cdn.airdlr.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain cdn.airdlr.com is registered by proxy through ENOM, INC. and was originally registered in September of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Sherman Oaks, California within the United States which resides on the Unitas Global LLC network.
Registrar:
ENOM, INC.

Server location:
California, United States (US)

Create date:
Monday, September 19, 2011

Expires date:
Monday, September 19, 2016

Updated date:
Thursday, August 20, 2015

ASN:
AS4436 AS-NLAYER - nLayer Communications, Inc.

Root domain:

Scanner detections:
Detections  (84% detected)

Scan engine
Details
Detections

Reason Heuristics
DownloadManager.AirSoftware.F, DownloadManager.AirSoftware.I, DownloadManager.AirSoftware.P, DownloadManager.AirSoftware.V, PUP.Installer.FUSIONINSTALLER.F, PUP.Installer.OUTbrowse.F, DownloadManager.Air Software, PUP.Injekt.TodaySolutions.Installer (M), PUP.Air Software.AirSoftware.Bundler (M), PUP.Outbrowse.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.Solimba.Bechiro.Bundler (M), PUP.Adknowledge.OptimumI.Bundler (M), PUP.Solimba (M)
100.00%

VIPRE Antivirus
AirInstaller, Threat.4150696, OutBrowse, Threat.4872425
59.26%

avast!
Win32:Installer-L [PUP], Win32:Adware-gen [Adw], Win32:Adware-CAH [PUP]
55.56%

Comodo Security
Application.Win32.AirAdInstaller.A, Application.Win32.IBryte.X
51.85%

Dr.Web
Trojan.SMSSend.4803, Adware.Downware.249, Trojan.SMSSend.4758, Adware.Downware.439, Adware.Downware.624, Adware.Downware.6205
48.15%

ESET NOD32
Win32/AirAdInstaller (variant), Win32/OutBrowse.AN
48.15%

Sophos
AirInstaller, iBryte Optimum Installer
44.44%

Malwarebytes
PUP.Optional.AirInstaller, PUP.BundleInstaller.IWT, PUP.Optional.OptimumInstaller.A, PUP.Optional.OutBrowse, PUP.Optional.TerasGames
40.74%

K7 AntiVirus
Unwanted-Program , Riskware, Adware
40.74%

Rising Antivirus
PE:PUF.Airinstall!1.9C4C, PE:Malware.iBryte!6.197B, PE:Malware.Generic(Thunder)!1.A1C4 [F]
40.74%

IKARUS anti.virus
not-a-virus:AdWare.Win32, AdWare.AirAdInstaller, PUA.InstallBundler, PUA.OutBrowse, PUA.AirAdInstaller, Trojan.Win32.SelfDel
37.04%

Avira AntiVirus
Adware/AirAdInstaller.AE.3, Adware/AirAdInstaller.AF.2, Adware/AirAdInstaller.AG.1, APPL/OptInstall.zaxz, APPL/OutBrowse.lwasq
37.04%

Panda Antivirus
Adware/AirInstaller, PUP/iBryte, Trj/Genetic.gen
29.63%

Fortinet FortiGate
Riskware/AirInstaller, Adware/Fam.NB
25.93%

F-Prot
W32/AirInstall.A8.gen, W32/DomaIQ.G2.gen, W32/AirInstall.A7.gen
22.22%

The domain cdn.airdlr.com has been seen to resolve to the following 3 IP addresses.

225-124-232-198.static.unitasglobal.net
August 7, 2014

228-124-232-198.static.unitasglobal.net
March 6, 2014

224-124-232-198.static.unitasglobal.net
February 7, 2014

File downloads found at URLs served by cdn.airdlr.com.

1 / 68      (Adware)

9 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

20 / 68    (Adware)

9 / 68      (Adware)

21 / 68    (Adware)

14 / 68    (Adware)

9 / 68      (Adware)

The following 25 files have been seen to comunicate with cdn.airdlr.com in live environments.

 
Latest 20 of 27 files

URL:
http://cdn.airdlr.com/

Web server:
NetDNA-cache/2.2