clksite.com

INTANGO

Domain Information

The domain clksite.com registered by INTANGO was initially registered in November of 2014 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
ENOM, INC.

Server location:
Texas, United States (US)

Create date:
Thursday, November 20, 2014

Expires date:
Sunday, November 20, 2016

Updated date:
Thursday, November 5, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ClickYes.e, PUP.CodeTechno.e, PUP.Installer.InstallCore.Installer, PUP.Installer.installCore, PUP.Outbrowse, PUP.Bundler.Tightrope, PUP.Outbrowse.CLICKTOSTART.Bundler (M), PUP.ProfitServis.VUDGOFF.Bundler (M), PUP.Outbrowse.TiKiTaKa.Bundler (M), PUP.InstallCore.Installer.Installer (M), PUP.Outbrowse.BestApp.Bundler (M), PUP.InstallCore.FC.Installer (M), PUP.Outbrowse.BESTAPP.Bundler (M), PUP.Outbrowse.ClickYes.Bundler (M), PUP.Outbrowse.MARiMara.Bundler (M), PUP.DownloadAdmin.CodeTech.Installer (M), PUP.OutBrowse.StartPla.Installer (M)
100.00%

VIPRE Antivirus
Threat.4784459, DownloadAdmin, InstallCore, Threat.4150696, Trojan.Win32.Generic
34.38%

Dr.Web
Trojan.OutBrowse.6, Adware.Downware.2220, Trojan.InstallCore.49, Trojan.InstallCore.53, Trojan.OutBrowse.83, Trojan.OutBrowse.77
34.38%

AVG
Downloader, Generic
34.38%

K7 AntiVirus
Unwanted-Program , Trojan , DoS-Trojan
31.25%

NANO AntiVirus
Trojan.Win32.OutBrowse.djogzg, Riskware.Win32.Downware.djahkt, Riskware.Win32.InstallCore.dnajwn, Trojan.Win32.OutBrowse.dnmhre
31.25%

Avira AntiVirus
ADWARE/Adware.Gen, Adware/InstallCo.zlz, Adware/InstallCo.CK, APPL/Downloader.Gen, PUA/InstallCore.II
31.25%

G Data
Win32.Application.DownloadAdmin, Win32.Application.InstallCore.DI, Win32.Application.Agent.PJ22JG, Application.Bundler.KJ
31.25%

Sophos
OutBrowse Revenyou, Install Core, Generic PUA ID, PUA 'Install Core', Download Admin, Generic PUA JE
28.13%

Baidu Antivirus
PUA.Win32.OutBrowse, Adware.Win32.InstallCore
28.13%

McAfee
Adware-OutBrowse.c, Artemis!3C3FE33FE1DA, Trojan.Artemis!05FEC56DAAAA, Artemis!8D6D2B956597, Trojan.Artemis!9254CE713DDB
25.00%

Malwarebytes
PUP.Optional.OutBrowse, PUP.Optional.DownloadAdmin, PUP.Optional.InstallCore.SID.A, PUP.Optional.InstallCore.C
25.00%

Trend Micro House Call
Suspici.92093976, Suspicious_GEN.F47V0126, TROJ_GEN.R00GH06B215, Suspicious_GEN.F47V0204, TROJ_GEN.R047H06AO15
25.00%

Fortinet FortiGate
Riskware/OutBrowse, Riskware/InstallCore, Riskware/DownloadAdmin
25.00%

Agnitum Outpost
Riskware.Agent, PUA.InstallCore, PUA.Downloader
25.00%

The domain clksite.com has been seen to resolve to the following IP address.

89.9d.a86c.ip4.static.sl-reverse.com
November 18, 2015

File downloads found at URLs served by clksite.com.

1 / 68      (Adware)

The following 109 files have been seen to comunicate with clksite.com in live environments.

 
Latest 20 of 184 files

URL:
http://clksite.com/

Title:
“Contact Us”

SSL certificate subject:
CN=www.clksite.com

SSL certificate issuer:
CN=RapidSSL SHA256 CA - G3, O=GeoTrust Inc., C=US

Web server:
nginx