home

s.bondemand-about.com

Client Connect Ltd.

Domain Information

The domain s.bondemand-about.com registered by Client Connect Ltd. was initially registered in October of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Tuesday, October 28, 2014

Expires date:
Monday, January 1, 2018

Updated date:
Tuesday, January 6, 2015

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Root domain:
bondemand-about.com

Whois:
1 bondemand-about.com record

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ClientConnect.R, PUP.ClientConnect.W, PUP.PaloAltoTechnologies.AA, PUP.Perion Partner, PUP.Bundler.Perion.Conduit, PUP.Perion Partner.PaloAltoTechnologies.Bundler (M), PUP.Perion.Bundler.Conduit (M), PUP.Perion Partner.PaloAlto.Bundler (M)
94.44%

Kaspersky
not-a-virus:WebToolbar.Win32.Agent
44.44%

Malwarebytes
PUP.Optional.ClientConnect
44.44%

K7 AntiVirus
Unwanted-Program
44.44%

NANO AntiVirus
Trojan.Win32.ClientConnect.deinfe
44.44%

AVG
Generic
44.44%

Qihoo 360 Security
HEUR/QVM30.1.Malware.Gen, Win32/Virus.WebToolbar.8f1
44.44%

ESET NOD32
Win32/ClientConnect.A potentially unwanted application, Win32/Toolbar.Conduit.AE potentially unwanted application
38.89%

Dr.Web
Adware.Conduit.87
22.22%

VIPRE Antivirus
Threat.4786236, Conduit
22.22%

G Data
Win32.Application.Agent.Q8NHSG, Win32.Application.Agent.YTLEKV, Win32.Application.ClientConnectConduitDL
22.22%

avast!
Adware-BRM [PUP]
11.11%

ESET NOD32
Win32/ClientConnect (variant)
5.56%

Lavasoft Ad-Aware
Application.Generic.1105675
5.56%

MicroWorld eScan
Application.Generic.1105675
5.56%

The domain s.bondemand-about.com has been seen to resolve to the following 25 IP addresses.

104.96.220.138
a104-96-220-138.deploy.static.akamaitechnologies.com
June 28, 2016

104.96.220.130
a104-96-220-130.deploy.static.akamaitechnologies.com
June 28, 2016

104.96.220.129
a104-96-220-129.deploy.static.akamaitechnologies.com
June 28, 2016

104.96.220.123
a104-96-220-123.deploy.static.akamaitechnologies.com
June 28, 2016

104.96.220.113
a104-96-220-113.deploy.static.akamaitechnologies.com
June 28, 2016

104.96.220.107
a104-96-220-107.deploy.static.akamaitechnologies.com
June 28, 2016

104.96.220.104
a104-96-220-104.deploy.static.akamaitechnologies.com
June 28, 2016

104.96.220.168
a104-96-220-168.deploy.static.akamaitechnologies.com
June 28, 2016

104.96.220.139
a104-96-220-139.deploy.static.akamaitechnologies.com
June 28, 2016

173.205.24.169
June 6, 2016

173.205.24.171
June 6, 2016

198.47.116.11
April 12, 2016

198.47.116.68
April 12, 2016

184.28.17.195
a184-28-17-195.deploy.static.akamaitechnologies.com
April 7, 2016

184.28.17.202
a184-28-17-202.deploy.static.akamaitechnologies.com
April 7, 2016

23.62.6.209
a23-62-6-209.deploy.static.akamaitechnologies.com
February 11, 2016

23.3.13.209
a23-3-13-209.deploy.static.akamaitechnologies.com
May 5, 2015

23.3.13.201
a23-3-13-201.deploy.static.akamaitechnologies.com
May 5, 2015

23.67.242.25
a23-67-242-25.deploy.static.akamaitechnologies.com
May 4, 2015

23.67.242.82
a23-67-242-82.deploy.static.akamaitechnologies.com
May 4, 2015

23.3.13.11
a23-3-13-11.deploy.static.akamaitechnologies.com
February 15, 2015

23.3.13.83
a23-3-13-83.deploy.static.akamaitechnologies.com
February 15, 2015

23.62.6.178
a23-62-6-178.deploy.static.akamaitechnologies.com
January 16, 2015

23.0.160.83
a23-0-160-83.deploy.static.akamaitechnologies.com
January 14, 2015

23.0.160.67
a23-0-160-67.deploy.static.akamaitechnologies.com
January 14, 2015

File downloads found at URLs served by s.bondemand-about.com.

1 / 68      (Adware)
http://s.bondemand-about.com/46/762/ct7625246/4b37799a353e4ab9bde54fced15e8909/Downloads/Prod/DDE1.4.0.5.150121.02/.../Firefox.exe  (firefox_tsv65hph9.exe)

8 / 68      (Adware)
http://s.bondemand-about.com/37/945/ct9451537/4550c470c9f54eff92e749351469c0a7/Downloads/Prod/DDE1.4.0.4.141214.03/.../Firefox.exe  (firefox_tsv4fzsm2.exe)

1 / 68      (Adware)
http://s.bondemand-about.com/10/757/ct7574910/699eaa7429654218b1a763d5e0d623b7/Downloads/Prod/DDE1.4.0.4.141214.03/.../Kies.exe  (kies_tsv650m0e.exe)

