www1.mediaplayernew.com

Whois Privacy Protection Service, Inc.  (Proxy Registrant)

Domain Information

The domain www1.mediaplayernew.com is registered by proxy through NAME.COM, INC. and was originally registered in November of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Kirkland, Washington within the United States which resides on the eNom, Incorporated network.
Registrar:
NAME.COM, INC.

Server location:
Washington, United States (US)

Create date:
Friday, November 16, 2012

Expires date:
Wednesday, November 16, 2016

Updated date:
Friday, March 13, 2015

ASN:
AS21740 ENOMAS1 - eNom, Incorporated,US

Root domain:

Google Safe Browsing:
malware

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.DigitalPluginSL.G, PUP.Installer.Softpulse, PUP.Tuguu.TuguuSL.Bundler (M), PUP.Softpulse.Sambamedia.Bundler (M), PUP.Softpulse.DigitalP.Bundler (M), PUP.Softpulse.Sambamed.Bundler (M), PUP.Softpulse (M)
100.00%

Sophos
SoftPulse, PUA 'SoftPulse' (of type Adware), DomainIQ pay-per install
42.86%

Antiy Labs AVL
Trojan/Win32.TSGeneric, Trojan[:HEUR]/Win32.AGeneric, GrayWare[AdWare:not-a-virus]/MSIL.DomaIQ
42.86%

herdProtect (fuzzy)
a variant of 301a0f2b51f984cc5d115bc02d4a97c0c21d1d18, a variant of 4b91759fd0eafed67cfc0449f7b57bb9965f122e
28.57%

ESET NOD32
Win32/SoftPulse.B potentially unwanted application, Win32/SoftPulse.E potentially unwanted application
28.57%

G Data
Win32.Application.SoftPulse, Gen:Variant.Application.Bundler.DomaIQ.15
28.57%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Downloader.Agent
28.57%

AVG
Generic
28.57%

Dr.Web
Adware.Downware.5055, Trojan.DownLoader11.4884
28.57%

VIPRE Antivirus
Threat.4783262, DomaIQ
28.57%

K7 AntiVirus
Unwanted-Program
28.57%

Kaspersky
HEUR:Trojan.Win32.Generic, not-a-virus:AdWare.Win32.Lollipop
28.57%

Avira AntiVirus
Adware/Softpulse.BYX, APPL/DomaIQ.Gen
28.57%

Panda Antivirus
Trj/Genetic.gen, Suspicious file
28.57%

Comodo Security
Application.Win32.Softpulse.A
14.29%

The domain www1.mediaplayernew.com has been seen to resolve to the following 5 IP addresses.

rc2.sjl01.dmtracker.com
August 11, 2015

ec2-54-186-187-58.us-west-2.compute.amazonaws.com
February 7, 2015

ec2-54-213-71-128.us-west-2.compute.amazonaws.com
February 7, 2015

ec2-54-201-153-98.us-west-2.compute.amazonaws.com
June 5, 2014

ec2-54-201-220-135.us-west-2.compute.amazonaws.com
June 5, 2014

File downloads found at URLs served by www1.mediaplayernew.com.

1 / 68      (Adware)
http://www1.mediaplayernew.com/.../Player.exe  (4e332da5c1c6cd45d2ec3e75a43840d1)

1 / 68      (Adware)
http://www1.mediaplayernew.com/.../Player.exe  (dd52b31b5e496ffa201949094c68d0e1)

1 / 68      (Adware)
http://www1.mediaplayernew.com/.../Setup.exe  (a7b7d816dff0386a44fe41cce11dd4e1)

1 / 68      (Adware)
http://www1.mediaplayernew.com/.../Player.exe  (cb90b348adb8ae7ff0d340e53b42c672)

13 / 68    (Adware)
http://www1.mediaplayernew.com/.../Player.exe  (c357c66389ae102e061a854bb7d155cb)

33 / 68    (Adware)
http://www1.mediaplayernew.com/.../Setup.exe  (547ff967d761fd37c63e02473ae47486)

9 / 68      (Adware)
http://www1.mediaplayernew.com/.../Player.exe  (b2a67d2ef8643d5475372d4398d4e62e)

The following 38 files have been seen to comunicate with www1.mediaplayernew.com in live environments.

 
Latest 20 of 50 files

URL:
http://www1.mediaplayernew.com/

Google Analytics:
UA-2249740

Title:
“Mediaplayernew.com”

Description:
“Find Cash Advance, Debt Consolidation and more at Mediaplayernew.com. Get the best of Insurance or Free Credit Report, browse our section on Cell Phones or learn about Life Insurance. Mediaplayernew.com is the site for Cash Advance.”

Web server:
Microsoft-IIS/8.5 (ASP.NET) (Version: 4.0.30319)

Facebook:
Likes:  1
Shares:  2

Statistics are for the previous month.

30 of 685 related domains