Domain > a.rfihub.com

Date	Domain	IP
usw1-20.usw1-rtb1.rfihub.com	2024-06-20	54.183.250.121
usw1-21.usw1-rtb1.rfihub.com	2024-09-12	52.8.136.151
usw1-22.usw1-rtb1.rfihub.com	2024-10-22	52.8.136.151
usw1-23.usw1-rtb1.rfihub.com	2024-10-22	52.8.136.151
usw1-24.usw1-rtb1.rfihub.com	2024-06-20	54.183.250.121
usw1-25.usw1-rtb1.rfihub.com	2024-10-22	52.8.136.151
ewr-287.ewr-rtb1.rfihub.com	2025-04-11	199.38.167.152
ewr-348.ewr-rtb1.rfihub.com	2025-03-20	199.38.167.152
ams-100.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-10.ams-rtb1.rfihub.com	2025-04-30	193.0.160.154
ams-110.ams-rtb1.rfihub.com	2025-05-01	193.0.160.152
ams-20.ams-rtb1.rfihub.com	2025-04-10	193.0.160.152
ams-120.ams-rtb1.rfihub.com	2025-04-10	193.0.160.154
ams-30.ams-rtb1.rfihub.com	2024-09-02	193.0.160.152
ams-150.ams-rtb1.rfihub.com	2025-04-22	193.0.160.152
ams-70.ams-rtb1.rfihub.com	2024-12-30	193.0.160.154
ams-170.ams-rtb1.rfihub.com	2025-04-10	193.0.160.154
ams-90.ams-rtb1.rfihub.com	2025-05-04	193.0.160.152
ams-11.ams-rtb1.rfihub.com	2025-04-28	193.0.160.152
ams-111.ams-rtb1.rfihub.com	2025-04-30	193.0.160.152
ams-121.ams-rtb1.rfihub.com	2025-05-07	193.0.160.154
ams-131.ams-rtb1.rfihub.com	2025-03-20	193.0.160.154
ams-231.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-41.ams-rtb1.rfihub.com	2025-05-10	193.0.160.154
ams-71.ams-rtb1.rfihub.com	2025-04-01	193.0.160.154
ams-171.ams-rtb1.rfihub.com	2025-04-22	193.0.160.154
ams-191.ams-rtb1.rfihub.com	2025-02-21	193.0.160.154
ams-2.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-102.ams-rtb1.rfihub.com	2025-04-23	193.0.160.154
ams-12.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-112.ams-rtb1.rfihub.com	2025-03-20	193.0.160.154
ams-122.ams-rtb1.rfihub.com	2025-05-05	193.0.160.154
ams-152.ams-rtb1.rfihub.com	2025-04-10	193.0.160.154
ams-162.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-172.ams-rtb1.rfihub.com	2025-03-20	193.0.160.154
ams-92.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-192.ams-rtb1.rfihub.com	2025-01-20	193.0.160.154
ams-103.ams-rtb1.rfihub.com	2025-04-10	193.0.160.154
ams-113.ams-rtb1.rfihub.com	2025-04-30	193.0.160.152
ams-23.ams-rtb1.rfihub.com	2025-04-10	193.0.160.152
ams-233.ams-rtb1.rfihub.com	2025-05-03	193.0.160.152
ams-153.ams-rtb1.rfihub.com	2025-01-20	193.0.160.154
ams-163.ams-rtb1.rfihub.com	2025-03-20	193.0.160.154
ams-193.ams-rtb1.rfihub.com	2025-01-20	193.0.160.152
ams-4.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-14.ams-rtb1.rfihub.com	2024-09-12	193.0.160.152
ams-114.ams-rtb1.rfihub.com	2025-05-02	193.0.160.154
ams-24.ams-rtb1.rfihub.com	2025-04-22	193.0.160.154
ams-124.ams-rtb1.rfihub.com	2025-02-04	193.0.160.152
ams-134.ams-rtb1.rfihub.com	2025-04-27	193.0.160.154
ams-234.ams-rtb1.rfihub.com	2025-04-28	193.0.160.152
ams-154.ams-rtb1.rfihub.com	2025-05-02	193.0.160.154
ams-164.ams-rtb1.rfihub.com	2025-01-20	193.0.160.154
ams-74.ams-rtb1.rfihub.com	2025-03-20	193.0.160.154
ams-174.ams-rtb1.rfihub.com	2025-01-20	193.0.160.154
ams-94.ams-rtb1.rfihub.com	2025-05-12	193.0.160.152
ams-194.ams-rtb1.rfihub.com	2024-12-30	193.0.160.152
ams-15.ams-rtb1.rfihub.com	2025-01-23	193.0.160.152
ams-115.ams-rtb1.rfihub.com	2025-04-22	193.0.160.152
ams-135.ams-rtb1.rfihub.com	2025-04-10	193.0.160.152
ams-75.ams-rtb1.rfihub.com	2025-04-08	193.0.160.152
ams-175.ams-rtb1.rfihub.com	2025-03-20	193.0.160.154
ams-85.ams-rtb1.rfihub.com	2025-04-10	193.0.160.152
ams-95.ams-rtb1.rfihub.com	2025-01-20	193.0.160.154
