dlp.123mplayer.com

chen wenjie

Domain Information

The domain dlp.123mplayer.com registered by chen wenjie was initially registered in May of 2015 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Vitoria-Gasteiz, Pais Vasco within Spain which resides on the RIPE Network Coordination Centre network.
Remove Malware from dlp.123mplayer.com - Powered by Reason Core Security
Registrar:
NAMEPAL.COM #8023.

Server location:
Pais Vasco, Spain (ES)

Create date:
Friday, May 29, 2015

Expires date:
Sunday, May 29, 2016

Updated date:
Tuesday, June 02, 2015

ASN:
AS57910 SCIP-AS Soluciones Corporativas IP, SL,ES

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.PaymentsInteractiveSL.F, PUP.LunacomInteractive.F, PUP.Installer.PaymentsInteractiveSL.F, PUP.Installer.LunacomInteractive, PUP.Tuguu.LunacomInteractive.Bundler (M)
100.00%

K7 AntiVirus
Unwanted-Program
90.00%

K7 Gateway Antivirus
Unwanted-Program
90.00%

avast!
Win32:Installer-AH [PUP], Win32:DomaIQ-T [PUP], Win32:DomaIQ-BO [PUP], Win32:PUP-gen [PUP], DomaIQ-AP [PUP]
90.00%

Comodo Security
Application.Win32.DomaIQ.PUP, Application.Win32.DomaIQ.KAO, Application.Win32.DomaIQ.JIK, Application.Win32.DomaIQ.KR
90.00%

VIPRE Antivirus
DomaIQ, Threat.4150696
90.00%

Sophos
DomainIQ pay-per install, Virus 'Troj/Agent-AENY'
90.00%

AVG
MalSign.Generic, DomaIQ, Trojan horse Downloader.Generic13.CLYK.dropper, Skodna.Generic_c, Adware DomaIQ.BM
90.00%

MicroWorld eScan
Gen:Variant.Adware.Graftor.139070, Trojan.Agent.BEFC, Application.Bundler.DomaIQ.Q
90.00%

Malwarebytes
PUP.Optional.DomaIQ, PUP.Optional.Dropper.BL, PUP.Optional.Domalq, PUP.Optional.BundleInstaller.A
90.00%

Kaspersky
not-a-virus:AdWare.MSIL.DomaIQ, not-a-virus:AdWare.Win32.DomaIQ, not-a-virus:Downloader.NSIS.Agent
90.00%

Bitdefender
Gen:Variant.Adware.Graftor.139070, Trojan.Agent.BEFC, Application.Bundler.DomaIQ.Q
90.00%

Dr.Web
Adware.Downware.2630, Trojan.SMSSend.4979, Trojan.Packed.24553
90.00%

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious.H, CryptDomaIQ, BehavesLike.Win32.CryptDoma.hc, BehavesLike.Win32.AdwareDoma.fc
90.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Troj.Lollipop.u.(kcloud)
90.00%

The domain dlp.123mplayer.com has been seen to resolve to the following 9 IP addresses.

lb-182-243.above.com
February 11, 2016

unallocated.barefruit.co.uk
May 4, 2015

www.renewyourexpireddomain.com
April 15, 2015

November 2, 2014

April 16, 2014

April 16, 2014

April 13, 2014

April 13, 2014

December 22, 2013

File downloads found at URLs served by dlp.123mplayer.com.

1 / 68      (Adware)

1 / 68      (Adware)

35 / 68    (Adware)

37 / 68    (Adware)

35 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

26 / 68    (Adware)

25 / 68    (Adware)

25 / 68    (Adware)

25 / 68    (Adware)

25 / 68    (Adware)

25 / 68    (Adware)

25 / 68    (Adware)

25 / 68    (Adware)

25 / 68    (Adware)

25 / 68    (Adware)

25 / 68    (Adware)

25 / 68    (Adware)

25 / 68    (Adware)

1 / 68      (Adware)

 
Latest 30 of 30 download URLs

The following 138 files have been seen to comunicate with dlp.123mplayer.com in live environments.

 
Latest 20 of 138 files

URL:
http://dlp.123mplayer.com/

Google Analytics:
UA-19309218

Title:
“123mplayer.com - This website is for sale! - 123mplayer Resources and Information.”

Description:
“This website is for sale! 123mplayer.com is your first and best source for information about 123mplayer . Here you will also find topics relating to issues of general interest. We hope you find what you are looking for!”

Web server:
Apache (PHP/5.3.3-7+squeeze28)

30 of 34 related domains

Remove Malware from dlp.123mplayer.com - Powered by Reason Core Security