home

files5.playfin.com

Download Admin  (via a Proxy Registrant)

Domain Information

"Playfin.net uses DownloadAdmin to install your software. The software distributed on our site may be available for free elsewhere." The software bundle includes offers from ALOT, WeatherBug, PriceGong and IAC (Ask.com). The portal is run by Tightrope Interactive. The domain files5.playfin.com is registered by proxy through WILD WEST DOMAINS, LLC and was originally registered in August of 2006. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Reston, Virginia within the United States which resides on the Tiggee LLC network. The domain is part of a DNS service that utilizes a number of reverse proxy IP Addresses (see below). The domain is associated with the publisher Download Admin who is located in SAN FRANCISCO, California in the United States.
Registrar:
WILD WEST DOMAINS, LLC

Server location:
Virginia, United States (US)

Create date:
Wednesday, August 30, 2006

Expires date:
Wednesday, August 30, 2017

Updated date:
Thursday, November 8, 2012

ASN:
AS16552 TIGGEE - Tiggee LLC, US

Root domain:
playfin.com

Whois:
1 playfin.com record

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bundler.Tightrope, PUP.Tightrope.Download.Bundler (M), PUP.Tightrope.Zoobam.Bundler (M), PUP.Tightrope.Sanflex.Bundler (M), PUP.Tightrope (M)
100.00%

herdProtect (fuzzy)
a variant of ee3f6e8e244c21ed5961a90da6876b03284f37cc
2.04%

Malwarebytes
PUP.Optional.DownloadAdmin
2.04%

NANO AntiVirus
Trojan.Win32.Downware.crgjbr
2.04%

Sophos
Download Admin
2.04%

VIPRE Antivirus
DownloadAdmin
2.04%

ESET NOD32
Win32/DownloadAdmin
2.04%

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
2.04%

The domain files5.playfin.com has been seen to resolve to the following 8 IP addresses.

96.45.82.151
redirection.dnsmadeeasy.com
July 2, 2016

96.45.82.92
redirection.dnsmadeeasy.com
July 2, 2016

96.45.83.206
redirection.dnsmadeeasy.com
July 2, 2016

96.45.83.110
redirection.dnsmadeeasy.com
July 2, 2016

50.22.63.138
50.22.63.138-static.reverse.softlayer.com
November 10, 2014

50.22.63.140
50.22.63.140-static.reverse.softlayer.com
November 10, 2014

50.97.63.217
50.97.63.217-static.reverse.softlayer.com
April 11, 2014

108.168.160.45
108.168.160.45-static.reverse.softlayer.com
April 11, 2014

File downloads found at URLs served by files5.playfin.com.

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=674723&geo  (virtualcity-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=673123&geo  (buildalot2townoftheyear-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=674853&geo  (10talismans-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=936153  (mahjongworld-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=674841&geo  (zombiebowlorama-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=673257&geo  (cookingdash-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=513989  (cookingdash-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=943983  (spongebobdinerdash2-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=673143&geo  (burgershop2-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=150  (brutalchess-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=674565&geo  (thesecretofmargravemanor-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=673221&geo  (chroniclesofalbianthemagicconvention-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=674289&geo  (samanthaswiftandthehiddenrosesofathena-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=673569&geo  (flipwords-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=674089&geo  (mysteryofsharkisland-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=942523  (runningsheep-setup.exe)

8 / 68      (Adware)
http://files5.playfin.com/dl?bc=512523&geo  (mysteryofsharkisland-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=514091&geo  (chameleongems-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=514963&geo  (thelostcasesofsherlockholmes-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=512613  (minigolf-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=674357&geo  (slingoquesthawaii-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=673997&geo  (mahjongworld-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=1134496  (brutalchess-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=674113&geo  (nataliebrooksthetreasureofthelostkingdom-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=939843  (poppittogo-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=674695&geo  (vampiresagapandorasbox-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=674533&geo  (thelostcasesofsherlockholmes-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=674065&geo  (mortimerbeckettandthetimeparadox-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=931743  (ghostwhisperer-setup.exe)

1 / 68      (Adware)
http://files5.playfin.com/dl?bc=673841&geo  (jewelquestmysteriestheseventhgate-setup.exe)

 
Latest 30 of 194 download URLs

The following 236 files have been seen to comunicate with files5.playfin.com in live environments.

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.63.217:80
TNT2User.exe (by Eshield)

TCP » 50.97.63.217:80
eshieldtoolbar.exe (by Eshield)

TCP » 50.22.63.138:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.140:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.140:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.138:80
update_31.exe (Fast Downloader Media)

TCP » 50.22.63.140:80
windowssoftwareupdater.exe (SoftwareUpdater)

TCP » 50.22.63.138:80
updateadmin.exe

TCP » 50.22.63.138:80
windowssoftwareupdater.exe (SoftwareUpdater)

TCP » 50.22.63.140:80
updateadmin.exe

TCP » 50.22.63.140:80
update_31.exe (Fast Downloader Media)

TCP » 50.22.63.138:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.138:80
netdownloader.exe

TCP » 50.22.63.140:80
netdownloader.exe

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.140:80
update_14.exe (Fast Downloader Media)

 
Latest 20 of 319 files

downloadadmin.com

uberdownloads.com

search.us.com

freedownloads.us.com

softreviews.co

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.