sp-storage.conduit-services.com

Conduit Ltd.  (via a Proxy Registrant)

Domain Information

This domain which is part of the Conduit Toolbar Platform is desigend as a gateway to distriubte various portions of the toolbar as well as 3rd party applications that plug into the toolbar or can be downloaded by it. The domain sp-storage.conduit-services.com is registered by proxy through ENOM, INC. and was originally registered in April of 2009. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the Akamai Technologies, Inc. network. The domain is associated with the publisher Conduit Ltd. who is located in Ness Ziona, Israel.
Registrar:
ENOM, INC.

Server location:
New York, United States (US)

Create date:
Sunday, April 26, 2009

Expires date:
Wednesday, April 26, 2017

Updated date:
Tuesday, February 02, 2016

ASN:
AS16625 AKAMAI-AS - Akamai Technologies, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SearchProtect.Conduit.K, PUP.SearchProtect.Conduit.M, PUP.Conduit.Q, PUP.SearchProtect.Conduit.G, PUP.SearchProtect.Conduit.H, PUP.Detector.Conduit.K, PUP.ClientConnect.G, Threat.Conduit.Installer, PUP.Conduit.Bundler (M)
98.00%

VIPRE Antivirus
Conduit, Threat.4786236
90.00%

Dr.Web
Adware.Conduit.6, Adware.Conduit.101, Adware.Conduit.45, Adware.Conduit.82
84.00%

Malwarebytes
PUP.Optional.Conduit.A, PUP.Optional.SearchProtect.A
80.00%

ESET NOD32
Win32/Conduit.SearchProtect, Win32/Toolbar.Conduit, Win32/Conduit.SearchProtect (variant), Win32/ClientConnect (variant)
58.00%

G Data
Win32.Application.SearchProtect, Win32.Application.ConduitBrothersoftTB, Win32.Trojan.Agent.8O9SV1, Win32.Adware.SearchProtect
58.00%

Panda Antivirus
Adware/Conduit, PUP/Conduit.A, Trj/Genetic.gen
58.00%

Trend Micro House Call
TROJ_GEN.F47V0901, TROJ_GEN.F47V1128, TROJ_GEN.F47V1109, TROJ_GEN.F47V1023, TROJ_GEN.F47V0111, TROJ_GEN.F47V0108, TROJ_GEN.F47V0808, TROJ_GEN.F47V0120, TROJ_GE.3FE2D460, TROJ_GEN.F47V0821
58.00%

McAfee
Adware-InstallQ, Artemis!BBDB342CCDEA, Artemis!C0E23C6F8F25, Artemis!63E5E9F6EBE5, Artemis!AF94CCA6A6FC, Artemis!ADD8A127AC76
48.00%

Boost by Reason
Adware.SearchProtect.Conduit.K, Adware.SearchProtect.Conduit.M, Adware.Conduit.Q, Optional.Conduit.G, PUP.SearchProtect.Conduit.H
46.00%

McAfee Web Gateway
Adware-InstallQ, Artemis!BBDB342CCDEA, Artemis!C0E23C6F8F25, Artemis!63E5E9F6EBE5, Artemis!AF94CCA6A6FC
46.00%

Bkav FE
W32.Clod8dd.Trojan, W32.Clod710.Trojan, W32.Cloda3a.Trojan, W32.Clod2b6.Trojan
44.00%

avast!
Win32:SearchProtect-C [Adw], Win32:PUP-gen [PUP], Win32:SearchProtect-B [PUP], Win32:SearchProtect-A [PUP]
42.00%

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
32.00%

Baidu Antivirus
Trojan.Win32.Conduit.SearchProtect, Adware.Win32.Conduit, Trojan.Win32.ClientConnect, PUA.Win32.ClientConnect
22.00%

The domain sp-storage.conduit-services.com has been seen to resolve to the following 28 IP addresses.

