home

ot.track.424odd.com

German Castillo

Domain Information

The domain ot.track.424odd.com registered by German Castillo was initially registered in July of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Wednesday, July 30, 2014

Expires date:
Saturday, July 30, 2016

Updated date:
Friday, July 31, 2015

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Root domain:
424odd.com

Whois:
1 424odd.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Solimba.PopelerSystemsl.Installer (M), PUP.Solimba.PopelerS.Installer (M)
100.00%

Dr.Web
Trojan.DownLoader11.24441
71.43%

VIPRE Antivirus
Threat.4150696
71.43%

avast!
Win32:Trojan-gen
71.43%

MicroWorld eScan
Application.Bundler.BM
71.43%

Malwarebytes
PUP.Optional.Popeler
71.43%

K7 AntiVirus
Unwanted-Program
71.43%

Agnitum Outpost
PUA.Solimba
71.43%

Bitdefender
Application.Bundler.BM
71.43%

Lavasoft Ad-Aware
Application.Bundler.BM
71.43%

Comodo Security
Application.Win32.Firseria.MAP
71.43%

F-Secure
Application.Bundler.BM
71.43%

Avira AntiVirus
APPL/Firseria.Gen8
71.43%

Sophos
Solimba Installer
71.43%

G Data
Application.Bundler.BM
71.43%

The domain ot.track.424odd.com has been seen to resolve to the following IP address.

184.168.221.32
ip-184-168-221-32.ip.secureserver.net
July 10, 2016

File downloads found at URLs served by ot.track.424odd.com.

1 / 68      (Adware)
http://ot.track.424odd.com/d/.../6796828437  (flashplayer.exe)

1 / 68      (Adware)
http://ot.track.424odd.com/d/.../6959701246  (flashplayer.exe)

39 / 68    (Adware)
http://ot.track.424odd.com/d/.../6884086658  (flashplayer.exe)

39 / 68    (Adware)
http://ot.track.424odd.com/d/.../6798372957  (flashplayer.exe)

39 / 68    (Adware)
http://ot.track.424odd.com/d/.../6796778752  (flashplayer.exe)

39 / 68    (Adware)
http://ot.track.424odd.com/d/.../6796689071  (flashplayer.exe)

39 / 68    (Adware)
http://ot.track.424odd.com/d/.../6796687640  (flashplayer.exe)

The following 49 files have been seen to comunicate with ot.track.424odd.com in live environments.

TCP » 184.168.221.32:80
googleupdate.exe13d7b73 (globalUpdate Update by globalUpdate)

TCP » 184.168.221.32:80
53431e5d-123a-4132-929f-edd70094c003-5.exe (Sense by Object Browser)

TCP » 184.168.221.32:80
111d40f8-4a7e-41e8-89c6-9280f3bbdccc-5.exe (Ge-Force by iWebar)

TCP » 184.168.221.32:80
3b0963c3-f34e-4ea1-b698-b22e42d44528-10.exe (MediaPlayersvideos 1.1 by Enter)

TCP » 184.168.221.32:80
199a15b42c3bcdccaf79bb920057390f5de049fcf37ab82699bb0ec62cd855e4 (I - Cinema by DiscountFrenzy)

TCP » 184.168.221.32:80
ddc263de-b91b-4f7b-9315-f0b9ef68a3a0-5.exe (GoHD by InstallMoon)

TCP » 184.168.221.32:80
53431e5d-123a-4132-929f-edd70094c003-4.exe (Sense by Object Browser)

TCP » 184.168.221.32:80
fe0aba47-b5bc-435c-8c40-10352fa23d1b-5.exe (HD-Quality-1.1V02.12 by HD-QualityV02.12)

TCP » 184.168.221.32:80
132fb973-4298-4853-a196-f2c937c3c504-5.exe (HQ-Video-Pro-2.1cV02.12 by HQ-VideoV02.12)

TCP » 184.168.221.32:80
sexymligofpe.exe

TCP » 184.168.221.32:80
app lid-codedownloader.exe (App Lid by Lid)

TCP » 184.168.221.32:80
5c9d1a28-82c6-4b06-9649-83cc90f16ffe-5.exe (HQ-VidPro-2.5cV04.12 by HQ-Video2.5dV04.12)

TCP » 184.168.221.32:80
57718c3a-e93d-4413-b4fd-f9d6d46e78d3-5.exe (TheTorntvs V10 1.1 - by no)

TCP » 184.168.221.32:25
sexymligofpe.exe

TCP » 184.168.221.32:80
b157cc16-2c62-4e68-8e21-75b6d6ed8111-5.exe (Object Browser)

TCP » 184.168.221.32:80
c6576ccf-ef1b-42f7-aaf1-49268a4dbfba-2.exe (App Lid by Lid)

TCP » 184.168.221.32:80
fe0aba47-b5bc-435c-8c40-10352fa23d1b-7.exe (HD-Quality-1.1V02.12 by HD-QualityV02.12)

TCP » 184.168.221.32:80
34f10d8a-b8ba-4bec-bae2-1dd6495b7ae3-5.exe (Internet Speed Checker by Speedchecker)

TCP » 184.168.221.32:80
3b1819cd61fb94db4848bf3096c646eed94904aa3e125c986384ebc3dbf78159 (I - Cinema by DiscountFrenzy)

TCP » 184.168.221.32:80
111d40f8-4a7e-41e8-89c6-9280f3bbdccc-7.exe (Ge-Force by iWebar)

 
Latest 20 of 52 files

0106solutions.info

0111life.info

0122d.info

acceptready.com

advinapps.com

aviatorbrowser.com

chipcalculator.info

comcircuit.info

computedomain.info

computerresearch.info

down1213tech.info

down9876group.info

downloadchip.info

exfilesdesk.com

file16desktop.com

file26desktop.com

fourthdownmanage.com

freevidlogger.com

greencastlecomponent.info

knowledgeinternet.info

mattjrosenberg.com

menuspeech.info

napbestfiles.com

oathready.com

pagedigital.info

pchealth.co

rampgoing.com

softworldfiles.com

technologyschema.info

unfriendu.com

30 of 37 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.