www-squid.cluster10.fb-hosting-apps.com

Whois Privacy Corp.

Domain Information

The domain www-squid.cluster10.fb-hosting-apps.com registered by Whois Privacy Corp. was initially registered in January of 2013 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
INTERNET DOMAIN SERVICE BS CORP

Server location:
Northern Ireland, United Kingdom (GB)

Create date:
Saturday, January 5, 2013

Expires date:
Thursday, January 5, 2017

Updated date:
Wednesday, January 6, 2016

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Win.Reputation, PUP.Installer.Ukra2006.r, PUP.Installer.Ukra2006.c, PUP.Installer.KOMPANIYAR.g, PUP.Installer.Ukra2006.?, PUP.Amonetize.Ukra2006.Bundler (M), Threat.Win.Reputation.IMP, PUP.Amonetize (M)
100.00%

G Data
Application.Bundler.Amonetize, Win32.Application.Amonetize, Gen:Variant.Application.Bundler.Amonetize.11, Gen:Variant.Application.Bundler.Amonetize.12
88.89%

F-Secure
Application.Bundler.Amonetize, Gen:Variant.Application.Bundler
86.11%

Lavasoft Ad-Aware
Application.Bundler.Amonetize.N, Gen:Variant.Application.Bundler.Amonetize.10, Gen:Variant.Application.Bundler.Amonetize.11
83.33%

ESET NOD32
Win32/Amonetize.BI (variant), Win32/Amonetize.BD (variant), Win32/Amonetize.BK (variant), Win32/Amonetize.BM (variant), Win32/Amonetize.BN (variant)
80.56%

MicroWorld eScan
Application.Bundler.Amonetize.N, Gen:Variant.Application.Bundler.Amonetize.10, Gen:Variant.Application.Bundler.Amonetize.11, Gen:Variant.Application.Bundler.Amonetize.12
77.78%

Malwarebytes
PUP.Optional.Downloader, PUP.Optional.Amonetize
77.78%

Bitdefender
Application.Bundler.Amonetize.N, Gen:Variant.Application.Bundler.Amonetize.10, Gen:Variant.Application.Bundler.Amonetize.11
77.78%

AhnLab V3 Security
PUP/Win32.Amonetiz, PUP/Win32.Amonetize
75.00%

Avira AntiVirus
APPL/Amonetize.Z, ADWARE/Adware.Gen2, APPL/Amonetize.148252, APPL/Amonetize.htzw, Adware/Amonetize.Z, ADWARE/Amonetize.kpa
75.00%

AVG
Generic, Ukra, Generic_r, Toolbar
69.44%

Dr.Web
Adware.Downware.5913, Adware.Downware.8012, Adware.Downware.8331, Adware.Downware.6861, Trojan.Amonetize.3782
66.67%

NANO AntiVirus
Riskware.Win32.Amonetize.dchxoa, Riskware.Win32.Amonetize.ddabxo, Riskware.Win32.Amonetize.ddppzt, Riskware.Win32.Amonetize.ddtnan
61.11%

Kaspersky
not-a-virus:AdWare.Win32.Amonetize, not-a-virus:HEUR:AdWare.Win32.Amonetize
58.33%

Baidu Antivirus
Adware.Win32.Amonetize, Adware.Win32.Agent, PUA.Win32.Amonetize
55.56%

The domain www-squid.cluster10.fb-hosting-apps.com has been seen to resolve to the following 7 IP addresses.

July 23, 2016

ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
June 6, 2016

May 21, 2016

ns1.ibspark.com
January 28, 2016

unallocated.barefruit.co.uk
May 3, 2015

August 7, 2014

August 7, 2014

File downloads found at URLs served by www-squid.cluster10.fb-hosting-apps.com.

 
Latest 30 of 161 download URLs

The following 578 files have been seen to comunicate with www-squid.cluster10.fb-hosting-apps.com in live environments.

 
Latest 20 of 603 files

URL:
http://www-squid.cluster10.fb-hosting-apps.com/

Title:
“fb-hosting-apps.com”

Web server:
nginx