home

wanktubevideos.com

Privacy Protection Service INC d/b/a PrivacyProtect.org  (Proxy Registrant)

Domain Information

The domain wanktubevideos.com is registered by proxy through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM and was originally registered in May of 2012. Currently this domain has been known to host various forms of malware. The hosted servers are located in Dover, North Carolina within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
North Carolina, United States (US)

Create date:
Sunday, May 6, 2012

Expires date:
Friday, May 6, 2016

Updated date:
Thursday, May 7, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Whois:
4 wanktubevideos.com records

Scanner detections:
Malware distribution  (71% detected)

Scan engine
Details
Detections

VIPRE Antivirus
Trojan.Win32.Generic
85.71%

McAfee
RDN/Generic.dx!cs3, RDN/Generic.dx!cst, Artemis!C2B7E122F495, Artemis!54C5263EF203, Artemis!BAB09D665364
71.43%

Norman
Suspicious_Gen4.FBKKT, Suspicious_Gen4.FMADJ, Suspicious_Gen4.FJISI, Suspicious_Gen4.EPSYM
71.43%

Trend Micro House Call
TROJ_GEN.R0CBC0OJE13, TROJ_GEN.F47V0924, Suspicious_GEN.F47V0816, TROJ_GEN.R047B01JT14, TROJ_SPNR.15IA13
71.43%

avast!
Win32:Malware-gen, JS:Includer-AIH [Trj], Win32:AdvertBHO-A [Trj]
71.43%

SUPERAntiSpyware
Trojan.Agent/Gen-Downloader, Trojan.Agent/Gen-VBInject, Trojan.Agent/Gen-Clicker, Trojan.Agent/Gen-FakeDefender
71.43%

Avira AntiVirus
TR/Downloader.Gen7, TR/BHO.cmco.2
71.43%

Sophos
Mal/Generic-S
71.43%

Baidu Antivirus
Trojan.JS.TrojanClicker, Trojan.Script.Generic, Trojan.JS.Clicker, Trojan.Win32.BHO
71.43%

ESET NOD32
JS/TrojanClicker.Agent.NFD, JS/TrojanClicker.Agent.NEX, JS/TrojanClicker.Agent.NFB, Win32/Adware.BHO.NKY
71.43%

Qihoo 360 Security
Win32/Trojan.Script.ed4, Script/Trojan.Clicker.964, HEUR/Malware.QVM06.Gen, Win32/Trojan.Downloader.8ec, Win32/Trojan.Clicker.a3b
71.43%

K7 AntiVirus
Spyware , Riskware
57.14%

G Data
Win32.Trojan.Agent.CD628U, Win32.Trojan.Agent.4L4JPZ, Win32.Trojan.Agent.1NVRPD, Gen:Variant.Zusy.57551
57.14%

Fortinet FortiGate
JS/TrojanClicker_Agent.NFB, JS/TrojanClicker_Agent.NFB!tr, W32/BHO.CMCO!tr
57.14%

Bkav FE
W32.Cloddd3.Trojan, W32.Clod5d7.Trojan, W32.GenericAdvert.Trojan
42.86%

The domain wanktubevideos.com has been seen to resolve to the following 2 IP addresses.

209.99.40.223
209-99-40-223.fwd.datafoundry.com
May 15, 2015

50.23.150.25
50.23.150.25-static.reverse.softlayer.com
December 22, 2013

File downloads found at URLs served by wanktubevideos.com.

17 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=YzEzMU0yODNoODE1WTM0Nko0OThKNzk=&id=22&a=vipqt888&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=eDc1MUczMThoMzIzTzYyN0IyMjNRNzAy&id=22&a=41213&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=ajIwM1YzcjkzN1c5MzBNMTNQMzkw&id=22&a=41213&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=Zzc1MUU5aDE3OEczMUsxNzhWODYx&id=22&a=38264&l=xh  (flash.exe)

15 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=dTg2N0gyODhjOTMwRjMxNUU4NzdIMzc1&id=22&a=38264&l=xh  (flash.exe)

