www.opensubtitles.org

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain www.opensubtitles.org is registered by proxy through GoDaddy.com, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Bratislava, Bratislava within Slovakia which resides on the RIPE Network Coordination Centre network.
Remove Malware from www.opensubtitles.org - Powered by Reason Core Security
Registrar:
GoDaddy.com, LLC

Server location:
Bratislava, Slovakia (SK)

ASN:
AS42005 LIGHTSTORM-COMMUNICATIONS-SRO-SK-AS LightStorm Communications s.r.o.

Root domain:

Scanner detections:
Detections  (76% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.GTCONSULTORIAEMINFORMATICAA.T, PUP.FaglaroEnterprisesLimited.R, PUP.Installer.GTCONSULTORIAEMINFORMATICAA.W, PUP.GTCONSULTORIAEMINFORMATICAA.U, Adware.WebPick.Installer.N, PUP.OUTBROWSE.T, PUP.OUTBROWSE.X, PUP.OUTBROWSE.G, PUP.OUTBROWSE.EE, PUP.OUTBROWSE.i, PUP.OUTBROWSE.K, PUP.OUTBROWSE.v, PUP.Bundler.Outbrowse
86.36%

VIPRE Antivirus
ExpressFiles Installer, InstallCore, Threat.4150696, Threat.4784459, Threat.4721115
81.82%

Sophos
Express Files, Install Core Click run software, InstallRex, MultiPlug, OutBrowse Revenyou, PUA 'OutBrowse Revenyou', Mal/Sality-D
81.82%

Dr.Web
Adware.Toolbar.146, Trojan.Packed.24524, Trojan.WebPick.2452, Threat.Undefined, Adware.Downware.2081, Adware.Downware.2108
77.27%

Malwarebytes
PUP.Optional.ExpressFiles.A, PUP.Optional.InstalleRex, PUP.Optional.InstalRex, PUP.Optional.OutBrowse, PUP.Optional.BundleInstaller.A
72.73%

K7 Gateway Antivirus
Unwanted-Program , Virus
72.73%

K7 AntiVirus
Unwanted-Program , Virus
72.73%

Avira AntiVirus
ADWARE/Adware.Gen2, ADWARE/InstallCore.Gen7, ADWARE/InstallRex.Gen, Adware/InstallRex.A.3, APPL/Downloader.Gen, Adware/InstallRex.A.2
72.73%

McAfee
Artemis!3DF8716A2273, Artemis!077C56205D58, PUP-FHQ, Program.PUP-FMK, Adware-OutBrowse.a, Program.Adware-OutBrowse.b, W32/Sality.gen.z
68.18%

Antiy Labs AVL
Trojan/Win32.SGeneric, Trojan/Win32.TSGeneric, Riskware[:not-a-virus]/Win32.OutBrowse.g, RiskWare[Downloader:not-a-virus,HEUR]/Win32.AdLoad
68.18%

McAfee Web Gateway
Artemis!3DF8716A2273, Artemis!077C56205D58, PUP-FHQ, BehavesLike.Win32.AdwareOutBrowse.hc, BehavesLike.Win32.Downloader.fc
63.64%

Kaspersky
Trojan.Win32.AntiFW, not-a-virus:AdWare.Win32.OutBrowse, Virus.Win32.Sality
63.64%

G Data
Win32.Application.InstalleRex, Win32.Application.Outbrowse, Gen:Variant.Kazy.324119, Dropped:Application.Bundler.Outbrowse
63.64%

AVG
Generic, Win32/Sality
63.64%

avast!
Win32:Downloader-TSH [PUP], Win32:InstallCore-HG [PUP], Win32:InstalleRex-CD [PUP], Win32:InstalleRex-CH [PUP], Win32:Installer-AP [PUP]
54.55%

The domain www.opensubtitles.org has been seen to resolve to the following 3 IP addresses.

February 10, 2016

February 10, 2016

www.opensubtitles.org
December 27, 2013

File downloads found at URLs served by www.opensubtitles.org.

0 / 68

0 / 68
http://www.opensubtitles.org/en/download/.../6380854  (the.originals.s03.e06.beautiful.mistake..bul.1cd..zip)

0 / 68
http://www.opensubtitles.org/en/download/.../6344262  (sleepy.hollow.whispers.in.the.dark..bul.1cd..zip)

0 / 68
http://www.opensubtitles.org/en/download/.../6278476  (suits.uninvited.guests..eng.1cd..zip)

0 / 68
http://www.opensubtitles.org/en/download/.../6279482  (dark.matter.episode.1.11..eng.1cd..zip)

31 / 68    (Adware)

24 / 68    (Adware)

21 / 68    (Adware)

2 / 68      (Adware)

20 / 68    (Adware)

41 / 68    (PUP)
http://www.opensubtitles.org/en/download/sub/.../frre-1  (the-wolf-of-wall-street-eng-5486795.exe)

30 / 68    (Adware)

18 / 68    (Adware)
http://www.opensubtitles.org/en/.../up  (ruroni-kenshin-kyoto-taika-hen.exe)

18 / 68    (Adware)

18 / 68    (Adware)

2 / 68      (Adware)

2 / 68      (Adware)

2 / 68      (Adware)

4 / 68      (Adware)

28 / 68    (Adware)

2 / 68      (Adware)

 
Latest 30 of 46 download URLs

The following 13 files have been seen to comunicate with www.opensubtitles.org in live environments.

URL:
http://www.opensubtitles.org/

Google Analytics:
UA-436756

Title:
“Subtitles - download movie and TV Series subtitles from the biggest open subtitles database”

Description:
“Movie and TV Subtitles in multiple languages, thousands of translated subtitles uploaded daily. Free download from source, API support, millions of users.”

SSL certificate subject:
CN=sni222321.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx

Facebook:
Likes:  261
Shares:  1,518
Comments:  548

Statistics are for the previous month.

Remove Malware from www.opensubtitles.org - Powered by Reason Core Security