The domain cdn.airdwnlds.com is registered by proxy through ENOM, INC. and was originally registered in September of 2012. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below). The domain is associated with the publisher Air Software who is located in Victoria, British Columbia in Canada.
Server location:
Virginia, United States (US)
Create date:
Tuesday, September 11, 2012
Expires date:
Sunday, September 11, 2016
Updated date:
Wednesday, August 12, 2015
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
DownloadManager.AirSoftware.F, DownloadManager.Air Software.AirSoftware, PUP.Installer.Softpulse, PUP.Adknowledge.InstallManager.Installer (M), PUP.Air Software.AirSoftware.Bundler (M)
100.00%
Dr.Web
Adware.Downware.624, Trojan.SMSSend.4723, Trojan.SMSSend.5402, Adware.Downware.10718, Adware.Downware.586, Trojan.SMSSend.4803
87.50%
Malwarebytes
PUP.Optional.AirInstaller, PUP.Optional.AirAdInstaller
75.00%
K7 AntiVirus
Unwanted-Program , Riskware
75.00%
avast!
Win32:Installer-L [PUP], Win32:Adware-CAH [PUP], Adware-gen [Adw]
75.00%
VIPRE Antivirus
AirInstaller, Threat.4150696, Threat.4784938, Threat.4782985
75.00%
Sophos
AirInstaller, PUA 'AirInstaller'
75.00%
Rising Antivirus
PE:PUF.Airinstall!1.9C4C
75.00%
IKARUS anti.virus
AdWare.AirAdInstaller, Win32.SuspectCrc, PUA.AirAdInstaller, not-a-virus:AdWare.Win32
75.00%
Panda Antivirus
Adware/AirInstaller, Trj/Genetic.gen
75.00%
Comodo Security
Application.Win32.AirAdInstaller.A, Application.Win32.AirAdInstaller.B
62.50%
Avira AntiVirus
Adware/AirAdInstaller.AF.2, Adware/AgentCV.A.6255, ADWARE/Adware.Gen, Adware/AirAdInstaller.AD.2
62.50%
F-Prot
W32/AirInstall.A8.gen, W32/AirInstall.D.gen, W32/AirInstall.A7.gen
62.50%
Trend Micro House Call
HV_ZYX_BK0841DD.TOMC, HV_ZYX_BK083306.TOMC
50.00%
Agnitum Outpost
PUA.AirAdInstaller
50.00%
The domain cdn.airdwnlds.com has been seen to resolve to the following 26 IP addresses.
server-54-230-194-248.iad53.r.cloudfront.net
November 7, 2015
server-54-230-192-183.iad53.r.cloudfront.net
November 7, 2015
server-54-230-192-27.iad53.r.cloudfront.net
November 7, 2015
server-54-192-194-172.iad53.r.cloudfront.net
November 7, 2015
server-54-192-194-9.iad53.r.cloudfront.net
November 7, 2015
server-54-192-192-120.iad53.r.cloudfront.net
November 7, 2015
server-54-230-195-80.iad53.r.cloudfront.net
November 7, 2015
server-54-230-195-61.iad53.r.cloudfront.net
November 7, 2015
server-54-230-18-212.iad12.r.cloudfront.net
February 18, 2015
server-54-230-17-110.iad12.r.cloudfront.net
February 18, 2015
server-54-230-17-39.iad12.r.cloudfront.net
February 18, 2015
server-54-230-16-233.iad12.r.cloudfront.net
February 18, 2015
server-54-230-16-180.iad12.r.cloudfront.net
February 18, 2015
server-54-230-16-83.iad12.r.cloudfront.net
February 18, 2015
server-54-230-16-3.iad12.r.cloudfront.net
February 18, 2015
server-54-240-160-112.iad12.r.cloudfront.net
February 18, 2015
server-54-230-192-213.iad53.r.cloudfront.net
February 4, 2015
server-54-230-192-44.iad53.r.cloudfront.net
February 4, 2015
server-54-230-16-222.iad12.r.cloudfront.net
November 10, 2014
server-54-230-16-163.iad12.r.cloudfront.net
November 10, 2014
server-54-230-18-206.iad12.r.cloudfront.net
November 10, 2014
server-54-230-18-179.iad12.r.cloudfront.net
November 10, 2014
server-54-230-18-113.iad12.r.cloudfront.net
November 10, 2014
server-54-230-18-43.iad12.r.cloudfront.net
November 10, 2014
server-54-230-18-18.iad12.r.cloudfront.net
November 10, 2014
server-54-230-17-136.iad12.r.cloudfront.net
November 10, 2014
File downloads found at URLs served by cdn.airdwnlds.com.
The following 9 files have been seen to comunicate with cdn.airdwnlds.com in live environments.
URL:
http://cdn.airdwnlds.com/
Network:
Amazon Cloudfront
Web server:
Apache/2.2.22 (Ubuntu)
Related Domains