home

www.favorabledownload.com

Moniker Privacy Services  (Proxy Registrant)

Domain Information

The domain www.favorabledownload.com is registered by proxy through Moniker Online Services and was originally registered in October of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
Moniker Online Services

Server location:
Virginia, United States (US)

Create date:
Thursday, October 31, 2013

Expires date:
Saturday, October 31, 2015

Updated date:
Wednesday, November 5, 2014

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.

Root domain:
favorabledownload.com

Whois:
3 favorabledownload.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Malwarebytes
PUP.Optional.InstallMonetizer
100.00%

Trend Micro House Call
TROJ_GEN.F47V0106, TROJ_GEN.F47V0109, TROJ_GEN.F47V0113
100.00%

Dr.Web
Adware.Downware.1575
100.00%

VIPRE Antivirus
Amonetize
100.00%

Avira AntiVirus
ADWARE/Adware.Gen2
100.00%

ESET NOD32
Win32/Amonetize.AA (variant)
100.00%

IKARUS anti.virus
not-a-virus:Downloader.Win32.Agent
100.00%

Reason Heuristics
PUP.Installer.ShetefSolutionsConsulting1998.f, PUP.Installer.ShetefSolutionsConsulting1998.p, PUP.Installer.ShetefSolutionsConsulting1998.HH
100.00%

Comodo Security
ApplicUnwnt
100.00%

McAfee
Artemis!BB017F122F47, Artemis!F00968514BFD
66.67%

AhnLab V3 Security
PUP/Win32.Amonetiz
66.67%

Fortinet FortiGate
Riskware/Amonetize
66.67%

Bkav FE
W32.Clod316.Trojan
33.33%

Kaspersky
not-a-virus:AdWare.Win32.Amonetize
33.33%

Sophos
Amonetize
33.33%

The domain www.favorabledownload.com has been seen to resolve to the following 8 IP addresses.

209.222.14.3
209.222.14.3.choopa.net
December 2, 2014

23.21.228.251
ec2-23-21-228-251.compute-1.amazonaws.com
September 3, 2014

107.20.210.63
ec2-107-20-210-63.compute-1.amazonaws.com
September 3, 2014

50.17.209.45
ec2-50-17-209-45.compute-1.amazonaws.com
September 3, 2014

50.17.206.16
ec2-50-17-206-16.compute-1.amazonaws.com
September 3, 2014

54.225.132.130
ec2-54-225-132-130.compute-1.amazonaws.com
March 15, 2014

23.23.96.46
ec2-23-23-96-46.compute-1.amazonaws.com
February 2, 2014

54.225.181.84
ec2-54-225-181-84.compute-1.amazonaws.com
February 2, 2014

File downloads found at URLs served by www.favorabledownload.com.

10 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3038&instid[appname]=Gnarls Barkley The Odd Couple_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Gnarls Barkley The Odd Couple&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1145000&ti2=0&ti3=2014-01-11T08:26:37.138986 00:00&parameter=Gnarls Barkley The Odd Couple&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1145000&ti2=0&ti3=2014-01-11T08:26:37.138986 00:00&parameter=Gnarls Barkley The Odd Couple&ti1=1145000&ti2=0&ti3=2014-01-11T08:26:37.138986 00:00  (live cracker v2 0.rar__3515_i251231006_il4242574.exe)

10 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3516&instid[appname]=Gnarls Barkley The Odd Couple_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Gnarls Barkley The Odd Couple&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1145000&ti2=0&ti3=2014-01-11T08:26:37.138986 00:00&parameter=Gnarls Barkley The Odd Couple&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1145000&ti2=0&ti3=2014-01-11T08:26:37.138986 00:00&parameter=Gnarls Barkley The Odd Couple&ti1=1145000&ti2=0&ti3=2014-01-11T08:26:37.138986 00:00  (live cracker v2 0.rar__3515_i251231006_il4242574.exe)

10 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3515&instid[appname]=le parrain .epub_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=le parrain .epub&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=700000&ti2=2&ti3=2014-01-10T20:59:36.005090 00:00&parameter=le parrain .epub&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=700000&ti2=2&ti3=2014-01-10T20:59:36.005090 00:00&parameter=le parrain .epub&ti1=700000&ti2=2&ti3=2014-01-10T20:59:36.005090 00:00  (live cracker v2 0.rar__3515_i251231006_il4242574.exe)

17 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3038&instid[appname]=portable excel 2013_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=portable excel 2013&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1410000&ti2=1&ti3=2014-01-14T03:17:20.804439 00:00&parameter=portable excel 2013&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1410000&ti2=1&ti3=2014-01-14T03:17:20.804439 00:00&parameter=portable excel 2013&ti1=1410000&ti2=1&ti3=2014-01-14T03:17:20.804439 00:00  (izotope ozone rx 3 crack download__3038_i262821848_il6041941.exe)

