mydl.hexaweb.net

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain mydl.hexaweb.net is registered by proxy through ENOM, INC. and was originally registered in April of 2011. Currently this domain has been known to host various forms of malware. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Remove Malware from mydl.hexaweb.net - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Nord-Pas-De-Calais, France (FR)

Create date:
Saturday, April 02, 2011

Expires date:
Thursday, April 02, 2020

Updated date:
Thursday, October 17, 2013

ASN:
AS16276 OVH OVH SAS,FR

Root domain:

Scanner detections:
Malware distribution  (83% detected)

Scan engine
Details
Detections

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra, Threat.4657539
83.33%

Vba32 AntiVirus
TrojanDropper.Dapato, suspected of Trojan.Downloader.gen.h
83.33%

McAfee Web Gateway
Artemis!A942B3D27808, Artemis!C97614C14996, BehavesLike.Win32.Downloader.qm
83.33%

Qihoo 360 Security
Win32/Trojan.Dropper.a9d, HEUR/QVM42.0.Malware.Gen
83.33%

McAfee
Artemis!A942B3D27808, Artemis!C97614C14996, RDN/Downloader.a!tx
66.67%

Trend Micro House Call
TROJ_GEN.R0CBH07FT14, Suspicious_GEN.F47V0616, TROJ_GEN.R047C0EL714
66.67%

Kaspersky
Trojan-Dropper.Win32.Dapato, UDS:DangerousObject.Multi.Generic
66.67%

Baidu Antivirus
Trojan.Win32.Dapato, Hacktool.Win32.Downloader
66.67%

Agnitum Outpost
Trojan.Agent
50.00%

Antiy Labs AVL
Trojan[Dropper]/Win32.Dapato
50.00%

Reason Heuristics
Threat.Win.Reputation.IMP
50.00%

Quick Heal
TrojanDropper.Dapato.r5
50.00%

K7 Gateway Antivirus
Riskware
50.00%

K7 AntiVirus
Riskware
50.00%

NANO AntiVirus
Trojan.Win32.Blocker.dbnfux
50.00%

The domain mydl.hexaweb.net has been seen to resolve to the following 2 IP addresses.

ns338802.ip-178-33-228.eu
May 5, 2015

ip-169-179-143-79.static.contabo.net
May 31, 2014

File downloads found at URLs served by mydl.hexaweb.net.

URL:
http://mydl.hexaweb.net/

Web server:
Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (PHP/5.4.34)

Remove Malware from mydl.hexaweb.net - Powered by Reason Core Security