home

www.ifreedownloadss.com

Roberto G

Domain Information

The domain www.ifreedownloadss.com registered by Roberto G was initially registered in June of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Monday, June 3, 2013

Expires date:
Friday, June 3, 2016

Updated date:
Thursday, June 4, 2015

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Root domain:
ifreedownloadss.com

Whois:
3 ifreedownloadss.com records

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
(M), PUP.OUTBROWSE.F, PUP.OUTBROWSE.E, Threat.Win.Reputation.IMP, PUP.Air Software.AirSoftware.Bundler (M), PUP.OutBrowse (M), PUP.Outbrowse.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M)
65.00%

VIPRE Antivirus
Trojan.Win32.Generic, OutBrowse, Threat.4784459, Iminent
65.00%

Dr.Web
Adware.Conduit.13, Threat.Undefined, Adware.Downware.2081, Adware.Downware.1676, Adware.Conduit.14, Trojan.SMSSend.4860, Detection.Undefined
65.00%

K7 AntiVirus
Riskware , Trojan , Unwanted-Program
55.00%

Malwarebytes
PUP.Optional.Smart, PUP.Optional.OutBrowse, PUP.Optional.AirAdInstaller
55.00%

Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse, not-a-virus:AdWare.Win32.OutBrowse
55.00%

Sophos
Generic PUA NO, OutBrowse, OutBrowse Revenyou, AirInstaller, OutBrowse (PUA)
55.00%

NANO AntiVirus
Trojan.Win32.OutBrowse.crkqqe, Trojan.Win32.OutBrowse.csrlza, Trojan.Win32.OutBrowse.deioif, Trojan.Win32.OutBrowse.cxaakt
50.00%

AVG
MalSign.OutBrowse, Generic, Downloader
50.00%

Fortinet FortiGate
W32/AdkDLLWrapper.A, Riskware/NSIS_OutBrowse
45.00%

McAfee
RDN/Generic PUP.x!bpz, Artemis!48EF1F0D650E, Artemis!1620BF10C00C, Adware-OutBrowse.a, RDN/Generic PUP.x!bp3, Program.Adware-OutBrowse, RDN/Generic PUP.x!br3, Artemis!A988B56FEAD1
45.00%

Comodo Security
Application.Win32.OutBrowse.~B, Application.Win32.OutBrowse.~A, Application.Win32.AirAdInstaller.B
45.00%

Vba32 AntiVirus
Downloader.OutBrowse, AdWare.AirAdInstaller
45.00%

Agnitum Outpost
PUA.OutBrowse
40.00%

Baidu Antivirus
HackTool.Win32.OutBrowse, Trojan.Win32.OutBrowse, PUA.Win32.OutBrowse
40.00%

The domain www.ifreedownloadss.com has been seen to resolve to the following 2 IP addresses.

50.63.202.61
ip-50-63-202-61.ip.secureserver.net
June 21, 2016

85.25.2.15
charlie208.startdedicated.com
March 20, 2014

File downloads found at URLs served by www.ifreedownloadss.com.

1 / 68      (Adware)
http://www.ifreedownloadss.com/.../winrar.exe  (setup.exe)

21 / 68    (PUP)
http://www.ifreedownloadss.com/.../download.php?id=53141e0eb41ec&i=adus2  (frostwire.exe)

2 / 68      (Malware)
http://www.ifreedownloadss.com/.../download.php?id=52e1e29f61055&i=us  (Minecraft.exe)

33 / 68    (PUP)
http://www.ifreedownloadss.com/.../download.php?id=52ec38745b90d&i=uk  (opera.exe)

2 / 68      (PUP)
http://www.ifreedownloadss.com/.../download.php?id=532f1405a623a&i=us  (winrar.exe)

21 / 68    (PUP)
http://www.ifreedownloadss.com/.../download.php?id=52db488c0c76a&i=adus3  (spybot.exe)

1 / 68      (Adware)
http://www.ifreedownloadss.com/.../download.php?id=5266c0682ac9a&i=all  (winrar.exe)

1 / 68      (Adware)
http://www.ifreedownloadss.com/.../download.php?id=5362e26dacf08&i=adus3  (microsoft office.exe)

4 / 68      (PUP)
http://www.ifreedownloadss.com/.../download2.php?id=5338a7b5e6dc5&i=us  (minecraft.exe)

20 / 68    (PUP)
http://www.ifreedownloadss.com/.../download.php?id=52f3dabc29188&i=adus3  (skype.exe)

4 / 68      (PUP)
http://www.ifreedownloadss.com/.../download2.php?id=5363229dc9026&i=us  (minecraft.exe)

1 / 68      (Adware)
http://www.ifreedownloadss.com/.../download.php?id=52437741b17be&i=us  (setup.exe)

29 / 68    (PUP)
http://www.ifreedownloadss.com/.../download.php?id=52d5c6749ac1e&i=us  ({4c2dd851-03ca-4890-a52d-d3a7ed8d3ba5})

20 / 68    (PUP)
http://www.ifreedownloadss.com/.../download.php?id=531678fc80756&i=adus3  (skype.exe)

12 / 68    (PUP)
http://www.ifreedownloadss.com/.../avg.exe  (8a0e0fa416bd500522d0a6e40355b4e7)

