» download.parisvegascasino.com
Overview
Analysis
IPs Addresses (1)
Downloads (14)
Related Domains (9)

download.parisvegascasino.com

Interactive Marketing Solutions N.V

Domain Information

The domain download.parisvegascasino.com registered by Interactive Marketing Solutions N.V was initially registered in May of 2013 through GODADDY.COM, LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in Chicago, Illinois within the United States which resides on the Incapsula Inc network.

Registrant:

Interactive Marketing Solutions N.V

Registrar:

GODADDY.COM, LLC

Server location:

Illinois, United States (US)

Create date:

Wednesday, May 22, 2013

Expires date:

Sunday, May 22, 2016

Updated date:

Saturday, May 23, 2015

ASN:

AS19551 INCAPSULA - Incapsula Inc,US

Root domain:

parisvegascasino.com

Whois:

1 parisvegascasino.com record

Scanner detections:

Malware distribution (71% detected)

Scan engine

Details

Detections

VIPRE Antivirus

Trojan.Win32.Generic, Threat.4150696

83.33%

Avira AntiVirus

GAME/Casino.Gen

83.33%

McAfee

Artemis!2B393033144F, Artemis!A1EEEE88D573, Artemis!145F61F86AD1, Artemis!1B832A0500D5, Artemis!902932A9DC90, Artemis!52F0A03FEC69, Artemis!3A7158FBB3F0

83.33%

AVG

Win32/DH{QXyBEiAlV04MIls}, Skodna.Casino, Generic

83.33%

Kaspersky

HEUR:Trojan-Downloader.Win32.Generic, not-a-virus:Downloader.Win32.InstallFlash

75.00%

IKARUS anti.virus

Win32.SuspectCrc, Win32.DH, not-a-virus:Downloader.InstallFlash

66.67%

NANO AntiVirus

Trojan.Win32.DownLoader11.dpapgd

66.67%

Clam AntiVirus

Win.Trojan.Downloader-66692

58.33%

Trend Micro House Call

Suspicious_GEN.F47V0222, Suspicious_GEN.F47V0617, Suspicious_GEN.F47V0702, TROJ_GEN.F47V0214

50.00%

Agnitum Outpost

Trojan.DownLoader

41.67%

F-Prot

W32/InstallFlash.A.gen

25.00%

Vba32 AntiVirus

Downloader.InstallFlash

25.00%

Baidu Antivirus

Hacktool.Win32.InstallFlash, Trojan.Win32.Downloader

25.00%

Panda Antivirus

Generic Suspicious

25.00%

K7 AntiVirus

Riskware

8.33%

The domain download.parisvegascasino.com has been seen to resolve to the following IP address.

199.83.132.154

199.83.132.154.ip.incapdns.net

February 12, 2016

File downloads found at URLs served by download.parisvegascasino.com.

12 / 68 (PUP)

http://download.parisvegascasino.com/download.php?aname=house_pvc0715&zone_id=none&referer=aHR0cHM6Ly93d3cuZ29vZ2xlLmZyLw==&dyn_id=tps://www.google.f (parisvegascasino_setup.exe)

10 / 68 (Malware)

http://download.parisvegascasino.com/download.php?aname=house_pvs&zone_id=google&referer=aHR0cHM6Ly93d3cuZ29vZ2xlLmZyLw==&dyn_id=(not provided) (parisvegascasino_setup.exe)

6 / 68 (Malware)

http://download.parisvegascasino.com/download.php?aname=house_pvc0315&zone_id=none&referer=aHR0cHM6Ly93d3cuZ29vZ2xlLmZyLw==&dyn_id=tps://www.google.f (parisvegascasino_setup.exe)

1 / 68

http://download.parisvegascasino.com/download.php (parisvegascasino_setup.exe)

4 / 68 (PUP)

http://download.parisvegascasino.com/download.php (parisvegascasino_setup.exe)

0 / 68

http://download.parisvegascasino.com/download.php (parisvegascasino_setup.exe)

4 / 68 (PUP)

http://download.parisvegascasino.com/download.php (parisvegascasino_setup.exe)

14 / 68 (PUP)

http://download.parisvegascasino.com/download.php (parisvegascasino_setup.exe)

5 / 68 (Malware)

http://download.parisvegascasino.com/download.php (parisvegascasino_setup.exe)

10 / 68 (false positives)

http://download.parisvegascasino.com/download.php?aname=dealpartner12&zone_id=itser&referer=d3d3LmZhcmVzb2xkaWNvbnNpZ2xpLmNvbQ==&dyn_id=itser (parisvegascasino_setup.exe)

16 / 68 (PUP)

http://download.parisvegascasino.com/download.php?aname=majordom77&zone_id=JLP&referer=d3d3LmpvZ28tbGVnYWwtcG9ydHVnYWwucHQ=&dyn_id=JLP (parisvegascasino_setup.exe)

0 / 68

http://download.parisvegascasino.com/download.php (parisvegascasino_setup.exe)

10 / 68 (Malware)

http://download.parisvegascasino.com/download.php (parisvegascasino_setup.exe)

10 / 68 (Malware)

http://download.parisvegascasino.com/download.php (parisvegascasino_setup.exe)

Related Domains

sodexobeneficios.com.br

w3-logics.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.