32 / 68    (PUP)
http://wanktubevideos.com/pp.php?uu=ZDQzMUY1NTdvOTQ0TzQ1M0k4MjJIMzY5&id=22&a=geniv&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=czkyNUIxMTVxNTEyQjQ0NlU2ODZNNzI0&id=22&a=pirlotv&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=bDQ4NUUzMDFvMzc2UTc4M005MTVCMzcw&id=22&a=marlonj26&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=ZzgwNVQ2ODV1NTQxWTcwM1QxODhPMjIw&id=22&a=41213&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=ZzYwOUwyMzFnMjlRMzkxRzE4Mk80NjU=&id=22&a=41213&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=eDQ1NEoyNjVzNzI2TzkwNEo2NjhWOTM1&id=22&a=33642&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=dTkzRDE5NmU3MjhWMTg0VjQwOFQzMTc=&id=22&a=41213&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=czYzM0Y2NTNoMjBJOTQ4UjU1Mkk5MTE=&id=22&a=28326&l=xh  (flash.exe)

32 / 68    (PUP)
http://wanktubevideos.com/pp.php?uu=dTI5MlMyODBkOTI4QzMwOVc3OTNSNTQw&id=22&a=fate86&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=bzYxRDQ4MWozMzVQOTlMNDAxRjMyNA==&id=22&a=pirlotv&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=ZjU0TTc5OGY4MzlYNDkyTDExMlU1OTQ=&id=22&a=41213&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=bzU0MkkxNzBnMTY4TjkwNVAxMjlGODkz&id=22&a=41213&l=xh  (flash.exe)

3 / 68      (inconclusive)
http://wanktubevideos.com/pp.php?uu=dDYyNVk4MTZiNTA4UDk4OFo2ODlPNTI3&id=22&a=onlyu&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=ZTU2OFc5NzJ0ODE0STEzNUs1ODdZODQ4&id=22&a=38264&l=xh  (flash.exe)

15 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=bDEyM0s0NDZsMjgzUDE3OFM0ODVMMTcx&id=22&a=19028&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=bzQzOEw4NjF2MzE5VzQ3OEkzMTRBMzA2&id=22&a=41213&l=xh  (flash.exe)

15 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=ZTMxN0EzMjF4ODAzQTg4SDk2NUI4MDU=&id=22&a=25180&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=dDgzNVo2ODJkNjYzTjU5MFAyMThSNjU0&id=22&a=pirlotv&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=azEyMUI0NzV0MTQ3UzY5MUw3MTRPNTA5&id=22&a=41213&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=azYzOUUyMjNtMzA1UjgxMlA1ODVTNjM=&id=22&a=38264&l=xh  (flash.exe)

16 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=czQwNkIzNDJjODk1Qjg3M1g5OTFCMTk=&id=22&a=themyc&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=ejI5Nkc5MjhjNDg0Sjg2OUk4NzRONjY2&id=22&a=38264&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=cDUxVjYyNXY1MDJONzMxVjQ0MFkzMjI=&id=22&a=31228&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=cDI2NlAyMTFqNDMxQTM1MUg4MTBDMTUw&id=22&a=41825&l=xh  (flash.exe)

18 / 68    (Malware)
http://wanktubevideos.com/pp.php?uu=cjg3Mk4xMzJ0MTg1SjIxTTIzMkI5Nzc=&id=22&a=41213&l=xh  (flash.exe)

 
Latest 30 of 31 download URLs

The following 26 files have been seen to comunicate with wanktubevideos.com in live environments.

TCP » 209.99.40.223:80
UCBrowser.exe (by UCWeb)

TCP » 209.99.40.223:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.223:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.223:80
jingling.exe

TCP » 209.99.40.223:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.223:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.223:80
hkcmd.exe (Intel Common User Interface by Intel)

TCP » 209.99.40.223:80
online-guardian-v2.0.9.exe

TCP » 209.99.40.223:80
svcspwin.exe (WinsPop Enterprise Super V 2.0 by agir)

TCP » 209.99.40.223:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 209.99.40.223:80
ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 209.99.40.223:80
ContentSinder.exe (ContentSinder by ContentSinder Company)

TCP » 209.99.40.223:80
ContentFinder.exe (ContentFinder by ContentFinder Company)

TCP » 209.99.40.223:80
apptrailers.exe

TCP » 209.99.40.223:80
kmspico10.2.1__8174_il3.exe

TCP » 209.99.40.223:80
kmspico10.2.1__8174_il17.exe

TCP » 209.99.40.223:443
online-guardian.exe

TCP » 209.99.40.223:56666
emuletorrent.exe

TCP » 209.99.40.223:25
init.exe

TCP » 209.99.40.223:80
DTSRVC.exe (DTSRVC by Portrait Displays)

 
Latest 20 of 30 files

URL:
http://wanktubevideos.com/

Title:
“Wanktubevideos.com”

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.