dl.recordcheckerapp.com

Long Mile Solutions, LLC  (via a Proxy Registrant)

Domain Information

The domain dl.recordcheckerapp.com is registered by proxy through GODADDY.COM, LLC and was originally registered in April of 2013. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below). The domain is associated with the publisher Long Mile Solutions, LLC who is located in CARLSBAD, California in the United States.
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Tuesday, April 02, 2013

Expires date:
Sunday, April 02, 2017

Updated date:
Sunday, April 03, 2016

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.LongMileSolutions.F, PUP.Optional.Installer.I, PUP.Installer.SoftpulseSLU.F, PUP.Installer.LongMileSolutions.N, PUP.Installer.Injekt, PUP.FunTechnology.Installer (M), PUP.Injekt.LongMileSolutions.Installer (M), PUP.Injekt.LongMile.Installer (M)
100.00%

Dr.Web
Adware.Plugin.128, Trojan.Packed.28257, Adware.Plugin.36
57.14%

Antiy Labs AVL
Trojan/Win32.SGeneric, Trojan/Win32.TSGeneric, Trojan[:HEUR]/Win32.AGeneric
42.86%

IKARUS anti.virus
PUA.DigiPlug, PUA.ExFriendAlert, PUA.LMS, AdWare.Agent, AdWare.Win32.ExFriendAlert
42.86%

Malwarebytes
PUP.Optional.MultiExtension.A, PUP.Optional.OpenCandy, PUP.Optional.RecordChecker.A
35.71%

Agnitum Outpost
PUA.PullUpdate, Riskware.Agent
35.71%

Trend Micro House Call
TROJ_GE.BF94D85E, Suspicious_GEN.F47V0904, Suspici.F4CBE3E4, TROJ_GE.8EDB7876, TROJ_GEN.F47V0522
35.71%

avast!
Win32:BHO-AMO [PUP]
35.71%

ESET NOD32
MSIL/Adware.PullUpdate, Win32/SoftPulse (variant), Win32/ExFriendAlert (variant)
35.71%

VIPRE Antivirus
Threat.4150696, Threat.4784449, Injekt, SearchDonkey
35.71%

NANO AntiVirus
Trojan.Win32.MLW.dcjqvm, Trojan.Win32.ExFriendAlert.deiobm, Trojan.Win32.ExFriendAlert.deioie, Trojan.Win32.Generic.cvzfrs
35.71%

Sophos
DomainIQ pay-per install, OpenCandy, Record Checker, PUA 'Record Checker' (of type Adware)
35.71%

Comodo Security
ApplicUnwnt, Application.Win32.DomaIQ.LPF
28.57%

K7 Gateway Antivirus
Unwanted-Program , Trojan
28.57%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, AdWare.SaMon
28.57%

The domain dl.recordcheckerapp.com has been seen to resolve to the following 90 IP addresses.

server-52-85-131-104.iad53.r.cloudfront.net
May 21, 2016

server-52-85-131-86.iad53.r.cloudfront.net
May 21, 2016

server-52-85-131-60.iad53.r.cloudfront.net
May 21, 2016

server-52-85-131-216.iad53.r.cloudfront.net
May 21, 2016

server-52-85-131-208.iad53.r.cloudfront.net
May 21, 2016

server-52-85-131-185.iad53.r.cloudfront.net
May 21, 2016

server-52-85-131-173.iad53.r.cloudfront.net
May 21, 2016

server-52-85-131-137.iad53.r.cloudfront.net
May 21, 2016

server-52-85-142-129.iad12.r.cloudfront.net
May 16, 2016

server-52-85-142-74.iad12.r.cloudfront.net
May 16, 2016

server-52-85-142-27.iad12.r.cloudfront.net
May 16, 2016

server-52-85-142-230.iad12.r.cloudfront.net
May 16, 2016

server-52-85-142-197.iad12.r.cloudfront.net
May 16, 2016

server-52-85-142-153.iad12.r.cloudfront.net
May 16, 2016

server-52-85-142-144.iad12.r.cloudfront.net
May 16, 2016

server-52-85-142-131.iad12.r.cloudfront.net
May 16, 2016

server-54-230-102-70.iad2.r.cloudfront.net
April 9, 2016

server-54-230-102-59.iad2.r.cloudfront.net
April 9, 2016

server-54-230-102-238.iad2.r.cloudfront.net
April 9, 2016

server-54-230-102-230.iad2.r.cloudfront.net
April 9, 2016

server-54-230-102-225.iad2.r.cloudfront.net
April 9, 2016

server-54-230-102-203.iad2.r.cloudfront.net
April 9, 2016

server-54-230-102-179.iad2.r.cloudfront.net
April 9, 2016

server-54-230-102-164.iad2.r.cloudfront.net
April 9, 2016

server-54-240-160-24.iad12.r.cloudfront.net
February 28, 2016

server-54-240-160-17.iad12.r.cloudfront.net
February 28, 2016

server-54-240-160-8.iad12.r.cloudfront.net
February 28, 2016

server-54-240-160-228.iad12.r.cloudfront.net
February 28, 2016

server-54-240-160-201.iad12.r.cloudfront.net
February 28, 2016

server-54-240-160-191.iad12.r.cloudfront.net
February 28, 2016

 
Showing 30 of 90 IP Addresses

File downloads found at URLs served by dl.recordcheckerapp.com.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

10 / 68    (PUP)

3 / 68      (PUP)

21 / 68    (Adware)

17 / 68    (Adware)

10 / 68    (Adware)

13 / 68    (Adware)

17 / 68    (Adware)

9 / 68      (Adware)

10 / 68    (Adware)

The following 87 files have been seen to comunicate with dl.recordcheckerapp.com in live environments.

 
Latest 20 of 115 files

URL:
http://dl.recordcheckerapp.com/

Title:
“Download”

Network:
Amazon Cloudfront

Web server:
AmazonS3