down6.youtubemusicdownloader.us

software

Domain Information

The domain down6.youtubemusicdownloader.us registered by software was initially registered in November of 2010 through Name.com. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
Name.com

Server location:
Virginia, United States (US)

Create date:
Monday, November 22, 2010

Expires date:
Monday, November 21, 2016

Updated date:
Friday, October 30, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bundler.SuZhouMo.Installer.Meta (M), PUP.Bundler.SuZhouMorningSunInformationTechnology.Installer.Meta (M), PUP.ShiningMorning.YTD (L), Adware.Downloader (M)
89.74%

K7 AntiVirus
Unwanted-Program
38.46%

SUPERAntiSpyware
PUP.OpenCandy/Variant
33.33%

IKARUS anti.virus
AdWare.Win32.OpenCandy, PUA.VisualProtect
30.77%

ESET NOD32
Win32/OpenCandy.A potentially unsafe application
17.95%

Dr.Web
Threat.Undefined, Adware.OpenCandy.115
17.95%

NANO AntiVirus
Riskware.Win32.OpenCandy.dyofpx
15.38%

Avira AntiVirus
PUA/OpenCandy.Gen
15.38%

G Data
Win32.Application.OpenCandy
15.38%

AVG
OpenCandy
15.38%

Malwarebytes
PUP.Optional.OpenCandy
15.38%

Rising Antivirus
PE:Trojan.Win32.SpeedingUpMyPC.a!1075357520, PE:Trojan.Win32.FakeAV.bsj!1075358218
12.82%

Sophos
PUA 'OpenCandy'
10.26%

F-Prot
W32/OpenCandy.A.gen
10.26%

McAfee
Artemis!6372102A01E8
10.26%

The domain down6.youtubemusicdownloader.us has been seen to resolve to the following 25 IP addresses.

server-52-84-125-200.iad16.r.cloudfront.net
September 17, 2016

server-52-84-125-155.iad16.r.cloudfront.net
September 17, 2016

server-52-84-125-146.iad16.r.cloudfront.net
September 17, 2016

server-52-84-125-133.iad16.r.cloudfront.net
September 17, 2016

server-52-84-125-114.iad16.r.cloudfront.net
September 17, 2016

server-52-84-125-105.iad16.r.cloudfront.net
September 17, 2016

server-52-84-125-67.iad16.r.cloudfront.net
September 17, 2016

server-54-230-193-39.iad53.r.cloudfront.net
September 15, 2016

server-54-230-193-84.iad53.r.cloudfront.net
September 14, 2016

server-54-230-193-56.iad53.r.cloudfront.net
September 14, 2016

server-54-230-193-40.iad53.r.cloudfront.net
September 14, 2016

server-54-230-193-206.iad53.r.cloudfront.net
September 14, 2016

server-54-230-193-134.iad53.r.cloudfront.net
September 14, 2016

server-54-230-193-129.iad53.r.cloudfront.net
September 14, 2016

server-54-230-193-118.iad53.r.cloudfront.net
September 14, 2016

server-54-230-193-117.iad53.r.cloudfront.net
September 14, 2016

server-52-84-125-251.iad16.r.cloudfront.net
September 2, 2016

server-52-84-125-225.iad16.r.cloudfront.net
September 2, 2016

server-52-84-125-212.iad16.r.cloudfront.net
September 2, 2016

server-52-84-125-164.iad16.r.cloudfront.net
September 2, 2016

server-52-84-125-149.iad16.r.cloudfront.net
September 2, 2016

server-52-84-125-140.iad16.r.cloudfront.net
September 2, 2016

server-52-84-125-72.iad16.r.cloudfront.net
September 2, 2016

server-52-84-125-22.iad16.r.cloudfront.net
September 2, 2016

li127-170.members.linode.com
July 19, 2015

File downloads found at URLs served by down6.youtubemusicdownloader.us.

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

3 / 68      (PUP)

The following 54 files have been seen to comunicate with down6.youtubemusicdownloader.us in live environments.

 
Latest 20 of 94 files

URL:
http://down6.youtubemusicdownloader.us/

Title:
“Welcome to nginx!”

Network:
Amazon Cloudfront

Web server:
Apache/2.2.22 (Debian)