home

download.cdn.expresdownload.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain download.cdn.expresdownload.com is registered by proxy through GODADDY.COM, LLC and was originally registered in October of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the nLayer Communications Internal/Backbone network.
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Wednesday, October 9, 2013

Expires date:
Monday, October 9, 2017

Updated date:
Wednesday, September 9, 2015

ASN:
AS4436 AS-GTT-4436 - nLayer Communications, Inc.,US

Root domain:
expresdownload.com

Whois:
3 expresdownload.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.BandooMedia.V, PUP.Optional.Installer.W, PUP.Bandoo.BandooMe.Installer (M)
100.00%

Malwarebytes
PUP.Optional.Bandoo
80.00%

ESET NOD32
Win32/iLivid (variant)
80.00%

Trend Micro House Call
TROJ_GEN.F47V0219, Suspicious_GEN.F47V0731
60.00%

Dr.Web
Adware.Bandoo.13
60.00%

AVG
MalSign.Generic
60.00%

VIPRE Antivirus
iLivid
60.00%

Baidu Antivirus
Adware.Win32.iLivid
60.00%

IKARUS anti.virus
PUA.SearchSuite
60.00%

Kaspersky
not-a-virus:WebToolbar.Win64.SearchSuite
40.00%

McAfee
Artemis!875998794E2E, Artemis!F461DB6FE8FE
40.00%

Comodo Security
Application.Win32.iLivid.~A
20.00%

Fortinet FortiGate
Riskware/ILivid
20.00%

XVirus List
Win.Detected
20.00%

avast!
Win32:Malware-gen
20.00%

The domain download.cdn.expresdownload.com has been seen to resolve to the following 20 IP addresses.

104.96.221.83
a104-96-221-83.deploy.static.akamaitechnologies.com
August 6, 2016

104.96.221.91
a104-96-221-91.deploy.static.akamaitechnologies.com
August 6, 2016

23.67.250.113
a23-67-250-113.deploy.static.akamaitechnologies.com
May 4, 2015

23.67.250.104
a23-67-250-104.deploy.static.akamaitechnologies.com
May 4, 2015

96.6.113.56
a96-6-113-56.deploy.akamaitechnologies.com
May 3, 2015

96.6.113.128
a96-6-113-128.deploy.akamaitechnologies.com
May 3, 2015

184.29.106.34
a184-29-106-34.deploy.static.akamaitechnologies.com
April 9, 2015

184.29.106.72
a184-29-106-72.deploy.static.akamaitechnologies.com
April 9, 2015

23.62.7.11
a23-62-7-11.deploy.static.akamaitechnologies.com
December 1, 2014

23.62.7.32
a23-62-7-32.deploy.static.akamaitechnologies.com
December 1, 2014

23.62.6.65
a23-62-6-65.deploy.static.akamaitechnologies.com
September 7, 2014

23.62.6.88
a23-62-6-88.deploy.static.akamaitechnologies.com
September 7, 2014

69.31.29.231
ip-69-31-29-231.nlayer.net
September 7, 2014

69.31.29.236
ip-69-31-29-236.nlayer.net
September 7, 2014

184.51.126.57
a184-51-126-57.deploy.static.akamaitechnologies.com
September 6, 2014

184.51.126.66
a184-51-126-66.deploy.static.akamaitechnologies.com
September 6, 2014

23.0.160.33
a23-0-160-33.deploy.static.akamaitechnologies.com
September 6, 2014

23.0.160.49
a23-0-160-49.deploy.static.akamaitechnologies.com
September 6, 2014

23.67.242.73
a23-67-242-73.deploy.static.akamaitechnologies.com
August 13, 2014

23.67.242.35
a23-67-242-35.deploy.static.akamaitechnologies.com
August 13, 2014

File downloads found at URLs served by download.cdn.expresdownload.com.

1 / 68      (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1478-n-bi.exe  (b712ad3bd2ffe3962f3ac19f3b0452aa)

10 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r742-n-bi.exe  (ilividsetup-r2156-n-bi.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1227-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1572-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

9 / 68      (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1441-n-bc.exe  (ilividsetup-r725-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1928-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1720-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1723-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r157-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r725-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

8 / 68      (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1720-n-bc.exe  (ilividsetup-r1734-n-bc.exe)

8 / 68      (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1779-n-bc.exe  (ilividsetup-r1734-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1796-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

8 / 68      (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1915-n-bc.exe  (ilividsetup-r1734-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r266-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1555-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1634-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1722-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r484-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r706-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1250-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

13 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r2154-n-bc.exe  (ilividsetup-r1799-n-bc.exe)

10 / 68    (PUP)
http://download.cdn.expresdownload.com/cdn/r/.../iLividSetup-r1386-n-bi.exe  (ilividsetup-r2156-n-bi.exe)

The following 137 files have been seen to comunicate with download.cdn.expresdownload.com in live environments.

TCP » 104.96.221.83:80
browser.exe (Browser)

TCP » 23.67.250.113:80
dailywiki.exe

TCP » 184.29.106.34:80
browser.exe (Browser)

TCP » 184.51.126.66:443
citrio.exe (Citrio by CatalinaGroup)

TCP » 184.29.106.34:80
apptrailers.exe

TCP » 184.51.126.57:80
apptrailers.exe

TCP » 104.96.221.83:80
dohbifempcedgcdejflmjmdgaidamjli.crx

TCP » 104.96.221.83:80
hhilmhncbjigfhmipgedaindfhhgfngg.crx

TCP » 104.96.221.83:80
ibcpghbggehfodnapmcddffmnamgijhe.crx

TCP » 104.96.221.83:80
download_turbotax_deluxe_fed_state_2016_windows.exe (Download Assistant by arvato digital services llc)

TCP » 184.29.106.34:80
BrowserSafer.exe (BrowserSafer by Installer Technology Co)

TCP » 184.29.106.34:80
client.exe

TCP » 184.29.106.34:80
apptrailers.exe

TCP » 184.51.126.57:80
internetport3.exe (internetport3)

TCP » 184.51.126.57:80
jneamcfafbbdoemallgnfkjladpihmea.crx

TCP » 184.51.126.57:80
ddikbidhdbpchpgmjjcfadbgokjnbjik.crx

TCP » 184.51.126.57:80
hjleecbcafkddaanpcnfkffopdhbokko.crx

TCP » 184.51.126.57:80
hhilmhncbjigfhmipgedaindfhhgfngg.crx

TCP » 184.51.126.57:80
hhilmhncbjigfhmipgedaindfhhgfngg.crx

TCP » 184.51.126.66:80
fpnnogogihegcbpaodbnepofjfiepfcb.crx

 
Latest 20 of 140 files

URL:
http://download.cdn.expresdownload.com/

Web server:
AkamaiGHost

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.