home

cdn.guardi.us

Perion Network Ltd.

Domain Information

The domain cdn.guardi.us registered by shuki levi was initially registered in October of 2012 through GoDaddy.com, Inc.. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network. The domain is associated with the publisher Perion Network Ltd. who is located in Tel Aviv, Israel.
Registrar:
GODADDY.COM, INC.

Server location:
Massachusetts, United States (US)

Create date:
Thursday, October 4, 2012

Expires date:
Friday, October 3, 2014

Updated date:
Sunday, September 22, 2013

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Root domain:
guardi.us

Whois:
2 guardi.us records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Perion.O, PUP.Installer.Perion.I
100.00%

VIPRE Antivirus
Sweetpacks/SweetIM, Trojan.Win32.Generic!SB.0
66.67%

ESET NOD32
Win32/SweetIM (variant)
66.67%

McAfee
Artemis!DF7B5F1D3F15, Artemis!1BD19D081F54
66.67%

Trend Micro House Call
TROJ_GEN.F47V1119, TROJ_GEN.F47V1104
66.67%

Dr.Web
Trojan.DownLoader11.3128, Adware.SweetIM.28
66.67%

Comodo Security
Heur.Suspicious
33.33%

The domain cdn.guardi.us has been seen to resolve to the following 3 IP addresses.

23.67.242.48
a23-67-242-48.deploy.static.akamaitechnologies.com
November 21, 2013

23.67.242.18
a23-67-242-18.deploy.static.akamaitechnologies.com
November 19, 2013

23.67.242.73
a23-67-242-73.deploy.static.akamaitechnologies.com
November 19, 2013

File downloads found at URLs served by cdn.guardi.us.

6 / 68      (PUP)
http://cdn.guardi.us/prd/installer/bundle/.../guardiusbundle.exe  (1bd19d081f5451c8a6a1318cddd046f4)

1 / 68      (PUP)
http://cdn.guardi.us/prd/installer/bundle/.../guardiusbundle.exe  (3dbb4ecf2d7f02f041521e54b533181f)

7 / 68      (PUP)
http://cdn.guardi.us/prd/installer/sem/.../Guardius.exe  (fe14b49da9e01b55bc69559b3566cf3e)

The following 27 files have been seen to comunicate with cdn.guardi.us in live environments.

TCP » 23.67.242.18:80
pricegong.crx

TCP » 23.67.242.18:80
pricegong.crx

TCP » 23.67.242.18:80
pricegong.crx

TCP » 23.67.242.18:80
pricegong.crx

TCP » 23.67.242.18:80
proc.exe

TCP » 23.67.242.18:80
pricegong.crx

TCP » 23.67.242.18:80
pricegong.crx

TCP » 23.67.242.18:80
pnte.crx

TCP » 23.67.242.18:80
pricegong.crx

TCP » 23.67.242.18:80
pricegong.crx

TCP » 23.67.242.18:80
pricegong.crx

TCP » 23.67.242.18:80
Client.exe

TCP » 23.67.242.18:80
hojpcnhghmamaompgncpjnjknhjjhjpm.crx

TCP » 23.67.242.18:80
hicodbebhknjhdgfimpiljbbfhodcknb.crx

TCP » 23.67.242.18:80
nhhfhndnffkcemhlnkoldboggfnjglnd.crx

TCP » 23.67.242.18:80
dieadkaemlcjcmcnmahinmeejohpipnl.crx

TCP » 23.67.242.18:80
onjgfkedmajckgeodakihmpbgjeokfap_1.1431.62.crx

TCP » 23.67.242.18:80
ffcpnfjbjfieafbgieclakgpfkmblnhg_1.1.1433.4.crx

TCP » 23.67.242.18:80
ffcpnfjbjfieafbgieclakgpfkmblnhg_1.1.1433.2.crx

TCP » 23.67.242.18:80
ffcpnfjbjfieafbgieclakgpfkmblnhg_1.1.1433.6.crx

 
Latest 20 of 27 files

Alexa:
US rank:  228,440
Global rank:  309,037
Backlinks:  78

Statistics are for the previous month (Alexa statistics are for entire guardi.us).

perion.com

codefuel.com

fileparade.com

incredibar.com

better-search.net

software-watcher.com

soft-now.com

soft-now.net

databssint.com

spccint.com

drive-files-a.com

drive-files-b.com

drive-files-c.com

stgbssint.com

trovigo.com

guard-search.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.