ams-195.ams-rtb1.rfihub.com	2024-12-28	193.0.160.154
ams-116.ams-rtb1.rfihub.com	2025-04-10	193.0.160.154
ams-136.ams-rtb1.rfihub.com	2025-04-26	193.0.160.152
ams-156.ams-rtb1.rfihub.com	2025-04-28	193.0.160.152
ams-166.ams-rtb1.rfihub.com	2025-03-20	193.0.160.154
ams-176.ams-rtb1.rfihub.com	2025-04-21	193.0.160.154
ams-86.ams-rtb1.rfihub.com	2024-05-21	193.0.160.154
ams-186.ams-rtb1.rfihub.com	2025-01-20	193.0.160.152
ams-96.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-196.ams-rtb1.rfihub.com	2025-04-10	193.0.160.154
ams-7.ams-rtb1.rfihub.com	2025-04-10	193.0.160.152
ams-117.ams-rtb1.rfihub.com	2024-12-30	193.0.160.154
ams-147.ams-rtb1.rfihub.com	2024-09-14	193.0.160.154
ams-157.ams-rtb1.rfihub.com	2025-05-02	193.0.160.154
ams-87.ams-rtb1.rfihub.com	2025-04-10	193.0.160.152
ams-187.ams-rtb1.rfihub.com	2025-04-26	193.0.160.152
ams-18.ams-rtb1.rfihub.com	2025-04-28	193.0.160.152
ams-118.ams-rtb1.rfihub.com	2025-04-25	193.0.160.154
ams-28.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-128.ams-rtb1.rfihub.com	2025-03-20	193.0.160.154
ams-38.ams-rtb1.rfihub.com	2025-04-10	193.0.160.152
ams-138.ams-rtb1.rfihub.com	2024-12-30	193.0.160.154
ams-158.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-168.ams-rtb1.rfihub.com	2025-04-30	193.0.160.154
ams-178.ams-rtb1.rfihub.com	2025-04-28	193.0.160.154
ams-88.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-188.ams-rtb1.rfihub.com	2025-04-10	193.0.160.152
ams-98.ams-rtb1.rfihub.com	2025-04-10	193.0.160.152
ams-19.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-119.ams-rtb1.rfihub.com	2025-04-22	193.0.160.152
ams-29.ams-rtb1.rfihub.com	2025-03-20	193.0.160.152
ams-39.ams-rtb1.rfihub.com	2025-04-10	193.0.160.154
ams-139.ams-rtb1.rfihub.com	2025-01-20	193.0.160.152
ams-159.ams-rtb1.rfihub.com	2025-04-30	193.0.160.152
ams-189.ams-rtb1.rfihub.com	2025-03-20	193.0.160.154
ams-99.ams-rtb1.rfihub.com	2025-01-20	193.0.160.152
lax-120.lax-rtb1.rfihub.com	2025-04-15	199.38.167.130
lax-140.lax-rtb1.rfihub.com	2025-04-11	199.38.167.131
lax-271.lax-rtb1.rfihub.com	2025-03-21	199.38.167.130
lax-142.lax-rtb1.rfihub.com	2025-03-21	199.38.167.131
js2.rfihub.com	2024-09-12	18.161.6.3
a.rfihub.com	2014-01-17	185.31.128.232
smd.rfihub.com	2025-03-23	199.38.167.131
recs-prod.rfihub.com	2024-04-15	18.211.4.195
www.base64decode.orgeud.rfihub.com	2024-05-14	198.8.71.130
rud.rfihub.com	2025-03-28	199.38.167.130
com.rfihub.com	2025-03-20	199.38.167.130
oo.rfihub.com	2025-01-21	199.38.167.130
p.rfihub.com	2013-10-28	193.0.160.244
20860870p.rfihub.com	2025-01-10	199.38.167.131
20800390p.rfihub.com	2025-03-17	199.38.167.131
20725331p.rfihub.com	2025-01-18	199.38.167.131
20841163p.rfihub.com	2024-12-03	199.38.167.130
20846493p.rfihub.com	2025-04-26	199.38.167.130
20859514p.rfihub.com	2025-03-24	199.38.167.130
20845655p.rfihub.com	2024-12-28	199.38.167.130
20788575p.rfihub.com	2025-03-20	199.38.167.131
20827285p.rfihub.com	2025-03-25	199.38.167.130
20830466p.rfihub.com	2025-03-16	199.38.167.130
20858396p.rfihub.com	2024-12-22	199.38.167.131
20562657p.rfihub.com	2015-04-25	199.38.164.36
20726028p.rfihub.com	2025-01-17	199.38.167.131
20826348p.rfihub.com	2025-03-20	199.38.167.130
20839339p.rfihub.com	2025-04-17	199.38.167.130
20826349p.rfihub.com	2025-03-21	199.38.167.130
20856949p.rfihub.com	2024-10-07	199.38.167.130
2fp.rfihub.com	2025-04-18	199.38.167.131
s.rfihub.com	2025-04-15	199.38.167.130
ad-proxy-test.rfihub.com	2024-06-09	54.88.136.23
ad-proxy.rfihub.com	2024-06-16	18.210.123.107

