The domain www.po114.us registered by xianlin xie was initially registered in October of 2013 through GODADDY.COM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Washington, District of Columbia within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
GoDaddy.com, Inc.
Server location:
District of Columbia, United States (US)
Create date:
Thursday, October 24, 2013
Expires date:
Tuesday, October 23, 2018
Updated date:
Friday, December 19, 2014
ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.SkytouchTechnologyCoLimited.T, PUP.SkytouchTechnologyCoLimited.P, PUP.SkytouchTechnologyCoLimited.O, PUP.SkytouchTechnologyCoLimited.K, PUP.HefeiZhimingxingtongSoftwareTechnologyCo.T, PUP.BeijingELEXTechnologyCoLtd.G, PUP.HefeiZhimingxingtongSoftwareTechnologyCo.Q, PUP.ELEX.SkytouchTechnologyCo (M), PUP.ELEX.Skytouch (M)
100.00%
Dr.Web
Adware.Mutabaha.42, Adware.Mutabaha.41, Adware.Mutabaha.44, Adware.Downware.1605, Adware.Mutabaha.50, Adware.Mutabaha.53
73.08%
Baidu Antivirus
Trojan.Win32.Elex, Adware.Win32.ELEX
73.08%
Trend Micro House Call
TROJ_GEN.F47V1227, TROJ_GEN.F47V1214, TROJ_GEN.F47V0223, TROJ_GEN.F47V0227, TROJ_GEN.F47V0306, TROJ_GEN.F47V0225, TROJ_GEN.F47V1109
69.23%
Malwarebytes
PUP.Optional.SkyTech.A
61.54%
ESET NOD32
Win32/ELEX, Win32/ELEX (variant), Win32/ELEX.AF (variant), Win32/ELEX.AJ (variant)
61.54%
Agnitum Outpost
Riskware.Agent
61.54%
Fortinet FortiGate
Riskware/Elex
57.69%
McAfee
Artemis!BFCAFDAC7317, Artemis!B5B6B59BE79E, Artemis!9CDEAD920A06, Artemis!D1012EE216F9, Artemis!E371C455F13C, Artemis!1AD1E86E65F5, Artemis!1A9C6012CF54
46.15%
Emsisoft Anti-Malware
Adware.Win32.AppInstall, Adware.DealPly, Trojan.Iframe.CGB, Application.Downloader.SV
34.62%
Avira AntiVirus
ADWARE/Adware.Gen2
30.77%
avast!
Win32:Malware-gen, Win32:Adware-gen [Adw]
26.92%
IKARUS anti.virus
Win32.Malware
19.23%
AhnLab V3 Security
PUP/Win32.Amonetiz
19.23%
herdProtect (fuzzy)
a variant of 568b70d8d1993c12ee3b6a09925a6c4688af9d63, a variant of e7a90f8ab02f51b3ced2b5a8c8720bf4f9e362a1, a variant of 011635e7aa9d5244bdd43f51db16dc2bbb000e10
15.38%
The domain www.po114.us has been seen to resolve to the following 4 IP addresses.
173.193.180.132-static.reverse.softlayer.com
January 25, 2014
208.43.232.116-static.reverse.softlayer.com
January 25, 2014
208.43.232.118-static.reverse.softlayer.com
January 25, 2014
173.193.180.130-static.reverse.softlayer.com
January 25, 2014
File downloads found at URLs served by www.po114.us.
The following 13 files have been seen to comunicate with www.po114.us in live environments.
Related Domains