Question
2362 views

Contacting:\\di.rlcdn.com

John0719 asked on

All,

When starting up Outlook (contacting:\\di.rlcdn.com) comes up and runs for a while and then outlook comes up. While visiting my outlook msn.com site to review email this same statement comes up and outlook goes into "not responding" mode and then it goes away and outlook is back up and running. I did not see this happen on my gmail or mac email accounts in outlook. I ran virus and malware and none did anything to stop this action. I simply removed all of my email sites from outlook and am no longer using outlook for email until I resolve this issue.

John

46 people had this question

Abuse history


The answered status icon Answer
DavidCoffmanFLIT replied on

Hey John,

I too am having this problem. I have been able to trace the domain back to a California based company called LiveRamp. They appear to be an identity protection company, though I am not sure exactly how they would be able to get access to your outlook without your permission unless they are using less than honest methods. Below I will list the information I found regarding the domain.

Raw WHOIS Record
Domain Name: RLCDN.COM
Registry Domain ID: 1572860878_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2016-11-26T17:26:31Z
Creation Date: 2009-10-20T03:59:44Z
Registrar Registration Expiration Date: 2017-11-26T04:59:59Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: *** Email address is removed for privacy ***
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
Registry Registrant ID: Not Available From Registry
Registrant Name: LiveRamp Inc.
Registrant Organization: LiveRamp, Inc.
Registrant Street: 667 Mission Street
Registrant Street: Fl 4
Registrant City: San Francisco
Registrant State/Province: California
Registrant Postal Code: 94105
Registrant Country: US
Registrant Phone: +1.8663523267
Registrant Phone Ext: 
Registrant Fax: 
Registrant Fax Ext: 
Registrant Email: *** Email address is removed for privacy ***
Registry Admin ID: Not Available From Registry
Admin Name: LiveRamp Inc.
Admin Organization: LiveRamp, Inc.
Admin Street: 667 Mission Street
Admin Street: Fl 4
Admin City: San Francisco
Admin State/Province: California
Admin Postal Code: 94105
Admin Country: US
Admin Phone: +1.8663523267
Admin Phone Ext: 
Admin Fax: 
Admin Fax Ext: 
Admin Email: *** Email address is removed for privacy ***
Registry Tech ID: Not Available From Registry
Tech Name: LiveRamp Inc.
Tech Organization: LiveRamp, Inc.
Tech Street: 667 Mission Street
Tech Street: Fl 4
Tech City: San Francisco
Tech State/Province: California
Tech Postal Code: 94105
Tech Country: US
Tech Phone: +1.8663523267
Tech Phone Ext: 
Tech Fax: 
Tech Fax Ext: 
Tech Email: *** Email address is removed for privacy ***
Name Server: NS-45.AWSDNS-05.COM
Name Server: NS-662.AWSDNS-18.NET
Name Server: NS-1306.AWSDNS-35.ORG
Name Server: NS-1925.AWSDNS-48.CO.UK
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2017-01-27T00:00:00Z <<<

For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en

The data contained in GoDaddy.com, LLC's WhoIs database,
while believed by the company to be reliable, is provided "as is"
with no guarantee or warranties regarding its accuracy.  This
information is provided for the sole purpose of assisting you
in obtaining information about domain name registration records.
Any use of this data for any other purpose is expressly forbidden without the prior written
permission of GoDaddy.com, LLC.  By submitting an inquiry,
you agree to these terms of usage and limitations of warranty.  In particular,
you agree not to use this data to allow, enable, or otherwise make possible,
dissemination or collection of this data, in part or in its entirety, for any
purpose, such as the transmission of unsolicited advertising and
and solicitations of any kind, including spam.  You further agree
not to use this data to enable high volume, automated or robotic electronic
processes designed to collect or compile this data for any purpose,
including mining this data for your own personal or commercial purposes. 

Please note: the registrant of the domain name is specified
in the "registrant" section.  In most cases, GoDaddy.com, LLC 
is not the registrant of domain names listed in this database.

3 people found this helpful

Abuse history


The answered status icon Answer
JanetLyman0514 replied on

This happened yesterday. I set up a rule to move Best buy emails to Junk and then delete. So I wasn't having an issue with my email today. However I was using Edge and going into Twitter and I saw a notice from Norton they were blocking access by a fake website. Next thing that happened is this voice started talking and a screen looking like it was from Microsoft at the top. she kept repeating you have been infected it is very important that you call Microsoft NOW.  There was a number at the bottom of the screen I called to see what they would say and he told me that Microsoft calls when infected so I questioned him since I had had a virus awhile ago and nothing came up on the screen. So he just wanted to give me instructions how to fix the problem which led to a screen Rescue Let Me In and so I looked up the program (which I believe is legit for remote access but being used by this co to get into your computer). So I told him my computer was frozen and I had to reboot it and he was very impatient and insisting I listen and follow his instructions he is trying help me. The inquiry I did about Let Me In asked if it was a scam and the first thing that popped up was its use by a company called Live Wire (which I believe is the name someone found relating to the URL in email)so I hung up the phone. He called back not from the 844-884-xxxx number but a 4xx area code and a personal name on the display. I hung up again after telling him I was aware his was attempting to install Ransomware on my computer so don't call back.  I then disconnect my desktop and dropped it off at my PC tech company to clean.

His initial run of several programs found 6 items which he deleted that related to Edge which is the browser I was in when todays fiasco started but another program didn't appear to find any Ransomware installed but a much longer program is being run now to check for encrypted files, typical Ransomware file names, etc. 

So it appears just clicking on the email installed something that caused todays popup warning about infection.

1 person found this helpful

Abuse history


progress