download.safefiles2.com

A HAPPY DREAMHOST CUSTOMER

Domain Information

The domain download.safefiles2.com registered by A HAPPY DREAMHOST CUSTOMER was initially registered in November of 2013 through DREAMHOST, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
DREAMHOST, LLC

Server location:
Virginia, United States (US)

Create date:
Monday, November 25, 2013

Expires date:
Tuesday, November 25, 2014

Updated date:
Monday, November 25, 2013

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

McAfee
Artemis!C70F4AFF759A
100.00%

Malwarebytes
PUP.Optional.InstallIQ
100.00%

NANO AntiVirus
Riskware.Win32.Searcher.cjaztx
100.00%

Trend Micro House Call
TROJ_GEN.F47V1209
100.00%

avast!
Win32:Malware-gen
100.00%

Comodo Security
Application.Win32.InstallIQ.B
100.00%

VIPRE Antivirus
InstallIQ Installer
100.00%

Avira AntiVirus
TR/Agent.1632336.1
100.00%

ESET NOD32
Win32/InstallIQ (variant)
100.00%

Rising Antivirus
PE:PUF.InstallIQ!1.9E4F
100.00%

IKARUS anti.virus
Virus.Win32.Heur
100.00%

AVG
MalSign.InstallX
100.00%

Reason Heuristics
PUP.Installer.InstallX.O
100.00%

The domain download.safefiles2.com has been seen to resolve to the following 8 IP addresses.

server-216-137-33-231.iad2.r.cloudfront.net
October 24, 2014

server-216-137-33-73.iad2.r.cloudfront.net
October 24, 2014

server-54-230-102-251.iad2.r.cloudfront.net
October 24, 2014

server-54-230-100-140.iad2.r.cloudfront.net
October 24, 2014

server-54-230-100-36.iad2.r.cloudfront.net
October 24, 2014

server-54-192-101-114.iad2.r.cloudfront.net
October 24, 2014

server-54-192-101-100.iad2.r.cloudfront.net
October 24, 2014

server-54-192-101-98.iad2.r.cloudfront.net
October 24, 2014

File downloads found at URLs served by download.safefiles2.com.

13 / 68    (Adware)
http://download.safefiles2.com/pdf_14342_2511.exe  (c70f4aff759ac88ce07fbfa827ed49fa)

URL:
http://download.safefiles2.com/

Network:
Amazon Cloudfront

Web server:
AmazonS3