a23-1-51-104.deploy.static.akamaitechnologies.com
August 22, 2016

a173-222-166-174.deploy.static.akamaitechnologies.com
July 21, 2016

a23-77-93-162.deploy.static.akamaitechnologies.com
May 25, 2016

a172-226-67-205.deploy.static.akamaitechnologies.com
May 25, 2016

a184-29-184-159.deploy.static.akamaitechnologies.com
May 21, 2016

a184-84-66-75.deploy.static.akamaitechnologies.com
April 18, 2016

a23-78-195-152.deploy.static.akamaitechnologies.com
April 15, 2016

a23-195-247-178.deploy.static.akamaitechnologies.com
April 5, 2016

a23-55-241-142.deploy.static.akamaitechnologies.com
March 3, 2016

a184-84-129-73.deploy.static.akamaitechnologies.com
March 2, 2016

a104-90-40-121.deploy.static.akamaitechnologies.com
February 28, 2016

a23-60-11-85.deploy.static.akamaitechnologies.com
February 27, 2016

a184-50-249-23.deploy.static.akamaitechnologies.com
February 9, 2016

a104-95-21-106.deploy.static.akamaitechnologies.com
February 3, 2016

a23-1-195-61.deploy.static.akamaitechnologies.com
January 5, 2016

a23-203-150-78.deploy.static.akamaitechnologies.com
January 5, 2016

a23-202-211-152.deploy.static.akamaitechnologies.com
January 5, 2016

a23-6-45-34.deploy.static.akamaitechnologies.com
January 4, 2016

a172-232-140-91.deploy.static.akamaitechnologies.com
January 4, 2016

a23-209-104-208.deploy.static.akamaitechnologies.com
January 4, 2016

a172-230-6-30.deploy.static.akamaitechnologies.com
January 4, 2016

a23-49-242-248.deploy.static.akamaitechnologies.com
January 4, 2016

a23-50-12-82.deploy.static.akamaitechnologies.com
January 4, 2016

a23-218-43-249.deploy.static.akamaitechnologies.com
January 4, 2016

a172-231-221-245.deploy.static.akamaitechnologies.com
January 3, 2016

a23-218-131-68.deploy.static.akamaitechnologies.com
January 3, 2016

a23-78-253-35.deploy.static.akamaitechnologies.com
January 2, 2016

a23-76-227-152.deploy.static.akamaitechnologies.com
November 16, 2013

File downloads found at URLs served by sp-storage.conduit-services.com.

1 / 68      (PUP)

13 / 68    (PUP)

13 / 68    (PUP)

8 / 68      (PUP)
http://sp-storage.conduit-services.com/Installer/.../SPSetup.exe  (1cf286d2cf2328d5fbb5e3760986d9466287ed310a4b6353521e508aea2ecdaa)

22 / 68    (Adware)

9 / 68      (Adware)

13 / 68    (PUP)

12 / 68    (Adware)

1 / 68      (PUP)

7 / 68      (PUP)
https://sp-storage.conduit-services.com/.../spstub.exe  (018ce444424212858f15f91598e302b2)

22 / 68    (PUP)

1 / 68      (PUP)

14 / 68    (PUP)

14 / 68    (PUP)

13 / 68    (PUP)

14 / 68    (PUP)

19 / 68    (PUP)

14 / 68    (PUP)

4 / 68      (PUP)
http://sp-storage.conduit-services.com/.../SPDetector.exe  (b77be449518bbdd091ab5cf2be22d655)

14 / 68    (PUP)

13 / 68    (PUP)

14 / 68    (PUP)

14 / 68    (PUP)

13 / 68    (PUP)

22 / 68    (PUP)

14 / 68    (PUP)

16 / 68    (PUP)

4 / 68      (PUP)

14 / 68    (PUP)

14 / 68    (PUP)

 
Latest 30 of 59 download URLs

The following 25 files have been seen to comunicate with sp-storage.conduit-services.com in live environments.

 
Latest 20 of 30 files

URL:
http://sp-storage.conduit-services.com/

SSL certificate subject:
CN=*.conduit-services.com, OU=IT, O=ClientConnect LTD, L=Foster City, S=CA, C=US

SSL certificate issuer:
CN=Verizon Akamai SureServer CA G14-SHA1, OU=Cybertrust, O=Verizon Enterprise Solutions, L=Amsterdam, C=NL

Web server:
Microsoft-IIS/7.5 (ASP.NET)