The domain cdn.openthefile.net is registered by proxy through NAME.COM, INC. and was originally registered in May of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrant:
Whois Privacy Protection Service, Inc.
Server location:
Virginia, United States (US)
Create date:
Monday, May 19, 2014
Expires date:
Thursday, May 19, 2016
Updated date:
Thursday, April 9, 2015
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Scanner detections:
Detections (92% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.installCore, PUP.installCore, PUP.Bundler.installCore, PUP.installCore.GloritySoftware.Installer (M)
100.00%
Avira AntiVirus
ADWARE/InstallCore.Gen9
81.82%
Trend Micro House Call
TROJ_GEN.R02SC0OJP14, Suspicious_GEN.F47V1213, Suspicious_GEN.F47V1218, Suspicious_GEN.F47V0107
63.64%
VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696
63.64%
Sophos
Generic PUA MH, Generic PUA KK, Generic PUA DK, Generic PUA AG, Generic PUA BJ
63.64%
ESET NOD32
Win32/InstallCore.QW (variant), Win32/InstallCore.RG (variant), Win32/InstallCore.SX (variant), Win32/InstallCore.SX potentially unwanted (variant)
63.64%
McAfee
Artemis!EB02E8603265, Artemis!9165FC53B41A, Artemis!45363E8641CD, Artemis!6929EF963C44, Artemis!B06DD8DC654C
54.55%
Baidu Antivirus
Adware.Win32.InstallCore
54.55%
Fortinet FortiGate
Riskware/InstallCore
54.55%
K7 AntiVirus
Trojan
54.55%
Qihoo 360 Security
Win32/Virus.Adware.f22
45.45%
G Data
Win32.Application.InstallCore.BP, Win32.Application.Agent.YW1GOK, Win32.Application.Agent.7UJ2HR
36.36%
NANO AntiVirus
Riskware.Win32.InstallCore.dfgops, Riskware.Win32.InstallCore.dmhfys
36.36%
Dr.Web
MULDROP.Trojan, Adware.InstallCore.491
27.27%
Trend Micro
TROJ_GEN.R02SC0OJP14, TROJ_GEN.R0C1C0OB815
27.27%
The domain cdn.openthefile.net has been seen to resolve to the following 49 IP addresses.
server-54-230-19-89.iad12.r.cloudfront.net
March 28, 2015
server-54-230-18-221.iad12.r.cloudfront.net
March 28, 2015
server-54-230-18-206.iad12.r.cloudfront.net
March 28, 2015
server-54-230-17-22.iad12.r.cloudfront.net
March 28, 2015
server-54-230-16-29.iad12.r.cloudfront.net
March 26, 2015
server-54-240-160-112.iad12.r.cloudfront.net
March 26, 2015
server-54-230-18-43.iad12.r.cloudfront.net
March 26, 2015
server-54-230-18-23.iad12.r.cloudfront.net
March 26, 2015
server-54-230-18-22.iad12.r.cloudfront.net
March 26, 2015
server-54-230-17-217.iad12.r.cloudfront.net
March 26, 2015
server-54-230-16-180.iad12.r.cloudfront.net
March 26, 2015
server-54-230-16-171.iad12.r.cloudfront.net
March 26, 2015
server-54-230-18-13.iad12.r.cloudfront.net
March 13, 2015
server-54-230-16-54.iad12.r.cloudfront.net
March 13, 2015
server-54-240-160-239.iad12.r.cloudfront.net
March 13, 2015
server-54-230-19-184.iad12.r.cloudfront.net
March 13, 2015
server-54-230-19-116.iad12.r.cloudfront.net
March 13, 2015
server-54-230-18-212.iad12.r.cloudfront.net
March 13, 2015
server-54-230-102-216.iad2.r.cloudfront.net
March 13, 2015
server-54-230-19-181.iad12.r.cloudfront.net
February 7, 2015
server-54-230-19-173.iad12.r.cloudfront.net
February 7, 2015
server-54-230-18-219.iad12.r.cloudfront.net
February 7, 2015
server-54-230-18-129.iad12.r.cloudfront.net
February 7, 2015
server-54-230-16-150.iad12.r.cloudfront.net
February 7, 2015
server-54-230-16-83.iad12.r.cloudfront.net
February 7, 2015
server-54-240-160-176.iad12.r.cloudfront.net
February 7, 2015
server-54-240-160-118.iad12.r.cloudfront.net
February 7, 2015
server-54-230-18-78.iad12.r.cloudfront.net
February 2, 2015
server-54-230-17-243.iad12.r.cloudfront.net
February 2, 2015
server-54-230-17-49.iad12.r.cloudfront.net
February 2, 2015
Showing 30 of 49 IP Addresses
File downloads found at URLs served by cdn.openthefile.net.
The following 5 files have been seen to comunicate with cdn.openthefile.net in live environments.