mpdotrk.com

Privacy Protection Service INC d/b/a PrivacyProtect.org  (Proxy Registrant)

Domain Information

The domain mpdotrk.com is registered by proxy through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM and was originally registered in August of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
Virginia, United States (US)

Create date:
Tuesday, August 13, 2013

Expires date:
Saturday, August 13, 2016

Updated date:
Monday, July 27, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc., US

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Systweak.TUNEUPPR.Installer.Meta (L), PUP.VASSANAKONGSOONGNERN.Q, PUP.Tuguu.Payments.Bundler (M), PUP.Softpulse.VolvanPr.Bundler (M), PUP.Softpulse.Softforc.Bundler (M), PUP.Outbrowse.Bundler (M), PUP.Softpulse.DigitalP.Bundler (M), PUP.Air Software.Installe.Installer (M), PUP.NewMedia.NMH.Bundler (M), PUP.Adknowledge.InstallM.Installer (M), PUP.Softpulse.PluginUp.Bundler (M), PUP.Bundlore (M), PUP.Tuguu (M), PUP.Outbrowse (M), PUP.Softpulse (M)
100.00%

K7 Gateway Antivirus
Adware
4.55%

K7 AntiVirus
Adware
4.55%

Kaspersky
not-a-virus:AdWare.NSIS.Yontoo
4.55%

Dr.Web
Adware.Downware.8319
4.55%

VIPRE Antivirus
CoolMirage Ltd
4.55%

Sophos
CoolMirage, Generic PUA HF
4.55%

Antiy Labs AVL
GrayWare[AdWare:not-a-virus]/NSIS.Yontoo.n
4.55%

G Data
NSIS.Application.Adload
4.55%

ESET NOD32
NSIS/TrojanDownloader.Adload.AA
4.55%

AVG
Generic
4.55%

Panda Antivirus
Generic Suspicious
4.55%

Trend Micro House Call
Suspicious_GEN.F47V0105
2.27%

McAfee Web Gateway
Artemis
2.27%

Avira AntiVirus
TR/Dldr.Adload.65536
2.27%

The domain mpdotrk.com has been seen to resolve to the following 52 IP addresses.

ec2-52-44-138-92.compute-1.amazonaws.com
September 15, 2016

ec2-54-165-134-147.compute-1.amazonaws.com
September 15, 2016

ec2-54-87-58-141.compute-1.amazonaws.com
August 25, 2016

ec2-52-72-138-194.compute-1.amazonaws.com
August 25, 2016

ec2-52-3-85-44.compute-1.amazonaws.com
August 16, 2016

ec2-52-204-140-191.compute-1.amazonaws.com
August 16, 2016

ec2-54-236-123-241.compute-1.amazonaws.com
August 14, 2016

ec2-52-204-213-80.compute-1.amazonaws.com
August 14, 2016

ec2-52-200-98-6.compute-1.amazonaws.com
July 15, 2016

ec2-54-210-33-56.compute-1.amazonaws.com
July 15, 2016

ec2-52-21-30-31.compute-1.amazonaws.com
July 14, 2016

ec2-52-202-230-55.compute-1.amazonaws.com
July 14, 2016

ec2-52-203-76-115.compute-1.amazonaws.com
June 25, 2016

ec2-52-202-150-246.compute-1.amazonaws.com
June 25, 2016

ec2-54-210-47-92.compute-1.amazonaws.com
June 18, 2016

ec2-54-84-26-40.compute-1.amazonaws.com
June 18, 2016

ec2-52-200-194-25.compute-1.amazonaws.com
June 6, 2016

ec2-52-202-120-141.compute-1.amazonaws.com
June 6, 2016

ec2-52-201-145-33.compute-1.amazonaws.com
May 16, 2016

ec2-54-210-26-119.compute-1.amazonaws.com
May 16, 2016

ec2-54-174-26-236.compute-1.amazonaws.com
May 15, 2016

ec2-54-209-151-196.compute-1.amazonaws.com
May 15, 2016

ec2-52-86-224-192.compute-1.amazonaws.com
April 20, 2016

ec2-52-22-126-237.compute-1.amazonaws.com
April 20, 2016

ec2-52-70-74-209.compute-1.amazonaws.com
April 12, 2016

ec2-52-86-39-102.compute-1.amazonaws.com
April 12, 2016

ec2-52-22-223-79.compute-1.amazonaws.com
April 4, 2016

ec2-52-200-2-168.compute-1.amazonaws.com
April 4, 2016

ec2-52-3-205-144.compute-1.amazonaws.com
April 2, 2016

ec2-52-3-14-31.compute-1.amazonaws.com
March 2, 2016

 
Showing 30 of 52 IP Addresses

File downloads found at URLs served by mpdotrk.com.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

18 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

12 / 68    (Adware)

12 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

12 / 68    (Adware)

1 / 68      (Adware)

12 / 68    (Adware)

12 / 68    (Adware)

12 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

The following 4 files have been seen to comunicate with mpdotrk.com in live environments.

URL:
http://mpdotrk.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

SSL certificate subject:
CN=pixeltrack66.com, OU=COMODO SSL Unified Communications, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
nginx/1.8.1

Facebook:
Shares:  1

Statistics above are for the previous month of September 2017.