www.default-page.com

wenjie chen

Domain Information

The domain www.default-page.com registered by wenjie chen was initially registered in May of 2016 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.
Registrar:
STRAIGHT 8 DOMAINS, LLC

Server location:
Victoria, Australia (AU)

Create date:
Saturday, May 07, 2016

Expires date:
Sunday, May 07, 2017

Updated date:
Sunday, May 08, 2016

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited, AU

Root domain:

Scanner detections:
Detections  (75% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Task.Mindadmedia.E, PUP.Installer.OutBrowse.F, PUP.Installer.Mindadmedia.F, PUP.Optional.Installer.F, PUP.Injekt.Installer, PUP.Solimba.Bechiro.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.Adknowledge.BuildInp.Bundler (M), Win32.Generic, PUP.Adknowledge.FusionIn.Bundler (M), PUP.InstallCore.AC.Installer (M), PUP.Softpulse.DigitalP.Bundler (M)
93.33%

Dr.Web
Adware.Downware.1676, Adware.Downware.1336, Program.Unwanted.79, Adware.Downware.1514
33.33%

ESET NOD32
Win32/OutBrowse (variant), Win32/ExFriendAlert (variant)
33.33%

McAfee
Artemis!AB02A4C594A4, Artemis!5BB01D73A88C, Artemis!FA9EB15DF83F, Artemis!99FB9BE8A5DA
26.67%

Malwarebytes
PUP.Optional.Smart, PUP.Optional.OutBrowse
26.67%

Trend Micro House Call
TROJ_GEN.F47V1211, TROJ_GEN.F47V1007, TROJ_GEN.F47V1013, TROJ_GEN.F47V1009
26.67%

VIPRE Antivirus
OutBrowse, SearchDonkey
26.67%

McAfee Web Gateway
Artemis!AB02A4C594A4, Artemis!5BB01D73A88C, Artemis!FA9EB15DF83F, Artemis!99FB9BE8A5DA
26.67%

AVG
MalSign.Generic, Skodna.Downloader, LionSea Software co.
26.67%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), VIRUS_UNKNOWN
26.67%

K7 Gateway Antivirus
Unwanted-Program
20.00%

K7 AntiVirus
Unwanted-Program
20.00%

Sophos
DomainIQ pay-per install, OutBrowse Revenyou
20.00%

Bkav FE
W32.Clod4f4.Trojan, W32.Clod8ba.Trojan, W32.Clod038.Trojan
20.00%

Vba32 AntiVirus
Downloader.OutBrowse, suspected of Trojan.Downloader.gen.h
13.33%

The domain www.default-page.com has been seen to resolve to the following 2 IP addresses.

lb-182-207.above.com
May 15, 2016

ec2-50-19-236-133.compute-1.amazonaws.com
January 4, 2014

File downloads found at URLs served by www.default-page.com.

 
Latest 30 of 464 download URLs

The following 15 files have been seen to comunicate with www.default-page.com in live environments.

URL:
http://www.default-page.com/

Title:
“default-page.com”

Web server:
Apache (PHP/5.4.45-0+deb7u2)

30 of 37 related domains