nl.afterdawn.com

AfterDawn Oy

Domain Information

The domain nl.afterdawn.com registered by AfterDawn Oy was initially registered in March of 1999 through CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM. This domain has been seen distributing various forms of adware (some being very aggressive) directly or via bundled installations. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network. The domain is associated with the publisher AfterDawn who is located in Oulu, Finland.
Registrar:
CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Wednesday, March 31, 1999

Expires date:
Sunday, March 31, 2019

Updated date:
Tuesday, February 11, 2014

ASN:
AS16265 LEASEWEB LeaseWeb B.V.

Root domain:

Scanner detections:
Adware distribution

Scan engine
Details
Detections

Reason Heuristics
PUP.MusicLab.M, PUP.Installer.Perion.T, PUP.Optional.Musiclab.Installer, PUP.OpenCandy.Installer (L), PUP.chenjunhao.Installer (M)
46.67%

ESET NOD32
MSIL/AdvancedSystemProtector, Win32/OpenCandy, Win32/OpenCandy.C potentially unsafe (variant), Win32/Toptools.A potentially unwanted (variant), Win32/OpenCandy.A potentially unsafe (variant)
33.33%

Dr.Web
Adware.OpenCandy.7, Adware.IncrediMail.14, Adware.IncrediMail.36, Program.Unwanted.603, Adware.Toolbar.576
33.33%

Jiangmin
TrojanDownloader.Agent.flzz, Trojan/Vobfus.aelt
13.33%

Trend Micro House Call
Suspicious_GEN.F47V0815, Suspicious_GEN.F47V0413
13.33%

McAfee Web Gateway
Artemis!A1630F4BDF5C, BehavesLike.Win32.Picsys.tc
13.33%

AVG
OpenCandy, Generic
13.33%

IKARUS anti.virus
not-a-virus:AdWare.Win32.Mostofate.j, PUA.OpenCandy
13.33%

Qihoo 360 Security
HEUR/QVM19.1.Malware.Gen, QVM06.1.Malware.Gen
13.33%

Fortinet FortiGate
Riskware/OpenCandy
13.33%

Rising Antivirus
PE:Malware.RDM.34!5.28[F1], PE:Trojan.Win32.SpeedingUpMyPC.a!1075357520
13.33%

Kingsoft AntiVirus
Win32.Malware.Heur_Generic.A.(kcloud)
6.67%

McAfee
Artemis!A1630F4BDF5C
6.67%

Kaspersky
Trojan-Banker.Win32.ChePro
6.67%

Agnitum Outpost
Trojan.Kryptik
6.67%

The domain nl.afterdawn.com has been seen to resolve to the following IP address.

varnish.afterdawn.net
December 27, 2013

File downloads found at URLs served by nl.afterdawn.com.

 
Latest 30 of 113 download URLs

The following 3 files have been seen to comunicate with nl.afterdawn.com in live environments.

URL:
http://nl.afterdawn.com/

Google Analytics:
UA-2099875

Title:
“AfterDawn - Nieuws en software downloads”

Description:
“Laatste technologisch nieuws, handleidingen, product besprekingen en software downloads.”

Facebook:
Likes:  2
Shares:  6

Statistics are for the previous month.