dfe8370a2961598fcf36-78e3d3d82d3ad0a3905742af01c7c45f.r91.cf5.rackcdn.com

Rackspace US, Inc.

Domain Information

The domain dfe8370a2961598fcf36-78e3d3d82d3ad0a3905742af01c7c45f.r91.cf5.rackcdn.com registered by Rackspace US, Inc. was initially registered in December of 2010 through CSC CORPORATE DOMAINS, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
CSC CORPORATE DOMAINS, INC.

Server location:
Massachusetts, United States (US)

Create date:
Wednesday, December 15, 2010

Expires date:
Thursday, December 15, 2016

Updated date:
Saturday, December 12, 2015

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.PitayaTech.J, PUP.PitayaTech.D, PUP.AcaiTech.D
100.00%

G Data
Gen:Variant.Kazy.461155, Gen:Variant.Graftor.160428, Win32.Trojan.Agent.GBUBO2
80.00%

Avira AntiVirus
TR/Rogue.86352, TR/Graftor.429368
80.00%

Vba32 AntiVirus
TrojanDownloader.Agent
80.00%

MicroWorld eScan
Gen:Variant.Kazy.461155, Gen:Variant.Graftor.160428
60.00%

Agnitum Outpost
Trojan.DL.Agent
60.00%

Bitdefender
Gen:Variant.Kazy.461155, Gen:Variant.Graftor.160428
60.00%

Lavasoft Ad-Aware
Gen:Variant.Kazy.461155, Gen:Variant.Graftor.160428
60.00%

Emsisoft Anti-Malware
Gen:Variant.Kazy.461155, Gen:Variant.Graftor.160428
60.00%

F-Secure
Gen:Variant.Kazy.461155, Gen:Variant.Graftor.160428
60.00%

Malwarebytes
PUP.Optional.PitayaTech.A
60.00%

McAfee
Artemis!2AF27D1CE67F, Artemis!6A5B12DD0884
40.00%

Trend Micro House Call
Suspicious_GEN.F47V1111, Suspicious_GEN.F47V1127
40.00%

Dr.Web
Trojan.DownLoader11.40958, Adware.Shopper.821
40.00%

ESET NOD32
Win32/Toolbar.BitCocktail (variant)
40.00%

The domain dfe8370a2961598fcf36-78e3d3d82d3ad0a3905742af01c7c45f.r91.cf5.rackcdn.com has been seen to resolve to the following 6 IP addresses.

May 15, 2016

May 15, 2016

63-158-227-49.dia.static.qwest.net
February 28, 2016

63-158-227-17.dia.static.qwest.net
February 28, 2016

a72-246-64-131.deploy.akamaitechnologies.com
February 6, 2016

a72-246-64-114.deploy.akamaitechnologies.com
February 6, 2016

File downloads found at URLs served by dfe8370a2961598fcf36-78e3d3d82d3ad0a3905742af01c7c45f.r91.cf5.rackcdn.com.

3 / 68      (Adware)

The following 11 files have been seen to comunicate with dfe8370a2961598fcf36-78e3d3d82d3ad0a3905742af01c7c45f.r91.cf5.rackcdn.com in live environments.