The domain downloader.downloadster.net is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Phoenix, Arizona within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
Arizona, United States (US)
Tuesday, March 15, 2011
Wednesday, March 15, 2017
Saturday, May 02, 2015
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US
Detections (80% detected)
W32/InstallCore.W.gen, W32/InstallCore.S.gen, W32/InstallCore.R.gen
Install Core, PUA 'Install Core'
ADWARE/InstallCore.Gen, ADWARE/InstallCore.Gen7, PUA/InstallCore.Gen
Artemis!2DDD9860F6B8, Artemis!ABE3789D4272, Trojan.GenericR-DGW!06295330F53F
Trend Micro House Call
TROJ_GEN.RCBH1CO, TROJ_GEN.F47V0218, TROJ_GEN.F47V0720
McAfee Web Gateway
Artemis!2DDD9860F6B8, BehavesLike.Win32.Obfuscated.th, GenericR-DGW!06295330F53F
Microsoft Security Essentials
Win32/InstallCore.AZ (variant), Win32/InstallCore.BL
The domain downloader.downloadster.net has been seen to resolve to the following 4 IP addresses.
File downloads found at URLs served by downloader.downloadster.net.
SSL certificate subject:
CN=sni28240.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated
SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB