cld2r.com

PrivacyYes.com

Domain Information

The domain cld2r.com registered by PrivacyYes.com was initially registered in August of 2013 through KEY-SYSTEMS GMBH. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Remove Malware from cld2r.com - Powered by Reason Core Security
Registrar:
KEY-SYSTEMS GMBH

Server location:
Dublin City, Ireland (IE)

Create date:
Friday, August 16, 2013

Expires date:
Sunday, August 16, 2015

Updated date:
Friday, July 11, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Amonetizeltd.h, PUP.Installer.PaymentsInteractiveSL.M, PUP.Installer.OUTBROWSE.K, PUP.Installer.ClovermediaSL.M, PUP.Installer.OUTBROWSE.F, PUP.Installer.PaymentsInteractiveSL.R, PUP.Installer.NanningweiwuTechnologycoltd.F, PUP.Installer.DigitalPluginSL.M, PUP.Installer.FileFalcon.F, PUP.Installer.Outbrowse, PUP.Bundler.Outbrowse
97.56%

Dr.Web
Adware.Downware.1655, Trojan.Packed.26772, Adware.Downware.2081, Adware.Downware.4305, Adware.Downware.3587, Trojan.DownLoader11.5325, Program.Unwanted.79
95.12%

VIPRE Antivirus
Amonetize, Threat.4150696, Threat.4783235, Threat.4784459, Trojan.Win32.Generic, Threat.4371328, Threat.4783262, Threat.4778314
92.68%

Avira AntiVirus
ADWARE/Adware.Gen2, APPL/DomaIQ.Gen, APPL/Downloader.Gen, APPL/DomaIQ.beor, Adware/Strictor.55983, APPL/OutBrowse.lwasp
92.68%

AVG
MalSign.Generic, DomaIQ, Adware DomaIQ, Adware DomaIQ_r.K, Adware DomaIQ.EA, Adware DomaIQ.EC, Adware AdPlugin.VX
92.68%

McAfee
Adware-Amonetize!ABB4E18C0F6D, CryptDomaIQ, Adware-OutBrowse, Adware-DomaIQ!2DC5E3F74A27, PUP-FJS!A79A619DD500, PUP-FJP!3CA0638E7119
90.24%

G Data
Win32.Application.Amonetize, Application.Bundler.DomaIQ, Win32.Application.Outbrowse, Adware.DomaIQ.AR, Gen:Variant.Adware.Kazy.374465
90.24%

K7 AntiVirus
Unwanted-Program , Trojan
90.24%

K7 Gateway Antivirus
Unwanted-Program , Trojan
90.24%

Kaspersky
not-a-virus:AdWare.Win32.Lollipop, not-a-virus:AdWare.Win32.OutBrowse, not-a-virus:AdWare.MSIL.DomaIQ, not-a-virus:AdWare.Win32.DomaIQ
90.24%

Sophos
Generic PUA PH, OutBrowse Revenyou, DomainIQ pay-per install, Generic PUA PK, Square Network Installer, SoftPulse, PUA 'OutBrowse Revenyou'
90.24%

Malwarebytes
PUP.Optional.Amonetize, PUP.Optional.BundleInstaller.A, PUP.Optional.OutBrowse, PUP.Optional.DomaIQ, PUP.Optional.Domalq
87.80%

McAfee Web Gateway
Adware-Amonetize!ABB4E18C0F6D, BehavesLike.Win32.CryptDoma.gh, BehavesLike.Win32.AdwareOutBrowse.dc, Adware-DomaIQ!2DC5E3F74A27
87.80%

nProtect
Trojan-Clicker/W32.Agent.490480, Trojan-Clicker/W32.OutBrowse.993712, Trojan-Clicker/W32.Agent.277888, Trojan-Clicker/W32.Agent.614528
85.37%

Antiy Labs AVL
GrayWare[AdWare:not-a-virus]/MSIL.DomaIQ, Riskware[:not-a-virus]/Win32.OutBrowse.g, GrayWare[AdWare:not-a-virus]/Win32.Lollipop
85.37%

The domain cld2r.com has been seen to resolve to the following 3 IP addresses.

ec2-54-194-150-74.eu-west-1.compute.amazonaws.com
August 17, 2014

April 11, 2014

ec2-54-194-139-2.eu-west-1.compute.amazonaws.com
April 11, 2014

File downloads found at URLs served by cld2r.com.

15 / 68    (Adware)

15 / 68    (Adware)

15 / 68    (Adware)

 
Latest 30 of 226 download URLs

URL:
http://cld2r.com/

Title:
“Have Sex Tonight”

Network:
Amazon Web Services (AWS), running an EC2 instance

SSL certificate subject:
CN=cldlr.com, OU=Domain Control Validated

SSL certificate issuer:
SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc."

Web server:
nginx/1.6.0 (PHP/5.3.3)

Quantcast US:
Rank:  66,600

Statistics above are for the previous month of November 2016.

Remove Malware from cld2r.com - Powered by Reason Core Security