geo.downloads-center.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain geo.downloads-center.com is registered by proxy through GODADDY.COM, LLC and was originally registered in February of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Tuesday, February 28, 2012

Expires date:
Tuesday, February 28, 2017

Updated date:
Monday, February 29, 2016

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Scanner detections:
Detections  (84% detected)

Scan engine
Details
Detections

Dr.Web
Adware.InstallCore.55, Adware.Downware.229, Adware.Downware.269, Adware.Downware.254, Adware.Downware.336, Adware.Downware.240
63.83%

avast!
Win32:InstallCore-CI [PUP], NSIS:Adware-DJ [PUP], NSIS:Bundlore-B [Adw], NSIS:Bundlore-C [Adw], NSIS:Adware-DR [Adw], NSIS:Adware-DQ [Adw]
46.81%

Avira AntiVirus
APPL/Downloader.Gen6, ADWARE/Adware.Gen, ADWARE/Adware.Gen7
46.81%

ESET NOD32
Win32/InstallCore.AF (variant), Win32/Adware.Bundlore
46.81%

VIPRE Antivirus
Click run software, Trojan.Win32.Generic, Bundlore, Threat.4778314
44.68%

Vba32 AntiVirus
BScope.Malware-Cryptor.InstallCore.2691, suspected of Trojan.Downloader.gen.h, AdWare.iBryte
44.68%

McAfee
Generic.tfr!cc, Generic.tfr!cd, Generic Malware.nl!ats, RDN/Generic Downloader.x!ek, Generic PUP.x!bf3, Adware-FOO, Artemis!9C1F0283B2AA
42.55%

Trend Micro House Call
ADW_INSTALLCORE, TROJ_GEN.R29C8E9, TROJ_GEN.R42B1EF, TROJ_GEN.RC1H1E9, TROJ_GEN.R0CBH06I113, TROJ_SPNR.14EE12, TROJ_GEN.RFFC8FD
40.43%

McAfee Web Gateway
Generic.tfr!cc, Generic.tfr!cd, Generic Malware.nl!ats, RDN/Generic Downloader.x!ek, BehavesLike.Win32.Tool.tc, BehavesLike.Win32.Dropper.dc
40.43%

Fortinet FortiGate
Riskware/Bundlore, W32/Malware_nl.ATS!tr, Riskware/IBryte
40.43%

Reason Heuristics
PUP.Installer.Clickrunsoftware.R, PUP.AdGazelle.ClickYes.Installer (M), PUP.Adknowledge.OptimumInstaller.Installer (M), PUP.installCore.FriedCookie.Installer (M), PUP.InstallCore.Installer.Installer (M), PUP.Bundlore.Bundler (M), PUP.Adknowledge.SafeDown.Bundler (M), PUP.Adknowledge.PremiumI.Bundler (M), PUP.IMALI.IMALINIM.Installer (M), PUP.Adknowledge.TINYINST.Bundler (M), PUP.Softpulse.DigitalP.Bundler (M), PUP.Air Software.Installe.Installer (M), Threat.Win.Reputation.IMP, PUP.Adknowledge (M)
31.91%

NANO AntiVirus
Riskware.Nsis.Downware.yrefc, Trojan.Text.Yotoon.deckrr, Riskware.Text.Babylon.cwhyhv, Riskware.Win32.IBryte.cstvic
31.91%

Panda Antivirus
PUP/MultiToolbar.A, Trj/CI.A, Generic Malware, Suspicious file
25.53%

Clam AntiVirus
Adware.Downware-1, Win.Adware.Ibryte-4, Win.Adware.Agent-59030
25.53%

Kingsoft AntiVirus
Win32.Troj.InstallCore.(kcloud), Win32.Troj.Undef.(kcloud), Win32.Troj.Generic.(kcloud), Win32.Troj.Generic.a.(kcloud)
23.40%

The domain geo.downloads-center.com has been seen to resolve to the following 40 IP addresses.

a23-219-88-88.deploy.static.akamaitechnologies.com
September 16, 2016

a23-219-88-112.deploy.static.akamaitechnologies.com
September 16, 2016

a104-96-220-185.deploy.static.akamaitechnologies.com
August 28, 2016

July 28, 2016

July 28, 2016

a104-96-221-82.deploy.static.akamaitechnologies.com
July 23, 2016

a104-96-221-81.deploy.static.akamaitechnologies.com
July 23, 2016

a104-96-221-145.deploy.static.akamaitechnologies.com
July 23, 2016

June 6, 2016

June 6, 2016

a104-96-220-155.deploy.static.akamaitechnologies.com
May 16, 2016

a104-96-220-184.deploy.static.akamaitechnologies.com
May 16, 2016

a184-28-17-200.deploy.static.akamaitechnologies.com
April 22, 2016

a184-28-17-235.deploy.static.akamaitechnologies.com
April 22, 2016

a23-0-160-91.deploy.static.akamaitechnologies.com
March 31, 2016

a23-0-160-99.deploy.static.akamaitechnologies.com
March 31, 2016

January 27, 2016

January 27, 2016

a23-220-148-10.deploy.static.akamaitechnologies.com
December 26, 2015

a23-220-148-32.deploy.static.akamaitechnologies.com
December 26, 2015

a23-67-243-83.deploy.static.akamaitechnologies.com
June 19, 2015

a23-67-243-65.deploy.static.akamaitechnologies.com
June 19, 2015

a23-67-242-104.deploy.static.akamaitechnologies.com
May 15, 2015

a23-67-242-105.deploy.static.akamaitechnologies.com
May 15, 2015

a23-67-242-67.deploy.static.akamaitechnologies.com
May 6, 2015

a23-67-250-112.deploy.static.akamaitechnologies.com
May 5, 2015

a23-67-250-136.deploy.static.akamaitechnologies.com
May 5, 2015

a23-3-13-8.deploy.static.akamaitechnologies.com
January 10, 2015

a23-3-13-25.deploy.static.akamaitechnologies.com
January 10, 2015

a23-15-7-90.deploy.static.akamaitechnologies.com
November 4, 2014

 
Showing 30 of 40 IP Addresses

File downloads found at URLs served by geo.downloads-center.com.

1 / 68      (Adware)

20 / 68    (PUP)

16 / 68    (PUP)

3 / 68      (PUP)

1 / 68      (Adware)

1 / 68

0 / 68

4 / 68      (PUP)

1 / 68      (Adware)

0 / 68

4 / 68      (PUP)

2 / 68      (PUP)

1 / 68      (Adware)

3 / 68      (PUP)

13 / 68    (PUP)

The following 191 files have been seen to comunicate with geo.downloads-center.com in live environments.

 
Latest 20 of 222 files

URL:
http://geo.downloads-center.com/

Web server:
Apache/2.2.3 (CentOS) (PHP/5.3.26)