home

default-page.com

wenjie chen

Domain Information

The domain default-page.com registered by wenjie chen was initially registered in May of 2016 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.
Registrar:
STRAIGHT 8 DOMAINS, LLC

Server location:
Victoria, Australia (AU)

Create date:
Saturday, May 7, 2016

Expires date:
Sunday, May 7, 2017

Updated date:
Sunday, May 8, 2016

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited, AU

Whois:
4 default-page.com records

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OutBrowse (M), PUP.Outbrowse.Bundler (M), PUP.Outbrowse (M), PUP.MindAd (M), Bundler.OutBrowse.ET, PUP.Tuguu (M)
100.00%

ESET NOD32
Win32/OutBrowse.J potentially unwanted application
4.26%

Dr.Web
Detection.Undefined
2.13%

Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse
2.13%

Norman
Application.Bundler.Outbrowse.BC
2.13%

McAfee
Program.Adware-OutBrowse
2.13%

The domain default-page.com has been seen to resolve to the following 2 IP addresses.

103.224.182.207
lb-182-207.above.com
May 14, 2016

50.19.236.133
ec2-50-19-236-133.compute-1.amazonaws.com
January 4, 2014

File downloads found at URLs served by default-page.com.

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZydXVpZD1jZGEyZDNjZi1iZTBhLTQ1MmQtOTExMS0xZjkyMDQwYWYyOTY  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZjdXVpZD1hMjc5ZGQ2MS01ZTY2LTQ2OGItYTk2OC1jMjA5YjU0YjhjMWQ  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZldXVpZD03MjNhZjQzZS0xZWYxLTQ4YTctYWRmMy1hM2IxNWJkMWJlNDE  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZmdXVpZD00MTVhZTYyMS0xMDJmLTQ2M2QtODM0Ni1jNTMzNTc0MWZmMjA  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZwdXVpZD00ZGExZGNlMy1hNTNiLTQ5YTUtYWUzMy1kZGVlMzI3NzkwMzk  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=1775&clickid=Z1dXVpZD00NGI3NjNjMy04MzkzLTRjNDEtYjliNi0zZGIxYTE2YzI1OGQ  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=1775&clickid=ZzdXVpZD02NGM5MzYxZi1hNTM0LTQ2YWEtYmQwZi05OTZjZmQ1Y2IzOTI  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZmdXVpZD1jODRlZDE1Yy0wYzBiLTQwNGUtYmJjYi1jYjVkN2EzOWNmMDI  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZxdXVpZD1iYmE1ODBkOC1mZDYxLTQzNzUtYmJjMy01MmM4NDgxOTcxYWE  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=1775&clickid=ZydXVpZD1jMWU5OTAxNS0xMTAyLTQ4MmUtYTNiOS02M2Q1YzAwMDQyODQ  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=Z5dXVpZD00YTYxZWZhNC02MTI2LTQ4ZTgtYTA4ZC1hZDY3MjJiZTE5N2I  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=Z5dXVpZD03YWM1NmVmNi01YzgzLTRkNDQtOTIzNS02MDgzNmFhNTI5YjY  (flvplayer.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZldXVpZD02ZjAxNGY1MS02OGNmLTRhMDEtODM5MS05ODBlNGU4MGRlZTA  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=Z5dXVpZD1mYzI2Njk0ZS00OWFjLTQxMTAtOTg0Mi00NjJiYjgzODc5Mjc  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=Z4dXVpZD0zYzk5NjcwMi04ODRhLTRhNzUtYjQyOC01NGI2YTgzZTY4ZjA  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZldXVpZD1jODRiMmEwOS1iOTZkLTRmOGEtOTdmMy1hZTY5MTBjZmFlYzg  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZzdXVpZD0zMDkwN2YwZi1hZmFmLTRkNjMtODc3OC0yNjMzYmU1NDgzMmQ  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZwdXVpZD1lODc2Y2EzZi1lMDdlLTRjMmEtOWU0Yy0wOGRhZTcxMzUwYTQ  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZmdXVpZD0zZjRlMmM5NC03YmYzLTQyOTUtYTEwMC05MjExYjJkYzBmNjE  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZzdXVpZD0wYzI3NmM5Yi0xOTUxLTQ0NjEtOTA3OC0wOGIzYTZjZjAzYzM  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZhdXVpZD1hOGMzN2VmOC04N2U5LTRjMWEtYmIxMC01ZTUzMmYzMTBhNDE  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZxdXVpZD1jOTNkMjE3ZC1mYmE2LTQ2YTktOWMwYS05ODk4ZmRkYjQxZjg  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZkdXVpZD0zOTZjNmZhYS05MTUxLTQ0MWItYjdkOC0xNzVjOTE4YWFkZTA  (setup.exe)

