go.sonobi.com

Contech, LLC

Domain Information

The domain go.sonobi.com registered by Contech, LLC was initially registered in November of 2006 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Remove Malware from go.sonobi.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Oregon, United States (US)

Create date:
Wednesday, November 29, 2006

Expires date:
Sunday, November 29, 2015

Updated date:
Friday, March 27, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.WebPick.Installer.Z
100.00%

Bkav FE
HW32.CDB, W32.HfsAdware
100.00%

MicroWorld eScan
Adware.Generic.572468, Adware.Generic.571854
100.00%

McAfee
PUP-FHQ!35B602F5EC89, PUP-FHQ!C5D41C4A0F1F
100.00%

Malwarebytes
PUP.Optional.Installex
100.00%

SUPERAntiSpyware
PUP.InstallRex/Variant, Adware.InstalleRex/Variant
100.00%

K7 AntiVirus
Unwanted-Program
100.00%

K7 Gateway Antivirus
Unwanted-Program
100.00%

Agnitum Outpost
Adware.Generic, PUA.InstalleRex
100.00%

avast!
Win32:InstalleRex-O [PUP], Win32:InstalleRex-X [PUP]
100.00%

Kaspersky
not-a-virus:AdWare.Win32.Agent
100.00%

Bitdefender
Adware.Generic.572468, Adware.Generic.571854
100.00%

NANO AntiVirus
Riskware.Win32.Adware.crcapm, Riskware.Win32.Agent.crfila
100.00%

Emsisoft Anti-Malware
Adware.Generic.572468, Gen:Variant.Application.Bundler.InstallRex
100.00%

Comodo Security
Application.Win32.Agent.V
100.00%

The domain go.sonobi.com has been seen to resolve to the following 2 IP addresses.

May 5, 2015

ec2-54-186-38-27.us-west-2.compute.amazonaws.com
April 14, 2014

File downloads found at URLs served by go.sonobi.com.

The following 2 files have been seen to comunicate with go.sonobi.com in live environments.

URL:
http://go.sonobi.com/

Title:
“Sonobi ™”

Description:
“Sonobi is a leader in advertising technology. We are a digital display advertising company bringing web publishers and advertisers together via a single buying and selling solution”

Network:
Amazon Web Services (AWS), running an EC2 instance

SSL certificate subject:
CN=*.go.sonobi.com, OU=Domain Control Validated

SSL certificate issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."

Web server:
nginx

Facebook:
Shares:  3

Statistics are for the previous month.

Remove Malware from go.sonobi.com - Powered by Reason Core Security