cdn.airdlr4.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain cdn.airdlr4.com is registered by proxy through ENOM, INC. and was originally registered in August of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Studio City, California within the United States which resides on the netDNA network.
Registrar:
ENOM, INC.

Server location:
California, United States (US)

Create date:
Tuesday, August 28, 2012

Expires date:
Sunday, August 28, 2016

Updated date:
Saturday, December 19, 2015

ASN:
AS4436 AS-NLAYER - nLayer Communications, Inc.

Root domain:

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.SweetIM.H, PUP.WeatherNotifications.H, PUP.SkytouchTechnologyCoLimited.CC, PUP.Installer.WeatherWarnings.H, PUP.SystemAlerts.H, PUP.SystemAlerts.K, PUP.Eorezo.TUTO4PCCOMINTERNATIONAL.Installer (M), PUP.BanyanTreeTechnology (M)
100.00%

Malwarebytes
PUP.Optional.SweetIM, PUP.Optional.SevereWeatherAlerts, PUP.Optional.DoSearch.A, PUP.Optional.Elex, PUP.Optional.DesktopTemperature.A, PUP.Optional.Clara.A
62.50%

VIPRE Antivirus
Sweetpacks/SweetIM, SevereWeatherAlerts, Elex Installer, Blinkx/SevereWeatherAlerts, Trojan.Win32.Generic, Threat.4786530
50.00%

ESET NOD32
Win32/SweetIM (variant), MSIL/Adware.StrongVault (variant), Win32/ELEX (variant), Win32/AdWare.EoRezo.AU (variant)
31.25%

McAfee Web Gateway
PUP-FDW!C67C56F6B5CD, BehavesLike.Win32.AdwareSweet.fc, BehavesLike.Win32.Dropper.jh, BehavesLike.Win32.Downloader.ch, Artemis
31.25%

Vba32 AntiVirus
Trojan.Badur, suspected of Trojan.Downloader.gen, suspected of Trojan.Downloader.gen.h, Trojan.StartPage
31.25%

Bkav FE
W32.Clod106.Trojan, W32.Clodbc4.Trojan, W32.Clod6e6.Trojan, W32.Clod247.Trojan
25.00%

Dr.Web
Adware.SweetIM.26, Adware.Mutabaha.30, Adware.Mutabaha.38, Adware.Eorezo.31
25.00%

Trend Micro House Call
TROJ_GEN.F47V1215, TROJ_GEN.R0CBH07JI13, ADW_ELEX, TROJ_GEN.R0C1B01BP15
25.00%

McAfee
PUP-FDW!C67C56F6B5CD, RDN/Downloader.a!og, Artemis!AB350F3A05F5
18.75%

AVG
Generic_r, Startpage
18.75%

MicroWorld eScan
Gen:Variant.Application.ExqPage.3, Adware.Eorezo.CD
18.75%

K7 AntiVirus
Unwanted-Program , Riskware , Adware
18.75%

K7 Gateway Antivirus
Unwanted-Program , Riskware , Adware
18.75%

F-Prot
W32/Startpage.CA.gen, W32/Backdoor2.HTEG, W32/S-c61ac5f0
18.75%

The domain cdn.airdlr4.com has been seen to resolve to the following IP address.

April 14, 2014

File downloads found at URLs served by cdn.airdlr4.com.

2 / 68      (Adware)

4 / 68      (Adware)

3 / 68      (Adware)

1 / 68      (Adware)

4 / 68      (Adware)

29 / 68    (Adware)

2 / 68      (Adware)

3 / 68      (PUP)

2 / 68      (Adware)

2 / 68      (Adware)

1 / 68      (Adware)

5 / 68      (Adware)