The domain downtoad.com is registered by proxy through GODADDY.COM, LLC and was originally registered in April of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.
Registrant:
Domains By Proxy, LLC
Registrar:
GODADDY.COM, LLC
Server location:
Victoria, Australia (AU)
Create date:
Monday, April 22, 2013
Expires date:
Friday, April 22, 2016
Updated date:
Thursday, April 23, 2015
ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited,AU
Scanner detections:
Detections (88% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.installCore, PUP.Installer.ironSource, PUP.Bundler.Air Software, PUP.installCore.Installer, PUP.installCore.DarwenMarketing.Installer (M), PUP.Vittalia.InstallAssistant.Installer (M), PUP.Air Software.DownloadAssistant.Bundler (M), PUP.installCore.DarwenMa.Installer (M), PUP.Vittalia.InstallH (M), PUP.Vittalia (M), PUP.Air Software (M)
91.67%
VIPRE Antivirus
Trojan.Win32.Generic, Threat.4786018, Threat.4782985, InstallCore
41.67%
Avira AntiVirus
ADWARE/InstallCore.Gen4, Adware/InstallCore.683840, TR/Crypt.XPACK.Gen, ADWARE/InstallCore.A.284, ADWARE/InstallCore.A.249
37.50%
ESET NOD32
Win32/InstallCore.UZ potentially unwanted application, Win32/InstallCore.WI potentially unwanted application, Win32/InstallCore.WQ potentially unwanted application, Win32/InstallCore.ADX.gen potentially unwanted application
33.33%
Baidu Antivirus
Adware.Win32.InstallCore
33.33%
ESET NOD32
Win32/InstallCore.WC potentially unwanted (variant), Win32/InstallCore.UZ (variant), Win32/InstallCore.WQ potentially unwanted (variant)
33.33%
K7 AntiVirus
Riskware , Trojan , Adware
25.00%
Fortinet FortiGate
W32/AdkDLLWrapper.A, Riskware/InstallCore
20.83%
Comodo Security
Application.Win32.FriedCookie.CIRK, Application.Win32.InstallCore.DWS, ApplicUnwnt, Application.Win32.DownloadAssistant.S
20.83%
AVG
Generic, InstallCore
20.83%
Trend Micro House Call
Suspicious_GEN.F47V0127, Suspicious_GEN.F47V0202, Suspicious_GEN.F47V0122, Suspicious_GEN.F47V0216, Suspicious_GEN.F47V0228
20.83%
Bkav FE
W32.Cloddfe.Trojan, W32.HfsAdware
16.67%
Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
12.50%
Dr.Web
Trojan.InstallCore.39, Trojan.Vittalia.30
8.33%
G Data
Win32.Application.InstallCore.DI, Gen:Variant.Application.Bundler.AirInstaller
8.33%
The domain downtoad.com has been seen to resolve to the following 3 IP addresses.
lb-182-241.above.com
July 29, 2016
ip-50-63-202-58.ip.secureserver.net
May 22, 2016
aamoiaqmqe.c05.gridserver.com
June 13, 2014
File downloads found at URLs served by downtoad.com.
The following 89 files have been seen to comunicate with downtoad.com in live environments.
Subdomains
Title:
“DownToad.com - Free Software Downloads”