track.mobclick.net

zou peter

Domain Information

The domain track.mobclick.net registered by zou peter was initially registered in September of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the RIPE Network Coordination Centre network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC

Server location:
Dublin City, Ireland (IE)

Create date:
Wednesday, September 4, 2013

Expires date:
Friday, September 4, 2015

Updated date:
Wednesday, April 16, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.XianDianyiInfoTechCoLtd.O, PUP.SquareNetworkTechCoLTD.O, PUP.SquareNetworkTechCoLTD.N, PUP.XianDianyiInfoTechCoLtd.N
100.00%

Dr.Web
Adware.Conduit.47, Threat.Undefined
62.50%

G Data
Win32.Application.Bundler, Gen:Variant.Graftor.141303, Gen:Variant.Graftor.141360
50.00%

VIPRE Antivirus
Threat.4895341
37.50%

ESET NOD32
Win32/SquareNet.A potentially unwanted application
37.50%

K7 AntiVirus
Unwanted-Program
37.50%

Avira AntiVirus
APPL/Downloader.Gen
37.50%

AhnLab V3 Security
Adware/Win32.Clicker
37.50%

IKARUS anti.virus
PUA.SquareNet
37.50%

AVG
Generic
37.50%

Sophos
Square Network Installer
25.00%

MicroWorld eScan
Gen:Variant.Graftor.141303, Gen:Variant.Graftor.141360
25.00%

Bitdefender
Gen:Variant.Graftor.141303, Gen:Variant.Graftor.141360
25.00%

F-Secure
Gen:Variant.Graftor.141303, Gen:Variant.Graftor.141360
25.00%

Emsisoft Anti-Malware
Gen:Variant.Graftor.141303, Gen:Variant.Graftor.141360
25.00%

The domain track.mobclick.net has been seen to resolve to the following 7 IP addresses.

s3-1.amazonaws.com
September 5, 2014

s3-1.amazonaws.com
September 3, 2014

s3-1.amazonaws.com
August 17, 2014

s3-1.amazonaws.com
August 16, 2014

s3-1.amazonaws.com
June 13, 2014

s3-1.amazonaws.com
May 12, 2014

May 1, 2014

File downloads found at URLs served by track.mobclick.net.

1 / 68      (Adware)

8 / 68      (Adware)

17 / 68    (Adware)

11 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

11 / 68    (Adware)

3 / 68      (Adware)

The following 2 files have been seen to comunicate with track.mobclick.net in live environments.

URL:
http://track.mobclick.net/

Network:
Amazon Web Services (AWS)

Web server:
AmazonS3