1 / 68      (Adware)
http://s.bondemand-about.com/60/479/ct4792460/6f13b11762b640a3aa1fea505860ea1a/Downloads/Prod/DDE1.4.0.5.150121.02/.../Microsoft_Security_Essentials.exe  (microsoft_security_essentials_tsv65gtp6.exe)

1 / 68      (Adware)
http://s.bondemand-about.com/37/945/ct9451537/4550c470c9f54eff92e749351469c0a7/Downloads/Prod/DDE1.4.0.4.141214.03/.../Firefox.exe  (firefox_tsv64pqka.exe)

1 / 68      (Adware)
http://s.bondemand-about.com/38/65/ct651238/0d4b22c9a5d24f8ca3723844d9071d0f/Downloads/Prod/DDE1.4.0.4.141207.02/.../Believe_in_Santa.exe  (believe_in_santa_tsa372tg9.exe)

1 / 68      (Adware)
http://s.bondemand-about.com/46/762/ct7625246/4b37799a353e4ab9bde54fced15e8909/Downloads/Prod/DDE1.4.0.5.150114.01/.../Firefox.exe  (firefox_tsv54i73e.exe)

1 / 68      (Adware)
http://s.bondemand-about.com/11/528/ct5288711/22eb0e464f5b480cb19271ce2275cabb/Downloads/Prod/DDE1.4.0.3.141127.02/.../Virtual_DJ.exe  (virtual_dj_tsa273zh1.exe)

1 / 68      (Adware)
http://s.bondemand-about.com/61/404/ct4044161/9a3f33be55a44ab78c848f599b4b062e/Downloads/Prod/DDE1.4.0.5.141225.03/.../Camfrog_Video_Chat.exe  (camfrog_video_chat_tsa37ye6t.exe)

1 / 68      (Adware)
http://s.bondemand-about.com/17/231/ct2310017/8a37058aedc447d19f00f13b76207e88/Downloads/Prod/DDE1.4.0.4.141214.03/.../Windows_Movie_Maker.exe  (windows_movie_maker_tsa1w2shr.exe)

13 / 68    (Adware)
http://s.bondemand-about.com/35/106/ct1061635/6a5a5935e4824a39b1bfd0f2474aa9ff/Downloads/Prod/DDE1.4.0.3.141127.02/.../WinZip.exe  (winzip_tsv53oqz4.exe)

9 / 68      (Adware)
http://s.bondemand-about.com/1/710/ct7104901/a8e6fbe675bf42e1ae033a65c478a7c9/Downloads/Prod/DDE1.4.0.5.150114.01/.../XBMC_Media_Center.exe  (xbmc_media_center_tsv3ga6z6.exe)

8 / 68      (Adware)
http://s.bondemand-about.com/80/16/ct162580/880ddfda718440f7a9ec21df1e6100db/Downloads/Prod/DDE1.4.0.4.141214.03/.../Windows_Defender.exe  (windows_defender_tsa37q9yi.exe)

12 / 68    (Adware)
http://s.bondemand-about.com/34/429/ct4290734/a80b03a8d5974ec5af3a9d3998d11ff9/Downloads/Prod/DDE1.4.0.4.141214.03/.../7Zip.exe  (7zip_tsv4fy2y5.exe)

2 / 68      (inconclusive)
http://s.bondemand-about.com/72/703/ct7037472/128a4140694b49d088109eab0d6dfd7a/Downloads/Prod/DDE1.4.0.5.150121.02/.../WinRAR.exe  (winrar_tsv4gegk8.exe)

12 / 68    (Adware)
http://s.bondemand-about.com/91/231/ct2315891/717be66cf5184960a763bff0d8edfa54/Downloads/Prod/DDE1.4.0.5.150121.02/.../Defraggler.exe  (defraggler_tsv4ggn2x.exe)

10 / 68    (Adware)
http://s.bondemand-about.com/63/275/ct2759763/4c7b7d53d0d7428eb95273b106ff3d3d/Downloads/Prod/DDE1.4.0.4.141207.02/.../Foxit_Reader.exe  (foxit_reader_tsv4fhok2.exe)

10 / 68    (Adware)
http://s.bondemand-about.com/32/695/ct6958032/adad1f249eb54d60a43a6cd126e75209/Downloads/Prod/DDE1.4.0.4.141214.03/.../Slender.exe  (slender_tsv53ykk2.exe)

The following 209 files have been seen to comunicate with s.bondemand-about.com in live environments.

TCP » 104.96.220.138:80
plugin.exe

TCP » 104.96.220.104:80
kometa.exe (Kometa by Kometa Authors)

TCP » 23.62.6.178:80
browser.exe (Browser)

TCP » 104.96.220.130:80
kometa.exe (Kometa by Kometa Authors)

TCP » 104.96.220.129:443
kometa.exe (Kometa by Kometa Authors)

TCP » 23.62.6.178:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.107:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.129:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.139:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.138:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.104:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.168:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.138:443
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 23.3.13.201:443
cpx.exe (Google Embedded Application)

TCP » 23.3.13.209:443
cpx.exe (Google Embedded Application)

TCP » 104.96.220.138:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.130:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.139:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.113:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.113:443
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 245 files

URL:
http://s.bondemand-about.com/

Web server:
Microsoft-IIS/8.5 (ASP.NET)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.