The domain fbdca1aa8b880016bf93-fe8db8e793d145b7a307239462d85480.r72.cf5.rackcdn.com registered by Rackspace US, Inc. was initially registered in December of 2010 through CSC CORPORATE DOMAINS, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Morristown, New Jersey within the United States which resides on the Akamai Technologies, Inc. network.
Registrant:
Rackspace US, Inc.
Registrar:
CSC CORPORATE DOMAINS, INC.
Server location:
New Jersey, United States (US)
Create date:
Wednesday, December 15, 2010
Expires date:
Thursday, December 15, 2016
Updated date:
Saturday, December 12, 2015
ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.,US
Scanner detections:
Detections (92% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.AcaiTech.E, PUP.AcaiTech.G, PUP.Jabuticaba.E, PUP.Jabuticaba.K, PUP.Installer.Bitcocktail, PUP.Bitcocktail
100.00%
Agnitum Outpost
Trojan.DL.Agent, PUA.Toolbar.Perion
75.00%
Dr.Web
Trojan.DownLoader11.40958, Adware.Shopper.821, Threat.Undefined, Adware.Shopper.816
66.67%
ESET NOD32
Win32/Toolbar.BitCocktail (variant), Win32/Toolbar.Perion, Win32/Toolbar.Perion.K potentially unwanted, Win32/Toolbar.BitCocktail.C potentially unwanted (variant)
66.67%
IKARUS anti.virus
Win32.SuspectCrc, not-a-virus:Downloader.Agent, PUA.Toolbar.BitCocktail
33.33%
Trend Micro House Call
Suspicious_GEN.F47V1111, Suspicious_GEN.F47V0107, Suspicious_GEN.F47V0216
25.00%
MicroWorld eScan
Gen:Variant.Graftor.160428, Gen:Variant.Kazy.461155
16.67%
McAfee
Artemis!D75BF6B9372A, Artemis!2AF27D1CE67F
16.67%
Bitdefender
Gen:Variant.Graftor.160428, Gen:Variant.Kazy.461155
16.67%
Lavasoft Ad-Aware
Gen:Variant.Graftor.160428, Gen:Variant.Kazy.461155
16.67%
F-Secure
Gen:Variant.Graftor.160428, Gen:Variant.Kazy.461155
16.67%
Emsisoft Anti-Malware
Gen:Variant.Graftor.160428, Gen:Variant.Kazy.461155
16.67%
Avira AntiVirus
TR/Rogue.86352, Adware/Agent.2518296
16.67%
G Data
Gen:Variant.Graftor.160428, Gen:Variant.Kazy.461155
16.67%
Vba32 AntiVirus
TrojanDownloader.Agent
8.33%
The domain fbdca1aa8b880016bf93-fe8db8e793d145b7a307239462d85480.r72.cf5.rackcdn.com has been seen to resolve to the following 10 IP addresses.
a72-246-64-138.deploy.akamaitechnologies.com
May 20, 2016
a96-17-170-18.deploy.akamaitechnologies.com
April 6, 2016
a96-17-170-24.deploy.akamaitechnologies.com
April 6, 2016
a72-246-64-113.deploy.akamaitechnologies.com
February 10, 2016
a72-246-64-136.deploy.akamaitechnologies.com
February 9, 2016
a72-246-64-129.deploy.akamaitechnologies.com
February 9, 2016
63-158-227-34.dia.static.qwest.net
February 2, 2016
63-158-227-49.dia.static.qwest.net
February 2, 2016
File downloads found at URLs served by fbdca1aa8b880016bf93-fe8db8e793d145b7a307239462d85480.r72.cf5.rackcdn.com.
The following 17 files have been seen to comunicate with fbdca1aa8b880016bf93-fe8db8e793d145b7a307239462d85480.r72.cf5.rackcdn.com in live environments.