ie.conduit-download.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain ie.conduit-download.com is registered by proxy through ENOM, INC. and was originally registered in June of 2009. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States which resides on the MCI Communications Services, Inc. d/b/a Verizon Business network.
Registrar:
ENOM, INC.

Server location:
Illinois, United States (US)

Create date:
Sunday, June 07, 2009

Expires date:
Wednesday, June 07, 2017

Updated date:
Monday, May 09, 2016

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.,US

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Toolbar.Conduit.H, PUP.Nana10Toolbar.Conduit.H, PUP.Elf115Toolbar.Conduit.H, PUP.Toolbar.Conduit.L, PUP.VuzeRemoteToolbar.Conduit.H, PUP.FLVRunnerBToolbar.Conduit, PUP.Toolbar.Bundler.Conduit, PUP.Conduit.Toolbar.Bundler, PUP.Conduit.Bundler, PUP.Conduit.Bundler (M), PUP.Conduit.Installer (M), PUP.Conduit (M)
98.00%

Dr.Web
Adware.BGuard.15, Adware.Conduit.6, Adware.Conduit.33, Adware.Conduit.82, Threat.Undefined, Adware.Conduit.278, Adware.Conduit.3
46.00%

VIPRE Antivirus
Conduit, Threat.4786236
44.00%

Malwarebytes
PUP.Optional.Conduit.A
42.00%

NANO AntiVirus
Riskware.Win32.Toolbar.cspetd, Trojan.Win32.BGuard.csnycu, Riskware.Win32.BGuard.csnycu, Trojan.Win32.Toolbar.cspetd, Trojan.Win32.Toolbar.deinxo
38.00%

Comodo Security
Application.Win32.Conduit.~f, Application.Win32.Conduit.~A
38.00%

Panda Antivirus
PUP/Conduit.A, Adware/Conduit
38.00%

Trend Micro House Call
TROJ_GEN.F47V0809, TROJ_GEN.F47V1113, TROJ_GEN.F47V1019, TROJ_GEN.F47V0903, TROJ_GEN.F47V1008, TROJ_GEN.F47V0813, TROJ_GEN.F47V0915
34.00%

Agnitum Outpost
PUA.Toolbar.Conduit
34.00%

ESET NOD32
Win32/Toolbar.Conduit potentially unwanted application, Win32/Conduit.SearchProtect.J potentially unwanted application, Detection.Undefined, Win32/Toolbar.Conduit.B potentially unwanted application
30.00%

Kingsoft AntiVirus
VIRUS_UNKNOWN, Win32.Troj.Generic_a.a.(kcloud), Win32.Troj.Generic.a.(kcloud)
28.00%

Boost by Reason
Optional.Conduit.H
22.00%

G Data
Win32.Application.ConduitBrothersoftTB, Win32.Adware.Conduit, Win32.Trojan.Agent.MFS43O
22.00%

Antiy Labs AVL
Trojan[:HEUR]/Win32.Unknown, GrayWare[WebToolbar:not-a-virus]/Win32.Agent.azm, Trojan/Win32.Tgenic
22.00%

K7 AntiVirus
Unwanted-Program
18.00%

The domain ie.conduit-download.com has been seen to resolve to the following 91 IP addresses.

a104-96-220-122.deploy.static.akamaitechnologies.com
September 2, 2016

a104-96-220-184.deploy.static.akamaitechnologies.com
September 2, 2016

a23-50-225-8.deploy.static.akamaitechnologies.com
August 24, 2016

a23-219-88-167.deploy.static.akamaitechnologies.com
August 24, 2016

a184-29-106-64.deploy.static.akamaitechnologies.com
July 22, 2016

a184-29-106-34.deploy.static.akamaitechnologies.com
July 22, 2016

a23-15-7-107.deploy.static.akamaitechnologies.com
July 22, 2016

a23-15-7-122.deploy.static.akamaitechnologies.com
July 20, 2016

a23-15-8-9.deploy.static.akamaitechnologies.com
July 19, 2016

June 29, 2016

June 8, 2016

June 8, 2016

a104-96-220-249.deploy.static.akamaitechnologies.com
June 7, 2016

a23-220-148-43.deploy.static.akamaitechnologies.com
June 7, 2016

a23-220-148-27.deploy.static.akamaitechnologies.com
June 7, 2016

a23-220-148-26.deploy.static.akamaitechnologies.com
June 7, 2016

a23-15-8-51.deploy.static.akamaitechnologies.com
June 6, 2016

a23-15-8-32.deploy.static.akamaitechnologies.com
June 6, 2016

a23-15-7-105.deploy.static.akamaitechnologies.com
June 4, 2016

a23-15-9-144.deploy.static.akamaitechnologies.com
May 25, 2016

a23-15-9-152.deploy.static.akamaitechnologies.com
May 25, 2016

a118-214.160-163.deploy.akamaitechnologies.com
May 25, 2016

a118-214.160-162.deploy.akamaitechnologies.com
May 25, 2016

a96-16-98-8.deploy.akamaitechnologies.com
May 25, 2016

a96-16-98-113.deploy.akamaitechnologies.com
May 25, 2016

a104-96-221-91.deploy.static.akamaitechnologies.com
May 18, 2016

a23-220-148-50.deploy.static.akamaitechnologies.com
May 17, 2016

May 17, 2016

May 16, 2016

May 16, 2016

 
Showing 30 of 91 IP Addresses

File downloads found at URLs served by ie.conduit-download.com.

1 / 68      (inconclusive)

1 / 68      (PUP)

11 / 68    (PUP)

2 / 68      (PUP)

10 / 68    (PUP)

 
Latest 30 of 460 download URLs

The following 453 files have been seen to comunicate with ie.conduit-download.com in live environments.

 
Latest 20 of 518 files

URL:
http://ie.conduit-download.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET)