cielochic.com

Hostnet bv

Domain Information

The domain cielochic.com registered by Hostnet bv was initially registered in September of 2013 through TUCOWS DOMAINS INC.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Ottawa, Ontario within Canada which resides on the Shopify, Inc. network.
Registrar:
TUCOWS DOMAINS INC.

Server location:
Ontario, Canada (CA)

Create date:
Monday, September 23, 2013

Expires date:
Friday, September 23, 2016

Updated date:
Tuesday, August 25, 2015

ASN:
AS63408 SHOPIFYASN2 - Shopify, Inc.,CA

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

MicroWorld eScan
Gen:Variant.Symmi.51128, Gen:Variant.Zusy.134698
100.00%

K7 AntiVirus
Trojan
100.00%

Trend Micro House Call
Suspicious_GEN.F47V0328, TROJ_GEN.F0C2C00DR15
100.00%

Kaspersky
Trojan-Dropper.Win32.Sysn
100.00%

Bitdefender
Gen:Variant.Symmi.51128, Gen:Variant.Zusy.134698
100.00%

Lavasoft Ad-Aware
Gen:Variant.Symmi.51128, Gen:Variant.Zusy.134698
100.00%

Sophos
Mal/Generic-S
100.00%

F-Secure
Gen:Variant.Symmi.51128, Gen:Variant.Zusy.134698
100.00%

Dr.Web
Trojan.KillFiles.26274
100.00%

VIPRE Antivirus
Trojan.Win32.Generic
100.00%

Emsisoft Anti-Malware
Gen:Variant.Symmi.51128, Gen:Variant.Zusy.134698
100.00%

AhnLab V3 Security
Trojan/Win32.ZBot
100.00%

G Data
Gen:Variant.Graftor.181418, Gen:Variant.Zusy.134698
100.00%

ESET NOD32
Win32/Injector.BXCK
100.00%

McAfee
Artemis!C1212DE7D6FE, GenericR-DGU!7D68BB0DC699
100.00%

The domain cielochic.com has been seen to resolve to the following IP address.

shops.shopify.com
February 29, 2016

File downloads found at URLs served by cielochic.com.

27 / 68    (Malware)
http://cielochic.com/w.exe  (dbvndyrilm.exe)

34 / 68    (Malware)
http://cielochic.com/t7.exe  (oavzwjxjrx.exe)

URL:
http://cielochic.com/

Google Analytics:
UA-46784848

Title:
“Cielo Chic”

SSL certificate subject:
CN=cielochic.com, OU=Domain Control Validated

SSL certificate issuer:
CN=GlobalSign Domain Validation CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE

Web server:
nginx