fabianclub.opendrive.com

OpenDrive, Inc.

Domain Information

The domain fabianclub.opendrive.com registered by OpenDrive, Inc. was initially registered in April of 2003 through 007NAMES, INC.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Palo Alto, California within the United States which resides on the PSINet, Inc. network.
Registrar:
007NAMES, INC.

Server location:
California, United States (US)

Create date:
Sunday, April 13, 2003

Expires date:
Thursday, April 13, 2017

Updated date:
Wednesday, March 16, 2016

ASN:
AS174 COGENT-174 - Cogent Communications,US

Root domain:

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

MicroWorld eScan
Gen:Heur.SMHeist.3
100.00%

K7 AntiVirus
Exploit
100.00%

Bitdefender
Gen:Heur.SMHeist.3
100.00%

Lavasoft Ad-Aware
Gen:Heur.SMHeist.3
100.00%

F-Secure
Gen:Heur.SMHeist.3
100.00%

VIPRE Antivirus
Trojan.Win32.Generic
100.00%

Trend Micro
TROJ_GEN.R047C0OCB15
100.00%

Emsisoft Anti-Malware
Gen:Heur.SMHeist
100.00%

Arcabit
Trojan.SMHeist.3
100.00%

G Data
Gen:Heur.SMHeist
100.00%

McAfee
Artemis!A27F90407698
100.00%

Panda Antivirus
Trj/CI.A
100.00%

IKARUS anti.virus
Win32.SuspectCrc
100.00%

Qihoo 360 Security
HEUR/QVM05.1.Malware.Gen
100.00%

The domain fabianclub.opendrive.com has been seen to resolve to the following 3 IP addresses.

s3.opendrive.com
April 9, 2016

April 9, 2016

s4.opendrive.com
April 9, 2016

File downloads found at URLs served by fabianclub.opendrive.com.

14 / 68    (Malware)

The following file have been seen to comunicate with fabianclub.opendrive.com in live environments.

URL:
http://fabianclub.opendrive.com/

Google Analytics:
UA-4872284

Title:
“OpenDrive All-in-One Cloud Storage”

Description:
“Unlimited cloud storage, backup and cloud content management used by over 1 million users and businesses to collaborate on files in the cloud.”

SSL certificate subject:
CN=*.opendrive.com, OU=COMODO SSL Wildcard, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
lighttpd