home

watchforfree.myrapid-softupgradesyzs.com

Fundacion Private Whois  (Proxy Registrant)

Domain Information

The domain watchforfree.myrapid-softupgradesyzs.com is registered by proxy through INTERNET.BS CORP. and was originally registered in January of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
INTERNET.BS CORP.

Server location:
Virginia, United States (US)

Create date:
Thursday, January 30, 2014

Expires date:
Friday, January 30, 2015

Updated date:
Thursday, January 30, 2014

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.

Root domain:
myrapid-softupgradesyzs.com

Whois:
1 myrapid-softupgradesyzs.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
DownloadManager.AirSoftware.F, DownloadManager.AirSoftware.T, PUP.Air Software.AirSoftware.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M)
100.00%

Malwarebytes
PUP.Optional.AirAdInstaller, PUP.Optional.AirInstaller
75.00%

avast!
Win32:PUP-gen [PUP], Win32:Adware-gen [Adw]
75.00%

Agnitum Outpost
PUA.AirAdInstaller
75.00%

Comodo Security
Application.Win32.AirAdInstaller.B
75.00%

Dr.Web
Trojan.SMSSend.4902, Trojan.SMSSend.4953, Trojan.SMSSend.4722
75.00%

VIPRE Antivirus
Iminent, Threat.4150696, AirInstaller
75.00%

Sophos
AirInstaller
75.00%

AhnLab V3 Security
PUP/Win32.AirAdInstaller, Adware/Win32.AirAdInstaller
75.00%

Rising Antivirus
PE:PUF.Airinstall!1.9C4C
75.00%

Kaspersky
not-a-virus:AdWare.Win32.AirAdInstaller
75.00%

SUPERAntiSpyware
Adware.AirAdInstaller, Adware.AirInstaller/Variant
75.00%

Avira AntiVirus
ADWARE/Adware.Gen, Adware/AgentCV.A.6255, ADWARE/Adware.Gen7
75.00%

Vba32 AntiVirus
AdWare.AirAdInstaller
75.00%

IKARUS anti.virus
Win32.AdWare, Win32.SuspectCrc, PUA.AirAdInstaller
75.00%

The domain watchforfree.myrapid-softupgradesyzs.com has been seen to resolve to the following 3 IP addresses.

69.43.160.166
September 27, 2014

208.43.10.6
208.43.10.6-static.reverse.softlayer.com
August 13, 2014

184.73.247.179
ec2-184-73-247-179.compute-1.amazonaws.com
August 13, 2014

File downloads found at URLs served by watchforfree.myrapid-softupgradesyzs.com.

1 / 68      (Adware)
http://watchforfree.myrapid-softupgradesyzs.com/AIRmediaplayerupdatenew5US.html  (media player update.exe)

39 / 68    (Adware)
http://watchforfree.myrapid-softupgradesyzs.com/AIRmediaplayerupdatenew1US.html  (media player update.exe)

28 / 68    (Adware)
http://watchforfree.myrapid-softupgradesyzs.com/AIRmediaplayerupdatenew5US.html  (media player update.exe)

34 / 68    (Adware)
http://watchforfree.myrapid-softupgradesyzs.com/AIRmediaplayercpaIT.html  (setup.exe)

URL:
http://watchforfree.myrapid-softupgradesyzs.com/

Google Analytics:
UA-48689684

Title:
“myrapid-softupgradesyzs.com”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx

1337xproxy.in

1clickdownloader.com

1dschool.com

1flymusic.com

1freesoftwareonline.com

215115638.com

360adstrack.com

4god.biz

4shared.net

55tjk.com

acidco.net

adexprt.me

adjalauto.com

adsclever.com

adsobject.com

adsservingowl.biz

adtrkx.com

africa-2010.com

agamefix.com

aiprosoft.com

alawar.it

all-baza.com

alwayswindcat.com

aminst.net

angelijah.com

angelijah.net

antivirus-gratuit.pro

anyras.com

app-mak.com

appapia.com

30 of 618 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.