This domain is used by malicious actors to intercept traffic intended for Android system package names. It redirects users to ad networks and scareware sites, exploiting the .media TLD to appear legitimate.
providers.media
Potentially Malicious Low Traffic Tranco #3,912,578
Package Name Squatting Alert: providers.media
Malvertising & Scareware DistributionUsers and administrators should treat any browser resolution of `com.android.providers.media` as a security threat. If you encounter "device infection" warnings after clicking a link related to this domain, close the browser tab immediately and do not download any suggested files. Security teams should consider blacklisting `providers.media` at the DNS level to prevent accidental redirects from technical logs or developer tools.
Community Intelligence
0/20+
Messages are published to the community portal.
Investigate a specific URL
Recent Threat Analysis
URLert analyzed recent scan activity for providers.media
No public scans recorded recently
Be the first to run a threat analysis on this domain.
Network Infrastructure
Historical and current IP address mappings for this domain.
| IP Address / Infrastructure | Status | Subdomains | Last Seen |
|---|---|---|---|
TRELLIAN-AS-AP Trellian Pty. Limited (AS133618) | Active | providers.media | Today |
TRELLIAN-AS-AP Trellian Pty. Limited (AS133618)
Active
providers.media
Seen Today
Security Considerations
This domain has limited reputation data. Combined with these capabilities, exercise caution.
Custom Subdomains
providers.media allows users to create custom addresses like "anything.providers.media". An address like "paypal-secure.providers.media" may look official but is actually controlled by whoever registered that subdomain—not the domain operator.
Remember: Exercise caution when interacting with this domain. Verify all content independently.
Something wrong?
Developer API
Integrate Domain Intelligence
Access this classification data programmatically via our API.
GET /api/v1/classify?domain=providers.media
{
"domain": "providers.media",
"confidence": "high",
"category": {
"purpose": "potentially_malicious",
"specialization": "Malvertising and Scareware"
},
"identity": {
"headline": "Malicious domain used for malvertising and scareware campaigns",
"summary": "This domain is used by malicious actors to intercept traffic intended for Android system package names. It redirects users to ad networks and scareware sites, exploiting the .media TLD to appear legitimate.",
"operator": null,
"parent_entity": null,
"topics": [
"malvertising",
"scareware",
"domain squatting",
"android security"
]
},
"functions": {
"is_ugc_platform": false,
"is_file_host": false,
"is_url_shortener": false,
"is_public_idp": false,
"is_crypto_platform": false,
"allows_user_subdomains": true,
"is_form_builder": false,
"is_document_host": false
},
"facts": {
"registered_date": "2020-06-14T01:52:47.385000Z",
"rank": 3912578,
"hosting_provider": "TRELLIAN-AS-AP Trellian Pty. Limited"
}
}