208.73.211.192

Rook Media USA, Inc.

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 208.73.211.192 is Rook Media USA, Inc. and located in New York within the United States. Currently there are 4 domain names that utilize this address. The primary domain hosted by this IP is dn.4shared.net along with 3 other domains which are known adware distribution web sites.
Scanner detections:
Detections  (72% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.RedSkySpzoo.x, PUP.Optional.RedSkySpzoo.i, PUP.Optional.RedSkySpzoo.d, PUP.Optional.RedSkySpzoo.Y, PUP.Optional.RedSkySpzoo.FF, Win32.Generic.RedSkySpzoo.Installer.Meta
66.67%

Dr.Web
Threat.Undefined, Adware.Downware.460, Detection.Undefined, Adware.Toolbar.596
38.46%

VIPRE Antivirus
Threat.4150696
23.08%

avast!
Win.Threat.Undefined
15.38%

Kaspersky
not-a-virus:AdWare.Win32.Codiby
15.38%

Malwarebytes
PUP.Optional.DownTango.A
12.82%

Trend Micro House Call
TROJ_GE.008BEABE, HV_ZYX_CA223D82.TOMC, HV_ZYX_BK083E88.TOMC
12.82%

Antiy Labs AVL
Trojan[:HEUR]/Win32.Unknown
12.82%

G Data
Win32.Application.SimplyTech
12.82%

NANO AntiVirus
Riskware.Win32.MLW.cumlwl
7.69%

The following domains resolved to the IP address 208.73.211.192.

File URLs download from 208.73.211.192.

3 / 68      (PUP)

1 / 68      (inconclusive)
http://dn.4shared.net/?u=http://www37.zippyshare.com/v/.../file.html&n=Backroom Casting Couch 2012 SiteRip 163 Videos 52 GB September 2012 BackroomCastingCouch  (backroom_casting_couch_2012_siterip_163_videos_52_gb_september_2012_backroomcastingcouch_downloader.)

1 / 68      (PUP)
http://dn.4shared.net/?u=http://.../?eef442e439lnnl2&n=DJ_Drama-Lil_Wayne-Dedication_4-FREEONSMASH COM  (dj_drama-lil_wayne-dedication_4-freeonsmash_com_downloader.exe)

1 / 68      (PUP)

3 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (PUP)

 
Latest 30 of 55 download URLs

The geographical location of this IP address.

Country:
United States (US)

Region:
New York

City:
Florida

Coordinates:
41.3282, -74.3488

The ARIN network assigned organization for IP address 208.73.211.192.

Org name:
Rook Media USA, Inc.

Org identifier:
RMU-5

Org country:
United States (US)

Org region:
New York

Org city:
Florida

Org address:
1 Meadow Road

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=208.73.211.192?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange: 208.73.208.0 - 208.73.211.255
CIDR: 208.73.208.0/22
NetName: ROOK-MEDIA-01
NetHandle: NET-208-73-208-0-1
Parent: NET208 (NET-208-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Rook Media USA, Inc. (RMU-5)
RegDate: 2006-12-28
Updated: 2015-01-23
Ref: http://whois.arin.net/rest/net/NET-208-73-208-0-1



OrgName: Rook Media USA, Inc.
OrgId: RMU-5
Address: 1 Meadow Road
Address: Suite 210
City: Florida
StateProv: NY
PostalCode: 10921
Country: US
RegDate: 2014-09-03
Updated: 2015-07-28
Ref: http://whois.arin.net/rest/org/RMU-5


OrgNOCHandle: OPERA489-ARIN
OrgNOCName: operations
OrgNOCPhone: +1-469-269-2764
OrgNOCEmail: operations@domainsponsor.com
OrgNOCRef: http://whois.arin.net/rest/poc/OPERA489-ARIN

OrgTechHandle: OPERA489-ARIN
OrgTechName: operations
OrgTechPhone: +1-469-269-2764
OrgTechEmail: operations@domainsponsor.com
OrgTechRef: http://whois.arin.net/rest/poc/OPERA489-ARIN

OrgAbuseHandle: ABUSE4830-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-469-269-2764
OrgAbuseEmail: abuse@domainsponsor.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE4830-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
40034

ASName:
CONFLUENCE-NETWORK-INC - Confluence Networks Inc,VG

ASHandle:
AS40034

Remove Malware from 208.73.211.192 - Powered by Reason Core Security