cld3r.com

John Smith

Domain Information

The domain cld3r.com registered by John Smith was initially registered in August of 2013 through KEY-SYSTEMS GMBH. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Registrar:
KEY-SYSTEMS GMBH

Server location:
Dublin City, Ireland (IE)

Create date:
Tuesday, August 27, 2013

Expires date:
Saturday, August 27, 2016

Updated date:
Thursday, August 13, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.PaymentsInteractiveSL.M, PUP.Installer.PluginUpdateSL.M, PUP.Installer.DigitalPluginSL.M, PUP.Outbrowse.StartNow, PUP.Outbrowse.StartNow.Bundler (M), PUP.Softpulse.SmartSecuresoftware.Bundler (M), PUP.Tuguu.PaymentsInteractive.Bundler (M), PUP.Softpulse.PluginUpdate.Bundler (M), PUP.Outbrowse.Outborwse.Installer (M), PUP.Tuguu.Payments.Bundler (M), Win32.Generic, PUP.Softpulse.DigitalP.Bundler (M), Win16.Generic, PUP.Outbrowse.StartPla.Bundler (M), PUP.Tuguu (M), PUP.Softpulse (M)
100.00%

VIPRE Antivirus
Threat.4150696
10.20%

avast!
Win32:Agent-AUBR [PUP], Win32:SoftPulse-AH [PUP], OutBrowse-AI [PUP], OutBrowse-AJ [PUP], Adware-gen [Adw]
10.20%

Dr.Web
Trojan.DownLoader11.29457, Trojan.MulDrop5.40191, Trojan.OutBrowse.6
10.20%

McAfee
SoftPulse, Adware-OutBrowse.c
10.20%

Malwarebytes
PUP.Optional.DomaIQ, PUP.Optional.OutBrowse
10.20%

Avira AntiVirus
APPL/Downloader.Gen8, Adware/Softpulse.107390, APPL/Outbrowse.Gen
10.20%

McAfee Web Gateway
SoftPulse, BehavesLike.Win32.MPlug.tc, BehavesLike.Win32.CryptDoma.hc, BehavesLike.Win32.Dropper.hc, BehavesLike.Win32.AdwareOutBrowse.hc
10.20%

AhnLab V3 Security
PUP/Win32.DomaIQ, PUP/Win32.OutBrowse
10.20%

AVG
Generic, Potentially harmful program Downloader.CHY, Potentially harmful program Downloader.CER
10.20%

ESET NOD32
Win32/SoftPulse.H potentially unwanted application, Win32/OutBrowse.BK potentially unwanted application, Win32/OutBrowse.BG potentially unwanted application
8.16%

K7 AntiVirus
Unwanted-Program
8.16%

K7 Gateway Antivirus
Unwanted-Program
8.16%

NANO AntiVirus
Trojan.Win32.Buzus.dejvde, Riskware.Win32.SoftPulse.dfhrtw, Trojan.Win32.OutBrowse.djogzg, Trojan.Win32.OutBrowse.djpwiw
8.16%

Agnitum Outpost
PUA.Agent, Riskware.Agent, PUA.OutBrowse
6.12%

The domain cld3r.com has been seen to resolve to the following 4 IP addresses.

September 3, 2016

ec2-54-194-150-74.eu-west-1.compute.amazonaws.com
June 20, 2014

May 10, 2014

ec2-54-194-139-2.eu-west-1.compute.amazonaws.com
May 10, 2014

File downloads found at URLs served by cld3r.com.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

32 / 68    (Adware)

URL:
http://cld3r.com/

Title:
“Get ready to have sex tonight!”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.6.3 (HHVM/3.8.0-dev)