The domain clic.hexaweb.net is registered by proxy through ENOM, INC. and was originally registered in April of 2011. Currently this domain has been known to host various forms of malware. The hosted servers are located in Muenchen, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Bayern, Germany (DE)
Saturday, April 02, 2011
Thursday, April 02, 2020
Thursday, October 17, 2013
AS51167 CONTABO Contabo GmbH
Malware distribution (60% detected)
Trend Micro House Call
TROJ_GEN.F47V0923, TROJ_SPNR.3AJE13, TROJ_GEN.F47V0615, TROJ_GEN.R0CBOH0IQ13
Trojan-Downloader.Win32.Genome, HEUR:Trojan-Downloader.Win32.Generic, not-a-virus:Downloader.NSIS.Agent, Trojan-Dropper.MSIL.Agent
Antiy Labs AVL
suspected of Trojan.Downloader.gen.h, TrojanDropper.MSIL.Agent
RDN/Generic Downloader.x!il, RDN/Generic Dropper!rm
Win32:Dropper-gen [Drp], Win32:Solimba-C [PUP]
McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious.H, RDN/Generic Dropper!rm
The domain clic.hexaweb.net has been seen to resolve to the following IP address.
January 10, 2014
File downloads found at URLs served by clic.hexaweb.net.
Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/220.127.116.1135 (PHP/5.3.18)