www.tourstodayhosting.com

Domain Information

Server location:
Washington, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/InstallCore.AFW potentially unwanted application, Win32/InstallCore.ACY.gen potentially unwanted application, Win32/Sality.NBA virus
100.00%

McAfee
Artemis!6102F6BBEB39, Virus.W32/Sality.gen.z
66.67%

avast!
Win32:Malware-gen, Win32:SaliCode
66.67%

AhnLab V3 Security
PUP/Win32.Downloader
66.67%

Qihoo 360 Security
QVM20.1.Malware.Gen
66.67%

Reason Heuristics
Adware.Bundler (M)
66.67%

Vba32 AntiVirus
Malware-Cryptor.InstallCore.gen
33.33%

VIPRE Antivirus
Threat.4721115
33.33%

Microsoft Security Essentials
Threat.Undefined
33.33%

F-Prot
W32/Sality.gen2
33.33%

Kaspersky
Virus.Win32.Sality
33.33%

Emsisoft Anti-Malware
Win32.Sality
33.33%

Dr.Web
Win32.Sector.30
33.33%

The domain www.tourstodayhosting.com has been seen to resolve to the following 17 IP addresses.

server-52-85-131-43.iad53.r.cloudfront.net
April 20, 2016

server-54-230-102-52.iad2.r.cloudfront.net
April 13, 2016

server-54-230-102-51.iad2.r.cloudfront.net
April 13, 2016

server-54-230-102-21.iad2.r.cloudfront.net
April 13, 2016

server-54-230-102-211.iad2.r.cloudfront.net
April 13, 2016

server-54-230-102-167.iad2.r.cloudfront.net
April 13, 2016

server-54-230-102-158.iad2.r.cloudfront.net
April 13, 2016

server-54-230-102-157.iad2.r.cloudfront.net
April 13, 2016

server-54-230-102-60.iad2.r.cloudfront.net
April 13, 2016

server-52-85-131-196.iad53.r.cloudfront.net
April 12, 2016

server-52-85-131-167.iad53.r.cloudfront.net
April 12, 2016

server-52-85-131-155.iad53.r.cloudfront.net
April 12, 2016

server-52-85-131-114.iad53.r.cloudfront.net
April 12, 2016

server-52-85-131-51.iad53.r.cloudfront.net
April 12, 2016

server-52-85-131-30.iad53.r.cloudfront.net
April 12, 2016

server-52-85-131-235.iad53.r.cloudfront.net
April 12, 2016

server-52-85-131-206.iad53.r.cloudfront.net
April 12, 2016

File downloads found at URLs served by www.tourstodayhosting.com.

9 / 68      (Infected)
http://www.tourstodayhosting.com/.../installer.exe  (c21c5c0790175b73d750e3d5d0508182)

4 / 68      (PUP)

7 / 68      (PUP)
http://www.tourstodayhosting.com/.../installer.exe  (6102f6bbeb39ff13233786b28d2dc907)

The following 2 files have been seen to comunicate with www.tourstodayhosting.com in live environments.