www5l.incredimail.com

IncrediMail, Inc.

Domain Information

The domain www5l.incredimail.com registered by IncrediMail, Inc. was initially registered in October of 1999 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the nLayer Communications Internal/Backbone network.
Remove Malware from www5l.incredimail.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Wednesday, October 27, 1999

Expires date:
Wednesday, January 02, 2019

Updated date:
Tuesday, November 11, 2014

ASN:
AS4436 AS-GTT-4436 - nLayer Communications, Inc.,US

Root domain:

Scanner detections:
Detections  (86% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Perion.O, PUP.Installer.Perion.Q, PUP.Installer.Perion.T, PUP.Perion.L, PUP.Installer.IncrediMail.Installer.Meta, PUP.Installer.Perion.H, PUP.Installer.Perion.S, PUP.Installer.Perion.W, PUP.Perion.N, PUP.Perion.Installer
97.30%

Dr.Web
Adware.SweetIM.28, Tool.InstallToolbar.96, Adware.IncrediMail.43, Adware.IncrediMail.36, Adware.IncrediMail.14, Adware.IncrediMail.36
56.76%

Trend Micro House Call
TROJ_GEN.F47V1112, TROJ_GEN.F47V0813, TROJ_GE.D188D989, TROJ_GE.957BE1AA, TROJ_GE.3929168B, TROJ_GEN.F47V0206, TROJ_GE.32BD883C, Suspicious_GEN.F47V0625, Suspicious_GEN.F47V0623, Suspicious_GEN.F47V0718
51.35%

Bkav FE
W32.HfsAdware
24.32%

VIPRE Antivirus
Sweetpacks/SweetIM, Trojan.Win32.Generic
21.62%

Kaspersky
not-a-virus:WebToolbar.Win32.Perion, not-a-virus:WebToolbar.Win32.Perinet
13.51%

Baidu Antivirus
Adware.Win32.Perion, PUA.Win32.Perinet
13.51%

Qihoo 360 Security
Malware.QVM29.Gen, heur.swf.rateII.3, asp.webshell.eval.1
13.51%

ESET NOD32
Win32/Toolbar.Perion (variant)
8.11%

Antiy Labs AVL
RiskWare[WebToolbar:not-a-virus]/Win32.Perion, RiskWare[WebToolbar:not-a-virus]/Win32.Perinet
5.41%

K7 Gateway Antivirus
Unwanted-Program , Unwanted-File
5.41%

Sophos
Generic PUA II, Mal/EncPk-MP
5.41%

McAfee Web Gateway
Artemis!4194C5F47FE7, BehavesLike.Win32.Backdoor.cc
5.41%

Malwarebytes
PUP.Optional.Sweetpacks
2.70%

Rising Antivirus
PE:PUF.IncredimailInstaller!1.9C36
2.70%

The domain www5l.incredimail.com has been seen to resolve to the following 42 IP addresses.

a184-25-157-73.deploy.static.akamaitechnologies.com
February 11, 2016

a184-25-157-75.deploy.static.akamaitechnologies.com
February 11, 2016

February 3, 2016

February 3, 2016

January 5, 2016

January 5, 2016

January 5, 2016

January 5, 2016

a23-62-63-144.deploy.static.akamaitechnologies.com
January 4, 2016

a23-62-63-146.deploy.static.akamaitechnologies.com
January 4, 2016

January 4, 2016

January 4, 2016

a23-3-13-217.deploy.static.akamaitechnologies.com
June 30, 2015

a23-3-13-202.deploy.static.akamaitechnologies.com
June 30, 2015

June 18, 2015

June 18, 2015

a23-67-242-73.deploy.static.akamaitechnologies.com
May 5, 2015

a72-247-9-241.deploy.akamaitechnologies.com
May 4, 2015

a72-247-9-225.deploy.akamaitechnologies.com
May 4, 2015

a23-0-160-56.deploy.static.akamaitechnologies.com
December 23, 2014

a23-15-7-99.deploy.static.akamaitechnologies.com
December 2, 2014

a23-15-7-123.deploy.static.akamaitechnologies.com
December 2, 2014

a23-3-13-10.deploy.static.akamaitechnologies.com
December 1, 2014

a23-3-13-65.deploy.static.akamaitechnologies.com
December 1, 2014

ip-69-31-29-196.nlayer.net
October 24, 2014

ip-69-31-29-221.nlayer.net
October 24, 2014

a23-0-160-51.deploy.static.akamaitechnologies.com
September 5, 2014

a23-0-160-48.deploy.static.akamaitechnologies.com
September 5, 2014

a23-62-6-216.deploy.static.akamaitechnologies.com
August 17, 2014

a23-62-6-203.deploy.static.akamaitechnologies.com
August 17, 2014

 
Showing 30 of 42 IP Addresses

File downloads found at URLs served by www5l.incredimail.com.

4 / 68      (PUP)

11 / 68    (PUP)

8 / 68      (PUP)

6 / 68      (PUP)

6 / 68      (PUP)

6 / 68      (PUP)

6 / 68      (PUP)

1 / 68      (PUP)

 
Latest 30 of 75 download URLs

The following 142 files have been seen to comunicate with www5l.incredimail.com in live environments.

 
Latest 20 of 156 files

URL:
http://www5l.incredimail.com/

Web server:
nginx/0.7.62

Facebook:
Likes:  1
Shares:  1

Statistics are for the previous month.

Remove Malware from www5l.incredimail.com - Powered by Reason Core Security