ca-cdn.windapp.net
Nosibay
Domain Information
The domain ca-cdn.windapp.net registered by Nosibay was initially registered in June of 2014 through OVH. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Seattle, Washington within the United States. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Server location:
Washington, United States (US)
Create date:
Thursday, June 19, 2014
Expires date:
Sunday, June 19, 2016
Updated date:
Monday, November 16, 2015
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.NOSIBAY.I, PUP.NOSIBAY, PUP.NOSIBAY.Installer (M)
100.00%
Dr.Web
Adware.Downware.9155, Adware.Downware.10519, Adware.Downware.9155
45.45%
VIPRE Antivirus
Threat.4791953, BubbleDock
27.27%
Bkav FE
W32.HfsAdware
27.27%
Malwarebytes
PUP.Optional.Nosibay.A
27.27%
Panda Antivirus
PUP/Nosibay
27.27%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen, suspected of Trojan.Downloader.gen.h
18.18%
Rising Antivirus
PE:Trojan.Win32.Generic.18763188!410399112, PE:Malware.Generic/QRS!1.9E2D [F]
18.18%
K7 AntiVirus
Riskware
9.09%
ESET NOD32
Win32/BubbleDock.C potentially unwanted
9.09%
Kaspersky
not-a-virus:Downloader.Win32.Bubbledock
9.09%
Sophos
Bubble Dock (PUA)
9.09%
Fortinet FortiGate
Riskware/BubbleDock
9.09%
McAfee
Artemis!AD9271F6A9BB
9.09%
The domain ca-cdn.windapp.net has been seen to resolve to the following 55 IP addresses.
server-52-85-131-148.iad53.r.cloudfront.net
May 18, 2016
server-52-85-131-145.iad53.r.cloudfront.net
May 18, 2016
server-52-85-131-128.iad53.r.cloudfront.net
May 18, 2016
server-52-85-131-18.iad53.r.cloudfront.net
May 18, 2016
server-52-85-131-226.iad53.r.cloudfront.net
May 18, 2016
server-52-85-131-180.iad53.r.cloudfront.net
May 18, 2016
server-52-85-131-168.iad53.r.cloudfront.net
May 18, 2016
server-52-85-131-161.iad53.r.cloudfront.net
May 18, 2016
server-52-85-142-223.iad12.r.cloudfront.net
May 16, 2016
server-52-85-142-218.iad12.r.cloudfront.net
May 16, 2016
server-52-85-142-208.iad12.r.cloudfront.net
May 16, 2016
server-52-85-142-197.iad12.r.cloudfront.net
May 16, 2016
server-52-85-142-118.iad12.r.cloudfront.net
May 16, 2016
server-52-85-142-109.iad12.r.cloudfront.net
May 16, 2016
server-52-85-142-68.iad12.r.cloudfront.net
May 16, 2016
server-52-85-142-18.iad12.r.cloudfront.net
May 16, 2016
server-54-230-102-77.iad2.r.cloudfront.net
April 18, 2016
server-54-230-102-37.iad2.r.cloudfront.net
April 18, 2016
server-54-230-102-16.iad2.r.cloudfront.net
April 18, 2016
server-54-230-102-222.iad2.r.cloudfront.net
April 18, 2016
server-54-230-102-216.iad2.r.cloudfront.net
April 18, 2016
server-54-230-102-193.iad2.r.cloudfront.net
April 18, 2016
server-54-230-102-182.iad2.r.cloudfront.net
April 18, 2016
server-54-230-102-97.iad2.r.cloudfront.net
April 18, 2016
server-52-85-131-8.iad53.r.cloudfront.net
April 6, 2016
server-52-85-131-194.iad53.r.cloudfront.net
April 6, 2016
server-52-85-131-189.iad53.r.cloudfront.net
April 6, 2016
server-52-85-131-174.iad53.r.cloudfront.net
April 6, 2016
server-52-85-131-163.iad53.r.cloudfront.net
April 6, 2016
server-52-85-131-106.iad53.r.cloudfront.net
April 6, 2016
Showing 30 of 55 IP Addresses
File downloads found at URLs served by ca-cdn.windapp.net.
The following 37 files have been seen to comunicate with ca-cdn.windapp.net in live environments.
URL:
http://ca-cdn.windapp.net/
Network:
Amazon Cloudfront
