Help RSS API Feed Maltego Contact                        

Domain > onclickads.net

More information on this domain is in AlienVault OTX

Is this malicious?
Most users have voted this as not malicious

Reports
https://blog.malwarebytes.org/malvertising-2/2016/...    
https://otx.alienvault.com/pulse/56cf46de4637f21c5...    

Files that talk to onclickads.net
MD5A/V
22172af4761a14a9c9fd3fb25c7e9181
6b50038ba303862519fdeba21160cd97[Trojan.InstallMonster.51] [Signed-Downware.InstallMonstr] [PUP/InstallMonstr]
f24de5e9a441e27537ad5a1ffe1f6f3f
8a1ed470542ff4e3beba1c6189604610
bb887be92c51f049bb7aa7ae04b6832f
05a47285e610f3f2bdb504707db3322f[Includer.SRC]
66e3a886a2a0fa3a1b1b42087d894399[W32.Clodf6d.Trojan.9cdf] [W32/Delf.bs] [Downloader] [Obfuscated_MA] [TROJ_DELF.IVV] [Worm.Delf-41] [Worm.Win32.Delf.bs] [Trojan.Win32.Delf.onro] [Worm.Win32.S.Delf.16653] [Packed.Win32.Klone.~KMG] [Win32.HLLW.Autoruner] [Heuristic.BehavesLike.Win32.Suspicious-BAY.G] [Trojan/Win32.WOW.gic[GameThief]] [Backdoor:Win32/Hupigon.EA] [Trojan/Win32.OnlineGameHack] [MalwareScope.Trojan-PSW.Game.16] [Win32/Delf.NCY] [Trojan-Downloader.Win32.Mazahaka] [Downloader.Rozena] [Trojan.Win32.Delf.AJ] [Win32/Trojan]
11e4be8decad5d6f2b19b6945bfdd3cb[Heur.Win32.VBKrypt.3!O] [Trojan.Win32.Peed] [HackTool.ANVQ]
5a0836040b0573c706f5685d8d02f0de
f5d9a8fec909210fed2e7e9a2b2559dd[Trojan.KillAv.DR] [Artemis!F5D9A8FEC909] [Trojan.Ransom] [Trojan] [Trojan/Foreign.qot] [Trojan.Win32.Foreign.xqxpf] [Trojan.ADH] [TROJ_SPNR.08IM12] [WIN.Ransom.Foreign] [Trojan-Ransom.Win32.Foreign.qot] [Trojan.Foreign!2fy15KSZc3I] [Trojan.Win32.A.Foreign.109600] [Mal/KillAV-J] [TrojWare.Win32.Ransom.Foreign.QOT] [Win32.HLLW.Autoruner1.24454] [TR/Injector.mel] [TROJ_SPNR.08IM12] [Artemis!F5D9A8FEC909] [Trojan/Foreign.aqf] [Win32.Troj.Undef.(kcloud)] [Trojan:Win32/Killav] [Trojan/Win32.Jorik] [Hoax.Foreign.qot] [Trojan.ADH] [Win32/AutoRun.VB.XW] [Trojan-Ransom.Win32.Foreign] [W32/Foreign.QOT!tr] [Trj/CI.A]
e29c3788471cf0bdaa407c843b400157[Trojan.KillAv.DR] [Riskware] [Riskware] [Trojan/Injector.ust] [Trojan.Win32.Jorik.wteyk] [Trojan.Win32.Jorik.VBNA.bb] [Trojan.VBNA!xbLueX/rTek] [Troj/KillAV-IC] [Win32.HLLW.Autoruner1.24454] [TR/Buzy.EB.6] [TROJ_HIDEFIL.BMC] [Trojan/Jorik.ftgz] [Trojan/Win32.Jorik] [Trojan:Win32/Killav] [Trojan/Win32.Jorik] [Trojan.Jorik.VBNA] [Win32.SuspectCrc] [W32/Injector.VMC!tr]
95ad56efa37399f14df52030ad4f8a56[Trojan.KillAv.DR] [Trojan.Ransom] [Trojan] [Trojan] [Trojan/Dropper.Injector.frgf] [Trojan.Win32.Injector.zrjhj] [W32.Rontokbro@mm] [Inject.AYLR] [TROJ_SPNR.15JC12] [Trojan-Dropper.Win32.Injector.frgf] [VirTool.VBInject!mo3O26g+vnk] [TrojWare.Win32.Injector.VZP] [Win32.HLLW.Autoruner1.24454] [TR/Jorik.EB.3] [TROJ_NOTOOLS.BMC] [TrojanDropper.Injector.apdp] [VirTool:Win32/VBInject] [Trojan/Win32.Jorik] [TrojanDropper.Injector] [Email-Worm.Rontokbro!rem] [Trojan-Dropper.Win32.Injector] [W32/Injector.VZP!tr]
88e7bbf44b1e97440ff6807c4c28871e[Trojan.KillAv.DR] [W32/Autorun.worm.aadv] [Trojan.Ransom] [Trojan] [Trojan] [Trojan/Dropper.Injector.ftdb] [Trojan.Win32.Jorik.bcgfeh] [Inject.AYLR] [TROJ_SPNR.15JB12] [Trojan.Win32.Jorik.VBNA.ow] [VirTool.VBInject!yJg73IG9DEA] [TrojWare.Win32.Injector.QH] [Win32.HLLW.Autoruner1.24454] [TR/Jorik.EB] [W32/Autorun.worm.aadv] [Mal/KillAV-J] [TrojanDropper.Injector.aqod] [Trojan/Win32.Jorik] [VirTool:Win32/VBInject] [Trojan/Win32.Jorik] [Win32/AutoRun.VB.XW] [Trojan.Win32.KillAV] [W32/Injector.FTDB!tr] [Inject.BWH]
29c26dd7fff7d8744d9e6072cce66094[Trojan.KillAv.DR] [Trojan] [Trojan] [Trojan/Jorik.VBNA.et] [Trojan.Win32.Jorik2.bbndqj] [Trojan.ADH] [VirTool.VBInject!rZkCQlRr6Mw] [TrojWare.Win32.Injector.AJR] [Win32.HLLW.Autoruner1.24454] [TR/Buzy.EB.9] [Trojan/Jorik.gzcy] [Trojan/Win32.Jorik] [VirTool:Win32/VBInject] [Trojan/Win32.Jorik] [Trojan.Jorik.VBNA] [Trojan.ADH] [Win32/AutoRun.VB.XW] [Trojan.Win32.Jorik] [W32/Injector.VZP!tr]
ee1526463f4fc7301b536e23c95b0d67
50fe42f791eb3b48524fa2d02fa35a81
8186c7bf72a3e394df28742c09e5657e[Trojan.Win32.Jorik.VBNA!O] [Trojan.KillAv.DR] [Trojan.Symmi.D9AE] [Trojan.Win32.Jorik2.bbndqj] [Win32/AutoRun.VB.XW] [Win32.HLLW.Autoruner1.24454] [Worm.VBNA.Win32.210211] [Trojan/Jorik.gzcy] [Trojan/Win32.VBNA] [Worm:Win32/Esfury.X] [Trojan/Win32.Jorik] [Trojan.VBNA] [PE:HackTool.VBInject!6.4DA[F1]] [Trojan.Win32.Jorik] [W32/Injector.VZP!tr]
71b942e1b58eb4cd8a00fc5fcac46309
ed37b1f243c960b2344c42564466fc90
3cbdb7f772ffd0288d48eb363c23bef0[W32.GracindA.Worm] [Trojan-Dropper.Win32.Injector!O] [Trojan.KillAv.DR] [Artemis!3CBDB7F772FF] [Trojan/Dropper.Injector.fogn] [Trojan.DR.Injector!mMfPmYw0Ero] [SecurityRisk.Downldr] [TROJ_FORUCON.BMC] [Trojan-Dropper.Win32.Injector.fogn] [Trojan.Win32.Injector.woppd] [TrojWare.Win32.Injector.UST] [Win32.HLLW.Autoruner1.24454] [Dropper.Injector.Win32.37368] [TROJ_FORUCON.BMC] [Trojan-FBMN!0CB4B7569DCE] [TrojanDropper.Injector.amkp] [TR/Buzy.EB.9] [Trojan[Dropper]/Win32.Injector] [Trojan:Win32/VBInject.T] [Trojan.Symmi.D497] [Trojan/Win32.Jorik] [TrojanDropper.Injector] [Trojan.Win32.Jorik] [W32/Injector.XXE!tr] [Trojan.Win32.Dropper.fogn]

