Domain > adsrvr.org

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to adsrvr.org

MD5	A/V
5989dc0d2666bb6425369bceb7f3810e	[W32/Sefnit.C] [Trojan.MulDrop4.11744] [W32/Sefnit.ZOEY-4762]
24dce1f861cf872e118e557eb4114f3c	[WS.Reputation.1] [TROJ_GE.ABA88ABE] [Trojan.Win32.FlowSpirit.dgozjr] [W32/Trojan.BPXW-9284] [TR/Rogue.640512.1] [Trojan.SuspectCRC] [Riskware/FlowSpirit] [Hacktool.Win32.FlowSpirit.BH]
158adbdc079f15df2197519d5830a335
743bedea7e326854847cd08722847361	[Artemis!743BEDEA7E32] [Suspicious.Cloud.9] [BehavesLike.Win32.Dropper.bc] [Variant.Graftor.df] [PUA.BrowShot]
b634df6a6968dcd53bba33592e131a6c	[W32.Clod93f.Trojan.37db] [Trojan/W32.Obfuscated.44544.Q] [Trojan.Obfuscated.aauy] [Trojan/Obfuscated.aauy] [Trojan.Win32.Obfuscated.pklw] [W32/Trojan2.GJJO] [Busky.PSBG] [Trojan.Win32.Obfuscated.aauy] [Mal/Jevafus-A] [UnclassifiedMalware] [Trojan.Bytok.2] [Trojan.Obfuscated.Win32.8467] [Heuristic.BehavesLike.Win32.ModifiedUPX.C] [Trojan/Obfuscated.djtj] [Trojan[:HEUR]/Win32.Unknown] [Win32.Troj.Obfuscated.(kcloud)] [Trojan.Win32.Obfuscated.44544.C] [Trojan/Win32.Jevafus] [Trojan.Win32.Obfuscated.ASI] [Win32/TrojanDownloader.Delf.OLI] [Trojan-Dropper.Win32.Jevafus] [W32/Obfuscated.AAUY!tr] [Trj/Downloa]
2356fae8b35b4fb7c77d0ca0682efb87	[W32.Clod213.Trojan.e26d] [Trojan/W32.Obfuscated.50688.K] [Trojan.Obfuscated.aava] [Trojan/Obfuscated.aava] [Trojan.Win32.Obfuscated.rdyf] [W32/Backdoor2.DTZQ] [Busky.PSAH] [Trojan.Win32.Obfuscated.aava] [Trojan.Obfuscated!1bIASFz6mEw] [Trojan.Win32.Obfuscated.50688.E] [TrojWare.Win32.Obfuscated.aava] [Heuristic.BehavesLike.Win32.ModifiedUPX.C] [Mal/Jevafus-A] [Trojan/Obfuscated.djhu] [Trj/Downloader.XDT] [Trojan-Dropper.Win32.Jevafus] [W32/Obfuscated.AAVA!tr] [Trojan.Win32.Delf.ARcr]
f2f7ca6ceb6be857eb5b6d8d58efff48
718a66a2d5d454fe883d406a97424e38	[WS.Reputation.1] [Trojan.DownLoader11.27583] [Artemis] [Artemis!718A66A2D5D4] [Trojan.Scar]
64081b63119f47212e7b6cb2a131ac02
1f519484a9ad5a51d42e0f57f4e314e0	[Trojan.Win32.FlowSpirit.dgozjr] [W32/Trojan.BPXW-9284] [UnclassifiedMalware] [Trojan.DownLoader11.37669] [Backdoor.PePatch.Win32.48939] [TR/Rogue.640512.1] [Trojan/Win32.Clicker] [Trojan.Rogue] [Riskware/FlowSpirit] [Hacktool.Win32.FlowSpirit.H]
ea655ab5f6395b51af79ddec4906d355	[Artemis!EA655AB5F639] [Trojan.Graftor.D3E6B6] [W32/Trojan.UIYY-6707] [Virus.Win32.Heur.l] [Trojan.Spy.Banker-5118] [Trojan.Graftor!M7sy9+qDtVs] [Trojan.Win32.Z.Graftor.555008.A[h]] [Win32.Trojan.Graftor.Alij] [Adware.BrowseFox.Win32.138398] [BehavesLike.Win32.SoftPulse.hc] [Win32/Trojan.Multi.daf]
dd149fde864b461ffbacf1ada70d1fdc	[Artemis!DD149FDE864B] [PUP.Optional.InstallCore] [Trojan.Packed.25266] [Adware/InstallCore.OG] [Artemis!DD149FDE864B] [Downware.InstallCore] [Riskware/InstallCore]
b192b1969e16105177b3d12b3413daaf	[Artemis!B192B1969E16] [PUP.Optional.InstallCore] [Trojan.Packed.25266] [Adware/InstallCore.OG] [Artemis!B192B1969E16] [Downware.InstallCore] [Riskware/InstallCore]
e1d874da02827333432a2c9ed92bb233
e845335def350a017046ddb1e43d3446
d586fb5fcb7a29ad68a644caa600f0d1	[HW32.CDB.Ff3b] [Trojan-Spy.Win32.Zbot.sfds] [Heur.Packed.Unknown] [TR/ShoeLoader.A.63]
44c895c1eb6f9ee95de2c8657e82fd50
212c3a5c342e93f7398111083f37fd90
3ccce94d979e925d13b16f7f1b99cbe6	[Type_VBS_Autorun] [VBS.Dunihi] [VBS_JENXCUS.NS] [VBS/Jenxcus-C] [UnclassifiedMalware] [VBS.Autoruner.161] [VBS/Clicker.nauzs] [Worm:VBS/Jenxcus.K] [Trojan.IEVC-3] [VBS/Autorun.BC.worm] [VBS/Kryptik.L]
f58fb6cfc42c049c1442d6ce54ea429d	[W32/new-malware!Maximus] [TR/Graftor.2081254] [Trojan.Packed.194] [Win32/DH{fGSBEiV+ICMsgRNcV04}] [Trojan-Ransom.Win32.Blocker] [Artemis!F58FB6CFC42C] [Trojan.Packed!N6hauVnIyeg] [WS.Reputation.1] [Trojan.Win32.Graftor.czubpq] [Heuristic.LooksLike.Win32.Suspicious.J] [Win32/Trojan.fad]

