home

files4.getgimp.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain files4.getgimp.com is registered by proxy through GODADDY.COM, LLC and was originally registered in September of 2010. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Wednesday, September 22, 2010

Expires date:
Thursday, September 22, 2016

Updated date:
Wednesday, September 23, 2015

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Root domain:
getgimp.com

Whois:
3 getgimp.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.DownloadAdmin.K, PUP.DownloadAdmin.Bundler.Installer.Meta (M)
90.00%

VIPRE Antivirus
DownloadAdmin, Threat.4783369
25.00%

NANO AntiVirus
Riskware.Win32.Downware.crgjbr, Trojan.Win32.Downware.crgjbr
25.00%

Sophos
Download Admin
25.00%

Dr.Web
Adware.Downware.2220, Adware.Downware.411
25.00%

Malwarebytes
PUP.Optional.DownloadAdmin
20.00%

Comodo Security
Application.Win32.DownloadAdmin.TTK
15.00%

ESET NOD32
Win32/DownloadAdmin
15.00%

herdProtect (fuzzy)
a variant of b285913c2bf0813aee44fa6899961b3d37089961, a variant of 6d6f6b747bad9b3188905dde13a93356816f7da0, a variant of cacaf219425f86d5abc5f8439c35d96304d2a659
15.00%

ESET NOD32
Win32/DownloadAdmin.G potentially unwanted application
10.00%

Clam AntiVirus
Win.Adware.Agent-6650
5.00%

Trend Micro House Call
HV_DOWNLOADADMIN_CI193ECF.RDXN
5.00%

F-Secure
Adware:W32/WebInstallBundle
5.00%

Avira AntiVirus
ADWARE/Adware.Gen9
5.00%

avast!
Adware-OH [Adw]
5.00%

The domain files4.getgimp.com has been seen to resolve to the following 23 IP addresses.

104.112.235.19
a104-112-235-19.deploy.static.akamaitechnologies.com
August 29, 2016

104.96.220.233
a104-96-220-233.deploy.static.akamaitechnologies.com
August 29, 2016

23.0.160.88
a23-0-160-88.deploy.static.akamaitechnologies.com
February 29, 2016

23.0.160.98
a23-0-160-98.deploy.static.akamaitechnologies.com
February 29, 2016

23.67.243.59
a23-67-243-59.deploy.static.akamaitechnologies.com
May 4, 2015

23.15.7.120
a23-15-7-120.deploy.static.akamaitechnologies.com
December 7, 2014

23.15.7.105
a23-15-7-105.deploy.static.akamaitechnologies.com
December 7, 2014

23.62.6.66
a23-62-6-66.deploy.static.akamaitechnologies.com
December 1, 2014

23.62.6.59
a23-62-6-59.deploy.static.akamaitechnologies.com
December 1, 2014

23.0.160.74
a23-0-160-74.deploy.static.akamaitechnologies.com
September 5, 2014

23.0.160.65
a23-0-160-65.deploy.static.akamaitechnologies.com
September 5, 2014

184.51.126.56
a184-51-126-56.deploy.static.akamaitechnologies.com
September 5, 2014

184.51.126.32
a184-51-126-32.deploy.static.akamaitechnologies.com
September 5, 2014

23.62.7.33
a23-62-7-33.deploy.static.akamaitechnologies.com
September 4, 2014

23.62.7.9
a23-62-7-9.deploy.static.akamaitechnologies.com
September 4, 2014

23.67.250.104
a23-67-250-104.deploy.static.akamaitechnologies.com
May 31, 2014

23.67.250.112
a23-67-250-112.deploy.static.akamaitechnologies.com
May 31, 2014

63.88.100.152
May 1, 2014

63.88.100.147
May 1, 2014

23.67.242.115
a23-67-242-115.deploy.static.akamaitechnologies.com
April 11, 2014

23.67.242.120
a23-67-242-120.deploy.static.akamaitechnologies.com
April 11, 2014

23.67.243.24
a23-67-243-24.deploy.static.akamaitechnologies.com
April 11, 2014

23.67.243.19
April 11, 2014

File downloads found at URLs served by files4.getgimp.com.

