The domain dlp.cloudsvr311.com is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Nord-Pas-De-Calais, France (FR)
Monday, March 02, 2015
Wednesday, March 02, 2016
Thursday, October 08, 2015
AS16276 OVH OVH SAS,FR
Detections (100% detected)
PUP.Installer.TuguuIsrael.F, PUP.Installer.TuguuIsrael.M, PUP.Installer.TuguuIsrael.I, PUP.TUGUUSL.N, PUP.Tuguu.Installer (M)
Artemis!564F55A8164A, Adware-DomaIQ, Adware-DomaIQ!AEE9C150A47C, CryptDomaIQ
K7 Gateway Antivirus
Unwanted-Program , Trojan
not-a-virus:AdWare.MSIL.DomaIQ, not-a-virus:AdWare.Win32.DomaIQ, not-a-virus:AdWare.Win32.Lollipop
Application.Win32.DomaIQ.PUP, Application.Win32.DomaIQ.D, Application.Win32.DomaIQ.PUS
McAfee Web Gateway
Artemis!564F55A8164A, Heuristic.BehavesLike.Win32.Suspicious.D, Heuristic.BehavesLike.Win32.Suspicious.H
Generic PUA IP, DomainIQ pay-per install
Pack.Mal.AntiVM, AdWare/DomaIQ.if, AdWare/MSIL.ahz
DomaIQ_r.H, Adware Skodna.Generic_r, Adware DomaIQ_r.D
The domain dlp.cloudsvr311.com has been seen to resolve to the following 4 IP addresses.
File downloads found at URLs served by dlp.cloudsvr311.com.