home

s1.xiguaplayer.com.prx.proxyunblocker.org

WhoisGuard, Inc.  (Proxy Registrant)

Domain Information

The domain s1.xiguaplayer.com.prx.proxyunblocker.org is registered by proxy through eNom, Inc.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in San Francisco, California within the United States which resides on the Digital Ocean, Inc. network.
Registrar:
eNom, Inc.

Server location:
California, United States (US)

ASN:
AS14061 DIGITALOCEAN-ASN - Digital Ocean, Inc.,US

Root domain:
proxyunblocker.org

Whois:
1 proxyunblocker.org record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

McAfee
Artemis!8E39BE78CF46
100.00%

Trend Micro House Call
Suspicious_GEN.F47V1218
100.00%

VIPRE Antivirus
Trojan.Win32.Generic
100.00%

Vba32 AntiVirus
SScope.Trojan.PWS.22627
100.00%

ESET NOD32
Win32/FlyStudio.Packed.AD (variant)
100.00%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
100.00%

IKARUS anti.virus
Trojan.Win32.Antavmu
100.00%

AVG
Suining
100.00%

Reason Heuristics
PUP.SuiningQixiAdvertisingMediaCo.O
100.00%

The domain s1.xiguaplayer.com.prx.proxyunblocker.org has been seen to resolve to the following 2 IP addresses.

107.170.252.86
February 21, 2016

162.243.18.165
February 21, 2016

File downloads found at URLs served by s1.xiguaplayer.com.prx.proxyunblocker.org.

9 / 68      (PUP)
http://s1.xiguaplayer.com.prx.proxyunblocker.org/xigua_Install.exe  (xigua_2_12_0_5.exe)

URL:
http://s1.xiguaplayer.com.prx.proxyunblocker.org/

Title:
“Robot-free zone”

proxywebsite.co.uk

teleport.to

torrentunblock.com

unblocksit.es

unblocksites.co

websiteproxy.co.uk

zazor.org

webanonymizer.org

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.