downloader.downloadster.net

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain downloader.downloadster.net is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Strasbourg, Alsace within France which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Alsace, France (FR)

Create date:
Tuesday, March 15, 2011

Expires date:
Wednesday, March 15, 2017

Updated date:
Saturday, May 02, 2015

ASN:
AS8972 PLUSSERVER-AS PlusServer AG,DE

Root domain:

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

F-Prot
W32/InstallCore.W.gen, W32/InstallCore.S.gen, W32/InstallCore.R.gen
100.00%

Sophos
Install Core, PUA 'Install Core'
100.00%

Dr.Web
Adware.InstallCore.86, Adware.InstallCore.122
100.00%

VIPRE Antivirus
InstallCore, Threat.4786018
100.00%

Avira AntiVirus
ADWARE/InstallCore.Gen, ADWARE/InstallCore.Gen7, PUA/InstallCore.Gen
100.00%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594, PE:Malware.InstallCore!6.4
100.00%

McAfee
Artemis!2DDD9860F6B8, Artemis!ABE3789D4272, Artemis!203F7D011B8C, Trojan.GenericR-DGW!06295330F53F
80.00%

Trend Micro House Call
TROJ_GEN.RCBH1CO, TROJ_GEN.F47V0218, TROJ_GEN.F47V0720
80.00%

McAfee Web Gateway
Artemis!2DDD9860F6B8, BehavesLike.Win32.Obfuscated.th, Artemis!203F7D011B8C, GenericR-DGW!06295330F53F
80.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
80.00%

Comodo Security
UnclassifiedMalware, ApplicUnwnt
80.00%

K7 AntiVirus
Unwanted-Program, Unwanted-Program
80.00%

Microsoft Security Essentials
SoftwareBundler:Win32/DealPly
60.00%

ESET NOD32
Win32/InstallCore.AZ (variant), Win32/InstallCore.BL
60.00%

IKARUS anti.virus
SoftwareBundler, Backdoor.Hupigon
60.00%

The domain downloader.downloadster.net has been seen to resolve to the following 5 IP addresses.

static-ip-62-75-207-166.inaddr.ip-pool.com
February 22, 2016

August 12, 2014

August 12, 2014

February 7, 2014

February 7, 2014

File downloads found at URLs served by downloader.downloadster.net.

URL:
http://downloader.downloadster.net/

SSL certificate subject:
CN=sni28240.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
nginx/1.0.15 (PHP/5.3.3)