17 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3039&instid[appname]=portable excel 2013_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=portable excel 2013&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1410000&ti2=1&ti3=2014-01-14T03:17:20.804439 00:00&parameter=portable excel 2013&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1410000&ti2=1&ti3=2014-01-14T03:17:20.804439 00:00&parameter=portable excel 2013&ti1=1410000&ti2=1&ti3=2014-01-14T03:17:20.804439 00:00  (izotope ozone rx 3 crack download__3038_i262821848_il6041941.exe)

10 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3516&instid[appname]=portable excel 2013_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=portable excel 2013&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1410000&ti2=1&ti3=2014-01-13T00:36:39.185064 00:00&parameter=portable excel 2013&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1410000&ti2=1&ti3=2014-01-13T00:36:39.185064 00:00&parameter=portable excel 2013&ti1=1410000&ti2=1&ti3=2014-01-13T00:36:39.185064 00:00  (live cracker v2 0.rar__3515_i251231006_il4242574.exe)

17 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3516&instid[appname]=hp officejet 4500 g510g m driver_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=hp officejet 4500 g510g m driver&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1240000&ti2=0&ti3=2014-01-13T17:26:03.719848 00:00&parameter=hp officejet 4500 g510g m driver&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1240000&ti2=0&ti3=2014-01-13T17:26:03.719848 00:00&parameter=hp officejet 4500 g510g m driver&ti1=1240000&ti2=0&ti3=2014-01-13T17:26:03.719848 00:00  (izotope ozone rx 3 crack download__3038_i262821848_il6041941.exe)

12 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3038&instid[appname]=The Klub 17 Model.rar_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=The Klub 17 Model.rar&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1405000&ti2=1&ti3=2014-01-07T13:10:02.753926+00:00&parameter=The Klub 17 Model.rar&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1405000&ti2=1&ti3=2014-01-07T13:10:02.753926+00:00&parameter=The Klub 17 Model.rar&ti1=1405000&ti2=1&ti3=2014-01-07T13:10:02.753926 00:00  (mac.720p.rar__3515_i238333763_il2306391.exe)

12 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3515&instid[appname]=Windows 8 Permanent Activator 2013 v4.0.rar_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Windows 8 Permanent Activator 2013 v4.0.rar&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1320000&ti2=0&ti3=2014-01-07T07:11:41.486965+00:00&parameter=Windows 8 Permanent Activator 2013 v4.0.rar&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1320000&ti2=0&ti3=2014-01-07T07:11:41.486965+00:00&parameter=Windows 8 Permanent Activator 2013 v4.0.rar&ti1=1320000&ti2=0&ti3=2014-01-07T07:11:41.486965 00:00  (mac.720p.rar__3515_i238333763_il2306391.exe)

10 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3516&instid[appname]=How come u don_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=How come u don&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1135000&ti2=1&ti3=2014-01-10T22:26:36.355903+00:00&parameter=How come u don&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1135000&ti2=1&ti3=2014-01-10T22:26:36.355903+00:00&parameter=How come u don&ti1=1135000&ti2=1&ti3=2014-01-10T22:26:36.355903 00:00  (live cracker v2 0.rar__3515_i251231006_il4242574.exe)

10 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3516&instid[appname]=How come u don_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=How come u don&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1135000&ti2=1&ti3=2014-01-10T22:27:55.994031+00:00&parameter=How come u don&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1135000&ti2=1&ti3=2014-01-10T22:27:55.994031+00:00&parameter=How come u don&ti1=1135000&ti2=1&ti3=2014-01-10T22:27:55.994031 00:00  (live cracker v2 0.rar__3515_i251231006_il4242574.exe)

17 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3038&instid[appname]=Prince rockhard in a funky place.mp3_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Prince rockhard in a funky place.mp3&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1135000&ti2=1&ti3=2014-01-15T19:30:30.826330+00:00&parameter=Prince rockhard in a funky place.mp3&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1135000&ti2=1&ti3=2014-01-15T19:30:30.826330+00:00&parameter=Prince rockhard in a funky place.mp3&ti1=1135000&ti2=1&ti3=2014-01-15T19:30:30.826330 00:00  (izotope ozone rx 3 crack download__3038_i262821848_il6041941.exe)

17 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3039&instid[appname]=Prince rockhard in a funky place.mp3_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Prince rockhard in a funky place.mp3&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1135000&ti2=1&ti3=2014-01-15T19:30:30.826330+00:00&parameter=Prince rockhard in a funky place.mp3&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1135000&ti2=1&ti3=2014-01-15T19:30:30.826330+00:00&parameter=Prince rockhard in a funky place.mp3&ti1=1135000&ti2=1&ti3=2014-01-15T19:30:30.826330 00:00  (izotope ozone rx 3 crack download__3038_i262821848_il6041941.exe)

12 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3038&instid[appname]=Han Way Huang, The HCS12 9S12 An Introduction to Software and Hardware Interfacing, 2 edition_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Han Way Huang, The HCS12 9S12 An Introduction to Software and Hardware Interfacing, 2 edition&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=700000&ti2=0&ti3=2014-01-09T00:54:21.195726+00:00&parameter=Han Way Huang, The HCS12 9S12 An Introduction to Software and Hardware Interfacing, 2 edition&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=700000&ti2=0&ti3=2014-01-09T00:54:21.195726+00:00&parameter=Han Way Huang, The HCS12%  (mac.720p.rar__3515_i238333763_il2306391.exe)

12 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3516&instid[appname]=Solution Manual For Communication Systems (4th edt) by Simon Haykin.rar_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Solution Manual For Communication Systems (4th edt) by Simon Haykin.rar&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=980000&ti2=0&ti3=2014-01-09T04:04:37.066277+00:00&parameter=Solution Manual For Communication Systems (4th edt) by Simon Haykin.rar&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=980000&ti2=0&ti3=2014-01-09T04:04:37.066277+00:00&parameter=Solution Manual For Communication Systems (4th edt) by Simon Haykin.rar&ti1=980000&ti2=  (mac.720p.rar__3515_i238333763_il2306391.exe)

17 / 68    (Adware)
http://www.favorabledownload.com/download.php?version=1.1.5.98&campid=3038&instid[appname]=Breech Destiny (original Mix)_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Breech Destiny (original Mix)&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1135000&ti2=0&ti3=2014-01-15T22:57:58.046129+00:00&parameter=Breech Destiny (original Mix)&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1135000&ti2=0&ti3=2014-01-15T22:57:58.046129+00:00&parameter=Breech Destiny (original Mix)&ti1=1135000&ti2=0&ti3=2014-01-15T22:57:58.046129 00:00  (izotope ozone rx 3 crack download__3038_i262821848_il6041941.exe)

The following 21 files have been seen to comunicate with www.favorabledownload.com in live environments.

TCP » 209.222.14.3:80
bitcomet_x64.exe (BitComet 64-bit by www.BitComet.com)

TCP » 107.20.210.63:80
magiciso maker v54251 spanish__3039_i1081707458_il1646000.exe

TCP » 107.20.210.63:80
gta 5 pc installer__5247_il384.exe

TCP » 209.222.14.3:80
tunnel.exe (by Microsoft)

TCP » 209.222.14.3:80
PEG2.exe (PE GUARD 2 by OHTIC.com)

TCP » 209.222.14.3:6969
QQDownload.exe (by Tencent Technology (Shenzhen) Company Limited)

TCP » 209.222.14.3:80
quicktime.crx

TCP » 23.21.228.251:80
pes.201__7214_il332.exe

TCP » 23.23.96.46:80
flashplayersetup__3873_i264147895_il3.exe (Installer by Amônétízé)

TCP » 23.23.96.46:80
setup__4615.exe (Installer)

TCP » 50.17.206.16:80
Google.Chrome__2309_il52306.exe

TCP » 50.17.206.16:80
Client.exe

TCP » 50.17.206.16:80
Client.exe

TCP » 50.17.206.16:80
file.downloader__9581_il263.exe

TCP » 50.17.209.45:80
pes.201__7214_il332.exe

TCP » 50.17.209.45:80
Client.exe

TCP » 50.17.209.45:80
afirst.exe

TCP » 54.225.181.84:80
EagleGet.exe (EagleGet Downloader by EagleGet.com)

TCP » 54.225.181.84:80
skyhook wifi hack password 2013 zip registration key__3038_i356390957_il5637585.exe (Installer)

TCP » 54.225.181.84:80
kmspico 9.1.3 final, activator all windows and office__4502_il16014.exe (Installer)

 
Latest 20 of 22 files

URL:
http://www.favorabledownload.com/

Google Analytics:
UA-51058839

Title:
“favorabledownload.com”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Apache

actuallydownload.com

appdint.com

burstingdownload.com

conductdownload.com

detaileddownload.com

eachdownload.com

explicitdownload.com

extractdownload.com

moraldownload.com

new-hdplugin.com

otherdownload.com

precisedownload.com

rulerdownload.com

shortestdownload.com

singulardownload.com

specificdownload.com

tangibledownload.com

totalitydownload.com

transdownload.com

truthfuldownload.com

wilddownload.com

wonderfuldownload.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.