a.cloudfiftyfive.com

Corp New Ventures Services

Domain Information

The domain a.cloudfiftyfive.com registered by Corp New Ventures Services was initially registered in September of 2015 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
MAJOR LEAGUE DOMAINS, LLC

Server location:
Arizona, United States (US)

Create date:
Monday, September 7, 2015

Expires date:
Wednesday, September 7, 2016

Updated date:
Tuesday, October 6, 2015

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Bundlore.F, PUP.Installer.LIImpact.F, PUP.LIImpact.Installer (M), PUP.Softpulse.DigitalPluginSl.Bundler (M), PUP.Adknowledge.OptimumInstaller.Installer (M), PUP.Softpulse.SoftpulseU.Bundler (M), PUP.VideoPluginsoftware.Installer (M), PUP.Outbrowse.Bundler (M), PUP.Air Software.Installe.Installer (M), PUP.Air Software.AirSoftw.Bundler (M), Threat.Win.Reputation.IMP, PUP.Adknowledge.Fileange.Bundler (M), PUP.Tuguu.Bundler (M), PUP (M)
100.00%

avast!
Win32:Bundlore-A [PUP], Adware-AQY [PUP], Win32:Installer-J [PUP]
19.51%

Dr.Web
Adware.Downware.925, Adware.Downware.1052, Adware.Downware.618
19.51%

VIPRE Antivirus
Bundlore, Threat.4740961, Threat.4778314
19.51%

Malwarebytes
PUP.Optional.Bundlore, Adware.Hotbar, PUP.Bundle.Installer.OI
19.51%

McAfee
Artemis!D0AA0A857FBF, RDN/Generic PUP.x!cgx, Program.Adware-FOO
19.51%

ESET NOD32
Win32/Adware.HotBar.Q application, Win32/Adware.iBryte.D application
17.07%

NANO AntiVirus
Trojan.Win32.Generic.cymzyu, Trojan.Win32.Downware2.cstadc
17.07%

Sophos
Hotbar, PUA 'Hotbar' (of type Adware), PUA 'iBryte Optimum Installer'
17.07%

Rising Antivirus
PE:Trojan.Win32.Generic.14A71B61!346495841, PE:Adware.iBryte!1.6600
17.07%

AVG
Adware Skodna.Generic.AKJ, Adware Generic5
17.07%

Qihoo 360 Security
Trojan.Generic, Malware.QVM10.Gen
17.07%

F-Prot
W32/A-2101c46f, W32/Optim.A.gen
12.20%

Comodo Security
Application.Win32.Hotbar.Q, ApplicUnwnt.Win32.AdWare.iBryte.I
9.76%

K7 AntiVirus
Adware
9.76%

The domain a.cloudfiftyfive.com has been seen to resolve to the following 6 IP addresses.

192.230.92.93.ip.incapdns.net
August 7, 2016

199.83.132.93.ip.incapdns.net
June 24, 2016

June 3, 2016

May 31, 2016

October 7, 2015

ip-50-63-202-41.ip.secureserver.net
July 7, 2015

File downloads found at URLs served by a.cloudfiftyfive.com.

1 / 68      (Adware)
http://a.cloudfiftyfive.com/NCIC/.../Setup.exe  (a713c5702f3f94570713f6ff6ce78486)

 
Latest 30 of 42 download URLs

The following 14 files have been seen to comunicate with a.cloudfiftyfive.com in live environments.

URL:
http://a.cloudfiftyfive.com/

Google Analytics:
UA-48689684

Title:
“cloudfiftyfive.com - This website is for sale! - cloudfiftyfive Resources and Information.”

Description:
“This website is for sale! cloudfiftyfive.com is your first and best source for all of the information you’re looking for. From general topics to more of what you would expect to find here, cloudfiftyfive.com has it all. We hope you find what you...”

Web server:
nginx (PHP/5.3.3-7+squeeze28)

30 of 618 related domains