sf-addon.com

Domain Privacy Service FBO Registrant.  (Proxy Registrant)

Domain Information

The domain sf-addon.com is registered by proxy through DOMAIN.COM, LLC and was originally registered in July of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Berlin, Berlin within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
DOMAIN.COM, LLC

Server location:
Berlin, Germany (DE)

Create date:
Friday, July 26, 2013

Expires date:
Wednesday, July 26, 2017

Updated date:
Sunday, April 12, 2015

ASN:
AS24940 HETZNER-AS Hetzner Online GmbH,DE

Scanner detections:
Detections  (64% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SaveForm.Optional.Installer.Meta (L), PUP.Magicbit.Savefrom.Meta (M), PUP.Magicbit.Downloader.Meta (M), PUP.Magicbit.Savefrom.Meta (L)
88.89%

ESET NOD32
Win32/OpenCandy.C potentially unsafe application, Win32/Magicbit.C potentially unwanted application, Win32/Magicbit.D potentially unwanted application
33.33%

AVG
OpenCandy, Generic
22.22%

Dr.Web
Threat.Undefined
11.11%

Antiy Labs AVL
Trojan/Win32.TSGeneric
11.11%

herdProtect (fuzzy)
a variant of 87c9032edc09370a9589041dd5f929e5c3c5029e
11.11%

ByteHero BDV
Trojan.Malware.Obscu.Gen.001
11.11%

The domain sf-addon.com has been seen to resolve to the following 3 IP addresses.

2582e75b.rdns.100tb.com
September 4, 2016

static.155.42.243.136.clients.your-server.de
December 7, 2015

mail.2iki.net
February 7, 2014

File downloads found at URLs served by sf-addon.com.

2 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

5 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

 
Latest 30 of 10,097 download URLs

The following 173 files have been seen to comunicate with sf-addon.com in live environments.

 
Latest 20 of 231 files

URL:
http://sf-addon.com/

Title:
“SF Addon”

SSL certificate subject:
E=webmaster@sf-addon.com, CN=*.sf-addon.com, O=Mikhail Samokhvalov, L=Saint Petersburg, S=Saint Petersburg City, C=RU

SSL certificate issuer:
CN=StartCom Class 2 Primary Intermediate Server CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Web server:
nginx

Facebook:
Shares:  1
Comments:  13

Statistics above are for the previous month of September 2017.