MD5	A/V
3ccce94d979e925d13b16f7f1b99cbe6	[Type_VBS_Autorun] [VBS.Dunihi] [VBS_JENXCUS.NS] [VBS/Jenxcus-C] [UnclassifiedMalware] [VBS.Autoruner.161] [VBS/Clicker.nauzs] [Worm:VBS/Jenxcus.K] [Trojan.IEVC-3] [VBS/Autorun.BC.worm] [VBS/Kryptik.L]
f58fb6cfc42c049c1442d6ce54ea429d	[W32/new-malware!Maximus] [TR/Graftor.2081254] [Trojan.Packed.194] [Win32/DH{fGSBEiV+ICMsgRNcV04}] [Trojan-Ransom.Win32.Blocker] [Artemis!F58FB6CFC42C] [Trojan.Packed!N6hauVnIyeg] [WS.Reputation.1] [Trojan.Win32.Graftor.czubpq] [Heuristic.LooksLike.Win32.Suspicious.J] [Win32/Trojan.fad]
1c5db9ff8dd5278091bac2978f46a0b6	[W32.ATVC_OnsurotLTL.Trojan] [Trojan.Win32.Cidox.amkl] [Trojan.Win32.Heur.098] [PE:Malware.Obscure!1.9C59] [Trojan.DownLoad3.35002] [Trojan/Win32.MDA]
26e085ad8a7863b534f9a2229dd16966	[PUP.Optional.Conduit.A] [Riskware.Win32.Toolbar.cspetd] [TROJ_GE.4DCE9EB6] [Application.Win32.Conduit.~A] [Adware.Conduit.82] [Win32/Toolbar.Conduit.R] [Toolbar.Conduit]
222dc070ac4d8fdbb2c4645750a72e86
f64dc3bce4b075db1db8f7d08b142a0d	[PWSZbot-FABG!F64DC3BCE4B0] [Spyware.Zbot.ED] [WS.Reputation.1] [Win32/Poweliks.B] [Backdoor.Win32.PMax]
0106db8b1a382937be9d9e99155dc546	[Trojan-PSW.Win32.Tepfer!O] [Backdoor.Kelihos.F5] [Kelihos.BKDR] [Trojan.Win32.Hlux.dimrpg] [Win32.Backdoor.Hlux.Kc] [BackDoor.Slym.14056] [Backdoor:Win32/Kelihos.F] [Backdoor/Win32.Kelihos] [SScope.Malware-Cryptor.Hlux] [Backdoor.Win32.Hlux.AHwG] [Backdoor.Win32.Kelihos] [W32/Kryptik.BJWM!tr]
be1f85b8d9d3bab2fe0383da25c089e0	[Adware.OutBrowse.Win32.58665]
e1d874da02827333432a2c9ed92bb233
525ccf8eb72fa90be6f3845139a27a94
501ecfc123441fb7e249a54f56c39811
6d6e18d2adb6bb6aa88abe035f43b28a
72d49c412a066316cc5476073bfe30ec
928158666cd569136564b683e3bb6c6a
a9782533c21475c629168feb9c32337a
dd8a88a71f0bca3af2761fb484bbed68
253b5b1105741625311b5943f76872d0
96c8d5262b87f6be6464767542cfe8fc
1f34d53c1b360c17ec0456b68783fec4
517fc93cee1b20dba7e17cfb896d2ec7

Property	Value
NameServer	NS2.P05.DYNECT.NET
Created	2008-05-14 00:00:00
Changed	2015-05-15 00:00:00
Expires	2016-05-14 00:00:00
Registrar	GODADDY.COM, LLC

Date	IP Address
2014-01-17	185.31.128.232 (ClassC)
2014-07-01	193.0.160.238 (ClassC)
2014-11-14	205.210.186.156 (ClassC)
2024-05-21	198.8.71.131 (ClassC)
2024-06-10	198.8.71.130 (ClassC)
2025-04-16	199.38.167.131 (ClassC)
2025-05-17	199.38.167.130 (ClassC)

Is this malicious?

Files that talk to a.rfihub.com

Whois

DNS Resolutions

Port 80

Port 443

Subdomains