gensokyo.org

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain gensokyo.org is registered by proxy through GoDaddy.com, LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in Aurora, Colorado within the United States which resides on the Unified Layer network.
Registrar:
GoDaddy.com, LLC

Server location:
Colorado, United States (US)

ASN:
AS46606 UNIFIEDLAYER-AS-1 - Unified Layer,US

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Bkav FE
W32.Clodf57.Trojan, W32.Clod279.Trojan
100.00%

McAfee
Artemis!F19EF720E897, Artemis!0232C222A572
100.00%

F-Prot
W32/SecRisk-ProcessPatcher-Sml-
100.00%

McAfee Web Gateway
Artemis!F19EF720E897, Artemis!0232C222A572
100.00%

Commtouch SDK
W32/SecRisk-ProcessPatcher-Sml-
100.00%

MicroWorld eScan
Trojan.Generic.11083135
50.00%

K7 AntiVirus
Virus
50.00%

Norman
Suspicious_Gen4.ERPWG
50.00%

Lavasoft Ad-Aware
Trojan.Generic.11083135
50.00%

F-Secure
Trojan.Generic.11083135
50.00%

IKARUS anti.virus
Trojan.SuspectCRC
50.00%

VIPRE Antivirus
RiskTool.Win32.ProcessPatcher.Sml!cobra
50.00%

The domain gensokyo.org has been seen to resolve to the following IP address.

70-40-202-40.unifiedlayer.com
May 1, 2014

File downloads found at URLs served by gensokyo.org.

6 / 68      (Malware)
http://gensokyo.org/SokuEnglishTranslation-v1_1a.exe  (0232c222a572c593f89b485446e9f0a5)

11 / 68    (Malware)
http://gensokyo.org/SWREnglishTranslation-v1_1a.exe  (f19ef720e8978028a83853e286add867)

July 23, 2014

URL:
http://gensokyo.org/

Title:
“Gensokyo.org”

Web server:
nginx/1.8.1

Facebook:
Likes:  30
Shares:  115
Comments:  93

Statistics above are for the previous month of September 2017.