ttb.downloadyourplayer.com

Corp New Ventures Services

Domain Information

The domain ttb.downloadyourplayer.com registered by Corp New Ventures Services was initially registered in November of 2014 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Vitoria-Gasteiz, Pais Vasco within Spain which resides on the RIPE Network Coordination Centre network.
Registrar:
! #1 HOST KOREA, INC.

Server location:
Pais Vasco, Spain (ES)

Create date:
Thursday, November 20, 2014

Expires date:
Friday, November 20, 2015

Updated date:
Friday, November 28, 2014

ASN:
AS57910 SCIP-AS Soluciones Corporativas IP, SL,ES

Scanner detections:
Detections  (91% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Mindadmedia.F, PUP.Installer.clipqube.F, PUP.Installer.BundloreLimited.F, PUP.Installer.IgnitionInstaller.F, PUP.Installer.TuguuSL.F, PUP.Installer.OUTBROWSE.F, PUP.Installer.OUTBROWSE.K, PUP.Optional.Installer.F, PUP.Installer.INSTALLTHIS.F, PUP.Installer.TuguuSL.K, PUP.Installer.SoftpulseSL.F, PUP.Installer.NanningweiwuTechnologycoltd.F, PUP.TuguuSL.O, DownloadManager.Air Software, PUP.Tuguu.Bundler (M), PUP.Air Software.DownloadManager.Bundler (M), PUP.Air Software.AirSoftware.Bundler (M), PUP.Tuguu.TuguuU.Bundler (M)
100.00%

Dr.Web
Adware.Downware.1676, Adware.Downware.2086, Adware.Downware.1732, Adware.Downware.2039, Adware.Downware.1758, Trojan.Packed.24553
80.00%

VIPRE Antivirus
OutBrowse, Bundlore, Ignition Installer, DomaIQ, Threat.4150696, Threat.4778314, Threat.4783262, Threat.4783235, Iminent
75.00%

Malwarebytes
PUP.Optional.OutBrowse, PUP.Optional.Bundlore, PUP.Optional.Ignition.A, PUP.Optional.Domalq, PUP.Optional.OptimumInstaller.A
72.50%

Sophos
DomainIQ pay-per install, Bundlore, Generic PUA FK, OutBrowse Revenyou, VOPackage, iBryte Optimum Installer, Generic PUA IG
72.50%

K7 AntiVirus
Unwanted-Program , Trojan
70.00%

AVG
Skodna.Downloader, MalSign.Bundlo, Skodna.Generic, AdPlugin, Adware AdLoad.B, Adware DomaIQ, Adware BundleApp_r.D, InstallCore
70.00%

Agnitum Outpost
PUA.OutBrowse, Riskware.Agent, PUA.DomaIQ, PUA.Agent, Adware.Agent, PUA.AirAd, PUA.AirAdInstaller
67.50%

Avira AntiVirus
SPR/Bundlore.A, APPL/DomaIQ.Gen7, APPL/Downloader.Gen, ADWARE/Adware.Gen7, APPL/Downloader.Gen8, Adware/AgentCV.A.6255
67.50%

G Data
Win32.Application.Outbrowse, MemScan:Application.Bundler.Outbrowse, NSIS.Application.Vopackage, Win32.Adware.Ibryte, Application.Bundler.DomaIQ
65.00%

NANO AntiVirus
Trojan.Win32.Starter.cwxrcb, Trojan.Win32.Generic.cthmwf, Trojan.Win32.Agent.cxjjsz, Riskware.Win32.DomaIQ.dcnhjo, Trojan.Win32.DomaIQ.csqtgn
62.50%

avast!
Win32:PUP-gen [PUP], Rootkit-gen [Rtk], Win32:IBryte-CY [PUP], DomaIQ-AP [PUP], Installer-AE [PUP], Win32:SoftPulse-C [PUP]
62.50%

ESET NOD32
Win32/OutBrowse.P potentially unwanted application, Win32/OutBrowse.D potentially unwanted application, Win32/VOPackage.E potentially unwanted application
62.50%

Comodo Security
Application.Win32.Bundlore.A, Application.Win32.DomaIQ.KR, Application.Win32.iBryte.WRP, Application.Win32.DomaIQ.R, Application.Win32.DomaIQ.P
60.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, AdWare.iBryte, AdWare.MSIL.DomaIQ, OScope.Downware.DomaIQ, Downloader.Agent, AdWare.Agent
60.00%

The domain ttb.downloadyourplayer.com has been seen to resolve to the following 8 IP addresses.

May 4, 2015

December 1, 2014

www.renewyourexpireddomain.com
September 4, 2014

ec2-54-201-201-245.us-west-2.compute.amazonaws.com
September 3, 2014

ec2-50-112-177-75.us-west-2.compute.amazonaws.com
May 30, 2014

ec2-54-213-184-227.us-west-2.compute.amazonaws.com
April 30, 2014

ec2-54-213-33-153.us-west-2.compute.amazonaws.com
April 26, 2014

ec2-54-201-202-189.us-west-2.compute.amazonaws.com
February 6, 2014

File downloads found at URLs served by ttb.downloadyourplayer.com.

 
Latest 30 of 49 download URLs

The following 2 files have been seen to comunicate with ttb.downloadyourplayer.com in live environments.

URL:
http://ttb.downloadyourplayer.com/

Google Analytics:
UA-2249740

Title:
“Downloadyourplayer.com”

Description:
“Find DVD Player Download, Flv Player and more at Downloadyourplayer.com. Get the best of Vlc Player Download or Real Player Download, browse our section on Flash Player Download or learn about Flash Player. Downloadyourplayer.com is the site for ...”

Web server:
Apache

30 of 685 related domains