» ticketdown.me
Overview
Analysis
IPs Addresses (1)
Downloads (7)
Related Domains (43)

ticketdown.me

WhoisGuard, Inc. (Proxy Registrant)

Domain Information

The domain ticketdown.me is registered by proxy through NameCheap, Inc.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Reykjavik, Hofuoborgarsvaoio within IS which resides on the RIPE Network Coordination Centre network.

Registrant:

WhoisGuard, Inc.

Registrar:

NameCheap, Inc.

Server location:

Hofuoborgarsvaoio, IS (IS)

ASN:

AS50613 THORDC-AS THOR Data Center ehf,IS

Whois:

2 ticketdown.me records

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

McAfee

Artemis!A5FC123206B1, Artemis!46AC9C6087B4, Artemis!9244D0FD1D98, Artemis!04A835251535, Artemis!D67ECD584AA8, Program.Artemis!519A93B69B9E, Trojan.PUP-RFTY

88.00%

Emsisoft Anti-Malware

Trojan.Generic.15047783, Gen:Variant.Adware.Graftor.180946, Trojan.Generic.15339704, Dropped:Adware.Agent.PPG, Gen:Heur.Conjar

88.00%

Kaspersky

not-a-virus:NetTool.Win64.NetFilter

86.00%

Dr.Web

Trojan.Fraudster.1624, Trojan.Fraudster.1960, Trojan.Fraudster.1620, infected with Trojan.Fraudster.1620, infected with Trojan.Fraudster.1624

86.00%

VIPRE Antivirus

Yontoo, NetFilter, Trojan.Win32.Generic, Threat.4734384, Threat.4150696, Threat.5063666

84.00%

F-Prot

W32/NetFilter-PUA.B, W32/Adware.ALMA, W32/Adware.ALMA (exact, not disinfectable), W32/NetFilter-PUA.B (exact, not disinfectable)

84.00%

AVG

WebFilter.X, Generic7, Generic6, Adware Generic6.TGA, Adware Generic7.DHA, Adware Generic7.JFC

84.00%

Avira AntiVirus

ADWARE/Adware.Gen, W32/Virut.Gen, W32/Sality.AT, TR/Crypt.ULPM.Gen

74.00%

MicroWorld eScan

Trojan.Generic.15047783, Gen:Variant.Adware.Graftor.180946, Trojan.Generic.15339704, Dropped:Adware.Agent.PPG, Gen:Trojan.Heur.KT.2.1w3@aiGbaNfi

70.00%

Bitdefender

Trojan.Generic.15047783, Gen:Variant.Adware.Graftor.180946, Trojan.Generic.15339704, Dropped:Adware.Agent.PPG, Gen:Trojan.Heur.KT.2.1w3@aiGbaNfi

70.00%

K7 AntiVirus

Adware

70.00%

Agnitum Outpost

Riskware.NetFilter, PUA.BrAppWare

70.00%

Trend Micro

TROJ_GE.0CE9FD10, TROJ_GE.935152FB, TROJ_GE.7FD2C1AB, TROJ_GE.C9B36B13, TROJ_GE.C2EF2C2E, TROJ_GE.C424EEC5, TROJ_GE.91C167E9

70.00%

Rising Antivirus

PE:Adware.BrAppWare!1.A17D [F], PE:Malware.Generic(Thunder)!1.A1C4 [F]

70.00%

IKARUS anti.virus

PUA.BrAppWare

70.00%

The domain ticketdown.me has been seen to resolve to the following IP address.

82.221.105.12

January 5, 2016

File downloads found at URLs served by ticketdown.me.

34 / 68 (PUP)

http://ticketdown.me/.../280815_cr.exe (lvddo5swcwdqcdwirs2ejoxcjlsm_cr.exe)

1 / 68 (Malware)

http://ticketdown.me/.../291014_nj.exe (78ebbd56fe587b2307fe10cf75a6d28d)

14 / 68 (PUP)

http://ticketdown.me/.../280815_cr.exe (1a18045b6bea42cc7d480a29ae9110ef)

1 / 68 (Malware)

http://ticketdown.me/.../310714_mb.exe (cyrvsne2rjzzp9gfuaoq_has.exe)

9 / 68 (PUP)

http://ticketdown.me/.../310714_br.exe (215b76dd22a27b3fbf523a1f220611fe)

10 / 68 (Malware)

http://ticketdown.me/.../291014_nj.exe (7cf0d45d7c8ea9501034eee2fa28a883)

30 / 68 (PUP)

http://ticketdown.me/.../310714_br.exe (a0ceb2f57cdcb92de5946a979e119238)

Related Domains

filmeseseriestorrent.com

filmesonlinegratis.com

30 of 43 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.