» jd2cdn.com
Overview
Analysis
IPs Addresses (1)
Downloads (5)
Subdomains (1)
Website Detail

jd2cdn.com

WHOISGUARD, INC. (Proxy Registrant)

Domain Information

The domain jd2cdn.com is registered by proxy through ENOM, INC. and was originally registered in February of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.

Registrant:

WHOISGUARD, INC.

Registrar:

ENOM, INC.

Server location:

Noord-Holland, Netherlands (NL)

Create date:

Wednesday, February 25, 2015

Expires date:

Saturday, February 25, 2017

Updated date:

Tuesday, January 26, 2016

ASN:

AS60781 LEASEWEB-NL LeaseWeb Netherlands B.V.,NL

Whois:

2 jd2cdn.com records

Google Safe Browsing:

unwanted

Scanner detections:

Detections (60% detected)

Scan engine

Details

Detections

ESET NOD32

Win32/OpenCandy, Win32/Somoto, Win32/InstallCore.WF potentially unwanted (variant)

75.00%

Bkav FE

W32.Clodabf.Trojan

25.00%

Malwarebytes

PUP.Optional.OpenCandy

25.00%

Trend Micro House Call

ADW_OPENCANDY

25.00%

Agnitum Outpost

Adware.OpenCandy

25.00%

Trend Micro

ADW_OPENCANDY

25.00%

Vba32 AntiVirus

AdWare.OpenCandy

25.00%

Rising Antivirus

PE:PUF.OpenCandy!1.9DE5

25.00%

XVirus List

Win.Detected

25.00%

Dr.Web

Adware.OpenCandy.3

25.00%

McAfee

RDN/Generic.bfr!hw

25.00%

Comodo Security

UnclassifiedMalware

25.00%

VIPRE Antivirus

Trojan.Win32.Generic

25.00%

ESET NOD32

Detection.Undefined

25.00%

Avira AntiVirus

Adware/InstallCore.A.2417

25.00%

The domain jd2cdn.com has been seen to resolve to the following IP address.

85.17.27.202

October 13, 2015

File downloads found at URLs served by jd2cdn.com.

1 / 68

http://jd2cdn.com/.../winrar-x64-521.exe&u={D7507248-A67C-4B12-99FC-171A655E7719} (9b6f7231533f04b75f3b3c86cb9d0117)

4 / 68 (Malware)

http://jd2cdn.com/.../setup-instagram-downloader.exe&u={D3E8A4E8-1CE6-438C-995A-8A4AE679BCFD} (1f462a0dfb2aaabbe88ba83e4a6b3fae)

5 / 68 (PUP)

http://jd2cdn.com/.../pal_install_iron_r132089.exe&u={8676EF27-0090-4410-9218-019498B1E48C} (0657e02ee2ac20bc58bc1c1899444ff2)

0 / 68

http://jd2cdn.com/.../RMVBPlayerSetup.exe&u={BFC1F986-AB27-4C12-80C1-D59A686E0A49} (rmvb-player-1-0-3-32-bits.exe)

10 / 68 (PUP)

http://jd2cdn.com/.../SetupImgBurn_2.5.8.0.exe&u={E37E72A3-68EA-4D36-BCC5-0BA2AC0598F8} (9685e1b00b7d1b31ede436bd9b12be39)

Subdomains

May 27, 2016

files.jd2cdn.com

URL:

http://jd2cdn.com/

Web server:

nginx (PHP/5.5.22)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.