home

mail2.idweb.fr

ID WEB

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Lyon, Rhone-Alpes within France which resides on the RIPE Network Coordination Centre network.
Registrar:
ONLINE SAS

Server location:
Rhone-Alpes, France (FR)

ASN:
AS12876 AS12876 ONLINE S.A.S.,FR

Root domain:
idweb.fr

Whois:
1 idweb.fr record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

McAfee
Artemis!3F3F4ED6EFB4
100.00%

K7 AntiVirus
Trojan
100.00%

Norman
Suspicious_Gen4.GCWBL
100.00%

Trend Micro House Call
TROJ_GEN.F47V0319
100.00%

Agnitum Outpost
PUP.Agent
100.00%

ESET NOD32
Win32/Keygen.HA potentially unsafe application
100.00%

IKARUS anti.virus
possible-Threat.Patch-Crack-XForce
100.00%

Fortinet FortiGate
Riskware/KeyGen
100.00%

Emsisoft Anti-Malware
Riskware.Win32.Keygen
100.00%

The domain mail2.idweb.fr has been seen to resolve to the following IP address.

62.210.132.38
mail2-online.idweb.fr
April 20, 2014

File downloads found at URLs served by mail2.idweb.fr.

9 / 68      (PUP)
http://mail2.idweb.fr/webmail/api/download/attachment/cd010bde-026b-41fe-a1b2-97c8c3aa8194/363/.../xf-adsk2015_x86.exe  (3f3f4ed6efb457de39ce30ea42b83b5c)

URL:
http://mail2.idweb.fr/

SSL certificate subject:
CN=*.idweb.fr, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)14, OU=GT48976393, SERIALNUMBER=3PDpkwMMciN5oipB9B743nu4ttjtCNG4

SSL certificate issuer:
CN=RapidSSL CA, O="GeoTrust, Inc.", C=US

Web server:
Kerio Connect 8.2.4

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.