www.default-page.com

OutBrowse

Domain Information

The domain www.default-page.com registered by OutBrowse was initially registered in February of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from www.default-page.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Sunday, February 17, 2013

Expires date:
Wednesday, February 17, 2016

Updated date:
Wednesday, February 18, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.

Root domain:

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Task.Mindadmedia.E, PUP.Installer.OutBrowse.F, PUP.Installer.Mindadmedia.F, PUP.Installer.MindAd, PUP.Solimba.Bechiro.Bundler (M), PUP.NewMedia.Installer.Installer (M), PUP.Vittalia.InstallHelper.Installer (M), PUP.Outbrowse.Bundler (M), PUP.Tuguu.Clovermedia.Bundler (M)
100.00%

Dr.Web
Adware.Downware.1676, Adware.Downware.1336, Trojan.Vittalia.55
50.00%

AVG
MalSign.Generic, Skodna.Downloader, Potentially harmful program Downloader
50.00%

Malwarebytes
PUP.Optional.Smart, PUP.Optional.OutBrowse
40.00%

K7 Gateway Antivirus
Unwanted-Program
40.00%

K7 AntiVirus
Unwanted-Program
40.00%

Trend Micro House Call
TROJ_GEN.F47V1211, TROJ_GEN.F47V1007, TROJ_GEN.F47V1013
40.00%

Sophos
DomainIQ pay-per install, OutBrowse Revenyou
40.00%

VIPRE Antivirus
OutBrowse, Threat.4782985
40.00%

ESET NOD32
Win32/OutBrowse (variant)
40.00%

McAfee
Artemis!AB02A4C594A4, Artemis!5BB01D73A88C, Artemis!08E4B25B1FAB
30.00%

McAfee Web Gateway
Artemis!AB02A4C594A4, Artemis!5BB01D73A88C
30.00%

Bkav FE
W32.Clod4f4.Trojan, W32.Clod8ba.Trojan, W32.HfsAdware
30.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
30.00%

Agnitum Outpost
PUA.OutBrowse
20.00%

The domain www.default-page.com has been seen to resolve to the following IP address.

ec2-50-19-236-133.compute-1.amazonaws.com
January 4, 2014

File downloads found at URLs served by www.default-page.com.

 
Latest 30 of 392 download URLs

URL:
http://www.default-page.com/

Title:
“Landing Mac”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Microsoft-IIS/7.0 (ASP.NET)

Remove Malware from www.default-page.com - Powered by Reason Core Security