content.ignitioninstaller.com

PERFECT PRIVACY, LLC  (Proxy Registrant)

Domain Information

The domain content.ignitioninstaller.com is registered by proxy through Network Solutions, LLC and was originally registered in January of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
Network Solutions, LLC

Server location:
Virginia, United States (US)

Create date:
Friday, January 25, 2013

Expires date:
Wednesday, January 25, 2017

Updated date:
Wednesday, November 26, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.IgnitionInstaller.M, PUP.Installer.BundloreLimited.F, PUP.Installer.IgnitionInstaller.F, PUP.IgnitionInstaller.e, PUP.IgnitionInstaller.CC, PUP.Installer.DigitalPluginSL.F, PUP.Systweak.ThePhone.Installer.Meta (L), DownloadManager.Air Software, PUP.Adknowledge.FileMonarch.Bundler (M), PUP.Verti.IgnitionInstaller.Installer (M), PUP.installCore.FriedCookie.Installer (M), PUP.Tuguu.TuguuU.Bundler (M), PUP.Bundlore.INTERMED.Bundler (M)
93.75%

VIPRE Antivirus
Ignition Installer, Bundlore, Threat.4790114, Threat.4150696, Iminent, Optimum Installer
68.75%

Malwarebytes
PUP.Optional.Ignition.A, PUP.Optional.Bundlore, PUP.Optional.DomaIQ, PUP.Optional.AirAdInstaller, PUP.Optional.OptimunInstaller
43.75%

Antiy Labs AVL
Trojan/Win32.Dofoil, Trojan/Win32.TSGeneric, Trojan[Spy]/Win32.Zbot, Trojan[:HEUR]/Win32.AGeneric, Trojan/Win32.Badur
43.75%

Trend Micro House Call
TROJ_GEN.F47V0920, TROJ_GEN.F47V0403, TROJ_GEN.F47V0703, ADW_BHO, TROJ_GE.957BE1AA, TROJ_GEN.F47V1121, TROJ_GEN.F47V1204
40.63%

Dr.Web
Adware.Downware.1732, Adware.Downware.2039, Adware.Downware.1758, Trojan.Packed.28257, Adware.Downware.9532, Trojan.DownLoader11.30629
40.63%

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious.A, Artemis!7FA7B38A12E2, BehavesLike.Win32.AdwareDoma.dc, Artemis!C867A8E42B17
34.38%

ESET NOD32
Win32/Bundlore (variant), MSIL/Verti (variant), Win32/SoftPulse (variant)
34.38%

AVG
Skodna.Generic_c, MalSign.Bundlo, Adware AdPlugin
18.75%

Agnitum Outpost
Riskware.Agent, PUA.AirAd, Trojan.Agent
18.75%

McAfee
Artemis!7FA7B38A12E2, Artemis!4DC7D10FB20C, Program.SoftPulse, Trojan.Artemis!757FB24A0964, Trojan.Artemis!46F8749DEF37
15.63%

Avira AntiVirus
SPR/Bundlore.A, TR/Dropper.Gen, TR/Trash.Gen, ADWARE/Adware.Gen, Adware/iBryte.bxoh
15.63%

IKARUS anti.virus
PUA.Bundlore, PUA.DigiPlug, PUA.MSIL.Verti, AdWare.AirAdInstaller, Trojan.Win32.Buzus
15.63%

Comodo Security
Application.Win32.Bundlore.A, Application.Win32.SoftPulse.E, Packed.Win32.MUPX.Gen, Application.Win32.AgentCV.HWYE
12.50%

herdProtect (fuzzy)
a variant of 1eed21943b1447e01b6eda98d8971d4465380b53, a variant of 4053b90dbc12acf4edd661d7438ea9172be2a443, a variant of 013b22077efbcb94f2e828cbaeec68597c47eea1
12.50%

The domain content.ignitioninstaller.com has been seen to resolve to the following 187 IP addresses.

server-52-84-125-232.iad16.r.cloudfront.net
July 21, 2016

server-52-84-125-230.iad16.r.cloudfront.net
July 21, 2016

server-52-84-125-123.iad16.r.cloudfront.net
July 21, 2016

server-52-84-125-89.iad16.r.cloudfront.net
July 21, 2016

server-52-84-125-71.iad16.r.cloudfront.net
July 21, 2016

server-52-84-125-61.iad16.r.cloudfront.net
July 21, 2016

server-52-84-125-38.iad16.r.cloudfront.net
July 21, 2016

server-54-192-19-152.iad12.r.cloudfront.net
July 15, 2016

server-54-192-19-144.iad12.r.cloudfront.net
July 15, 2016

server-54-192-19-89.iad12.r.cloudfront.net
July 15, 2016

server-54-192-19-39.iad12.r.cloudfront.net
July 15, 2016

server-54-192-19-29.iad12.r.cloudfront.net
July 15, 2016

server-54-192-19-24.iad12.r.cloudfront.net
July 15, 2016

server-54-192-19-9.iad12.r.cloudfront.net
July 15, 2016

server-54-192-19-165.iad12.r.cloudfront.net
July 15, 2016

server-52-84-125-240.iad16.r.cloudfront.net
June 28, 2016

server-52-84-125-236.iad16.r.cloudfront.net
June 28, 2016

server-52-84-125-211.iad16.r.cloudfront.net
June 28, 2016

server-52-84-125-177.iad16.r.cloudfront.net
June 28, 2016

server-52-84-125-146.iad16.r.cloudfront.net
June 28, 2016

server-52-84-125-32.iad16.r.cloudfront.net
June 28, 2016

server-52-84-125-18.iad16.r.cloudfront.net
June 28, 2016

server-52-84-125-15.iad16.r.cloudfront.net
June 28, 2016

server-52-85-142-95.iad12.r.cloudfront.net
May 24, 2016

server-52-85-142-73.iad12.r.cloudfront.net
May 24, 2016

server-52-85-142-52.iad12.r.cloudfront.net
May 24, 2016

server-52-85-142-46.iad12.r.cloudfront.net
May 24, 2016

server-52-85-142-224.iad12.r.cloudfront.net
May 24, 2016

server-52-85-142-181.iad12.r.cloudfront.net
May 24, 2016

server-52-85-142-158.iad12.r.cloudfront.net
May 24, 2016

 
Showing 30 of 187 IP Addresses

File downloads found at URLs served by content.ignitioninstaller.com.

4 / 68      (Adware)

1 / 68      (Adware)
http://content.ignitioninstaller.com/stub/.../setup.exe  (900b7e1f4e9411cdee7810377c683781)

4 / 68      (Adware)

The following 255 files have been seen to comunicate with content.ignitioninstaller.com in live environments.

 
Latest 20 of 390 files

URL:
http://content.ignitioninstaller.com/

Network:
Amazon Cloudfront

Web server:
AmazonS3