10 / 68    (PUP)
http://files4.getgimp.com/download?s=SEO&c=getgimp&brand=getgimp&pid=TR&bc=6558&country=US&cb=1253542046  (gimp-setup.exe)

1 / 68      (PUP)
http://files4.getgimp.com/download/.../dl?s=SEO&c=getgimp&brand=getgimp&pid=TR&bc=6558&country=GB&cb=1117425483  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_US_Phrase&brand=getgimp&pid=TR&bc=6542&country=US&cb=-970150912  (gimp-setup.exe)

1 / 68      (PUP)
http://files4.getgimp.com/download?s=google&c=getgimp&brand=getgimp&pid=TR&bc=4769&country=GB&cb=-421192105  (gimp-setup.exe)

8 / 68      (PUP)
http://files4.getgimp.com/download/.../dl?s=SEO&c=getgimp&brand=getgimp&pid=TR&bc=6558&country=US&cb=1943652878  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_US_Broad&brand=getgimp&pid=TR&bc=6542&country=US&cb=977634514  (gimp-setup.exe)

9 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_US_Broad&brand=getgimp&pid=TR&bc=6542&country=US&cb=1249757474  (gimp-setup.exe)

1 / 68      (PUP)
http://files4.getgimp.com/download?s=google&c=getgimp&brand=getgimp&pid=TR&bc=4769&country=GB&cb=321082105  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_US_Broad&brand=getgimp&pid=TR&bc=6542&country=US&cb=1773640040  (gimp-setup.exe)

1 / 68      (PUP)
http://files4.getgimp.com/download/.../dl?s=SEO&c=getgimp&brand=getgimp&pid=TR&bc=6558&country=US&cb=1359552769  (gimp-setup.exe)

1 / 68      (PUP)
http://files4.getgimp.com/download/.../dl?s=google&c=getgimp&brand=getgimp&pid=TR&bc=6542&country=US&cb=534158499  (gimp-setup.exe)

1 / 68      (PUP)
http://files4.getgimp.com/download/.../dl?s=SEO&c=getgimp&brand=getgimp&pid=TR&bc=6558&country=GB&cb=-1334659382  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_UK_Phrase&brand=getgimp&pid=TR&bc=4769&country=GB&cb=-1528795272  (gimp-setup.exe)

8 / 68      (PUP)
http://files4.getgimp.com/download/.../dl?s=SEO&c=getgimp&brand=getgimp&pid=TR&bc=6558&country=US&cb=1976400808  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_ROW_Exact&brand=getgimp&pid=TR&bc=4769&country=IL&cb=-183238422  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_US_Broad&brand=getgimp&pid=TR&bc=6542&country=US&cb=-1367590581  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_US_Phrase&brand=getgimp&pid=TR&bc=6542&country=US&cb=1631136485  (gimp-setup.exe)

8 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_US_Broad&variation=control2&brand=getgimp&pid=TR&bc=6542&country=US&cb=-1892227837  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_US_Phrase&brand=getgimp&pid=TR&bc=6542&country=US&cb=-545737335  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_US_Broad&variation=ybo&brand=getgimp&pid=TR&bc=6542&country=US&cb=-194229854  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_UK_Exact&brand=getgimp&pid=TR&bc=4769&country=GB&cb=-194934785  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=getgimp&brand=getgimp&pid=TR&bc=4769&country=GB&cb=293126182  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_US_Phrase&brand=getgimp&pid=TR&bc=6542&country=US&cb=-244328929  (gimp-setup.exe)

8 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_US_Broad&variation=control&brand=getgimp&pid=TR&bc=6542&country=US&cb=1592143075  (gimp-setup.exe)

8 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_US_Broad&variation=control&brand=getgimp&pid=TR&bc=6542&country=US&cb=-560674227  (gimp-setup.exe)

1 / 68      (Adware)
http://files4.getgimp.com/download/.../dl?s=google&c=Getgimp_ROW_Exact&brand=getgimp&pid=TR&bc=4769&country=IL&cb=88247480  (gimp-setup.exe)

The following 434 files have been seen to comunicate with files4.getgimp.com in live environments.

TCP » 104.112.235.19:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 184.51.126.56:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.56:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 23.15.7.105:80
whatsapptime.exe

TCP » 104.112.235.19:443
browser.exe (Browser)

TCP » 184.51.126.32:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.56:80
browser.exe (Speed Browser by Smart Applications)

TCP » 23.67.250.112:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 23.15.7.105:80
browser.exe (Browser)

TCP » 23.15.7.120:80
browser.exe (Browser)

TCP » 184.51.126.32:443
dailywiki.exe

TCP » 184.51.126.56:80
Weather.exe (WeatherBug Desktop by AWS Convergence Technologies)

TCP » 104.112.235.19:80
bkkcggnfceffbniddanpoeeacgkmgnal.crx

TCP » 104.96.220.233:80
updatebuzzsearch.exe

TCP » 184.51.126.32:80
PastaLeadsService.exe (PastaLeadsService)

TCP » 184.51.126.32:80
kdompfkmgahepamkcopabhgippnigpij.crx

TCP » 184.51.126.32:80
kdompfkmgahepamkcopabhgippnigpij.crx

TCP » 184.51.126.56:80
dheaaopifmmgglpijealphadgejcjfhb.crx

TCP » 184.51.126.56:80
pbpjplgmaeigbnpadeajipebdlihpcfn.crx

TCP » 184.51.126.56:80
mhjhhhoiplfiaklkaemnabohibheahhb.crx

 
Latest 20 of 445 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.