home

www.philipp-winterberg.com

Philipp Winterberg

Domain Information

The domain www.philipp-winterberg.com registered by Philipp Winterberg was initially registered in July of 2007 through 1 & 1 INTERNET AG. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Karlsruhe, Baden-Wurttemberg within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
1&1 INTERNET SE

Server location:
Baden-Wurttemberg, Germany (DE)

Create date:
Tuesday, July 31, 2007

Expires date:
Sunday, July 31, 2016

Updated date:
Sunday, February 14, 2016

ASN:
AS8560 ONEANDONE-AS 1&1 Internet AG

Root domain:
philipp-winterberg.com

Whois:
3 philipp-winterberg.com records

Scanner detections:
Detections  (82% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.PhilippBWinterberg.P, PUP.Installer.PhilippBWinterberg.Z, PUP.Installer.PhilippBWinterberg.X, PUP.Installer.PhilippBWinterberg.S, PUP.PhilippBWinterberg.Installer (M)
77.27%

Malwarebytes
PUP.Optional.OpenCandy
63.64%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5
59.09%

Trend Micro House Call
TROJ_GEN.F47V1210, Suspicious_GEN.F47V1201
59.09%

ESET NOD32
Win32/OpenCandy, Win32/Bundled.Toolbar.Ask (variant), Win32/OpenCandy (variant)
54.55%

G Data
NSIS.Application.OpenCandy, NSIS.Adware.SoftBundled
45.45%

ESET NOD32
Win32/OpenCandy potentially unsafe application, Detection.Undefined
36.36%

Dr.Web
Threat.Undefined, Adware.OpenCandy.7
31.82%

Agnitum Outpost
Riskware.OpenCandy
27.27%

Fortinet FortiGate
Riskware/OpenCandy
27.27%

Sophos
PUA.OpenCandy
27.27%

Clam AntiVirus
Win.Worm.Chir-314
4.55%

McAfee
Artemis!38D9742B7663
4.55%

F-Prot
W32/OpenCandy.B (exact, not disinfectable)
4.55%

The domain www.philipp-winterberg.com has been seen to resolve to the following 3 IP addresses.

217.160.223.102
kundenserver.de
June 7, 2016

82.165.81.19
kundenserver.de
May 5, 2015

212.227.30.176
kundenserver.de
January 10, 2014

File downloads found at URLs served by www.philipp-winterberg.com.

3 / 68      (PUP)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (6150bbf91e2915607f214af02945da17)

10 / 68    (Adware)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (fd5e6139747179aff22241d9b7424a22)

2 / 68      (inconclusive)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (9c338a5796b81f670118f44588ca8ad4)

1 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (c9b432774a70723f79231f748176bd5e)

6 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallFreeRARExtractFrog.exe  (674452b9076213b0adcfa4b2cd49de56)

2 / 68      (Malware)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (489528785e0cd3d4ec91177a13cc493b)

10 / 68    (Adware)
http://www.philipp-winterberg.com/.../InstallRARFileOpenKnife.exe  (baf0369543b3c28302e65601581d7245)

6 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallFreeRARExtractFrog.exe  (248d7a8c13d8e1e0fdec6cf4814cef55)

1 / 68      (inconclusive)
http://www.philipp-winterberg.com/.../InstallFreeRARExtractFrog.exe  (87126dbadc3354796e8f934ea8c9e8d2)

1 / 68      (inconclusive)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (0a9bfd2f463af0b169254c70bec0a5ce)

1 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (edfa6bd93c4c5587e5c6fea500cbe323)

10 / 68    (Adware)
http://www.philipp-winterberg.com/.../InstallRARFileOpenKnife.exe  (6621d7ffb03529b2fe9ee8db437b6249)

6 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallFreeRARExtractFrog.exe  (766b48a2476a7fda987e616a311aac6a)

10 / 68    (Adware)
http://www.philipp-winterberg.com/.../InstallRARFileOpenKnife.exe  (fa5ce77a07861d7b6992f5d74434fdbb)

6 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallRARFileOpenKnife.exe  (install55rarfileopenknife.exe)

1 / 68      (inconclusive)
http://www.philipp-winterberg.com/.../InstallFreeRARExtractFrog.exe  (e7b9055ea39e3060cb4165277f73272c)

5 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallFreeRARExtractFrog.exe  (98fbe76504385f55252682be392cdaab)

10 / 68    (Adware)
http://www.philipp-winterberg.com/.../InstallRARFileOpenKnife.exe  (551a2b0eebaf43faa2e21342a827f49f)

10 / 68    (Adware)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (85bd7967412201ed0c7816b825e5d2f9)

5 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallFreeRARExtractFrog.exe  (b18a6c0c63ae25dcd992fd575a4edeff)

5 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallFreeRARExtractFrog.exe  (3783c1220eac79e434da659ca5363c70)

4 / 68      (Adware)
http://www.philipp-winterberg.com/.../InstallRarZilla.exe  (699e503af0cec2eb21c7591f85a1c7c2)

URL:
http://www.philipp-winterberg.com/

Title:
“Philipp Winterberg: Books, eBooks, Biography”

Description:
“Philipp Winterberg, author of 'Am I small?' etc.”

Web server:
Apache (PHP/5.5.34)

Facebook:
Shares:  10

Statistics are for the previous month.

philipp-winterberg.de

rar-file-open-knife.com

des-geyers-schwarzer-haufen.de

philippwinterberg.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.