home

files4.downloadnet276.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain files4.downloadnet276.com is registered by proxy through GODADDY.COM, LLC and was originally registered in November of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Monday, November 16, 2015

Expires date:
Wednesday, November 16, 2016

Updated date:
Monday, November 16, 2015

ASN:
AS26769 BANDCON - Bandcon,US

Root domain:
downloadnet276.com

Whois:
1 downloadnet276.com record

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.DownloadAdmin.FastDownloaderMedia.Installer (M), PUP.DownloadAdmin.RazorEdgeMedia.Installer (M), PUP.Adware.DownloadAdmin.Installer (M), PUP.TomorrowSoftware.SpiralMedia.Bundler (M), PUP.DownloadAdmin.FastDown.Installer (M), PUP.DownloadAdmin.SuperCli (M)
92.31%

F-Secure
Application:W32/Generic.70053c248f!Online, Riskware.Gen:Variant.Application.Bundler
23.08%

VIPRE Antivirus
Threat.4150696, DownloadAdmin
23.08%

avast!
Win32:Malware-gen
15.38%

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.DownloadAdmin
15.38%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.DownloadAdmin.4
15.38%

ESET NOD32
Win32/DownloadAdmin.P potentially unwanted application
15.38%

Norman
Gen:Variant.Application.Bundler.DownloadAdmin.4
15.38%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
7.69%

MicroWorld eScan
Gen:Variant.Application.Bundler.DownloadAdmin.4
7.69%

Bitdefender
Gen:Variant.Application.Bundler.DownloadAdmin.4
7.69%

Comodo Security
Application.Win32.DownloadAdmin.P
7.69%

G Data
Gen:Variant.Application.Bundler.DownloadAdmin
7.69%

Rising Antivirus
PE:Adware.DownloadAdmin!1.A243 [F]
7.69%

IKARUS anti.virus
PUA.DownloadAdmin
7.69%

The domain files4.downloadnet276.com has been seen to resolve to the following 79 IP addresses.

104.96.221.112
a104-96-221-112.deploy.static.akamaitechnologies.com
August 28, 2016

104.96.220.226
a104-96-220-226.deploy.static.akamaitechnologies.com
June 7, 2016

104.96.220.216
a104-96-220-216.deploy.static.akamaitechnologies.com
June 7, 2016

23.220.148.41
a23-220-148-41.deploy.static.akamaitechnologies.com
June 7, 2016

23.220.148.11
a23-220-148-11.deploy.static.akamaitechnologies.com
June 7, 2016

23.62.6.91
a23-62-6-91.deploy.static.akamaitechnologies.com
May 26, 2016

23.62.6.74
a23-62-6-74.deploy.static.akamaitechnologies.com
May 26, 2016

104.112.235.19
a104-112-235-19.deploy.static.akamaitechnologies.com
May 20, 2016

104.96.220.233
a104-96-220-233.deploy.static.akamaitechnologies.com
May 20, 2016

65.158.47.25
May 16, 2016

65.158.47.43
May 16, 2016

104.96.221.91
a104-96-221-91.deploy.static.akamaitechnologies.com
May 15, 2016

104.96.221.98
a104-96-221-98.deploy.static.akamaitechnologies.com
May 15, 2016

23.15.9.58
a23-15-9-58.deploy.static.akamaitechnologies.com
April 19, 2016

23.15.9.18
a23-15-9-18.deploy.static.akamaitechnologies.com
April 19, 2016

23.0.160.59
a23-0-160-59.deploy.static.akamaitechnologies.com
April 15, 2016

23.0.160.51
a23-0-160-51.deploy.static.akamaitechnologies.com
April 15, 2016

23.0.160.17
a23-0-160-17.deploy.static.akamaitechnologies.com
April 15, 2016

23.0.160.16
a23-0-160-16.deploy.static.akamaitechnologies.com
April 15, 2016

23.0.160.83
a23-0-160-83.deploy.static.akamaitechnologies.com
April 15, 2016

23.0.160.75
a23-0-160-75.deploy.static.akamaitechnologies.com
April 15, 2016

23.0.160.67
a23-0-160-67.deploy.static.akamaitechnologies.com
April 15, 2016

23.0.160.64
a23-0-160-64.deploy.static.akamaitechnologies.com
April 15, 2016

23.15.7.136
a23-15-7-136.deploy.static.akamaitechnologies.com
April 13, 2016

23.220.148.17
a23-220-148-17.deploy.static.akamaitechnologies.com
April 12, 2016

65.158.47.154
April 10, 2016

65.158.47.131
April 10, 2016

184.51.126.64
a184-51-126-64.deploy.static.akamaitechnologies.com
March 4, 2016

23.15.7.97
a23-15-7-97.deploy.static.akamaitechnologies.com
February 28, 2016

23.0.160.89
a23-0-160-89.deploy.static.akamaitechnologies.com
February 28, 2016

 
Showing 30 of 79 IP Addresses

File downloads found at URLs served by files4.downloadnet276.com.

1 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/1195659/.../?bc=1195659&checksum=696469&cb=-2185162&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=-1697106061&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

1 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/669005/.../?bc=669005&checksum=1378359&cb=-1264678746&usefilename=true&executableroutePath=1203285&stub=true  (minecraft_1254-461441.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=2010044326&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/1195659/.../?bc=1195659&checksum=696645&cb=-1664248612&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=-471990947&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

1 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696469&cb=-1000209830&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=1997418784&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

2 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/1107106/.../?bc=1107106&checksum=773545&cb=2022105619&usefilename=true&executableroutePath=1202171&stub=true  (the-sims-freeplay_setup-118629151.exe)

2 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/1195659/.../?bc=1195659&checksum=696645&cb=-1163756124&usefilename=true&executableroutePath=1202171&stub=true  (the-sims-freeplay_setup-118629151.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=1020287239&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

1 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696469&cb=-969299229&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/1195659/.../?bc=1195659&checksum=696645&cb=2119652833&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

1 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=791527&cb=896536410&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

2 / 68      (false positives)
http://files4.downloadnet276.com/dl-pure/1097324/.../?bc=1097324&checksum=817931&cb=-1834792717&executable=1197357  (wrar420.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=-204356627&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=1463960987&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=493559574&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=-219493116&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

18 / 68    (PUP)
http://files4.downloadnet276.com/dl-pure/1195659/.../?bc=1195659&checksum=698959&cb=-126049302&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

1 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/1201185/.../?bc=1201185&checksum=59534341&cb=-752858069&executable=1200659  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=1201836768&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

1 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696469&cb=1263453308&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=-286623120&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

1 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696469&cb=558030241&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=-523919933&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=587421348&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=-1954869729  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=-555575464&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

8 / 68      (PUP)
http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=696645&cb=-1924452932&executable=1197345  (minecraftfreedownloadsuscom-setup.exe)

 
Latest 30 of 181 download URLs

The following 623 files have been seen to comunicate with files4.downloadnet276.com in live environments.

TCP » 104.112.235.19:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 184.51.126.50:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.104:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.90:443
kometa.exe (Kometa by Kometa Authors)

TCP » 184.51.126.49:80
updateadmin.exe

TCP » 184.51.126.83:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.104:80
plugin.exe

TCP » 184.51.126.105:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.49:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.90:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.105:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.105:443
citrio.exe (Citrio by CatalinaGroup)

TCP » 184.51.126.83:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.90:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 23.15.9.18:80
browser.exe (Browser)

TCP » 184.51.126.105:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.50:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.56:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.83:443
messengertime.exe

TCP » 184.51.126.104:443
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 705 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.