installs.boostsaves.com
Verti Technology Group, Inc.
Domain Information
The domain installs.boostsaves.com registered by Verti Technology Group, Inc. was initially registered in September of 2012 through Network Solutions, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Seattle, Washington within the United States. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrant:
Verti Technology Group, Inc.
Registrar:
Network Solutions, LLC
Server location:
Washington, United States (US)
Create date:
Friday, September 7, 2012
Expires date:
Wednesday, September 7, 2016
Updated date:
Tuesday, April 1, 2014
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Malwarebytes
PUP.Optional.Boost.A
100.00%
AVG
Boosts, Could be an adware Boosts, Generic
100.00%
Reason Heuristics
PUP.BoostShopping.Q, PUP.BoostShopping.R, PUP.BoostShopping.H
100.00%
Trend Micro House Call
Suspicious_GEN.F47V1110, ADW_PRICEPEEP, Suspicious_GEN.F47V1111
50.00%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
50.00%
McAfee
Artemis!733AF5F93040, Artemis!86656719E89B
33.33%
MicroWorld eScan
Adware.Agent.OMN
16.67%
nProtect
Adware.Agent.OMN
16.67%
VIPRE Antivirus
Trojan.Win32.Generic
16.67%
Agnitum Outpost
Riskware.Agent
16.67%
F-Prot
W32/PricePeep.A
16.67%
Bitdefender
Adware.Agent.OMN
16.67%
Lavasoft Ad-Aware
Adware.Agent.OMN
16.67%
Sophos
Generic PUA FL
16.67%
The domain installs.boostsaves.com has been seen to resolve to the following 38 IP addresses.
server-54-192-195-177.iad53.r.cloudfront.net
May 21, 2016
server-54-192-195-143.iad53.r.cloudfront.net
May 21, 2016
server-54-192-195-55.iad53.r.cloudfront.net
May 21, 2016
server-54-192-195-248.iad53.r.cloudfront.net
May 21, 2016
server-54-192-195-239.iad53.r.cloudfront.net
May 21, 2016
server-54-192-195-203.iad53.r.cloudfront.net
May 21, 2016
server-54-192-195-197.iad53.r.cloudfront.net
May 21, 2016
server-54-192-195-193.iad53.r.cloudfront.net
May 21, 2016
server-52-85-140-6.iad2.r.cloudfront.net
April 5, 2016
server-52-85-140-231.iad2.r.cloudfront.net
April 5, 2016
server-52-85-140-210.iad2.r.cloudfront.net
April 5, 2016
server-52-85-140-136.iad2.r.cloudfront.net
April 5, 2016
server-52-85-140-120.iad2.r.cloudfront.net
April 5, 2016
server-52-85-140-112.iad2.r.cloudfront.net
April 5, 2016
server-52-85-140-72.iad2.r.cloudfront.net
April 5, 2016
server-52-85-140-23.iad2.r.cloudfront.net
April 5, 2016
server-54-230-193-5.iad53.r.cloudfront.net
February 9, 2016
server-54-230-193-243.iad53.r.cloudfront.net
February 9, 2016
server-54-230-193-237.iad53.r.cloudfront.net
February 9, 2016
server-54-230-193-166.iad53.r.cloudfront.net
February 9, 2016
server-54-230-193-65.iad53.r.cloudfront.net
February 9, 2016
server-54-230-193-32.iad53.r.cloudfront.net
February 9, 2016
server-54-230-193-253.iad53.r.cloudfront.net
February 3, 2016
server-54-230-193-202.iad53.r.cloudfront.net
February 3, 2016
server-54-230-193-146.iad53.r.cloudfront.net
February 3, 2016
server-54-230-193-140.iad53.r.cloudfront.net
February 3, 2016
server-54-230-193-109.iad53.r.cloudfront.net
February 3, 2016
server-54-230-193-96.iad53.r.cloudfront.net
February 3, 2016
server-54-230-193-38.iad53.r.cloudfront.net
February 3, 2016
server-54-230-193-26.iad53.r.cloudfront.net
February 3, 2016
Showing 30 of 38 IP Addresses
File downloads found at URLs served by installs.boostsaves.com.
The following 8 files have been seen to comunicate with installs.boostsaves.com in live environments.
URL:
http://installs.boostsaves.com/
Network:
Amazon Cloudfront
SSL certificate subject:
CN=*.boostsaves.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)15, OU=GT24313807
SSL certificate issuer:
CN=RapidSSL SHA256 CA - G3, O=GeoTrust Inc., C=US
