www.getmplayer.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain www.getmplayer.com is registered by proxy through GODADDY.COM, LLC and was originally registered in October of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Victoria, Australia (AU)

Create date:
Monday, October 26, 2015

Expires date:
Wednesday, October 26, 2016

Updated date:
Monday, October 26, 2015

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited, AU

Root domain:

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.TUGUUSL.F, PUP.Installer.TuguuSL.F, PUP.Installer.DIGITALPLUGINSL.F, PUP.Tuguu.Bundler (M), PUP.Tuguu.TuguuSL.Bundler (M), PUP.AdGazelle.ClickYes.Installer (M), PUP.Yontoo.InstallVibes.Installer (M), PUP.Softpulse.DIGITALPLUGINSL.Bundler (M), PUP.Softpulse.DigitalPlugin.Bundler (M), PUP.Outbrowse.Bundler (M), PUP.Softpulse.DigitalP.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.Softpulse.DIGITALP.Bundler (M), PUP.Softpulse.Appsecur.Bundler (M), PUP.Air Software.Download.Bundler (M), Win32.Generic
94.87%

McAfee
Adware-DomaIQ!0BB7ACB81211, PUP-FJP!A7B6F2064873, CryptDomaIQ, Artemis!ED8513690F80
10.26%

K7 Gateway Antivirus
Unwanted-Program , Trojan
10.26%

K7 AntiVirus
Unwanted-Program , Trojan
10.26%

Malwarebytes
PUP.Optional.DomalQ, PUP.Optional.DomaIQ, PUP.Optional.Media
7.69%

Agnitum Outpost
PUA.Lollipop, PUA.DomaIQ, PUA.Downloader
7.69%

avast!
Win32:DomaIQ-T [PUP], DomaIQ-CC [PUP], Win32:SoftPulse-R [PUP]
7.69%

Dr.Web
Adware.Downware.2479, Adware.Downware.3952, Trojan.Packed.26956
7.69%

VIPRE Antivirus
DomaIQ, Threat.4783235, Threat.4150696
7.69%

Avira AntiVirus
APPL/DomaIQ.A.10, APPL/DomaIQ.Gen, APPL/Downloader.Gen
7.69%

McAfee Web Gateway
Adware-DomaIQ!0BB7ACB81211, PUP-FJP!A7B6F2064873, Artemis
7.69%

Sophos
DomainIQ pay-per install, SoftPulse
7.69%

Antiy Labs AVL
GrayWare[AdWare:not-a-virus]/Win32.Lollipop, GrayWare[AdWare:not-a-virus]/MSIL.DomaIQ, RiskWare[Downloader:not-a-virus]/Win32.Agent
7.69%

AVG
DomaIQ, Generic
7.69%

Panda Antivirus
PUP/MultiToolbar.A, Trj/Genetic.gen
7.69%

The domain www.getmplayer.com has been seen to resolve to the following 12 IP addresses.

ip-50-62-63-45.ip.secureserver.net
July 24, 2016

lb-212-252.above.com
May 17, 2016

ip-97-74-37-230.ip.secureserver.net
April 3, 2016

February 9, 2016

ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
January 6, 2016

ec2-54-186-83-158.us-west-2.compute.amazonaws.com
August 28, 2014

ec2-54-244-30-115.us-west-2.compute.amazonaws.com
August 28, 2014

ec2-54-201-9-67.us-west-2.compute.amazonaws.com
April 14, 2014

ec2-54-201-153-98.us-west-2.compute.amazonaws.com
April 14, 2014

ec2-54-201-189-9.us-west-2.compute.amazonaws.com
April 14, 2014

ec2-54-218-30-251.us-west-2.compute.amazonaws.com
April 14, 2014

ec2-54-200-4-93.us-west-2.compute.amazonaws.com
April 14, 2014

File downloads found at URLs served by www.getmplayer.com.

1 / 68      (PUP)
http://www.getmplayer.com/.../Setup.exe  (004f9c15fcfba4e39f4d95fd8e9d213f)

The following 218 files have been seen to comunicate with www.getmplayer.com in live environments.

TCP » 54.72.9.51:80

 
Latest 20 of 222 files

URL:
http://www.getmplayer.com/

Google Analytics:
UA-892232

Title:
“Jason Hope's unfinished 100,000 sq ft Silverleaf mansion for sale (Scottsdale: real estate, 2014) - Phoenix area - Arizona (AZ) - City-Data Forum”

Description:
“Heard about this mansion a few years ago and thought it would never be built. Wonder what new legal troubles are brewing for that guy. I'm just glad”

Web server:
Apache

Facebook:
Likes:  1
Shares:  3

Statistics are for the previous month.