home

ballerdownload.com

Contact Privacy Inc. Customer 0135242621  (Proxy Registrant)

Domain Information

The domain ballerdownload.com is registered by proxy through TUCOWS DOMAINS INC. and was originally registered in July of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
TUCOWS DOMAINS INC.

Server location:
Virginia, United States (US)

Create date:
Wednesday, July 31, 2013

Expires date:
Sunday, July 31, 2016

Updated date:
Friday, August 7, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Whois:
2 ballerdownload.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ComputeClient.V, PUP.Installer.ComputeClient.F, PUP.Adknowledge.BootCompute.Bundler (M)
100.00%

VIPRE Antivirus
Threat.4778314
100.00%

avast!
Win32:Adware-gen [Adw], Win32:PUP-gen [PUP]
100.00%

Comodo Security
Application.Win32.AgentCV.HWYE
100.00%

Avira AntiVirus
ADWARE/iBryte.Gen7, TR/Kazy.439479.2
100.00%

G Data
Win32.Adware.Ibryte, Gen:Variant.Kazy.439479
100.00%

AVG
Adware AdPlugin, Adware AdPlugin.BBY
100.00%

Malwarebytes
PUP.Optional.Ibryte, PUP.Optional.GigaClicks.A
100.00%

K7 AntiVirus
Unwanted-Program , Riskware
100.00%

Panda Antivirus
Trj/Genetic.gen
100.00%

NANO AntiVirus
Riskware.Win32.IBryte.dfecyj, Trojan.Win32.Adpeak.cumkpw
100.00%

ESET NOD32
Win32/AdWare.iBryte.BG application, Win32/AdWare.iBryte.BH application
66.67%

MicroWorld eScan
Gen:Variant.Kazy.439479
66.67%

Bitdefender
Gen:Variant.Kazy.439479
66.67%

Emsisoft Anti-Malware
Gen:Variant.Kazy.439479
66.67%

The domain ballerdownload.com has been seen to resolve to the following 2 IP addresses.

52.20.182.179
ec2-52-20-182-179.compute-1.amazonaws.com
January 3, 2016

50.16.246.149
ec2-50-16-246-149.compute-1.amazonaws.com
September 18, 2014

File downloads found at URLs served by ballerdownload.com.

39 / 68    (Adware)
http://ballerdownload.com/track/install?subid=software&subid2=minecraft.novaskin.me&source=google_7zip-display-text-us-56329355773&adprovider=google_ballerdownload.com&gclid=CJrKm6LHucACFehaMgodcR8A7A&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (6fc7337dcc82e59e84b5bf986589f646)

40 / 68    (Adware)
http://ballerdownload.com/track/install?subid=free software&subid2=www.filehippo.com&source=google_fileopenerpro-display-text-us-57572098933&adprovider=google_ballerdownload.com&gclid=CJr_88Gm7MACFSbl7Aod0zMAYg&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (9e350515d2ad7413c318344e25e2af56)

13 / 68    (Adware)
http://ballerdownload.com/track/install?subid=download internet explorer&subid2=www.filehippo.com&source=google_fileopenerpro-display-text-us-57572098933&adprovider=google_ballerdownload.com&gclid=CK205dGd4sACFU9k7AoddVgAvA&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (ccleaner sept. 14-2014.exe)

URL:
http://ballerdownload.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Microsoft-IIS/8.5 (ASP.NET) (Version: 4.0.30319)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.