www.noip.com

Vitalwerks Internet Solutions, LLC

Domain Information

The domain www.noip.com registered by Vitalwerks Internet Solutions, LLC was initially registered in February of 2000 through VITALWERKS INTERNET SOLUTIONS LLC DBA NO-IP. Currently this domain has been known to host various forms of malware. The hosted servers are located in Reno, Nevada within the United States.
Registrar:
VITALWERKS INTERNET SOLUTIONS LLC DBA NO-IP

Server location:
Nevada, United States (US)

Create date:
Tuesday, February 08, 2000

Expires date:
Thursday, February 08, 2024

Updated date:
Monday, November 10, 2014

ASN:
AS14627 ASVITAL Vitalwerks

Root domain:

Scanner detections:
Malware distribution  (51% detected)

Scan engine
Details
Detections

avast!
SaliCode, Win32:Agent-AODJ [Trj], Parite, Win32:SaliCode, Win32:Mabezat [Wrm], Win32:Parite, Win32:Sality, Win32:Kukacka
77.27%

Microsoft Security Essentials
Threat.Undefined, Virus:Win32/Parite.B
77.27%

ESET NOD32
Win32/Sality.NBA virus, Win32/Delf.NRJ worm, Win32/Parite.B virus, Win32/Mabezat.A virus, Win32/VB.OSK trojan
77.27%

F-Prot
W32/Sality.gen2, W32/Renamer.A.gen, W32/Parite.B, W32/Sality.E.gen, W32/VB.AD.gen
72.73%

Kaspersky
Virus.Win32.Sality, Virus.Win32.Renamer, Virus.Win32.Parite, Worm.Win32.Mabezat, Trojan.Win32.Swisyn
68.18%

Norman
Win32.Sality.3, Worm.Generic.377772, Win32.Parite.B, Win32.Worm.Mabezat.Gen, Trojan.Generic.6753864
68.18%

Emsisoft Anti-Malware
Win32.Sality, Worm.Generic.377772, Win32.Parite, Win32.Worm.Mabezat.Gen, Trojan.Generic.6753864
59.09%

Dr.Web
Win32.Sector.30, Trojan.Inject1.28681, Win32.Parite.2, Win32.HLLW.Tazebama
59.09%

McAfee
Virus.W32/Sality.gen.z, W32/Gnamer, Virus.W32/Pate.b, Virus.W32/Mabezat.a
59.09%

AVG
Win32/Sality, Worm/Delf, Win32/Parite, Win32/Mabezat
59.09%

VIPRE Antivirus
Virus.Win32.Sality.at, Virus.Win32.Grenam.a, Threat.46249, Threat.4721115, Threat.303962, LooksLike.Win32.Malware!B
36.36%

F-Secure
Win32.Sality.3, Worm.Generic.377772, Win32.Parite.B
31.82%

Sophos
Virus 'Mal/Sality-D', W32/Renamer-K, Virus 'W32/Parite-B', Virus 'W32/Mabezat-B'
27.27%

Antiy Labs AVL
Worm/Win32.Mabezat.gen, Virus/Win32.Sality.gen, Virus/Win32.Renamer.j, Virus/Win32.Parite.c
18.18%

Bkav FE
W32.Sality.PE, W32.FakeExeYHPtv, W32.HfsAutoB, HW32.Packed
18.18%

The domain www.noip.com has been seen to resolve to the following IP address.

www.noip.com
August 5, 2013

File downloads found at URLs served by www.noip.com.

0 / 68
https://www.noip.com/.../DUCSetup_v4_1_1.exe  (d956698c3ee412668a9fb70243e00a09)

1 / 68      (Malware)
http://www.noip.com/.../DUCSetup_v4_1_1.exe  (248be172f647bede5df5cc5d2ac3cfa1)

0 / 68
https://www.noip.com/client/.../noip-duc-linux.tar.gz  (3b0f5f2ff8637c73ab337be403252a60)

0 / 68
http://www.noip.com/.../DUCSetup_v4_1_0.exe  (f4ec9902a1a95eb30dbb514e7bb56f54)

4 / 68      (inconclusive)

0 / 68
http://www.noip.com/.../DUCSetup_v4.exe  (a2b5ef79a7077289ef44391724696ed9)

0 / 68
http://www.noip.com/.../ducsetup.exe  (7cace1eb9ad97eed85ab9c22a76fa995)

0 / 68
https://www.noip.com/.../DUCSetup_v4_1_0.exe  (a0f2b4e18503ba5ade2612d75b84882b)

0 / 68
http://www.noip.com/.../DUCSetup_v4_0_2.exe  (39ead0cb343b5377a4e9c06e9db69dff)

0 / 68
https://www.noip.com/.../DUCSetup_v4_0_2.exe  (39ead0cb343b5377a4e9c06e9db69dff)

0 / 68
http://www.noip.com/.../DUCSetup_v4_0_1.exe  (fadf7472046a5b9103ad5d4ca7b4486c)

0 / 68
https://www.noip.com/.../DUCSetup_v4_0_1.exe  (fadf7472046a5b9103ad5d4ca7b4486c)

URL:
http://www.noip.com/

Google Analytics:
UA-31174

Title:
“Free Dynamic DNS - Managed DNS - Managed Email - Domain Registration - No-IP”

SSL certificate subject:
CN=www.noip.com, O="Vitalwerks Internet Solutions, LLC", L=Reno, S=Nevada, C=US, SERIALNUMBER=LLC13998-2002, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Nevada, OID.1.3.6.1.4.1.311.60.2.1.3=US

SSL certificate issuer:
CN=GeoTrust EV SSL CA - G4, O=GeoTrust Inc., C=US

Web server:
Apache

Facebook:
Likes:  1,127
Shares:  4,934
Comments:  1,114

Statistics are for the previous month.

30 of 34 related domains