smileyswelove.com

1&1 Internet Inc

Domain Information

The domain smileyswelove.com registered by 1&1 Internet Inc was initially registered in November of 2011 through 1 & 1 INTERNET AG. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
1&1 INTERNET SE

Server location:
Virginia, United States (US)

Create date:
Wednesday, November 23, 2011

Expires date:
Wednesday, November 23, 2016

Updated date:
Sunday, February 14, 2016

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/OpenCandy
100.00%

Reason Heuristics
PUP.Installer.SqueakyChocolate.Y
100.00%

Malwarebytes
PUP.Optional.OpenCandy
50.00%

Trend Micro House Call
TROJ_GEN.F47V0727
50.00%

Vba32 AntiVirus
AdWare.OpenCandy
50.00%

Fortinet FortiGate
Adware/OpenCandy
50.00%

Dr.Web
Adware.Conduit.3
50.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
50.00%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5
50.00%

Emsisoft Anti-Malware
Gen:Variant.Kazy.310696
50.00%

The domain smileyswelove.com has been seen to resolve to the following 3 IP addresses.

April 22, 2016

April 22, 2016

ec2-50-16-191-137.compute-1.amazonaws.com
November 16, 2013

File downloads found at URLs served by smileyswelove.com.

2 / 68      (Adware)
http://smileyswelove.com/.../smileyswelove_full_setup.exe  (69899494e6baa8b16ee6d6a057c944d9)

10 / 68    (Adware)
http://smileyswelove.com/.../smileyswelove_full_setup.exe  (5579526c09eca56203f6c643cfc0c7ce)

December 22, 2014

URL:
http://smileyswelove.com/

Google Analytics:
UA-45297198

Title:
“Free Smileys & Emoticons”

Description:
“Free smileys and memes for Twitter, Facebook, GMail, Internet Explorer, Chrome, Hotmail and other chat and e-mail programs.”

Network:
Amazon Web Services (AWS), running an EC2 instance

SSL certificate subject:
CN=ssl278421.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx (ASP.NET) (Version: 4.0.30319)

Facebook:
Likes:  17
Shares:  1
Comments:  39

Statistics above are for the previous month of September 2017.