installs.dealply.com

Deal Ply Technologies Ltd.

Domain Information

The domain installs.dealply.com registered by Deal Ply Technologies Ltd. was initially registered in January of 2011 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the RIPE Network Coordination Centre network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC

Server location:
Dublin City, Ireland (IE)

Create date:
Monday, January 31, 2011

Expires date:
Wednesday, January 31, 2018

Updated date:
Wednesday, January 27, 2016

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.DealPly.H, PUP.BrowserOptOut.DealPly.N, PUP.DealPly.Installer (M)
100.00%

VIPRE Antivirus
Adware.DealPly
75.00%

McAfee
Artemis!D2389E42ABFF, Artemis!A2D01C19AD2F
50.00%

Trend Micro House Call
TROJ_GEN.F47V0510
50.00%

Dr.Web
Adware.Shopper.328
50.00%

McAfee Web Gateway
Artemis!D2389E42ABFF
50.00%

Emsisoft Anti-Malware
Trojan.Win32.DealPly.AMN
50.00%

ESET NOD32
Win32/DealPly (variant)
50.00%

Malwarebytes
PUP.Optional.Dealply
50.00%

avast!
Win32:DealPly-A [PUP]
50.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
50.00%

Microsoft Security Essentials
Adware:Win32/DealPly
50.00%

K7 AntiVirus
Trojan
50.00%

K7 Gateway Antivirus
Trojan
50.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Signed-Adware.DealPly
50.00%

The domain installs.dealply.com has been seen to resolve to the following 7 IP addresses.

s3-1.amazonaws.com
May 24, 2016

s3-1.amazonaws.com
April 7, 2016

s3-1.amazonaws.com
April 5, 2016

s3-1.amazonaws.com
November 29, 2014

s3-1.amazonaws.com
April 23, 2014

s3-1.amazonaws.com
April 23, 2014

s3-1.amazonaws.com
November 19, 2013

File downloads found at URLs served by installs.dealply.com.

1 / 68      (Adware)

17 / 68    (Adware)

1 / 68      (Adware)

20 / 68    (Adware)
http://installs.dealply.com/latest/dir/.../dealply.exe  (a2d01c19ad2fb73baf7acbba09346492)

3 / 68      (Adware)

3 / 68      (Adware)

18 / 68    (Adware)

18 / 68    (Adware)

The following 34 files have been seen to comunicate with installs.dealply.com in live environments.

 
Latest 20 of 48 files

URL:
http://installs.dealply.com/

Network:
Amazon Web Services (AWS)

Web server:
AmazonS3