Whois

Property	Value
Name	Registration Private
Organization	Domains By Proxy, LLC
Email	ADSRVR.ORG@domainsbyproxy.com
Zip Code	85260
City	Scottsdale
State	Arizona
Country	US
Phone	+1.4806242599
Fax	+1.4806242598
NameServer	pdns2.ultradns.net
Created	2010-03-29 16:20:39
Changed	2010-12-10 16:27:15
Expires	2016-03-29 16:20:39
Registrar	GoDaddy.com, LLC (R9

DNS Resolutions

Date	IP Address
2011-11-23	107.20.198.129 (ClassC)
2013-03-12	54.246.112.123 (ClassC)
2013-07-16	54.247.164.180 (ClassC)
2013-07-23	207.198.110.38 (ClassC)
2013-12-10	79.125.2.175 (ClassC)
2014-01-08	54.246.98.29 (ClassC)
2014-01-08	54.228.202.73 (ClassC)
2014-01-10	54.247.112.52 (ClassC)
2014-02-07	46.137.116.51 (ClassC)
2014-02-07	46.137.164.249 (ClassC)
2014-02-07	46.137.158.49 (ClassC)
2014-02-23	54.246.87.244 (ClassC)
2014-02-23	46.137.81.134 (ClassC)
2014-02-23	54.228.230.125 (ClassC)
2014-04-16	54.247.110.166 (ClassC)
2014-04-19	176.74.173.230 (ClassC)
2014-04-30	54.247.65.147 (ClassC)
2014-05-01	54.246.106.200 (ClassC)
2014-05-08	54.217.254.46 (ClassC)
2014-06-10	176.34.251.208 (ClassC)
2014-06-10	46.137.163.20 (ClassC)
2014-06-19	54.215.80.201 (ClassC)
2014-06-19	50.18.250.0 (ClassC)
2014-06-25	54.230.45.15 (ClassC)
2014-06-25	209.15.224.6 (ClassC)
2014-06-26	54.228.233.94 (ClassC)
2014-06-30	54.247.126.28 (ClassC)
2014-07-01	54.217.216.91 (ClassC)
2014-07-01	46.137.163.214 (ClassC)
2014-07-08	54.228.215.194 (ClassC)
2014-07-25	50.18.54.72 (ClassC)
2014-07-25	50.18.55.208 (ClassC)
2014-07-25	54.241.251.233 (ClassC)
2014-08-02	50.18.52.21 (ClassC)
2014-09-03	50.18.190.247 (ClassC)
2014-09-07	184.169.141.80 (ClassC)
2014-09-15	54.241.0.91 (ClassC)
2014-09-25	184.169.161.177 (ClassC)
2014-10-01	184.169.145.142 (ClassC)
2014-10-15	184.72.61.185 (ClassC)
2014-10-30	50.18.117.148 (ClassC)
2014-10-31	50.18.174.239 (ClassC)
2014-11-02	54.230.203.131 (ClassC)
2014-11-16	50.18.252.220 (ClassC)
2014-11-16	184.72.44.243 (ClassC)
2015-01-02	204.236.130.238 (ClassC)
2015-01-02	184.169.164.144 (ClassC)
2015-01-02	184.169.176.7 (ClassC)
2015-01-02	184.169.160.168 (ClassC)
2015-01-04	184.169.132.1 (ClassC)
2015-01-13	50.18.62.99 (ClassC)
2015-01-16	54.215.13.63 (ClassC)
2015-02-19	50.18.107.165 (ClassC)
2015-02-20	79.125.105.133 (ClassC)
2015-03-02	176.34.106.208 (ClassC)
2015-03-05	46.137.94.71 (ClassC)
2015-03-07	204.236.134.220 (ClassC)
2015-03-07	176.34.115.233 (ClassC)
2015-03-10	46.137.79.98 (ClassC)
2015-03-12	54.217.230.221 (ClassC)
2015-03-12	54.246.123.122 (ClassC)
