The domain dlp.123mplayer.com registered by chen wenjie was initially registered in May of 2015 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Vitoria-Gasteiz, Pais Vasco within Spain which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC
Server location:
Pais Vasco, Spain (ES)
Create date:
Friday, May 29, 2015
Expires date:
Monday, May 29, 2017
Updated date:
Friday, March 18, 2016
ASN:
AS57910 SCIP-AS Soluciones Corporativas IP, SL,ES
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.PaymentsInteractiveSL.F, PUP.LunacomInteractive.F, PUP.Installer.PaymentsInteractiveSL.F, PUP.Installer.LunacomInteractive, PUP.Tuguu.LunacomInteractive.Bundler (M), PUP.Tuguu.Payments.Bundler (M), PUP.Tuguu.LunacomI.Bundler (M), PUP.Tuguu.Bundler (M), PUP.Tuguu (M)
100.00%
K7 AntiVirus
Unwanted-Program
77.14%
avast!
Win32:Installer-AH [PUP], Win32:DomaIQ-T [PUP], Win32:DomaIQ-BO [PUP], Win32:PUP-gen [PUP], DomaIQ-AP [PUP]
77.14%
Comodo Security
Application.Win32.DomaIQ.PUP, Application.Win32.DomaIQ.KAO, Application.Win32.DomaIQ.JIK, Application.Win32.DomaIQ.KR
77.14%
VIPRE Antivirus
DomaIQ, Threat.4150696
77.14%
Sophos
DomainIQ pay-per install, Virus 'Troj/Agent-AENY'
77.14%
AVG
MalSign.Generic, DomaIQ, Trojan horse Downloader.Generic13.CLYK.dropper, Skodna.Generic_c, Adware DomaIQ.BM
77.14%
MicroWorld eScan
Gen:Variant.Adware.Graftor.139070, Trojan.Agent.BEFC, Application.Bundler.DomaIQ.Q
77.14%
Malwarebytes
PUP.Optional.DomaIQ, PUP.Optional.Dropper.BL, PUP.Optional.Domalq, PUP.Optional.BundleInstaller.A
77.14%
Kaspersky
not-a-virus:AdWare.MSIL.DomaIQ, not-a-virus:AdWare.Win32.DomaIQ, not-a-virus:Downloader.NSIS.Agent
77.14%
Bitdefender
Gen:Variant.Adware.Graftor.139070, Trojan.Agent.BEFC, Application.Bundler.DomaIQ.Q
77.14%
Dr.Web
Adware.Downware.2630, Trojan.SMSSend.4979, Trojan.Packed.24553
77.14%
G Data
Gen:Variant.Adware.Graftor.139070, Trojan.Agent.BEFC, Application.Bundler.DomaIQ
77.14%
Avira AntiVirus
APPL/DomaIQ.Gen, APPL/DomaIQ.Gen7
74.29%
Panda Antivirus
PUP/MultiToolbar.A
74.29%
The domain dlp.123mplayer.com has been seen to resolve to the following 10 IP addresses.
lb-182-207.above.com
May 19, 2016
lb-182-243.above.com
February 11, 2016
unallocated.barefruit.co.uk
May 4, 2015
www.renewyourexpireddomain.com
April 15, 2015
File downloads found at URLs served by dlp.123mplayer.com.
Latest 30 of 35 download URLs
The following 253 files have been seen to comunicate with dlp.123mplayer.com in live environments.
URL:
http://dlp.123mplayer.com/
Title:
“123mplayer.com - 123mplayer Resources and Information.”
Description:
“123mplayer.com”
Web server:
Apache/2.2.22 (Debian)