Whois
PropertyValue
Email advtechnologieshelp@gmail.com
NameServer NS-1828.AWSDNS-36.CO.UK
Created 2013-06-03 00:00:00
Changed 2015-05-15 00:00:00
Expires 2018-06-03 00:00:00
Registrar EURODNS S.A

DNS Resolutions
DateIP Address
2013-09-04178.63.25.77 (ClassC)
2013-09-0446.4.108.114 (ClassC)
2013-09-0546.4.71.178 (ClassC)
2013-10-1878.140.143.6 (ClassC)
2013-10-1878.140.132.26 (ClassC)
2014-02-2678.140.143.6 (ClassC)
2014-03-0478.140.143.123 (ClassC)
2014-04-26185.49.145.3 (ClassC)
2014-04-26185.49.145.5 (ClassC)
2014-04-29185.49.145.4 (ClassC)
2014-06-2778.140.132.26 (ClassC)
2014-09-1678.140.191.69 (ClassC)
2014-09-1678.140.191.109 (ClassC)
2014-09-1678.140.191.89 (ClassC)
2014-09-2578.140.191.110 (ClassC)
2014-09-2578.140.191.90 (ClassC)
2014-09-2578.140.191.70 (ClassC)
2014-10-2478.140.191.110 (ClassC)
2014-11-1878.140.191.109 (ClassC)
2015-02-0278.140.191.80 (ClassC)
2015-05-14206.54.163.4 (ClassC)
2015-07-0688.85.82.171 (ClassC)
2015-07-0688.85.82.172 (ClassC)
2015-07-0988.85.82.173 (ClassC)
2015-12-04206.54.165.193 (ClassC)
2015-12-05206.54.165.192 (ClassC)
2016-10-24188.42.160.45 (ClassC)
2019-09-14194.187.98.199 (ClassC)
2019-12-11173.237.15.140 (ClassC)
2019-12-11173.237.15.156 (ClassC)
2020-09-30194.187.98.144 (ClassC)
2020-12-10194.187.98.200 (ClassC)
2021-02-17194.187.98.198 (ClassC)
2021-10-0778.140.140.143 (ClassC)
2024-10-28139.45.197.239 (ClassC)
2025-08-09139.45.197.105 (ClassC)

Subdomains
DateDomainIP
wbw2.onclickads.net2025-07-05139.45.197.85
wbw3.onclickads.net2025-07-20139.45.197.98
www.onclickads.net2013-06-1246.4.71.178
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information