28 / 68    (PUP)
http://www.ifreedownloadss.com/download/.../hitmanpro.exe  (72cafd475c826bc349db920b3422142a)

20 / 68    (PUP)
http://www.ifreedownloadss.com/.../download.php?id=530a9b8da7ad0&i=adus2  (skype.exe)

13 / 68    (Adware)
http://www.ifreedownloadss.com/.../download.php?id=540f7397c437b&i=ica  (word.exe)

28 / 68    (PUP)
http://www.ifreedownloadss.com/.../download.php?id=5424c89d20ae0&i=us  (hitmanpro.exe)

11 / 68    (Adware)
http://www.ifreedownloadss.com/.../download.php?id=53aa064317e6e&i=us  (skype.exe)

26 / 68    (PUP)
http://www.ifreedownloadss.com/.../download.php?id=532b59cfdb5bd&i=adus2  (office.exe)

4 / 68
http://www.ifreedownloadss.com/.../utorrent.exe  (3f3d0c24710b7731c9ed258048cbf5de)

4 / 68
http://www.ifreedownloadss.com/.../download.php?id=52e24c3927406&i=aus  (uTorrent.exe)

23 / 68    (PUP)
http://www.ifreedownloadss.com/.../download.php?id=532b0f7a3f3ee&i=us  (winrar.exe)

The following 64 files have been seen to comunicate with www.ifreedownloadss.com in live environments.

TCP » 50.63.202.61:80
googleupdate.exe13d7b73 (globalUpdate Update by globalUpdate)

TCP » 50.63.202.61:80
75f7b4c4-185e-480b-938c-ce312e4a0a79-5.exe (iWebar by Webby)

TCP » 50.63.202.61:80
9345bae9-73a7-4f39-88aa-c3295fb5be4a-1-7.exe (enterprise 1.1 by Marketi)

TCP » 50.63.202.61:80
9d20d7b1-aa67-46c4-b0ce-8fba22c3e101-1-7.exe (CinemaP-1.8cV17.02 by Cinema PlusV17.02)

TCP » 50.63.202.61:80
ftdownloader v4.0-bg.exe (FTdownloader V4.0 by installdaddy)

TCP » 50.63.202.61:80
209c5014-1086-45c0-8f72-064ed431e84e-5.exe (Cinema Video 1.8V21.02 by Cinema VideoV21.02)

TCP » 50.63.202.61:80
eace78ea-f050-4b94-b6b3-fb9f1bbdedbe-1-7.exe (HQCinema Pro 2.1V18.02 by HQ CinemaV18.02)

TCP » 50.63.202.61:80
209c5014-1086-45c0-8f72-064ed431e84e-7.exe (Cinema Video 1.8V21.02 by Cinema VideoV21.02)

TCP » 50.63.202.61:80
14461aef-68e4-4032-ae9b-7721305a6ad5-1-7.exe (SavePass 1.1 by OB)

TCP » 50.63.202.61:80
2316a295-f6e0-4244-b2c5-be00ea8462e8-7.exe (GoHD by InstallMoon)

TCP » 50.63.202.61:80
2caa1bb6-c9da-4405-96f8-1ac17aee8b45-5.exe (CinemaP-1.8cV21.02 by Cinema PlusV21.02)

TCP » 50.63.202.61:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.63.202.61:80
online-guardian-v2.0.9.exe

TCP » 50.63.202.61:80
ecccc5c8-6acd-4d22-b47d-a99949d0dc28-10.exe (I - Cinema by iCinema)

TCP » 50.63.202.61:80
ecccc5c8-6acd-4d22-b47d-a99949d0dc28-4.exe (I - Cinema by iCinema)

TCP » 50.63.202.61:80
a5719f02-6eb1-4ac6-a38b-3cb3fd43a38d-5.exe (winservice86 by Corporate Inc)

TCP » 50.63.202.61:80
bafb648d-9f78-43bb-b231-20f8a5288d08-1-7.exe (iWebar by Webby)

TCP » 50.63.202.61:80
5f7f0629-2a6b-49b1-bd91-e37d0c5bf78d-1-7.exe (GoHD by InstallMoon)

TCP » 50.63.202.61:80
47e26a51-313e-4f6e-bfba-76003377a4c5-1-7.exe (I - Cinema by DiscountFrenzy)

TCP » 50.63.202.61:80
5f7f0629-2a6b-49b1-bd91-e37d0c5bf78d-5.exe (GoHD by InstallMoon)

 
Latest 20 of 64 files

URL:
http://www.ifreedownloadss.com/

Web server:
Apache (PleskLin)

0114app.info

0121g.info

0122b.info

0125d.info

buremery.com

ddl1001.info

downloadnet.org

downloadtorch.com

keyprobox.com

luckready.com

m-mobogenie.co

madinaplus.me

micloud.solutions

oatcard.com

online2videopctools.com

papyon.co

postsabai.info

renaissancerun.info

rowcard.com

seemsready.com

softohqimjjedf0jq.net

softwareupdateallversionsdriversandsettings.com

tinyboxarcade.com

top-arama.com

topfiles.me

warehomepage.info

1freedown.com

free-downloadss.com

freesoftwaren.com

ifreeupdates.com

30 of 31 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.