File_installer.exe  (19b993a76f1982721b2335ba170ccea6)

1 / 68      (Adware)
http://dl.filesfordownloadfaster.com/n/.../Skype.exe  (865b6085c6485b836eac655a2764db6a)

34 / 68    (Adware)
http://dl.filesfordownloadfaster.com/n/3.1.22.18.8/.../File_installer.exe  (c9a9c729a41ec5b57eddb045df613257)

31 / 68    (Adware)
http://dl.filesfordownloadfaster.com/n/.../File_installer.exe  (b5e2edcd3f02fd8df2fbc6adf74fdcb7)

34 / 68    (Adware)
http://dl.filesfordownloadfaster.com/n/.../File_installer.exe  (c9a9c729a41ec5b57eddb045df613257)

The following 17 files have been seen to comunicate with dl.filesfordownloadfaster.com in live environments.

TCP » 184.29.106.121:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.29.106.105:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.29.106.105:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.29.106.105:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.29.106.105:443
kometa.exe (Kometa by Kometa Authors)

TCP » 184.29.106.105:80
cfcdeaphhpbipfcpobifmeadpbleiadb.crx

TCP » 184.29.106.105:80
browser.exe (Browser)

TCP » 184.29.106.105:80
browser.exe (Browser)

TCP » 184.29.106.121:80
steamwebhelper.exe (Steam Client WebHelper by Valve)

TCP » 184.29.106.121:80
fnjpmnbpnljibbcnlfnjeeppahidinga.crx

TCP » 184.29.106.121:80
gdlnhhdbgjcpikdcdnllgdmlonnggaab.crx

TCP » 184.29.106.121:80
jchbdcffoghpjmpfpfaankhknjpblmah.crx

TCP » 184.29.106.121:80
pgdjjppiadpjedcjfeocfhapjlopahab.crx

TCP » 184.29.106.121:80
ggikiehlcplhnhalgenlcfgleocmjegk.crx

TCP » 184.29.106.121:80
mkleglchdkoipbckigmpmbajmlefofdg.crx

TCP » 184.29.106.121:80
Weather.exe (WeatherBug Desktop by AWS Convergence Technologies)

TCP » 23.72.83.41:80
plugin.exe

TCP » 23.72.83.41:80
plugin.exe

URL:
http://dl.filesfordownloadfaster.com/

Title:
“Loading”

Web server:
nginx/1.8.0

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.