app.gomlab.com
Gretech Corp.
Domain Information
The domain app.gomlab.com registered by Gretech Corp. was initially registered in January of 2008 through GABIA, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Seattle, Washington within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Server location:
Washington, United States (US)
Create date:
Tuesday, January 22, 2008
Expires date:
Sunday, January 22, 2017
Updated date:
Monday, December 7, 2015
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Scanner detections:
Detections (86% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.GRETECH.GretechC.Installer.Meta (L), PUP.Gretech.GretechC.Installer.Meta (L), PUP.Gretech (L)
97.67%
Emsisoft Anti-Malware
Worm.Generic.384701
2.33%
G Data
Win32.Worm.Netsky
2.33%
The domain app.gomlab.com has been seen to resolve to the following 463 IP addresses.
server-52-85-142-234.iad12.r.cloudfront.net
September 15, 2016
server-52-85-142-138.iad12.r.cloudfront.net
September 15, 2016
server-52-85-142-87.iad12.r.cloudfront.net
September 15, 2016
server-52-85-142-46.iad12.r.cloudfront.net
September 15, 2016
server-52-85-142-254.iad12.r.cloudfront.net
September 15, 2016
server-52-85-142-244.iad12.r.cloudfront.net
September 15, 2016
server-52-85-147-202.iad12.r.cloudfront.net
September 2, 2016
server-52-85-147-146.iad12.r.cloudfront.net
September 2, 2016
server-52-85-147-118.iad12.r.cloudfront.net
September 2, 2016
server-52-85-147-87.iad12.r.cloudfront.net
September 2, 2016
server-52-85-147-70.iad12.r.cloudfront.net
September 2, 2016
server-52-85-147-65.iad12.r.cloudfront.net
September 2, 2016
server-52-85-147-58.iad12.r.cloudfront.net
September 2, 2016
server-52-85-147-215.iad12.r.cloudfront.net
September 2, 2016
server-52-85-147-75.iad12.r.cloudfront.net
August 30, 2016
server-52-85-147-18.iad12.r.cloudfront.net
August 30, 2016
server-52-85-147-115.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-48.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-45.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-22.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-246.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-241.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-206.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-142.iad12.r.cloudfront.net
August 27, 2016
server-52-84-127-223.iad16.r.cloudfront.net
August 27, 2016
server-52-84-127-200.iad16.r.cloudfront.net
August 27, 2016
server-52-84-127-162.iad16.r.cloudfront.net
August 27, 2016
server-52-84-127-121.iad16.r.cloudfront.net
August 27, 2016
server-52-84-127-80.iad16.r.cloudfront.net
August 27, 2016
server-52-84-127-79.iad16.r.cloudfront.net
August 27, 2016
Showing 30 of 463 IP Addresses
File downloads found at URLs served by app.gomlab.com.
The following 265 files have been seen to comunicate with app.gomlab.com in live environments.
URL:
http://app.gomlab.com/
Network:
Amazon Cloudfront
SSL certificate subject:
CN=*.gomlab.com, OU=Development Team, O=Gretech Corp., L=Gangnam-gu, S=Seoul, C=KR
SSL certificate issuer:
CN=thawte SSL CA - G2, O="thawte, Inc.", C=US
