dl.searchdealsapp.com

CloudCanvas, Inc.  (via a Proxy Registrant)

Domain Information

The domain dl.searchdealsapp.com is registered by proxy through GODADDY.COM, LLC and was originally registered in June of 2011. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below). The domain is associated with the publisher CloudCanvas, Inc. who is located in Wilmington, Delaware in the United States.
Remove Malware from dl.searchdealsapp.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Thursday, June 16, 2011

Expires date:
Thursday, January 01, 2015

Updated date:
Wednesday, November 20, 2013

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

MicroWorld eScan
Adware.Agent.NVF
100.00%

nProtect
Adware.Agent.NVF
100.00%

McAfee
Artemis!6FEAAAAC38EB
100.00%

Malwarebytes
PUP.Optional.SearchDonkey.A
100.00%

NANO AntiVirus
Trojan.Win32.Plugin.ctuood
100.00%

avast!
Win32:BHO-AMO [PUP]
100.00%

Kaspersky
HEUR:Trojan-Downloader.Win32.Generic
100.00%

Bitdefender
Adware.Agent.NVF
100.00%

Lavasoft Ad-Aware
Adware.Agent.NVF
100.00%

Emsisoft Anti-Malware
Adware.Agent.NVF
100.00%

F-Secure
Adware.Agent.NVF
100.00%

Dr.Web
Adware.Plugin.128
100.00%

VIPRE Antivirus
Trojan.Win32.Generic
100.00%

McAfee Web Gateway
Artemis!6FEAAAAC38EB
100.00%

G Data
Adware.Agent.NVF
100.00%

The domain dl.searchdealsapp.com has been seen to resolve to the following 8 IP addresses.

server-54-230-37-161.jfk1.r.cloudfront.net
April 14, 2014

server-54-230-39-200.jfk1.r.cloudfront.net
April 14, 2014

server-54-230-37-59.jfk1.r.cloudfront.net
April 14, 2014

server-54-230-36-240.jfk1.r.cloudfront.net
April 14, 2014

server-54-230-36-234.jfk1.r.cloudfront.net
April 14, 2014

server-54-230-36-198.jfk1.r.cloudfront.net
April 14, 2014

server-204-246-169-64.jfk1.r.cloudfront.net
April 14, 2014

server-54-230-38-34.jfk1.r.cloudfront.net
April 14, 2014

File downloads found at URLs served by dl.searchdealsapp.com.

20 / 68    (Adware)

The following 4 files have been seen to comunicate with dl.searchdealsapp.com in live environments.

URL:
http://dl.searchdealsapp.com/

Network:
Amazon Cloudfront

Web server:
AmazonS3

Remove Malware from dl.searchdealsapp.com - Powered by Reason Core Security