home

static.mailorama.fr

Rentabiliweb Europe

Domain Information

Currently this domain has been known to host various forms of malware. The hosted servers are located in Levallois-Perret, Ile-De-France within France which resides on the RIPE Network Coordination Centre network.
Registrar:
GANDI

Server location:
Ile-De-France, France (FR)

ASN:
AS34913 RENTABILIWEB Rentabiliweb Telecom,FR

Root domain:
mailorama.fr

Whois:
1 mailorama.fr record

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Optional.Rentabiliweb.Messanger.Installer.Meta (L)
100.00%

The domain static.mailorama.fr has been seen to resolve to the following IP address.

80.70.210.149
ht-vip-static.rtblw.com
April 7, 2016

File downloads found at URLs served by static.mailorama.fr.

1 / 68      (Malware)
http://static.mailorama.fr/.../mailoramaSetup.exe  (9bed024af382f46d4bb3b60fa8bdf545)

The following file have been seen to comunicate with static.mailorama.fr in live environments.

TCP » 80.70.210.149:80
MailoramaUpdater.exe (Updater)

URL:
http://static.mailorama.fr/

SSL certificate subject:
CN=*.mailorama.fr, OU=Domain Control Validated

SSL certificate issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."

Web server:
lighttpd/1.4.28

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.