The domain cld2r.com registered by PrivacyYes.com was initially registered in August of 2013 through KEY-SYSTEMS GMBH. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Registrant:
PrivacyYes.com
Registrar:
KEY-SYSTEMS GMBH
Server location:
Dublin City, Ireland (IE)
Create date:
Friday, August 16, 2013
Expires date:
Sunday, August 16, 2015
Updated date:
Friday, July 11, 2014
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.
Scanner detections:
Detections (95% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.Amonetizeltd.h, PUP.Installer.PaymentsInteractiveSL.M, PUP.Installer.OUTBROWSE.K, PUP.Installer.ClovermediaSL.M, PUP.Installer.OUTBROWSE.F, PUP.Installer.PaymentsInteractiveSL.R, PUP.Installer.NanningweiwuTechnologycoltd.F, PUP.Installer.DigitalPluginSL.M, PUP.Installer.FileFalcon.F, PUP.Systweak.SUPERTUN.Installer.Meta (M), PUP.Installer.Outbrowse, PUP.Bundler.Outbrowse
97.56%
Dr.Web
Adware.Downware.1655, Trojan.Packed.26772, Adware.Downware.2081, Adware.Downware.4305, Adware.Downware.3587, Trojan.DownLoader11.5325, Program.Unwanted.79
95.12%
VIPRE Antivirus
Amonetize, Threat.4150696, Threat.4783235, Threat.4784459, Trojan.Win32.Generic, Threat.4371328, Threat.4783262, Threat.4778314
92.68%
Avira AntiVirus
ADWARE/Adware.Gen2, APPL/DomaIQ.Gen, APPL/Downloader.Gen, APPL/DomaIQ.beor, Adware/Strictor.55983, APPL/OutBrowse.lwasp
92.68%
AVG
MalSign.Generic, DomaIQ, Adware DomaIQ, Adware DomaIQ_r.K, Adware DomaIQ.EA, Adware DomaIQ.EC, Adware AdPlugin.VX
92.68%
McAfee
Adware-Amonetize!ABB4E18C0F6D, CryptDomaIQ, Adware-OutBrowse, Adware-DomaIQ!2DC5E3F74A27, PUP-FJS!A79A619DD500, PUP-FJP!3CA0638E7119
90.24%
G Data
Win32.Application.Amonetize, Application.Bundler.DomaIQ, Win32.Application.Outbrowse, Adware.DomaIQ.AR, Gen:Variant.Adware.Kazy.374465
90.24%
K7 AntiVirus
Unwanted-Program , Trojan
90.24%
Kaspersky
not-a-virus:AdWare.Win32.Lollipop, not-a-virus:AdWare.Win32.OutBrowse, not-a-virus:AdWare.MSIL.DomaIQ, not-a-virus:AdWare.Win32.DomaIQ
90.24%
Sophos
Generic PUA PH, OutBrowse Revenyou, DomainIQ pay-per install, Generic PUA PK, Square Network Installer, SoftPulse, PUA 'OutBrowse Revenyou'
90.24%
Malwarebytes
PUP.Optional.Amonetize, PUP.Optional.BundleInstaller.A, PUP.Optional.OutBrowse, PUP.Optional.DomaIQ, PUP.Optional.Domalq
87.80%
nProtect
Trojan-Clicker/W32.Agent.490480, Trojan-Clicker/W32.OutBrowse.993712, Trojan-Clicker/W32.Agent.277888, Trojan-Clicker/W32.Agent.614528
85.37%
ESET NOD32
Win32/DomaIQ.BF potentially unwanted application, Win32/DomaIQ.BB potentially unwanted application, Win32/OutBrowse.V potentially unwanted application
82.93%
NANO AntiVirus
Riskware.Win32.DomaIQ.datbeq, Trojan.Win32.Generic.cthmwf, Riskware.Win32.Downware.dchfoa, Riskware.Win32.Lollipop.cyamlo
78.05%
AhnLab V3 Security
PUP/Win32.Amonetiz, PUP/Win32.DomaIQ, PUP/Win32.OutBrowse, PUP/Win32.SoftPulse, PUP/Win32.IBryte
73.17%
The domain cld2r.com has been seen to resolve to the following 3 IP addresses.
ec2-54-194-150-74.eu-west-1.compute.amazonaws.com
August 17, 2014
ec2-54-194-139-2.eu-west-1.compute.amazonaws.com
April 11, 2014
File downloads found at URLs served by cld2r.com.
Latest 30 of 226 download URLs
Network:
Amazon Web Services (AWS), running an EC2 instance
SSL certificate subject:
CN=cldlr.com, OU=Domain Control Validated
SSL certificate issuer:
SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc."
Web server:
nginx/1.6.0 (PHP/5.3.3)
Statistics above are for the previous month of March 2024.