The domain i.funmoods.com registered by IronSource Israel (2011) Ltd. was initially registered in May of 2010 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Providence, Utah within the United States which resides on the Hosting Services, Inc. network.
Utah, United States (US)
Monday, May 31, 2010
Tuesday, May 31, 2016
Tuesday, June 09, 2015
AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US
Detections (93% detected)
Win32/InstallCore.AY (variant), Win32/ExFriendAlert (variant), Win32/AirAdInstaller (variant), Win32/InstallCore (variant)
Adware.InstallCore.72, Adware.Plugin.128, Trojan.SMSSend.4766, Adware.InstallCore.15, Trojan.Click2.64262, Trojan.Yontoo.1867
Adware/InstallC.B.1, APPL/InstallCore.AH.31, ADWARE/Adware.Gen, ADWARE/InstallCore.Gen, ADWARE/Adware.Gen7
PUP.Installer.Volonet.F, PUP.Installer.CreativeIslandMedia.F, PUP.Installer.Funmoods.F, DownloadManager.AirSoftware.F, PUP.Installer.NeonAlchemistStation.F
W32/InstallCore.P.gen, W32/InstallCore.G4.gen, W32/AirInstall.A8.gen, W32/InstallCore.S.gen
Trend Micro House Call
TROJ_GEN.RCBH1IU, TROJ_GEN.F47V1028, TROJ_GEN.R0CBOH0AQ14, TROJ_GEN.RCBH1CE, TROJ_GEN.F47V1119
PUP.Optional.SearchDonkey.A, PUP.Optional.Funmoods, PUP.Optional.AirInstaller, PUP.Optional.UnfreindAlert.A
JS:BHO-O [PUP], Win32:FunMood-A [PUP], Win32:Installer-L [PUP], Win32:Dropper-gen [Drp]
BScope.Malware-Cryptor.InstallCore.2691, AdWare.AirAdInstaller, Malware-Cryptor.InstallCore.9
Trojan , Adware
K7 Gateway Antivirus
Trojan , Unwanted-Program
Funmoods Toolbar, AirInstaller
Adware.Win32.Agent, Trojan.Win32.InstallCore, PUA.Win32.UnlimitedDownloads
The domain i.funmoods.com has been seen to resolve to the following 6 IP addresses.
File downloads found at URLs served by i.funmoods.com.
SSL certificate subject:
CN=*.funmoods.com, OU=Domain Control Validated
SSL certificate issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."