home

cdn.airdlr4.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain cdn.airdlr4.com is registered by proxy through ENOM, INC. and was originally registered in August of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Studio City, California within the United States which resides on the netDNA network.
Registrar:
ENOM, INC.

Server location:
California, United States (US)

Create date:
Tuesday, August 28, 2012

Expires date:
Sunday, August 28, 2016

Updated date:
Saturday, December 19, 2015

ASN:
AS4436 AS-NLAYER - nLayer Communications, Inc.

Root domain:
airdlr4.com

Whois:
2 airdlr4.com records

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.SweetIM.H, PUP.WeatherNotifications.H, PUP.SkytouchTechnologyCoLimited.CC, PUP.Installer.WeatherWarnings.H, PUP.SystemAlerts.H, PUP.SystemAlerts.K, PUP.Eorezo.TUTO4PCCOMINTERNATIONAL.Installer (M), PUP.BanyanTreeTechnology (M)
100.00%

Malwarebytes
PUP.Optional.SweetIM, PUP.Optional.SevereWeatherAlerts, PUP.Optional.DoSearch.A, PUP.Optional.Elex, PUP.Optional.DesktopTemperature.A, PUP.Optional.Clara.A
62.50%

VIPRE Antivirus
Sweetpacks/SweetIM, SevereWeatherAlerts, Elex Installer, Blinkx/SevereWeatherAlerts, Trojan.Win32.Generic, Threat.4786530
50.00%

ESET NOD32
Win32/SweetIM (variant), MSIL/Adware.StrongVault (variant), Win32/ELEX (variant), Win32/AdWare.EoRezo.AU (variant)
31.25%

Vba32 AntiVirus
Trojan.Badur, suspected of Trojan.Downloader.gen, suspected of Trojan.Downloader.gen.h, Trojan.StartPage
31.25%

Bkav FE
W32.Clod106.Trojan, W32.Clodbc4.Trojan, W32.Clod6e6.Trojan, W32.Clod247.Trojan
25.00%

Dr.Web
Adware.SweetIM.26, Adware.Mutabaha.30, Adware.Mutabaha.38, Adware.Eorezo.31
25.00%

Trend Micro House Call
TROJ_GEN.F47V1215, TROJ_GEN.R0CBH07JI13, ADW_ELEX, TROJ_GEN.R0C1B01BP15
25.00%

McAfee
PUP-FDW!C67C56F6B5CD, RDN/Downloader.a!og, Artemis!AB350F3A05F5
18.75%

AVG
Generic_r, Startpage
18.75%

MicroWorld eScan
Gen:Variant.Application.ExqPage.3, Adware.Eorezo.CD
18.75%

K7 AntiVirus
Unwanted-Program , Riskware , Adware
18.75%

F-Prot
W32/Startpage.CA.gen, W32/Backdoor2.HTEG, W32/S-c61ac5f0
18.75%

avast!
Win32:Adware-BGR [PUP], Win32:Adware-BZF [Adw], Win32:Adware-ASG [PUP]
18.75%

Bitdefender
Gen:Variant.Application.ExqPage.3, Adware.Eorezo.CD
18.75%

The domain cdn.airdlr4.com has been seen to resolve to the following IP address.

108.161.189.193
April 14, 2014

File downloads found at URLs served by cdn.airdlr4.com.

2 / 68      (Adware)
http://cdn.airdlr4.com/downloads/offers/.../air_do-search_20131111172439.exe  (d8c98ba3f8d997a4e73bd23a0f5d634c)

0 / 68
http://cdn.airdlr4.com/downloads/offers/.../DriverReviverSetup_ai1.exe  (ef6a5e210308f876044db46de725ed92)

4 / 68      (Adware)
http://cdn.airdlr4.com/downloads/offers/.../dt1_24_3.exe  (aira786.exe)

2 / 68      (Adware)
http://cdn.airdlr4.com/downloads/offers/.../StormWatchSetup_dist_1.0.1.10.exe  (bd3f0b83ff93cf1ab74c7a3b8b424618)

1 / 68      (Adware)
http://cdn.airdlr4.com/downloads/offers/.../air_ar_qone8d.exe  (aira7cb.exe)

4 / 68      (Adware)
http://cdn.airdlr4.com/downloads/offers/.../dt1_24_6_1.exe  (776595a8cc07e2d5facffeed7a58b9c5)

26 / 68    (Adware)
http://cdn.airdlr4.com/downloads/offers/.../setup_ospd_us12.exe  (ab350f3a05f55c9b7250a6a30a2042ee)

2 / 68      (Adware)
http://cdn.airdlr4.com/downloads/offers/.../dt1_24.exe  (airc0bc.exe)

3 / 68      (PUP)
http://cdn.airdlr4.com/downloads/offers/.../bobrowser_setup_250914.exe  (f4f2a446-6cf6-458d-b85a-dcb16e8ac472.exe)

7 / 68      (Adware)
http://cdn.airdlr4.com/downloads/offers/.../bundlesweetimsetup.exe  (aira397.exe)

39 / 68    (Adware)
http://cdn.airdlr4.com/downloads/offers/.../air_ar_qone8h.exe  (air3345.exe)

3 / 68      (Adware)
http://cdn.airdlr4.com/downloads/offers/.../StormWatchSetup_dist_2.0.0.0.exe  (setup.exe)

2 / 68      (Adware)
http://cdn.airdlr4.com/downloads/offers/.../StormAlertsSetup.exe  (air4ab7.exe)

2 / 68      (Adware)
http://cdn.airdlr4.com/downloads/offers/.../dt1_23.exe  (air93d5.exe)

1 / 68      (Adware)
http://cdn.airdlr4.com/downloads/offers/.../setup_ospd_us13.exe  (d478619912be6b08736eca842ed059db)

5 / 68      (Adware)
http://cdn.airdlr4.com/downloads/offers/.../swa1_23.exe  (airbfc0.exe)

29 / 68    (Adware)
http://cdn.airdlr4.com/downloads/offers/.../air_ar_qone8.exe  (iXB.exe)

airdlr2.com

gamescene.com

getwordfree.com

hwtm.com

netdna-ssl.com

pathofexile.com

screenrant.com

tripwiremagazine.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.