clic.hexaweb.net

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain clic.hexaweb.net is registered by proxy through ENOM, INC. and was originally registered in April of 2011. Currently this domain has been known to host various forms of malware. The hosted servers are located in Muenchen, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Remove Malware from clic.hexaweb.net - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Bayern, Germany (DE)

Create date:
Saturday, April 02, 2011

Expires date:
Thursday, April 02, 2020

Updated date:
Thursday, October 17, 2013

ASN:
AS51167 CONTABO Contabo GmbH

Root domain:

Scanner detections:
Malware distribution  (60% detected)

Scan engine
Details
Detections

Trend Micro House Call
TROJ_GEN.F47V0923, TROJ_SPNR.3AJE13, TROJ_GEN.F47V0615, TROJ_GEN.R0CBOH0IQ13
100.00%

Kaspersky
Trojan-Downloader.Win32.Genome, HEUR:Trojan-Downloader.Win32.Generic, not-a-virus:Downloader.NSIS.Agent, Trojan-Dropper.MSIL.Agent
100.00%

Antiy Labs AVL
Trojan/Win32.Generic, Trojan[Backdoor]/Win32.ZAccess
75.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, TrojanDropper.MSIL.Agent
75.00%

McAfee
RDN/Generic Downloader.x!il, RDN/Generic Dropper!rm
50.00%

Norman
Suspicious_Gen4.EZJSO, Suspicious_Gen4.FADJM
50.00%

avast!
Win32:Dropper-gen [Drp], Win32:Solimba-C [PUP]
50.00%

VIPRE Antivirus
Trojan-Downloader.NSIS.Agent.nom, DownloadMR
50.00%

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious.H, RDN/Generic Dropper!rm
50.00%

Kingsoft AntiVirus
Win32.Troj.Undef.(kcloud)
50.00%

Baidu Antivirus
Trojan.MSIL.Dropper, Trojan-Downloader.Win32.Generic
50.00%

ESET NOD32
Win32/Downloader.Agent.NAN, MSIL/Solimba
50.00%

Fortinet FortiGate
W32/Agent.ALOT!tr, W32/Agent.ALRS!tr
50.00%

Bkav FE
W32.Clod20c.Trojan
25.00%

Zillya! Antivirus
Dropper.Agent.Win32.139888
25.00%

The domain clic.hexaweb.net has been seen to resolve to the following IP address.

ip-169-179-143-79.static.contabo.net
January 10, 2014

File downloads found at URLs served by clic.hexaweb.net.

19 / 68    (Malware)
http://clic.hexaweb.net/.../FLV-Media-Player.exe  (c8dbf998ff4cce8ebae109d70fdc1afd)

4 / 68      (inconclusive)

URL:
http://clic.hexaweb.net/

Web server:
Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 (PHP/5.3.18)

Remove Malware from clic.hexaweb.net - Powered by Reason Core Security