home

fasternations.org

Amir Derbinin

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Fairfield, Connecticut within the United States which resides on the General Electric Company network.
Registrar:
EvoPlus Ltd.

Server location:
Connecticut, United States (US)

Whois:
2 fasternations.org records

Scanner detections:
Detections  (75% detected)

Scan engine
Details
Detections

avast!
Win32:Agent-AUVV [Trj], Win32:FakeDownload-G [PUP], Win32:Agent-AYLT [PUP]
100.00%

ESET NOD32
Win32/Adware.MultiPlug.DZ application
100.00%

Dr.Web
Trojan.WebPick.3190, Trojan.WebPick.3219, Trojan.Crossrider.36840
100.00%

Norman
Gen:Trojan.Heur.JP.9uW@aKyH3jdi, Gen:Trojan.Heur2.FU.9uW@aKaSBaci, Gen:Variant.Adware.Kazy.511922, Gen:Variant.Downloader.188
100.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.Mplug.21, Gen:Variant.Adware.Kazy.511922, Gen:Variant.Downloader.188
88.89%

AVG
Adware Generic6.BHF
88.89%

McAfee
MultiPlug-FTL, Program.MultiPlug-FTL
77.78%

F-Secure
Gen:Variant.Adware.Mplug.21, Gen:Variant.Adware.Kazy.511922, Variant.Downloader.188
44.44%

Lavasoft Ad-Aware
Gen:Variant.Adware.Mplug.21, Gen:Variant.Adware.Kazy.511922
33.33%

Kaspersky
not-a-virus:AdWare.Win32.MultiPlug
33.33%

Bkav FE
HW32.Packed
33.33%

MicroWorld eScan
Gen:Variant.Adware.Mplug.21, Gen:Variant.Adware.Kazy.511922
33.33%

Zillya! Antivirus
Adware.MultiPlug.Win32.73383, Adware.MultiPlug.Win32.73372, Adware.MultiPlug.Win32.73379
33.33%

K7 AntiVirus
Unwanted-Program
33.33%

NANO AntiVirus
Riskware.Win32.MultiPlug.djsutk
33.33%

The domain fasternations.org has been seen to resolve to the following 5 IP addresses.

54.72.9.115
ec2-54-72-9-115.eu-west-1.compute.amazonaws.com
September 14, 2016

2.2.2.3
April 9, 2016

2.2.2.1
April 9, 2016

3.3.3.6
n003-000-000-000.static.ge.com
April 9, 2016

1.1.1.1
July 23, 2015

File downloads found at URLs served by fasternations.org.

0 / 68
http://fasternations.org/null  (ariana_grande_-_love_me_harder_(lyric_video)_ft._the_weeknd.mp3.exe)

6 / 68      (PUP)
http://fasternations.org/.../Download.exe  (1c92bbb301ed63dde0aac248eea51756)

7 / 68      (PUP)
http://fasternations.org/.../Download.exe  (943806f397d6a97336c9af85a1618058)

0 / 68
http://fasternations.org/null  (bos g7 1600 ld 6x2 amp skinpack.rar.exe)

7 / 68      (PUP)
http://fasternations.org/.../Download.exe  (9ee3707846bcd.exe)

8 / 68      (PUP)
http://fasternations.org/.../Download.exe  (09897.exe)

7 / 68      (PUP)
http://fasternations.org/.../Download.exe  (cd40.tmp)

5 / 68      (PUP)
http://fasternations.org/.../Download.exe  (e30a1d0f97b748c50cab3711b0f6b912)

26 / 68    (PUP)
http://fasternations.org/.../Download.exe  (de4f45ee71275a88c1a4afadc7eff00c)

23 / 68    (PUP)
http://fasternations.org/.../Adobe Dreamweaver CC 14 Serial Number Full Crack 2014.exe  (40122d0befaa513a2970327cb59e9d08)

23 / 68    (PUP)
http://fasternations.org/.../Adobe Dreamweaver CC 2014 Final With XForce Crack Keygen Patch.exe  (b494b4569ebc5b2883d6ea8afe310857)

0 / 68
http://fasternations.org/null  (crack and setup.exe)

The following 253 files have been seen to comunicate with fasternations.org in live environments.

TCP » 54.72.9.115:80
globalupdate.exe (globalUpdate Update by globalUpdate)

TCP » 54.72.9.115:443
Softonic.exe (Softonic)

TCP » 54.72.9.115:443
Softonic.exe (Softonic)

TCP » 54.72.9.115:80
247843.ftf (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.115:443
Softonic.exe (Softonic)

TCP » 54.72.9.115:80
optimizerpro.exe (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.115:80
1573.exe (SavePass 1.1 by OB)

TCP » 54.72.9.115:80
hqghumeaylnlf.exe (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.115:443
Softonic.exe (Softonic)

TCP » 54.72.9.115:80
hqghumeaylnlf.exe (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.115:80
5dfde4f5-80af-4a98-8da4-e95b948f183d-10.exe (Ge-Force by Webar)

TCP » 54.72.9.115:80
optimizerproinstaller.exe (Optimizer Pro v3.2 by PCUtilities Software Limited)

TCP » 54.72.9.115:80
hqghumeaylnlf.exe (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.115:80
shopwit.exe (by Pay By Ads)

TCP » 54.72.9.115:443
Softonic.exe (Softonic)

TCP » 54.72.9.115:80
pricehorse.exe (by Pay By Ads)

TCP » 54.72.9.115:80
hqghumeaylnlf.exe (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.115:80
hqghumeaylnlf.exe (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.115:80
6054.exe (SavePass 1.1 by OB)

TCP » 54.72.9.115:80
playnowradio.exe (Play now radio by Pay By Ads)

 
Latest 20 of 267 files

coolina.net

ctempurl.com

dellsupportcenter.com

etempurl.com

fastery.org

ftempurl.com

gtl.us

ignitedownload.com

myqcloud.com

pimpmywindow.net

planet-series.tv

prosteergroup.com

qq.com

rbpcomponents.info

beautifulandhair.com

cooledon.org

coolining.net

downfiles.net

driverplus.net

ex-tor.net

fastenloads.com

fasternations.com

fasternations.net

fasterol.info

groupsetzipmyjob.org

homela.net

liversal.net

liversian.net

liversions.net

liversity.net

30 of 35 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.