home

orbitum.com

Nadevia Inc.

Domain Information

The domain orbitum.com registered by Nadevia Inc. was initially registered in July of 2005 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Registrar:
INTERNET DOMAIN SERVICE BS CORP

Server location:
Nord-Pas-De-Calais, France (FR)

Create date:
Sunday, July 17, 2005

Expires date:
Saturday, July 17, 2021

Updated date:
Wednesday, February 17, 2016

ASN:
AS16276 OVH OVH SAS, FR

Whois:
6 orbitum.com records

Scanner detections:
Detections  (66% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Orbitum (L), PUP.Orbitum.Bergariu.Installer.Meta (L), PUP.Softpulse (M), PUP.InstallCore.FC (M)
97.06%

Dr.Web
Adware.Downware.11262, Adware.Downware.14130
5.88%

The domain orbitum.com has been seen to resolve to the following 8 IP addresses.

193.0.201.27
May 25, 2016

176.31.227.134
ns3032477.ip-176-31-227.eu
April 19, 2016

163.172.5.179
163-172-5-179.rev.poneytelecom.eu
April 18, 2016

37.19.5.151
September 10, 2015

62.210.112.55
62-210-112-55.rev.poneytelecom.eu
August 13, 2015

212.83.184.117
212-83-184-117.rev.poneytelecom.eu
August 13, 2015

62.152.34.182
msk-f746.host-telecom.com
May 21, 2014

92.241.182.194
May 21, 2014

File downloads found at URLs served by orbitum.com.

0 / 68
http://orbitum.com/setup.php  (setup.exe)

1 / 68      (PUP)
http://orbitum.com/?drlink=true&ref=true&ref_id=Alimpus  (setup.exe)

1 / 68      (inconclusive)
https://orbitum.com/setup.php?make_chrome_default=on&set_autorun=on&empty=1  (setup.exe)

2 / 68      (PUP)
https://orbitum.com/es/.../  (setup.exe)

1 / 68      (PUP)
http://orbitum.com/es/.../  (setup.exe)

The following 112 files have been seen to comunicate with orbitum.com in live environments.

TCP » 37.19.5.151:80
auth-prod.crx

TCP » 37.19.5.151:80
ohcat_producation.crx

TCP » 37.19.5.151:80
ohcat_producation.crx

TCP » 37.19.5.151:80
myspeed_en.crx

TCP » 37.19.5.151:80
sidebar-prod.crx

TCP » 37.19.5.151:80
auth-prod.crx

TCP » 37.19.5.151:80
vk_theme.crx

TCP » 37.19.5.151:80
ohcat_producation.crx

TCP » 37.19.5.151:80
auth-prod.crx

TCP » 37.19.5.151:80
myspeed_en.crx

TCP » 37.19.5.151:80
sidebar-prod.crx

TCP » 37.19.5.151:80
auth-prod.crx

TCP » 37.19.5.151:80
sidebar-prod.crx

TCP » 37.19.5.151:80
auth-prod.crx

TCP » 62.152.34.182:80
vk_theme.crx

TCP » 62.152.34.182:80
auth-prod.crx

TCP » 62.152.34.182:80
auth-prod.crx

TCP » 62.152.34.182:80
auth-prod.crx

TCP » 62.152.34.182:80
ohcat_producation.crx

TCP » 62.152.34.182:80
auth-prod.crx

 
Latest 20 of 112 files

July 22, 2016
cdn.orbitum.com

June 18, 2016
fb.orbitum.com

March 13, 2016
www.orbitum.com

URL:
http://orbitum.com/

SSL certificate subject:
CN=*.orbitum.com, OU=EssentialSSL Wildcard, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
nginx/1.6.3 (PHP/5.4.16)

Facebook:
Likes:  90
Shares:  270
Comments:  59

Statistics above are for the previous month of March 2024.

orbitum.me

orbitumsoftware.ru

agentvkontakte.ru

orbitum.ru

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.