# site-m2mab9rxp.godaddysites.com — MALICIOUS

> site-m2mab9rxp.godaddysites.com is a crypto drainer impersonating OrangeMail Portail. Flagged by 16 of 95 VirusTotal vendors.

## Summary
PhishDestroy identifies site-m2mab9rxp.godaddysites.com as an active crypto drainer posing as the OrangeMail Portail login portal. The domain is currently operational and distributing malicious payloads designed to steal cryptocurrency wallet credentials. Users attempting to access this site risk unauthorized fund transfers and wallet compromise.  

This domain was flagged by 16 of 95 VirusTotal security vendors, indicating a high detection rate among industry tools. Registered through GoDaddy.com, LLC, it resolves to IP 13.248.243.5 and was created on November 18, 2013. The domain appears on 1 security blocklist and holds low trust scores across threat intelligence platforms. Its SSL certificate, issued by GoDaddy.com, Inc., provides a false sense of legitimacy despite malicious activity.  

Given the elevated risk and confirmed malicious intent, PhishDestroy strongly advises against interacting with this domain. Users who have encountered this site should immediately revoke any connected wallet permissions and scan their devices for malware. For verification, cross-check unknown domains using PhishDestroy’s threat database before entering credentials or downloading files.

## Threat Details
- Verdict: MALICIOUS
- Site status: cloaking (HTTP ?)
- Page title: orangemailportail

## Domain Intelligence
- Registered: 2013-11-18 17:08:35
- Registrar: GoDaddy.com, LLC
- IP: 13.248.243.5

## Detection Status
- VirusTotal: 16 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OISD"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/ab2bdad8-124b-4a2f-86a7-c998fd906997
- PhishDestroy: https://phishdestroy.io/domain/site-m2mab9rxp.godaddysites.com/
- LLM endpoint: https://phishdestroy.io/domain/site-m2mab9rxp.godaddysites.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/site-m2mab9rxp.godaddysites.com/
Last updated: 2026-04-14