0 / 68
http://default-page.com/real?pid=3022&distid=3509&clickid=ZjdXVpZD0wYjJlNjkwMy03NWIyLTQxMzMtYThmMi05NDRlMGE1NTJjMTY  (setup.exe)

2 / 68      (PUP)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZidXVpZD05MTcwOTlmMC1jZDYyLTRkYjktYTcyYy1jMzVhNzNmMDJiY2Q  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZjdXVpZD0yYjRmYjRiZi1jNjQwLTRlZTQtODgwOC1iNmUzMzZkZDljNmE  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZzdXVpZD1jN2Y4OTNhNS03MGJiLTQ4YjUtYjE1NC1hZGI5Njk4NGMzMzc  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=Z3dXVpZD1kOTQ0Zjc0ZS0xNGNlLTQ3NmItYWQ5MS00M2NkODA5YzA3MDA  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=3509&clickid=ZydXVpZD00M2I3MDYzOC05ODhmLTQyYTEtYmM0OC1kMTdjZWU4NjYyNGM  (setup.exe)

1 / 68      (Adware)
http://default-page.com/real?pid=3022&distid=1775&clickid=ZxdXVpZD03ZjUwNjQ2OS1mZWIzLTRhNTctOGI1Yi03ZGQzYzk2YjMxNzI  (setup.exe)

 
Latest 30 of 1,987 download URLs

The following 15 files have been seen to comunicate with default-page.com in live environments.

TCP » 103.224.182.207:80
googleupd.exe (Google Update by Google)

TCP » 103.224.182.207:80
pooface.exe (Ja)

TCP » 103.224.182.207:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80
fuzezipsetup.exe (Fuze Zip by Koyote Soft)

TCP » 103.224.182.207:80
CureTraffic.exe (CureTraffic by Vitbian telecom S.L)

TCP » 103.224.182.207:80
emuletorrent.exe

TCP » 103.224.182.207:80
googleupd.exe (Google Update by Google)

TCP » 103.224.182.207:443
winsec.exe (winsec.exe by Security Verifier)

TCP » 103.224.182.207:80
BruteforceSaveData.exe (Bruteforce Save Data by 2014 by Aldo Vargas - http://www.aldostools.org)

TCP » 103.224.182.207:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 103.224.182.207:80
online-guardian.exe

TCP » 103.224.182.207:80
winsec.exe (winsec.exe by Security Verifier)

TCP » 103.224.182.207:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 103.224.182.207:80
googleupd.exe (Google Update by Google)

TCP » 103.224.182.207:80
cshpfaba.exe

April 4, 2014
get.default-page.com

January 4, 2014
www.default-page.com

URL:
http://default-page.com/

Title:
“default-page.com”

Web server:
Apache (PHP/5.4.45-0+deb7u2)

1-vinstaller.com

123mplayer.com

downloadcobra.com

downloaddesktop2.com

downloaddesktop3.com

flashupdatenow.com

freedownloadshare.com

freemp3go.com

generalfiles.net

grangames.com

mannesoth.com

mi-fashion.com

onedownloader.com

proplayersetup.com

secondnaturecd.com

smile-files.com

softwarepsr.com

styleapplicationzillion.com

toolboox.com

ultimate-torrents.com

yacristoviene.com

2secondsfiles.org

2yourface.com

app2desktop.com

appsdesktop.com

compresstool.com

down2desk.com

downloaddesktop3.info

file14desktop.com

file15desktop.com

30 of 37 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.