d5.mp3rocket.com

MP3 Rocket Inc

Domain Information

The domain d5.mp3rocket.com registered by MP3 Rocket Inc was initially registered in June of 2003 through REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the iWeb Technologies Inc. network.
Registrar:
REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER

Server location:
Quebec, Canada (CA)

Create date:
Tuesday, June 10, 2003

Expires date:
Thursday, June 10, 2021

Updated date:
Thursday, February 16, 2012

ASN:
AS32613 IWEB-AS - iWeb Technologies Inc.,CA

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MP3Support.J, PUP.MP3Support.O, PUP.Installer.OpenCandy.J, PUP.Installer.MP3Support.J, PUP.Optional.Installer.SCCE, Threat.Installer.SCCE, PUP.installCore.MP3TechSupport.Installer (M), Win32.Generic.SCCE.Installer.Meta
97.92%

ESET NOD32
Win32/Bundled.Toolbar.Ask (variant), Win32/OpenCandy (variant), Win32/InstallCore.PL (variant), Win32/InstallCore.PQ (variant), Win32/OpenCandy.A potentially unsafe (variant), Win32/OpenCandy.E potentially unsafe (variant)
81.25%

Baidu Antivirus
Adware.Win32.InstallCore, Adware.Win32.OpenCandy
68.75%

Dr.Web
Adware.Downware.1417, Adware.OpenCandy.139, Adware.OpenCandy.144, Adware.OpenCandy.163, Adware.OpenCandy.171
66.67%

K7 Gateway Antivirus
Unwanted-Program
64.58%

K7 AntiVirus
Unwanted-Program
64.58%

Zillya! Antivirus
Downloader.Agent.Win32.248040, Downloader.Agent.Win32.260269, Trojan.Kryptik.Win32.805012
60.42%

Trend Micro House Call
TROJ_GEN.F47V1119, HV_ZYX_BG250134.TOMC, Suspicious_GEN.F47V0116, Suspicious_GEN.F47V0413, Suspicious_GEN.F47V0415, Suspicious_GEN.F47V0429
56.25%

McAfee
Artemis!ACC7CAA5F5E5, Artemis!DDC73152F455, Artemis!EF317EE22806, Artemis!B124DE6B6AD1, Artemis!6321344358BB, Artemis!53E805F9835E, Artemis!57972EA1C2B2, Artemis!C1B40E9E46B5, Artemis!D8C15DE6EE7A, Artemis!31D2AE687345
56.25%

Fortinet FortiGate
Riskware/InstallCore, Riskware/OpenCandy
56.25%

VIPRE Antivirus
Opencandy, Trojan.Win32.Generic
56.25%

McAfee Web Gateway
Artemis, Artemis!PUP, BehavesLike.Win32.AdwareAmonetize.tc, BehavesLike.Win32.PWSZbot.tc, BehavesLike.Win32.PUP.tc
52.08%

Sophos
Generic PUA NJ, Generic PUA HF, Generic PUA DD, Generic PUA JB
50.00%

Agnitum Outpost
Riskware.Agent
50.00%

AVG
Generic
47.92%

The domain d5.mp3rocket.com has been seen to resolve to the following 4 IP addresses.

August 30, 2016

February 4, 2016

June 30, 2015

March 28, 2014

File downloads found at URLs served by d5.mp3rocket.com.

23 / 68    (PUP)

21 / 68    (Adware)
http://d5.mp3rocket.com/.../mp3rocket.exe  (57972ea1c2b2c5196b7a577325ce721c)

URL:
http://d5.mp3rocket.com/

Title:
“MP3 Rocket Download YouTube to mp3 conversion done right”

Description:
“MP3 Rocket is dedicated to collecting the most popular music, videos, and MP3s. The best top music :) Home”

Web server:
Apache/2.4.18 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4