home

www.safeholly.me

WhoisGuard, Inc.  (Proxy Registrant)

Domain Information

The domain www.safeholly.me is registered by proxy through NameCheap, Inc.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beauharnois, Quebec within Canada which resides on the OVH Hosting, Inc. network.
Registrar:
NameCheap, Inc.

Server location:
Quebec, Canada (CA)

ASN:
AS16276 OVH OVH SAS,FR

Root domain:
safeholly.me

Whois:
2 safeholly.me records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Sophos
PUA 'AdLoad' (of type Adware), Generic PUA CG (PUA), Generic PUA EB (PUA), Generic PUA JG (PUA)
53.33%

K7 AntiVirus
Trojan , Adware
53.33%

Avira AntiVirus
TR/Downloader.Gen, PUA/InstallCore.diur, ADWARE/Adware.Gen
53.33%

Reason Heuristics
PUP.InstallCore.Bundler (M), PUP.Starglobe.Installer (M), PUP.Starglob.Installer (M), PUP.Gencolab.Installer (M)
53.33%

Kaspersky
not-a-virus:AdWare.Win32.AdLoad, not-a-virus:NetTool.Win64.NetFilter
46.67%

NANO AntiVirus
Trojan.Nsis.Fraudster.dsyctt, Trojan.Nsis.Pincav.doipia, Trojan.Win64.Fraudster.dvddue
46.67%

Dr.Web
Trojan.Fraudster.1631, Trojan.Fraudster.1624, Trojan.Fraudster.1620
46.67%

VIPRE Antivirus
Trojan.Win32.Generic, NetFilter, Yontoo
46.67%

AVG
Generic, WebFilter.X, Generic6
46.67%

ESET NOD32
Win32/InstallCore.ABL potentially unwanted (variant), Win32/Adware.BrAppWare (variant)
46.67%

McAfee
Artemis!85E934B4FB89, Artemis!15A8DA2997BC, Artemis!529F9FB606BF, Artemis!5B46443F5326, Artemis!5E33177B1AA2
46.67%

G Data
Win32.Application.InstallCore.EG, Trojan.Generic.14954074, Dropped:Adware.Agent.PPG, Trojan.Generic.15047783, Trojan.Generic.15015189
46.67%

Fortinet FortiGate
Adware/AdloadAM, Riskware/InstallCore, Riskware/BrAppWare
40.00%

MicroWorld eScan
Trojan.Generic.14954074, Dropped:Adware.Agent.PPG, Trojan.Generic.15047783, Trojan.Generic.15015189
40.00%

nProtect
Trojan.Generic.14954074, Dropped:Adware.Agent.PPG, Trojan.Generic.15047783, Trojan.Generic.15015189
40.00%

The domain www.safeholly.me has been seen to resolve to the following 2 IP addresses.

82.221.105.12
February 28, 2016

198.50.209.4
July 19, 2015

File downloads found at URLs served by www.safeholly.me.

1 / 68      (PUP)
http://www.safeholly.me/ids/.../getFile?lnk=P3NvZnR3YXJlPU1lZGlhRG93bmxvYWRlciZuYW1lPVNldHVwLmV4ZSZub19jYWNoZT03YmE0MTNmMmQ4YjI5MTI3NTVlNjI2ZDIyY2QwNjM2NGE1Y2Q1Y2IzYTM5MTgxIHxodHRwOi8vY2RuLmZyZWVmYWNpZS5jb20vZG93bmxvYWQvc2V0dXAuZXhlLz9zb2Z0d2FyZT1NZWRpYURvd25sb2FkZXImbmFtZT1TZXR1cC5leGUmbm9fY2FjaGU9N2JhNDEzZjJkOGIyOTEyNzU1ZTYyNmQyMmNkMDYzNjRhNWNkNWNiM2EzOTE4MSA=  (softwaremediadownloadernamesetupno-cache7ba413f2d8b2912755e626d22cd06364a5cd5cb3a39181.exe)

