The domain download2.manycam.com registered by Visicom Media Inc. was initially registered in March of 2006 through DNC HOLDINGS, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrant:
Visicom Media Inc.
Registrar:
DNC HOLDINGS, INC.
Server location:
Virginia, United States (US)
Create date:
Wednesday, March 22, 2006
Expires date:
Monday, March 22, 2021
Updated date:
Wednesday, November 20, 2013
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US
Scanner detections:
Detections (74% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.ManyCamVirtualWebcam.VisicomMedia.M, PUP.ManyCamVirtualWebcam.VisicomMedia.Z, PUP.ManyCamVirtualWebcam.VisicomMedia.W, PUP.Visicom.ManyCam (L), Threat.Win.Reputation.IMP, Win32.Generic, PUP.Visicom.Toolbar.Installer.Meta (M), PUP.Visicom.VisicomM.Installer.Meta (M)
70.00%
Rising Antivirus
PE:PUA.Infector!1.9C44, NS:Malware.Install!1.9F62, PE:Malware.XPACK/RDM!5.1
30.00%
ESET NOD32
Win32/Toolbar.Visicom (variant), Win32/Bundled.Toolbar.Ask (variant)
27.50%
Trend Micro House Call
TROJ_GEN.F47V1023, TROJ_GEN.F47V0203, TROJ_GEN.F47V0305
22.50%
Dr.Web
Tool.InstallToolbar.129, Tool.InstallToolbar.174, hacktool program Tool.InstallToolbar.189
20.00%
Malwarebytes
PUP.Optional.MyStartTB.A
10.00%
Emsisoft Anti-Malware
Win32.Parite
10.00%
Vba32 AntiVirus
TrojanDownloader.Genome
10.00%
Agnitum Outpost
PUA.Toolbar.Ask, Riskware.InstallToolbar
7.50%
Bkav FE
W32.HfsAdware
5.00%
ESET NOD32
Win32/Toolbar.Visicom.F potentially unwanted application
2.50%
The domain download2.manycam.com has been seen to resolve to the following 131 IP addresses.
server-52-85-147-206.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-125.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-111.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-93.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-83.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-47.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-44.iad12.r.cloudfront.net
August 27, 2016
server-52-85-147-216.iad12.r.cloudfront.net
August 27, 2016
server-52-84-127-156.iad16.r.cloudfront.net
August 26, 2016
server-52-84-127-142.iad16.r.cloudfront.net
August 26, 2016
server-52-84-127-135.iad16.r.cloudfront.net
August 26, 2016
server-52-84-127-83.iad16.r.cloudfront.net
August 26, 2016
server-52-84-127-74.iad16.r.cloudfront.net
August 26, 2016
server-52-84-127-45.iad16.r.cloudfront.net
August 26, 2016
server-52-84-127-7.iad16.r.cloudfront.net
August 26, 2016
server-52-84-127-184.iad16.r.cloudfront.net
August 26, 2016
server-52-85-147-40.iad12.r.cloudfront.net
August 24, 2016
server-52-85-147-18.iad12.r.cloudfront.net
August 24, 2016
server-52-85-147-249.iad12.r.cloudfront.net
August 24, 2016
server-52-85-147-215.iad12.r.cloudfront.net
August 24, 2016
server-52-85-147-167.iad12.r.cloudfront.net
August 24, 2016
server-52-85-147-148.iad12.r.cloudfront.net
August 24, 2016
server-52-85-147-138.iad12.r.cloudfront.net
August 24, 2016
server-52-85-147-115.iad12.r.cloudfront.net
August 24, 2016
server-54-230-194-24.iad53.r.cloudfront.net
July 29, 2016
server-54-230-194-250.iad53.r.cloudfront.net
July 29, 2016
server-54-230-194-244.iad53.r.cloudfront.net
July 29, 2016
server-54-230-194-157.iad53.r.cloudfront.net
July 29, 2016
server-54-230-194-147.iad53.r.cloudfront.net
July 29, 2016
server-54-230-194-141.iad53.r.cloudfront.net
July 29, 2016
Showing 30 of 131 IP Addresses
File downloads found at URLs served by download2.manycam.com.
The following 32 files have been seen to comunicate with download2.manycam.com in live environments.
URL:
http://download2.manycam.com/
Network:
Amazon Cloudfront
SSL certificate subject:
CN=*.manycam.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)15, OU=GT36371141
SSL certificate issuer:
CN=RapidSSL SHA256 CA - G3, O=GeoTrust Inc., C=US
Web server:
cloudflare-nginx
Statistics are for the previous month.