Currently this domain has been known to host various forms of malware. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrant:
Whois Privacy (enumDNS dba)
Server location:
Arizona, United States (US)
ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC
Scanner detections:
Malware distribution (83% detected)
Scan engine
Details
Detections
Reason Heuristics
(M), PUP.Bundler, PUP.Win.Reputation, Adware.Bundler (M), PUP.InstallCore.Internet.Installer.Meta (M), Adware.DownloadShield.Bundle.Meta (M), PUP.NOSIBAY.Installer, Adware.DownloadShield.Bundle (M)
67.50%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Worm.Koobface
52.50%
Trend Micro House Call
TROJ_GEN.F47V0803, HV_ZYX_CA083374.TOMC, ADW_OPENCANDY, Suspicious_GEN.F47V0904, TROJ_GEN.F47V0306, TROJ_GEN.R0EBH06EQ15, Suspicious_GEN.F47V1110, TROJ_GEN.F47V0425
22.50%
avast!
Win32:Rootkit-gen [Rtk], Win32:Malware-gen
20.00%
AVG
MultiBundle, Skodna.Bundle_c, Could be an adware MultiBundle
20.00%
SUPERAntiSpyware
Heur.Agent/Gen-WhiteBox, Trojan.Agent/Gen-Downloader
17.50%
NANO AntiVirus
Trojan.Win32.BrowseBan.cvsxvp, Trojan.Win32.StartPage.dbicfr, Riskware.Nsis.Adware.dpyapb, Riskware.Nsis.Dloader.dvvnkj
17.50%
McAfee
RDN/Generic Downloader.x!np, Artemis!04B3FD7F0227, RDN/Generic StartPage!by, Artemis!76583B6B29F4, Artemis!98B14C81A658
15.00%
Dr.Web
Adware.Downware.8442, Trojan.DownLoader13.18115, Trojan.MulDrop5.15116, Trojan.DownLoader15.35828, Trojan.DownLoader15.61998
12.50%
VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra, Conduit
12.50%
Malwarebytes
PUP.Adware.Agent, Trojan.Downware, PUP.Optional.BundleInstaller
10.00%
Baidu Antivirus
Trojan.Win32.StartPage, PUA.Win32.SearchApps, PUA.Win32.DownWare
7.50%
IKARUS anti.virus
AdWare.MultiBundle, Net-Worm.Win32.Koobface
7.50%
Trend Micro
ADW_OPENCANDY, TROJ_GEN.R0CBC0PE314
5.00%
Fortinet FortiGate
W32/Downloader_x.NP!tr, W32/StartPage.DSAR!tr
5.00%
The domain www.searchapps.me has been seen to resolve to the following 3 IP addresses.
p3nlhg386c1386.shr.prod.phx3.secureserver.net
January 24, 2014
File downloads found at URLs served by www.searchapps.me.
The following file have been seen to comunicate with www.searchapps.me in live environments.
URL:
http://www.searchapps.me/
SSL certificate subject:
CN=sni55794.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated
SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
Web server:
cloudflare-nginx
Statistics are for the previous month.
Related Domains