1 / 68      (PUP)
http://www.safeholly.me/ids/.../getFile?lnk=WHBCbXB0SGsnLCAnWHBCbXB0SGsnLCAnU2V0dXAuZXhlJyl8amF2YXNjcmlwdDpkb3dubG9hZEVYRVdpdGhOYW1lKCdodHRwOi8vdHRiLnRvcGZpbGVkLmNvbS9kb3dubG9hZC9yZXF1ZXN0LzU1NzcwMTg5NWYxYzFlNGU3ZDAwMDAwMC9YcEJtcHRIaycsICdYcEJtcHRIaycsICdTZXR1cC5leGUnKQ==  (xpbmpthk-xpbmpthk-setup.exe)

1 / 68      (PUP)
http://www.safeholly.me/continue.exe  (a25f18253d4d1d6183ecf27b3aaef376)

1 / 68      (PUP)
http://www.safeholly.me/.../310714_br.exe  (5cc472aac33b35f76bf284b2d8aed39f)

1 / 68      (PUP)
http://www.safeholly.me/ids/.../getFile?lnk=dHVrb3VrQkcnLCAndHVrb3VrQkcnLCAnU2V0dXAuZXhlJyl8amF2YXNjcmlwdDpkb3dubG9hZEVYRVdpdGhOYW1lKCdodHRwOi8vdHRiLnRoZWZpbGVnZXQuY29tL2Rvd25sb2FkL3JlcXVlc3QvNTQ2OWQ5ZmI1ZjFjMWUyYTNhMDAwMDAxL3R1a291a0JHJywgJ3R1a291a0JHJywgJ1NldHVwLmV4ZScp  (tukoukbg-tukoukbg-setup.exe)

1 / 68      (PUP)
http://www.safeholly.me/.../310714_br.exe  (6e1616e327c9716d38d5a70f71c47a39)

29 / 68    (PUP)
http://www.safeholly.me/.../291014_nj.exe  (5e33177b1aa2f11e1ddd1c44af4d05af)

24 / 68    (PUP)
http://www.safeholly.me/.../291014_nj.exe  (lddodokop6hgtom8vssxb9llddodokop6hgtom8vssxb9llddodokop6hgtom8vssxb9l_nj.exe)

13 / 68    (PUP)
http://www.safeholly.me/.../310714_is.exe  (g3e2b24ykbjwv59buqzyq_is.exe)

33 / 68    (PUP)
http://www.safeholly.me/.../280815_cr.exe  (s0tbjyhr9y3pryxs0boys3.exe)

1 / 68      (PUP)
http://www.safeholly.me/.../310714_br.exe  (s0tbjyhr9y3pryxs0boys3s0tbjyhr9y3pryxs0boys3s0tbjyhr9y3pryxs0boys3_br.exe)

29 / 68    (PUP)
http://www.safeholly.me/.../291014_nj.exe  (15a8da2997bc76d21f40380ea3163acb)

25 / 68    (PUP)
http://www.safeholly.me/.../291014_nj.exe  (ca6ef6b9e38c227e2d755ad746f7a752)

24 / 68    (PUP)
http://www.safeholly.me/.../291014_nj.exe  (ca8726e7f87b02fd9f8e4bc492e3b52e)

12 / 68    (PUP)
http://www.safeholly.me/ids/.../getFile?lnk=aGVyZFByb3RlY3RTY2FuX1BvcnRhYmxlLmV4ZXwvaW5zdGFsbGVycy9oZXJkUHJvdGVjdFNjYW5fUG9ydGFibGUuZXhl  (herdprotectscan-portable.zip)

URL:
http://www.safeholly.me/

Title:
“Em manutencao”

Web server:
nginx/1.0.15 (PHP/5.6.13)

4threquest.me

baixarmidia.com

baixegetit.net

catchitfor.me

centijo.net

chromeget.co

fileflow.co

freeweiser.me

getld.space

gonload.me

holdmyreq.co

klumget.co

netcoolery.net

netgetitfor.me

onlinemidia.com

wikizu.net

2ndrequest.me

amofilmes.net

aurevoir.club

eimia.net

files2me.ninja

filmeseseriestorrent.com

filmesonlinegratis.com

gamestorrent.biz

gapfile.me

getfileresource.me

getgsafe.me

gotmyfile.me

kiadown.me

loadfor.me

30 of 47 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.