files.redkawa.net

WHOISGUARD

Domain Information

The domain files.redkawa.net registered by WHOISGUARD was initially registered in September of 2006 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Atlanta, Georgia within the United States which resides on the RamNode LLC network.
Registrar:
ENOM, INC.

Server location:
Georgia, United States (US)

Create date:
Saturday, September 23, 2006

Expires date:
Saturday, September 23, 2017

Updated date:
Friday, January 15, 2016

ASN:
AS3842 RAMNODE - RamNode LLC, US

Root domain:

Scanner detections:
Detections  (58% detected)

Scan engine
Details
Detections

Malwarebytes
PUP.Optional.OpenCandy
85.00%

ESET NOD32
Win32/OpenCandy (variant), Win32/OpenCandy.C potentially unsafe (variant)
85.00%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5, Trojan.Win32.Generic.12F93CE6, Trojan.Win32.Generic.13167F1E, PE:PUF.OpenCandy!1.9DE5[F1]
75.00%

McAfee
Artemis!8085E77E36C8, Artemis!98F8C4D51CEA, Artemis!6AE08F91ED79, Artemis!373DDA8F64F5, Artemis!FC7A3C3D9D44, Artemis!A0BA694EBF05, Artemis!D3B82CB43BF9, Artemis!CA8A9D8CF959
55.00%

VIPRE Antivirus
Opencandy, Trojan.Win32.Generic, OpenCandy (PUA) (not malicious)
55.00%

McAfee Web Gateway
Artemis!8085E77E36C8, Artemis!98F8C4D51CEA, Artemis!373DDA8F64F5, BehavesLike.Win32.Suspicious.wc
50.00%

Reason Heuristics
PUP.OpenCandy (M), PUP.OpenCandy.Installer (L)
45.00%

G Data
NSIS.Application.OpenCandy, Win32.Adware.OpenCandy, Win32.Application.OpenCandy
45.00%

AVG
OpenCandy
45.00%

K7 Gateway Antivirus
Dialer , Trojan , Unwanted-Program
40.00%

Dr.Web
Adware.Conduit.57, Adware.OpenCandy.152
35.00%

K7 AntiVirus
Trojan , Unwanted-Program
35.00%

NANO AntiVirus
Riskware.Win32.OpenCandy.dqxwfm
35.00%

F-Prot
W32/OpenCandy.A2.gen, W32/OpenCandy.A.gen
35.00%

Baidu Antivirus
Trojan.Win32.OpenCandy, Adware.Win32.OpenCandy
20.00%

The domain files.redkawa.net has been seen to resolve to the following 4 IP addresses.

September 4, 2016

us.verheij.com
July 23, 2016

July 4, 2016

184.172.114.218-static.reverse.softlayer.com
April 26, 2014

File downloads found at URLs served by files.redkawa.net.

17 / 68    (PUP)

3 / 68      (PUP)

15 / 68    (PUP)

2 / 68      (PUP)

4 / 68      (PUP)

17 / 68    (PUP)

3 / 68      (PUP)

16 / 68    (PUP)

5 / 68      (PUP)

4 / 68      (PUP)

8 / 68      (PUP)

4 / 68      (PUP)

URL:
http://files.redkawa.net/

Web server:
Apache