» www.philipp-winterberg.de
Overview
Analysis
IPs Addresses (2)
Downloads (3)
Related Domains (3)

www.philipp-winterberg.de

Domain Information

Server location:

Baden-Wurttemberg, Germany (DE)

ASN:

AS8560 ONEANDONE-AS 1&1 Internet AG

Root domain:

philipp-winterberg.de

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Installer.PhilippBWinterberg.P, PUP.PhilippBWinterberg.Installer (M)

100.00%

Malwarebytes

PUP.Optional.OpenCandy

66.67%

Trend Micro House Call

TROJ_GEN.F47V1210

66.67%

Agnitum Outpost

Riskware.OpenCandy

66.67%

Dr.Web

Adware.OpenCandy.7

66.67%

ESET NOD32

Win32/OpenCandy potentially unsafe application

66.67%

Rising Antivirus

PE:PUF.OpenCandy!1.9DE5

66.67%

Fortinet FortiGate

Riskware/OpenCandy

66.67%

Sophos

PUA.OpenCandy

66.67%

G Data

NSIS.Application.OpenCandy

66.67%

The domain www.philipp-winterberg.de has been seen to resolve to the following 2 IP addresses.

82.165.81.19

kundenserver.de

February 28, 2016

212.227.30.176

kundenserver.de

May 1, 2014

File downloads found at URLs served by www.philipp-winterberg.de.

1 / 68 (Adware)

http://www.philipp-winterberg.de/.../InstallRarZilla.exe (c9b432774a70723f79231f748176bd5e)

10 / 68 (Adware)

http://www.philipp-winterberg.de/.../InstallRarZilla.exe (fd5e6139747179aff22241d9b7424a22)

10 / 68 (Adware)

http://www.philipp-winterberg.de/.../InstallRarZilla.exe (85bd7967412201ed0c7816b825e5d2f9)

Related Domains

philipp-winterberg.com

rar-file-open-knife.com

philippwinterberg.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.