home

www.apphostdelivery.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
apphostdelivery.com

Scanner detections:
Detections  (58% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.FC.Installer (M)
100.00%

The domain www.apphostdelivery.com has been seen to resolve to the following 13 IP addresses.

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 18, 2016

52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
June 18, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 18, 2016

54.200.103.60
ec2-54-200-103-60.us-west-2.compute.amazonaws.com
June 18, 2016

54.148.209.28
ec2-54-148-209-28.us-west-2.compute.amazonaws.com
June 18, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 16, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 16, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 20, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 20, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 20, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 20, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 20, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 20, 2016

File downloads found at URLs served by www.apphostdelivery.com.

0 / 68
http://www.apphostdelivery.com/WVl6OTRQWGxIY1RkQ05GaGpURGxWU2twSFoyVlVXbFU0U2lVeVJsUjBjRVZoV20xSk1HeEtOU1V5UmtWSE5rRTVWME5uSlRORUptTTlkbTFSYW00bE1rWlJWVkJWUmpWcmJqZzNURXhaZVROd1pHeG5XVk5FTVNVeVFqVjNPSGRRZUhSWlQwRlhkeVV5Um1ab1ltWjBRVWRhYVZOelRGSnlla2sxUjBGT1FtbGpNVGxTWmtGTVExSnllRGRCY0c1U2NXVWxNa1p1WldSSlJGa3lhVTVPVkhOa2NFczRjblZySlRKR1JtSk1PVllsTWtaeGFETmtkVFY0ZVNVeVJtUndSbWhXUlhsTGVTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNITWxNMEVsTWtZbE1rWnpaV04xY21VdWFXNXVaR3d1WTI5dEpUSkdWVk1sTWtacGJHbDJhV1F0Wkc5M2JteHZZV1F0YldGdVlXZGxjaTVsZUdVbE0wWnpkQ1V6UkVodmNIUklTa3AwVW14ZllYSmhla0o2YjBWTVVWRWxNalpsSlRORU1UUTFPRFUwTmpVM01pWmtiM2R1Ykc5aFpFRnpQV2xzYVhacFpDMWtiM2R1Ykc5aFpDMXRZVzVoWjJWeUxtVjRaUT09  (ilivid-download-manager.zip)

1 / 68      (Adware)
http://www.apphostdelivery.com/c?x=D6Z6973XLYjS6b4Rnq2eLxykFyQw8RwB8MJljzBcT84=&c=qdj5EfwynvdA3gO ORR1LzU6YS6O03mlbm2Ccjd5O6bVRrzG/2 VZXYUik8VVBJvRDt/PvsVCH7VcYS4jqrWmJkRwGA9oQBsryR47x/0eIfIneeJJM4QOO9SCKqXZy3g&fallback_url=https://secure.inndl.com/.../badoo.exe  (c.exe)

1 / 68      (Adware)
http://www.apphostdelivery.com/c?x=SIH6Xar2BWNoZWojo5lcM2tDKTWB1u kSAAwC3UcZcQ=&c=kFklNgrunMoecpyQgixP1PpauKqaCoB7M voBJtvhyvi1VXYSBywaGwx2vrjiAMd6SJo22hr40W3tnfl1JhsvPYg89xOzSUPcJusmbEeUEeIuDZ0m4Hmdl6m66ordR1D&fallback_url=https://secure.inndl.com/.../torch.exe  (ef8d13934208cedcfad0e5db729fb59e)

1 / 68      (Adware)
http://www.apphostdelivery.com/c?x= SId8Uit mV5EUQ5VMusv0NL/McxYZwkmPpv1ct059U=&c=Hg4v9kOiG25rj3uuGxNPXYlqPrlvXWEDX6ylWD7GmTG/8ffAd5Z0bp1AX2mkTRHUiMvEaZtGQOxcMSadVc5zvhoAtRWljBJyM5sG6t7Cz0TiFR2IwfvpCZTzHXqaOF2t&fallback_url=https://secure.inndl.com/.../ds3-tool.zip?st=34U3VGinMCRNP2jyLkccaA&e=1458545981&downloadAs=ds3-tool.exe  (ef3b465651f54087e37d5a5f400e1b10)

