playnow.chaseswing.eu

NOT DISCLOSED!  (Proxy Registrant)

Domain Information

The domain playnow.chaseswing.eu is registered by proxy through Internet.bs Corp.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Redwood City, California within the United States which resides on the SKYE network.
Registrar:
Internet.bs Corp.

Server location:
California, United States (US)

ASN:
AS26008 NOMINUM-SKYE1 - SKYE

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
DownloadManager.AirSoftware.F, PUP.Air Software.AirSoftware.Bundler (M), PUP.Softpulse.DigitalPlugin.Bundler (M), PUP.Outbrowse.Bundler (M), PUP.Outbrowse.Outborwse.Installer (M), PUP.InstallCore.AVSoftware.Installer (M), PUP.Tuguu.Bundler (M), PUP.Softpulse.Softforc.Bundler (M), PUP.Bundlore.Installer.Installer (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.Air Software (M)
100.00%

Malwarebytes
PUP.Optional.AirInstaller, PUP.Optional.AirAdInstaller
24.32%

K7 Gateway Antivirus
Unwanted-Program
24.32%

avast!
Win32:Installer-L [PUP], Malware-gen, Win32:Adware-gen [Adw]
24.32%

Comodo Security
Application.Win32.AirAdInstaller.A, Application.Win32.AirAdInstaller.B
24.32%

Dr.Web
Adware.Downware.2035, Trojan.SMSSend.4881, Trojan.SMSSend.4953
24.32%

VIPRE Antivirus
Iminent, Threat.4150696
24.32%

Sophos
AirInstaller
24.32%

Rising Antivirus
PE:PUF.Airinstall!1.9C4C
24.32%

Qihoo 360 Security
HEUR/Malware.QVM01.Gen
24.32%

Agnitum Outpost
PUA.AirAd, PUA.AirAdInstaller
24.32%

Avira AntiVirus
ADWARE/Adware.Gen, Adware/AgentCV.A.6255
24.32%

Vba32 AntiVirus
AdWare.AirAdInstaller.ajov
24.32%

AhnLab V3 Security
PUP/Win32.AirAdInstaller
24.32%

IKARUS anti.virus
Win32.Malware, Win32.AdWare, Win32.SuspectCrc
24.32%

The domain playnow.chaseswing.eu has been seen to resolve to the following 3 IP addresses.

anubisnetworks.com
February 10, 2016

February 6, 2016

search.dnsassist.verizon.net
May 30, 2014

File downloads found at URLs served by playnow.chaseswing.eu.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

The following 199 files have been seen to comunicate with playnow.chaseswing.eu in live environments.

 
Latest 20 of 219 files

URL:
http://playnow.chaseswing.eu/

Web server:
nginx