home

download.shoptowin.net

Shop To Win, LLC

Domain Information

The domain download.shoptowin.net registered by Shop To Win, LLC was initially registered in October of 2009 through GODADDY.COM, LLC. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Seattle, Washington within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC

Server location:
Washington, United States (US)

Create date:
Thursday, October 15, 2009

Expires date:
Wednesday, October 15, 2014

Updated date:
Thursday, June 20, 2013

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Root domain:
shoptowin.net

Whois:
1 shoptowin.net record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Dr.Web
Adware.Shopper.232, Adware.FreeCause.2, Adware.FreeCause.3
100.00%

Reason Heuristics
PUP.Installer.ShopToWin.N, PUP.Installer.ShopToWin.I, PUP.Shop To Win.ShopToWin.Installer (M)
100.00%

Trend Micro House Call
TROJ_GEN.RCBH1I5, TROJ_GEN.F47V0330, TROJ_GEN.RCBH1II, Suspicious_GEN.F47V0413
100.00%

MicroWorld eScan
NSIS:Adware-AR [PUP], Adware.ShopToWin.B
91.67%

Norman
Suspicious_Gen4.ACDL, W32/Wisho.A
91.67%

avast!
NSIS:Adware-AR [PUP]
91.67%

Avira AntiVirus
Adware/Rogue.2178560, Adware/Shoptowin.F
91.67%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
91.67%

AVG
SmartShopper.A
91.67%

Boost by Reason
Optional.ShopToWin.N, Optional.ShopToWin.I
83.33%

NANO AntiVirus
Trojan.Win32.FreeCause.bbdtir, Trojan.Win32.Agent.crkzeu
83.33%

ESET NOD32
Win32/Toolbar.BHO
75.00%

nProtect
Adware.ShopToWin.B
16.67%

Bitdefender
Adware.ShopToWin.B
16.67%

Qihoo 360 Security
Trojan.Generic
16.67%

The domain download.shoptowin.net has been seen to resolve to the following 3 IP addresses.

54.231.14.40
s3-1.amazonaws.com
July 23, 2016

54.231.120.146
s3-1.amazonaws.com
June 28, 2016

207.171.163.151
s3-1.amazonaws.com
November 19, 2013

File downloads found at URLs served by download.shoptowin.net.

19 / 68    (Adware)
http://download.shoptowin.net/.../STWSetup-IEFF.exe  (setup.exe)

18 / 68    (Adware)
http://download.shoptowin.net/.../STWSetup-IEFF.exe  (setup.exe)

12 / 68    (Adware)
http://download.shoptowin.net/.../STWSetup-IEFF.exe  (5ae33a99c74c1c77bba78049671bdbb1)

12 / 68    (Adware)
http://download.shoptowin.net/.../STWSetup-IEFF.exe  (a278fb327d04163e97867e94daadeece)

12 / 68    (Adware)
http://download.shoptowin.net/.../STWSetup-IEFF.exe  (4381cf81d0fb16a2d8af24c438e145db)

12 / 68    (Adware)
http://download.shoptowin.net/.../STWSetup-IEFF.exe  (2bd06d6e34549c2bf82d8bd24273a819)

12 / 68    (Adware)
http://download.shoptowin.net/.../STWSetup-IEFF.exe  (aae81707521797ac3fb97c5f06ab4e94)

5 / 68      (Adware)
http://download.shoptowin.net/.../STWSetup.exe  (e6fd89996adc69f87beaff5801949ad5)

12 / 68    (Adware)
http://download.shoptowin.net/.../STWSetup-IEFF.exe  (689d2951721aaf79cab23b2278a17b88)

12 / 68    (Adware)
http://download.shoptowin.net/.../STWSetup-IEFF.exe  (c27f53a79b4ba00a1af15c93433a8bec)

12 / 68    (Adware)
http://download.shoptowin.net/.../STWSetup-IEFF.exe  (3f0e90e3a264905a457594ce82214968)

12 / 68    (Adware)
http://download.shoptowin.net/.../STWSetup-IEFF.exe  (3a3a04e6b892d0f4b06faaf43183af00)

The following 7 files have been seen to comunicate with download.shoptowin.net in live environments.

TCP » 54.231.120.146:80
crossbrowse.exe (Crossbrowse)

TCP » 54.231.120.146:443
browser.exe (speed browser by Smart Applications)

TCP » 54.231.120.146:80
run_csgo.exe

TCP » 54.231.120.146:443
icreinstall_wintoflash_lite-1.4.0000.exe (Rofasalota)

TCP » 54.231.120.146:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 54.231.120.146:443
f8e4.tmp.exe

TCP » 54.231.120.146:443
updater.exe

Alexa:
Global rank:  4,818,259
Backlinks:  11

Statistics are for the previous month (Alexa statistics are for entire shoptowin.net).

dealpop.us

dealrunner.net

jackpotrewards.com

livetowin.net

n2win.net

online-convergence.com

onlineconvergence.com

onlineconvergence.net

safelinkoffer.com

shoptowin.com

qwiklinx.net

winsavegive.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.