The domain clksite.com registered by INTANGO was initially registered in November of 2014 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Server location:
Texas, United States (US)
Create date:
Thursday, November 20, 2014
Expires date:
Sunday, November 20, 2016
Updated date:
Thursday, November 5, 2015
ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.ClickYes.e, PUP.CodeTechno.e, PUP.Installer.InstallCore.Installer, PUP.Installer.installCore, PUP.Outbrowse, PUP.Bundler.Tightrope, PUP.Outbrowse.CLICKTOSTART.Bundler (M), PUP.ProfitServis.VUDGOFF.Bundler (M), PUP.Outbrowse.TiKiTaKa.Bundler (M), PUP.InstallCore.Installer.Installer (M), PUP.Outbrowse.BestApp.Bundler (M), PUP.InstallCore.FC.Installer (M), PUP.Outbrowse.BESTAPP.Bundler (M), PUP.Outbrowse.ClickYes.Bundler (M), PUP.Outbrowse.MARiMara.Bundler (M), PUP.DownloadAdmin.CodeTech.Installer (M), PUP.OutBrowse.StartPla.Installer (M)
100.00%
VIPRE Antivirus
Threat.4784459, DownloadAdmin, InstallCore, Threat.4150696, Trojan.Win32.Generic
34.38%
Dr.Web
Trojan.OutBrowse.6, Adware.Downware.2220, Trojan.InstallCore.49, Trojan.InstallCore.53, Trojan.OutBrowse.83, Trojan.OutBrowse.77
34.38%
AVG
Downloader, Generic
34.38%
K7 AntiVirus
Unwanted-Program , Trojan , DoS-Trojan
31.25%
NANO AntiVirus
Trojan.Win32.OutBrowse.djogzg, Riskware.Win32.Downware.djahkt, Riskware.Win32.InstallCore.dnajwn, Trojan.Win32.OutBrowse.dnmhre
31.25%
Avira AntiVirus
ADWARE/Adware.Gen, Adware/InstallCo.zlz, Adware/InstallCo.CK, APPL/Downloader.Gen, PUA/InstallCore.II
31.25%
G Data
Win32.Application.DownloadAdmin, Win32.Application.InstallCore.DI, Win32.Application.Agent.PJ22JG, Application.Bundler.KJ
31.25%
Sophos
OutBrowse Revenyou, Install Core, Generic PUA ID, PUA 'Install Core', Download Admin, Generic PUA JE
28.13%
Baidu Antivirus
PUA.Win32.OutBrowse, Adware.Win32.InstallCore
28.13%
McAfee
Adware-OutBrowse.c, Artemis!3C3FE33FE1DA, Trojan.Artemis!05FEC56DAAAA, Artemis!8D6D2B956597, Trojan.Artemis!9254CE713DDB
25.00%
Malwarebytes
PUP.Optional.OutBrowse, PUP.Optional.DownloadAdmin, PUP.Optional.InstallCore.SID.A, PUP.Optional.InstallCore.C
25.00%
Trend Micro House Call
Suspici.92093976, Suspicious_GEN.F47V0126, TROJ_GEN.R00GH06B215, Suspicious_GEN.F47V0204, TROJ_GEN.R047H06AO15
25.00%
Fortinet FortiGate
Riskware/OutBrowse, Riskware/InstallCore, Riskware/DownloadAdmin
25.00%
Agnitum Outpost
Riskware.Agent, PUA.InstallCore, PUA.Downloader
25.00%
The domain clksite.com has been seen to resolve to the following IP address.
89.9d.a86c.ip4.static.sl-reverse.com
November 18, 2015
File downloads found at URLs served by clksite.com.
The following 109 files have been seen to comunicate with clksite.com in live environments.
SSL certificate subject:
CN=www.clksite.com
SSL certificate issuer:
CN=RapidSSL SHA256 CA - G3, O=GeoTrust Inc., C=US