1 / 68      (Adware)
http://www.apphostdelivery.com/c?x=RCY07afkj6qWUqmbUdY6EbM86dOWpGS9OqdNgXqVjfs=&c=mWi/A5EqcvliY/h4XJYH2YAVxVr2HNj0pudAre0Pegp2yH8H rYv/tDI4ye144/RYocshP4SprxSQolgN2rM3WO/AGcKbBX2w7Lmuh83 kse5uevGe72qRRGBHoj1Hjm&fallback_url=https://secure.inndl.com/.../format-factory.exe  (b796f6063e4480700096b49f90909383)

1 / 68      (Adware)
http://www.apphostdelivery.com/c?x=mzFJrT5KqtudRSXQm7PHOTyHiuhbOgJzZw6wVwCi/A4=&c=SUupR6rm YX3Ytl0zEvYAKaoixVY/X om9q/UBcHywalXRdRh5y Zt7yFQ9DzqojInlVcL6PyQHJpAvr8xWaNPmSYqeMZarHXHkD6lPGtBUkzgQU7B1iCR941eQu/lox&fallback_url=https://secure.inndl.com/.../rubix.exe  (4e8ed5202cea07ddfe18a11c31870c6a)

1 / 68      (Adware)
http://www.apphostdelivery.com/c?x=j LCjD9SaynDFar1BV0TYydFW2y U6JoSbPHuoTdCY0=&c=2b8IsLpvM6vhJS620XfZGMzIBO3l55EosTCERLtL A8SHYXdukgapEn7IeI5jJGXmkBpbPrN/xJMEex38CAuyBW tfS8xc8X0vVu9uu hJU3LHpf9qTFVWkLgWEULB4F&fallback_url=https://secure.inndl.com/.../emote-maker.exe  (80fc48f0a70780e3f5c1da560f61bd5e)

0 / 68
http://www.apphostdelivery.com/WVl6OTRQVmN3VFVsd1UwUnpObmNsTWtKU1YxbHhUV3N6U0VjeGVtMXNhVEp1TjJjbE1rWlJNVXBDY0RGSlpFMWFZbVZ2SlRORUptTTlObk4xSlRKR1dFTTVWMGR3Tm14SlducEZRelJ1Wm1oTmJERnhZVnBQWVZoeE9YRmlSMk0yWVZGR2VGSlVOVXR4TlRaTWFtVmpkM3BXTkRSMmJIWk5XbVJVY3pnbE1rWjZkR2hDTW1ka2NtazNiVWQwTXpadmNERnJNakpZWldwTUpUSkNSbVZtVkZaMGVEbHRVVmNsTWtZMk5sbFVSbXRKSlRKR2VYSkpiR1F6VW5OWlJtOGxNa0pUSlRKQ2N5Wm1ZV3hzWW1GamExOTFjbXc5YUhSMGNITWxNMEVsTWtZbE1rWnpaV04xY21VdWFXNXVaR3d1WTI5dEpUSkdWVk1sTWtad1pYTXRNakF4TkM1NmFYQWxNMFp6ZENVelJIQkxVa1JIY2tsS1dtdFpabkYwYm5SVGJXbFZZbmNsTWpabEpUTkVNVFExT0RVM05EUXpNU1prYjNkdWJHOWhaRUZ6UFhCbGN5MHlNREUwTG1WNFpRPT0=  (pes-2014.zip)

0 / 68
http://www.apphostdelivery.com/WVl6OTRQWE5YVW5sWVZrTlJVRTVWUkc1NWNGUlhkMkZWYzNoeE1ESnJReVV5UmpkcGRtZFJkV040T1dkcmEyNDBRU1V6UkNaalBVaHBkVVpUTTFKeU16ZG1jWFZSZFVkc1MyRktKVEpHUkd4emFHeHZWazVZTXpCbVRYY2xNa1o0VkhNM01HaFpNMmhDUXlVeVJrNDFlRFZFU1NVeVFuWllOR3RRVVRkMk1HNVFVMFZKSlRKQ1NVSmhUWGhOUVdGclRqbFlja05KU2tGV2VITjRhM05VYWtkemRYVXpOM2sxZWlVeVJtOU5NbmR2UVdKNFRXUjBaeVV5UWxNM1RqRjRXRkkyTkdRbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhCekpUTkJKVEpHSlRKR2MyVmpkWEpsTG1sdWJtUnNMbU52YlNVeVJsVlRKVEpHYVd4cGRtbGtMV1J2ZDI1c2IyRmtMVzFoYm1GblpYSXVaWGhsSlROR2MzUWxNMFJ2YlhGaFZITXlaV0ZoY1MxVVNtZERXbFpaVWt4UkpUSTJaU1V6UkRFME5UZzFOek13TmpBbVpHOTNibXh2WVdSQmN6MXBiR2wyYVdRdFpHOTNibXh2WVdRdGJXRnVZV2RsY2k1bGVHVT0=  (ilivid-download-manager.zip)

