home

www.gameranger.com

GameRanger Technologies

Domain Information

The domain www.gameranger.com registered by GameRanger Technologies was initially registered in September of 1998 through Moniker Online Services. Currently this domain has been known to host various forms of malware. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
Moniker Online Services

Server location:
Texas, United States (US)

Create date:
Wednesday, September 16, 1998

Expires date:
Thursday, September 15, 2016

Updated date:
Wednesday, December 16, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US

Root domain:
gameranger.com

Whois:
3 gameranger.com records

Scanner detections:
Malware distribution  (63% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/Virut.NBP virus, Win32/Sality.NBA virus
100.00%

avast!
Win32:Virtu-A, Win32:Sality, Win32:Neshta, Win32:SaliCode, Win32:Kukacka
95.24%

F-Prot
W32/Virut.AL!Generic, W32/Sality.gen2, W32/HLLP.41472, W32/Sality.E.gen, W32/Virut.E.gen
90.48%

Microsoft Security Essentials
Threat.Undefined, Virus:Win32/Neshta.A
90.48%

Dr.Web
Win32.Virut.56, Win32.Sector.30, Win32.HLLP.Neshta, Win32.Sector.22, Win32.Sector.21
80.95%

Emsisoft Anti-Malware
Win32.Virtob.Gen.12, Win32.Sality, Virus.Win32.Neshta!IK
71.43%

Norman
Virut.HL, Win32.Sality.3, W32/Neshta.N
71.43%

Kaspersky
Virus.Win32.Virut, Virus.Win32.Sality
66.67%

AVG
Win32/Virut, Win32/Sality, Worm/Delf
66.67%

McAfee
W32/Virut.n.gen, Virus.W32/Sality.gen.z, W32/HLLP.41472.e
61.90%

VIPRE Antivirus
Threat.4737366, Threat.4758034, Virus.Win32.Neshta.a, Threat.4721115
42.86%

F-Secure
Win32.Sality.3
42.86%

Bkav FE
W32.Cloddd0.Trojan, W32.Vetor.PE, W32.Sality.PE
14.29%

Avira AntiVirus
W32/Virut.Gen, W32/Sality.AT, W32/Neshta.a
14.29%

nProtect
Virus/W32.Virut.Gen, Win32.Sality.3, Virus/W32.Neshta
14.29%

The domain www.gameranger.com has been seen to resolve to the following 2 IP addresses.

173.193.187.84
www.gameranger.com
February 8, 2016

174.36.111.184
www.gameranger.com
August 2, 2013

File downloads found at URLs served by www.gameranger.com.

0 / 68
https://www.gameranger.com/.../GameRangerSetup.exe  (4715fb3a5a6beaf80be489551109833b)

0 / 68
http://www.gameranger.com/.../GameRangerSetup.exe  (7fa5a5dc6c7b396efaaf092e0998df4f)

0 / 68
http://www.gameranger.com/.../GameRanger.dmg  (0f3223102fc09eed642a18ca26e53084)

The following file have been seen to comunicate with www.gameranger.com in live environments.

TCP » 173.193.187.84:80
UCBrowser.exe (UC Browser by UCWeb)

URL:
http://www.gameranger.com/

Title:
“GameRanger - play your friends online”

SSL certificate subject:
CN=www.gameranger.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)15, OU=GT56602288

SSL certificate issuer:
CN=RapidSSL SHA256 CA - G3, O=GeoTrust Inc., C=US

Web server:
nginx

Facebook:
Likes:  2,069
Shares:  12,617
Comments:  6,978

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.