home

clres.getthegun.com

Super Privacy Service c/o Dynadot

Domain Information

The domain clres.getthegun.com registered by Super Privacy Service c/o Dynadot was initially registered in March of 2015 through DYNADOT, LLC. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.
Registrar:
DYNADOT, LLC

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Wednesday, March 11, 2015

Expires date:
Saturday, March 11, 2017

Updated date:
Friday, March 11, 2016

ASN:
AS60781 LEASEWEB-NL LeaseWeb B.V.,NL

Root domain:
getthegun.com

Whois:
2 getthegun.com records

The domain clres.getthegun.com has been seen to resolve to the following 2 IP addresses.

94.75.238.25
June 28, 2016

94.75.238.55
mail.fragoria.com
July 26, 2015

File downloads found at URLs served by clres.getthegun.com.

0 / 68
https://clres.getthegun.com/.../setup.exe  (ef667a56a249e7a27a42db31f1418691)

1 / 68      (PUP)
https://clres.getthegun.com/.../setup.exe  (922b927c538973be6645afe588fffd01)

2 / 68      (inconclusive)
https://clres.getthegun.com/.../setup.exe  (683c8a9cc134700221651008265534a2)

2 / 68      (false positives)
https://clres.getthegun.com/.../setup.exe  (wrar420.exe)

1 / 68      (Adware)
https://clres.getthegun.com/.../setup.exe  (0709a6a7daca0d36ac02831a7f599406)

1 / 68      (PUP)
https://clres.getthegun.com/.../setup.exe  (163ad48f044a878dc41a7e40a2c9f7fc)

0 / 68
https://clres.getthegun.com/.../setup.exe  (vlc-2.1.3-win32.exe)

0 / 68
https://clres.getthegun.com/.../setup.exe  (6f8280fd59942fc37de8d525662736e8)

1 / 68      (PUP)
https://clres.getthegun.com/.../setup.exe  (4fdcf8fdd900e145ffc1e1f4f358922b)

0 / 68
https://clres.getthegun.com/.../setup.exe  (d146fd92b987432d53c923ec668a2c4b)

2 / 68
https://clres.getthegun.com/.../setup.exe  (ebcd9da1d1c65bf53afbbcc0ad043fdc)

0 / 68
https://clres.getthegun.com/.../setup.exe  (ef15a2b20a560e521b910706495642b8)

0 / 68
https://clres.getthegun.com/.../setup.exe  (ff5602fc604b5e86c8a94883ed30565d)

0 / 68
https://clres.getthegun.com/.../setup.exe  (fb2fdcf903cc060a6d4880965a326ac3)

0 / 68
https://clres.getthegun.com/.../setup.exe  (13ecb7480caff811bc0d9f02a3d1a6e3)

0 / 68
https://clres.getthegun.com/.../setup.exe  (857e66de5e3fbcdac7da541b61ea6556)

The following 2 files have been seen to comunicate with clres.getthegun.com in live environments.

TCP » 94.75.238.25:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 94.75.238.25:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 94.75.238.25:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 94.75.238.25:443
UCBrowser.exe (UC Browser by UCWeb)

URL:
http://clres.getthegun.com/

SSL certificate subject:
CN=*.getthegun.com, OU=Domain Control Validated

SSL certificate issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."

Web server:
nginx/1.4.1

fragoria.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.