2015-03-31	54.246.116.54 (ClassC)
2015-03-31	54.246.86.42 (ClassC)
2015-04-04	54.228.224.139 (ClassC)
2015-04-06	54.228.220.236 (ClassC)
2015-04-10	184.169.162.140 (ClassC)
2015-04-18	46.137.160.244 (ClassC)
2023-08-04	3.219.105.203 (ClassC)
2023-08-25	3.228.28.70 (ClassC)
2023-09-10	34.195.45.107 (ClassC)
2023-11-01	35.168.141.183 (ClassC)
2023-11-27	34.197.248.198 (ClassC)
2023-12-22	34.193.118.24 (ClassC)
2024-01-11	35.173.163.44 (ClassC)
2024-02-09	54.85.129.196 (ClassC)
2024-03-05	44.195.213.173 (ClassC)
2024-03-18	35.153.154.115 (ClassC)
2024-04-16	107.22.225.116 (ClassC)
2024-05-13	3.217.52.125 (ClassC)
2024-05-16	3.224.190.208 (ClassC)
2024-05-22	44.212.166.145 (ClassC)
2024-06-13	23.22.18.219 (ClassC)
2024-06-17	3.228.154.101 (ClassC)
2024-07-07	54.156.6.86 (ClassC)
2024-07-10	3.232.135.152 (ClassC)
2024-07-14	34.192.204.55 (ClassC)
2024-07-23	50.19.244.24 (ClassC)
2024-07-24	52.1.88.85 (ClassC)
2024-07-30	100.28.10.193 (ClassC)
2024-08-10	44.206.140.200 (ClassC)
2024-08-17	100.26.95.74 (ClassC)
2024-08-21	52.4.25.54 (ClassC)
2024-08-24	34.225.211.213 (ClassC)
2024-09-04	35.169.74.250 (ClassC)
2024-09-17	34.192.128.236 (ClassC)
2024-09-23	3.210.206.84 (ClassC)
2024-10-17	52.55.0.156 (ClassC)
2024-10-23	34.233.97.200 (ClassC)
2024-11-12	13.249.21.15 (ClassC)
2024-12-13	99.86.91.84 (ClassC)
2024-12-23	13.249.190.127 (ClassC)
2024-12-31	3.166.192.126 (ClassC)
2025-01-08	3.166.96.51 (ClassC)
2025-01-08	3.166.96.97 (ClassC)
2025-01-10	3.170.103.29 (ClassC)
2025-02-04	54.192.51.47 (ClassC)
2025-02-04	54.192.51.7 (ClassC)
2025-04-02	54.230.253.107 (ClassC)
2025-05-29	18.155.192.2 (ClassC)
2025-06-09	52.84.162.99 (ClassC)
2025-07-10	3.175.34.117 (ClassC)
2025-07-11	3.164.85.35 (ClassC)
2025-07-11	18.155.192.55 (ClassC)
2025-07-18	52.84.162.51 (ClassC)
2025-08-04	52.84.162.98 (ClassC)
2025-09-02	13.226.52.26 (ClassC)
2025-09-24	52.84.162.129 (ClassC)
2025-10-26	18.155.192.123 (ClassC)
2025-10-29	18.155.192.15 (ClassC)
2025-12-06	143.204.160.20 (ClassC)
2026-01-04	108.138.94.110 (ClassC)

Port 80

Port 443

Subdomains

Date	Domain	IP
usw-ca2.adsrvr.org	2025-12-21	199.250.160.129
usw-lax2.adsrvr.org	2025-11-28	207.198.110.39
html5.adsrvr.org	2019-10-17	99.86.35.205
a.adsrvr.org	2019-06-16	13.32.202.125
use-bid-admanmedia.adsrvr.org	2025-10-28	199.250.169.129
use-bid-taboola.adsrvr.org	2022-11-17	199.250.162.129
data.adsrvr.org	2013-11-28	46.51.169.79

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]