dl.recordcheckerapp.com

Long Mile Solutions, LLC  (via a Proxy Registrant)

Domain Information

The domain dl.recordcheckerapp.com is registered by proxy through GODADDY.COM, LLC and was originally registered in April of 2013. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below). The domain is associated with the publisher Long Mile Solutions, LLC who is located in CARLSBAD, California in the United States.
Remove Malware from dl.recordcheckerapp.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Tuesday, April 02, 2013

Expires date:
Saturday, April 02, 2016

Updated date:
Friday, May 01, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.LongMileSolutions.F, PUP.Optional.Installer.I, PUP.Installer.SoftpulseSLU.F, PUP.Installer.LongMileSolutions.N, PUP.Installer.Injekt, PUP.Injekt.LongMileSolutions.Installer (M)
100.00%

Dr.Web
Adware.Plugin.128, Trojan.Packed.28257, Adware.Plugin.36
80.00%

Antiy Labs AVL
Trojan/Win32.SGeneric, Trojan/Win32.TSGeneric, Trojan[:HEUR]/Win32.AGeneric
60.00%

IKARUS anti.virus
PUA.DigiPlug, PUA.ExFriendAlert, PUA.LMS, AdWare.Agent, AdWare.Win32.ExFriendAlert
60.00%

Malwarebytes
PUP.Optional.MultiExtension.A, PUP.Optional.OpenCandy, PUP.Optional.RecordChecker.A
50.00%

Agnitum Outpost
PUA.PullUpdate, Riskware.Agent
50.00%

Trend Micro House Call
TROJ_GE.BF94D85E, Suspicious_GEN.F47V0904, Suspici.F4CBE3E4, TROJ_GE.8EDB7876, TROJ_GEN.F47V0522
50.00%

avast!
Win32:BHO-AMO [PUP]
50.00%

ESET NOD32
MSIL/Adware.PullUpdate, Win32/SoftPulse (variant), Win32/ExFriendAlert (variant)
50.00%

VIPRE Antivirus
Threat.4150696, Threat.4784449, Injekt, SearchDonkey
50.00%

NANO AntiVirus
Trojan.Win32.MLW.dcjqvm, Trojan.Win32.ExFriendAlert.deiobm, Trojan.Win32.ExFriendAlert.deioie, Trojan.Win32.Generic.cvzfrs
50.00%

Sophos
DomainIQ pay-per install, OpenCandy, Record Checker, PUA 'Record Checker' (of type Adware)
50.00%

Comodo Security
ApplicUnwnt, Application.Win32.DomaIQ.LPF
40.00%

K7 Gateway Antivirus
Unwanted-Program , Trojan
40.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, AdWare.SaMon
40.00%

The domain dl.recordcheckerapp.com has been seen to resolve to the following 58 IP addresses.

server-54-240-160-148.iad12.r.cloudfront.net
January 6, 2016

server-54-240-160-146.iad12.r.cloudfront.net
January 6, 2016

server-54-240-160-104.iad12.r.cloudfront.net
January 6, 2016

server-54-240-160-254.iad12.r.cloudfront.net
January 6, 2016

server-54-240-160-226.iad12.r.cloudfront.net
January 6, 2016

server-54-240-160-211.iad12.r.cloudfront.net
January 6, 2016

server-54-240-160-167.iad12.r.cloudfront.net
January 6, 2016

server-54-240-160-159.iad12.r.cloudfront.net
January 6, 2016

server-54-230-100-88.iad2.r.cloudfront.net
December 1, 2015

server-54-192-102-41.iad2.r.cloudfront.net
December 1, 2015

server-54-192-101-238.iad2.r.cloudfront.net
December 1, 2015

server-54-192-55-143.jfk6.r.cloudfront.net
May 4, 2015

server-54-192-55-150.jfk6.r.cloudfront.net
May 4, 2015

server-54-230-55-56.jfk6.r.cloudfront.net
May 4, 2015

server-54-230-52-162.jfk6.r.cloudfront.net
May 4, 2015

server-54-230-53-86.jfk6.r.cloudfront.net
May 4, 2015

server-54-192-55-175.jfk6.r.cloudfront.net
May 4, 2015

server-54-192-55-39.jfk6.r.cloudfront.net
May 4, 2015

server-54-230-52-251.jfk6.r.cloudfront.net
May 4, 2015

server-54-192-101-120.iad2.r.cloudfront.net
May 2, 2015

server-54-192-101-106.iad2.r.cloudfront.net
May 2, 2015

server-216-137-33-253.iad2.r.cloudfront.net
May 2, 2015

server-54-230-69-159.sea50.r.cloudfront.net
March 31, 2015

server-54-230-69-128.sea50.r.cloudfront.net
March 31, 2015

server-54-230-68-218.sea50.r.cloudfront.net
March 31, 2015

server-54-230-68-116.sea50.r.cloudfront.net
March 31, 2015

server-54-230-18-23.iad12.r.cloudfront.net
December 1, 2014

server-54-230-17-172.iad12.r.cloudfront.net
December 1, 2014

server-54-230-17-5.iad12.r.cloudfront.net
December 1, 2014

server-54-240-160-176.iad12.r.cloudfront.net
December 1, 2014

 
Showing 30 of 58 IP Addresses

File downloads found at URLs served by dl.recordcheckerapp.com.

1 / 68      (Adware)

10 / 68    (PUP)

3 / 68      (PUP)

21 / 68    (Adware)

17 / 68    (Adware)

10 / 68    (Adware)

13 / 68    (Adware)

17 / 68    (Adware)

9 / 68      (Adware)

10 / 68    (Adware)

The following 24 files have been seen to comunicate with dl.recordcheckerapp.com in live environments.

 
Latest 20 of 24 files

URL:
http://dl.recordcheckerapp.com/

Title:
“Download”

Network:
Amazon Cloudfront

Web server:
AmazonS3

Remove Malware from dl.recordcheckerapp.com - Powered by Reason Core Security