www.philipp-winterberg.com

Philipp Winterberg

Domain Information

The domain www.philipp-winterberg.com registered by Philipp Winterberg was initially registered in July of 2007 through 1 & 1 INTERNET AG. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Karlsruhe, Baden-Wurttemberg within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
1&1 INTERNET SE

Server location:
Baden-Wurttemberg, Germany (DE)

Create date:
Tuesday, July 31, 2007

Expires date:
Sunday, July 31, 2016

Updated date:
Sunday, February 14, 2016

ASN:
AS8560 ONEANDONE-AS 1&1 Internet AG

Scanner detections:
Detections  (82% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.PhilippBWinterberg.P, PUP.Installer.PhilippBWinterberg.Z, PUP.Installer.PhilippBWinterberg.X, PUP.Installer.PhilippBWinterberg.S, PUP.PhilippBWinterberg.Installer (M)
77.27%

Malwarebytes
PUP.Optional.OpenCandy
63.64%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5
59.09%

Trend Micro House Call
TROJ_GEN.F47V1210, Suspicious_GEN.F47V1201
59.09%

ESET NOD32
Win32/OpenCandy, Win32/Bundled.Toolbar.Ask (variant), Win32/OpenCandy (variant)
54.55%

G Data
NSIS.Application.OpenCandy, NSIS.Adware.SoftBundled
45.45%

ESET NOD32
Win32/OpenCandy potentially unsafe application, Detection.Undefined
36.36%

Dr.Web
Threat.Undefined, Adware.OpenCandy.7
31.82%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
27.27%

Agnitum Outpost
Riskware.OpenCandy
27.27%

Fortinet FortiGate
Riskware/OpenCandy
27.27%

Sophos
PUA.OpenCandy
27.27%

Clam AntiVirus
Win.Worm.Chir-314
4.55%

McAfee
Artemis!38D9742B7663
4.55%

McAfee Web Gateway
BehavesLike.Win32.Dropper.tc
4.55%

The domain www.philipp-winterberg.com has been seen to resolve to the following 3 IP addresses.

kundenserver.de
June 7, 2016

kundenserver.de
May 5, 2015

kundenserver.de
January 10, 2014

File downloads found at URLs served by www.philipp-winterberg.com.

3 / 68      (PUP)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (6150bbf91e2915607f214af02945da17)

10 / 68    (Adware)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (fd5e6139747179aff22241d9b7424a22)

2 / 68      (inconclusive)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (9c338a5796b81f670118f44588ca8ad4)

1 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (c9b432774a70723f79231f748176bd5e)

7 / 68      (Adware)

2 / 68      (Malware)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (489528785e0cd3d4ec91177a13cc493b)

10 / 68    (Adware)

7 / 68      (Adware)

1 / 68      (inconclusive)

1 / 68      (inconclusive)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (0a9bfd2f463af0b169254c70bec0a5ce)

1 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (edfa6bd93c4c5587e5c6fea500cbe323)

10 / 68    (Adware)

7 / 68      (Adware)

10 / 68    (Adware)

7 / 68      (Adware)

1 / 68      (inconclusive)

6 / 68      (Adware)

10 / 68    (Adware)

10 / 68    (Adware)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (85bd7967412201ed0c7816b825e5d2f9)

6 / 68      (Adware)

6 / 68      (Adware)

4 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (699e503af0cec2eb21c7591f85a1c7c2)

URL:
http://www.philipp-winterberg.com/

Title:
“Philipp Winterberg: Books, eBooks, Biography”

Description:
“Philipp Winterberg, author of 'Am I small?' etc.”

Web server:
Apache (PHP/5.5.34)

Facebook:
Shares:  10

Statistics are for the previous month.