d.reboundalert.com

WebAppTech Coding LLC

Domain Information

The domain d.reboundalert.com registered by New Ventures Services Corp. was initially registered in July of 2015 through DOMAINARMADA.COM LLC. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in San Antonio, Texas within the United States. The domain is associated with the publisher WebAppTech Coding LLC who is located in Grandville, Michigan in the United States.
Registrar:
DOMAINARMADA.COM LLC

Server location:
Texas, United States (US)

Create date:
Wednesday, July 15, 2015

Expires date:
Friday, July 15, 2016

Updated date:
Tuesday, March 1, 2016

ASN:
AS33070 RMH-14 - Rackspace Hosting,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Comodo Security
Heur.Suspicious
85.71%

Dr.Web
Adware.Plugin.36, Adware.Yontoo.80
71.43%

ESET NOD32
Win32/ExFriendAlert
71.43%

Reason Heuristics
PUP.Installer.WebAppTechCoding.F, PUP.Injekt.WebAppTechCoding.Installer (M)
71.43%

VIPRE Antivirus
SearchDonkey, Threat.4784449, Injekt
71.43%

Trend Micro House Call
TROJ_GEN.F47V0213, TROJ_GEN.F47V0225, TROJ_GEN.RC9H1EP
57.14%

Fortinet FortiGate
W32/ExFriendAlert.A
57.14%

AVG
Skodna.Generic_r
57.14%

IKARUS anti.virus
PUA.SearchProtect, PUA.ExFriendAlert
42.86%

McAfee
Artemis!ED480D23D550
28.57%

Malwarebytes
PUP.Optional.Conduit.A
28.57%

avast!
Win32:BHO-AMO [PUP]
28.57%

Agnitum Outpost
Riskware.Agent
28.57%

herdProtect (fuzzy)
a variant of 38300230615331b6ff0a9704e0b5a84ee922a9df, a variant of 142baaa6ee5f1777ceb4501f570b68aa202a2ac0
28.57%

Avira AntiVirus
TR/Trash.Gen
28.57%

The domain d.reboundalert.com has been seen to resolve to the following 4 IP addresses.

May 15, 2016

March 3, 2016

December 7, 2015

August 11, 2015

File downloads found at URLs served by d.reboundalert.com.

1 / 68      (Adware)
http://d.reboundalert.com/ReboundAlert/479/.../Setup.exe  (73d9115b850799fce2b29e70115d33e7)

8 / 68      (Adware)
http://d.reboundalert.com/ReboundAlert/479/.../Setup.exe  (ae0ef34a1f6e15c77e2ddad26339834d)

9 / 68      (Adware)
http://d.reboundalert.com/ReboundAlert/479/.../Setup.exe  (ed480d23d550c248fe6ab8d7cf2fb520)

11 / 68    (Adware)
http://d.reboundalert.com/ReboundAlert/485/.../Setup.exe  (c5a9dde08ddb688042e52d85e7f85d62)

11 / 68    (Adware)
http://d.reboundalert.com/ReboundAlert/479/.../Setup.exe  (5d8a7b005993e2a2c4f175f15981696e)

11 / 68    (PUP)
http://d.reboundalert.com/ReboundAlert/479/.../Setup.exe  (6aef1b32d45063ceb55de9d6759be7d5)

8 / 68      (PUP)
http://d.reboundalert.com/ReboundAlert/479/.../Setup.exe  (7c818d7bf375277824d096f6223470d4)

The following 7 files have been seen to comunicate with d.reboundalert.com in live environments.

URL:
http://d.reboundalert.com/

Web server:
Apache