0 / 68
http://www.apphostdelivery.com/WVl6OTRQWFprSlRKR05rbFVORE1sTWtaT2NYVmlVbHBLV1RKeVNXbFZaRGc0VFVacGJHNW1KVEpDWnpGT2FVTmlUWE52VERnbE0wUW1ZejAxVG0wMFRUUTJXVWhDT0VwWlJ6TmpNR3REYlhCd1UwRkJTbkk0VFRjMVZUUkdWa1pDYjJwR1ZuUmxlRmxETlZSeVltRkNXa0V4ZFhWMVRuWkRSR3hDZVcwbE1rSkJORTlOV1ZwalJYWktlRVkwYUd4R2FpVXlSbGxJZDI1SGRXbDJTVUl4TUdRbE1rWkdXRlJWUVVRMGNFMDBOV3QzTldkS1RrVkNRbVZKZVZkelExRmhTeVptWVd4c1ltRmphMTkxY213OWFIUjBjSE1sTTBFbE1rWWxNa1p6WldOMWNtVXVhVzV1Wkd3dVkyOXRKVEpHVlZNbE1rWnBiR2wyYVdRdFpHOTNibXh2WVdRdGJXRnVZV2RsY2k1bGVHVWxNMFp6ZENVelJGWnJRVzVmV1hRNWFqRkNhakpyTFU1clozWk9TSGNsTWpabEpUTkVNVFExT0RVMU1URTFNaVprYjNkdWJHOWhaRUZ6UFdsc2FYWnBaQzFrYjNkdWJHOWhaQzF0WVc1aFoyVnlMbVY0WlE9PQ==  (ilivid-download-manager.zip)

1 / 68      (Adware)
http://www.apphostdelivery.com/c?x=ks9ZKERhmePo dGBmBjL2PpntjVZUCzUdjY0R/fTRaI=&c=NEDsDji4VTLKDS1RoxgtmDJdAHJvAPe8M7BmEFYzO6dPu8bbxdI6AuXjRMUYtJhmtjgVR6yJYRAJbfzrzChPJKADln2mX3mc74s2r486LmY6j53FbuSPSq3C/9ruzxWG&fallback_url=http://secure.inndl.com/.../internet-explorer-8.exe  (885a657af7252cc4d4d77959e13c4044)

0 / 68
http://www.apphostdelivery.com/WVl6OTRQWEpvT1UxWVRUWlRNMDFqTlV0cU9FZHZNMUJpTVhKTU56ZG5XV1JsTUNVeVJrbHllWGxOYVVSaGFIa3hTU1V6UkNaalBXdFplazFNZEd4RFdXaEJjalIwWWtKNmNGbG9ORVp5TVVkcVlpVXlRbk5WVURaUFJFNW9ObUo1YUZScE5uRktOWGx0WjNsTE1qRlpOVkZtVkRoU1kwWlljM0EwVFRkbWVIZGhhQ1V5UWtoelYzaHpXVWwwY1RSMWFVWWxNa1pSUTBNM1ozSmFWM2RpVjBkWWRFc3hWVlJDZVZoVGExaE9OR3RzTUhkSmFuVkpPRmM0UjBScEptWmhiR3hpWVdOclgzVnliRDFvZEhSd2N5VXpRU1V5UmlVeVJuTmxZM1Z5WlM1cGJtNWtiQzVqYjIwbE1rWlZVeVV5Um1sc2FYWnBaQzFrYjNkdWJHOWhaQzF0WVc1aFoyVnlMbVY0WlNVelJuTjBKVE5FVTJsSlVWYzBVblpSVkV4clJETkZhRVprYlZOa2R5VXlObVVsTTBReE5EVTROVEkxT0RVMUptUnZkMjVzYjJGa1FYTTlhV3hwZG1sa0xXUnZkMjVzYjJGa0xXMWhibUZuWlhJdVpYaGw=  (ilivid-download-manager.zip)

The following 18 files have been seen to comunicate with www.apphostdelivery.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.38.209.219:80
3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
e5be.tmp

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 52.38.209.219:80
client.exe

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80
kmplayer 3.8.0.117 -[www.patoghu.com].exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
KMPlayer_3.9.0.126.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
3.9.0.125_20140702035547.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80
online-guardian-v2.0.9.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.