dlp.cloudsvr311.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dlp.cloudsvr311.com is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Remove Malware from dlp.cloudsvr311.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Nord-Pas-De-Calais, France (FR)

Create date:
Monday, March 02, 2015

Expires date:
Wednesday, March 02, 2016

Updated date:
Thursday, October 08, 2015

ASN:
AS16276 OVH OVH SAS,FR

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.TuguuIsrael.F, PUP.Installer.TuguuIsrael.M, PUP.Installer.TuguuIsrael.I, PUP.TUGUUSL.N, PUP.Tuguu.Installer (M)
100.00%

McAfee
Artemis!564F55A8164A, Adware-DomaIQ, Adware-DomaIQ!AEE9C150A47C, CryptDomaIQ
50.00%

Malwarebytes
PUP.Optional.BundleInstaller.A, PUP.Optional.DomaIQ
50.00%

K7 Gateway Antivirus
Unwanted-Program , Trojan
50.00%

K7 AntiVirus
Unwanted-Program
50.00%

Kaspersky
not-a-virus:AdWare.MSIL.DomaIQ, not-a-virus:AdWare.Win32.DomaIQ, not-a-virus:AdWare.Win32.Lollipop
50.00%

Comodo Security
Application.Win32.DomaIQ.PUP, Application.Win32.DomaIQ.D, Application.Win32.DomaIQ.PUS
50.00%

VIPRE Antivirus
DomaIQ, Threat.4783235
50.00%

Avira AntiVirus
APPL/DomaIQ.Gen, APPL/DomaIQ.AV
50.00%

McAfee Web Gateway
Artemis!564F55A8164A, Heuristic.BehavesLike.Win32.Suspicious.D, Heuristic.BehavesLike.Win32.Suspicious.H
50.00%

Sophos
Generic PUA IP, DomainIQ pay-per install
50.00%

Jiangmin
Pack.Mal.AntiVM, AdWare/DomaIQ.if, AdWare/MSIL.ahz
50.00%

Panda Antivirus
PUP/MultiToolbar.A
50.00%

AVG
DomaIQ_r.H, Adware Skodna.Generic_r, Adware DomaIQ_r.D
50.00%

Dr.Web
Trojan.PayInt.27, Trojan.MulDrop5.9989
37.50%

The domain dlp.cloudsvr311.com has been seen to resolve to the following 4 IP addresses.

November 25, 2015

September 4, 2014

July 3, 2014

April 13, 2014

File downloads found at URLs served by dlp.cloudsvr311.com.

URL:
http://dlp.cloudsvr311.com/

Title:
“cloudsvr311.com”

Web server:
nginx

Remove Malware from dlp.cloudsvr311.com - Powered by Reason Core Security