thanks.postdownload.net
Optimum Installer (via a Proxy Registrant)
Domain Information
This site is used as the exit page for an adware-based download and install manager. After a download manager such as Premium Installer/Adknowledge of Optimum Installer deploys its offers, it will redirect the user's web browser to this site to record the offer installs as well as display various advertisements for additional offerings (of more potentially unwanted software). The domain thanks.postdownload.net is registered by proxy through GODADDY.COM, LLC and was originally registered in May of 2013. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform. The domain is associated with the publisher Optimum Installer who is located in Kansas City, Missouri in the United States.
Registrar:
GODADDY.COM, LLC
Server location:
Virginia, United States (US)
Create date:
Wednesday, May 15, 2013
Expires date:
Sunday, May 15, 2016
Updated date:
Saturday, May 2, 2015
ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.PremiumInstaller.O, Threat.Adknowledge.Bundler, PUP.Adknowledge.PremiumInstaller.Installer (M), PUP.Adknowledge.PremiumI.Bundler (M), PUP.Bundlore (M), PUP.Adknowledge (M)
100.00%
Boost by Reason
Adware.PremiumInstaller.O
16.67%
avast!
Installer-K [PUP]
16.67%
ESET NOD32
Win32/AdWare.iBryte.K.gen application
16.67%
Dr.Web
Trojan.DownLoader11.3480
16.67%
AVG
Adware AdInstaller.ExpressInstall
16.67%
Emsisoft Anti-Malware
Gen:Variant.Adware.Jatif.89
16.67%
F-Prot
W32/Ibryte.G.gen
16.67%
F-Secure
Gen:Variant.Adware.Jatif
16.67%
VIPRE Antivirus
Threat.4778314
16.67%
Kaspersky
not-a-virus:AdWare.Win32.iBryte
16.67%
Bkav FE
W32.HfsAdware
16.67%
MicroWorld eScan
Gen:Variant.Adware.Jatif.89
16.67%
Quick Heal
PUA.iBryte.DC4
16.67%
Malwarebytes
PUP.Optional.iBryte
16.67%
The domain thanks.postdownload.net has been seen to resolve to the following 7 IP addresses.
ec2-50-16-236-148.compute-1.amazonaws.com
August 16, 2016
ec2-23-23-176-5.compute-1.amazonaws.com
April 21, 2016
ec2-23-21-93-71.compute-1.amazonaws.com
February 24, 2016
ec2-54-225-160-115.compute-1.amazonaws.com
May 5, 2015
ec2-50-19-236-48.compute-1.amazonaws.com
May 5, 2015
(CloudFlare)
July 26, 2013
(CloudFlare)
July 26, 2013
File downloads found at URLs served by thanks.postdownload.net.
URL:
http://thanks.postdownload.net/
Title:
“Download Activation”
Network:
Amazon Web Services (AWS), running an EC2 instance
Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 2.0.50727)
Statistics are for the previous month.
Related Domains
