nym1.b.adnxs.com

AppNexus Inc

Domain Information

The domain nym1.b.adnxs.com registered by AppNexus Inc was initially registered in May of 2008 through MARKMONITOR INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Corona del Mar, California within the United States which resides on the AppNexus, Inc network.
Registrar:
MARKMONITOR INC.

Server location:
California, United States (US)

Create date:
Tuesday, May 27, 2008

Expires date:
Friday, May 27, 2016

Updated date:
Saturday, April 26, 2014

ASN:
AS29990 ASN-APPNEXUS - AppNexus, Inc,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Stepitapp.F, PUP.Installer.BuildInput.U, PUP.Adknowledge.WARPINSTALLER.Installer (M), PUP.Adknowledge.Liquidbuild.Installer (M), PUP.Solimba.Bechiro.Bundler (M), PUP.Adknowledge.Liquidbuild.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.Adknowledge.BuildInp.Bundler (M), PUP.Adknowledge.BootComp.Installer (M)
100.00%

McAfee
Artemis!8A2ED863690C, Trojan.Artemis!2BDA97A3EE62, GenericATG-FGI!9BBCEAD72578, Artemis!0FF2B0F7AD04
41.67%

Kaspersky
not-a-virus:Downloader.Win32.Agent, not-a-virus:AdWare.Win32.iBryte
41.67%

VIPRE Antivirus
Conduit, Threat.4778314, Threat.4150696
41.67%

McAfee Web Gateway
Artemis!8A2ED863690C, GenericATG-FGI!746F50AE6DB0, GenericATG-FGI!9BBCEAD72578
41.67%

Kingsoft AntiVirus
Win32.Troj.DownAgent.ba.(kcloud), Win32.Troj.Badur.hr.(kcloud), Win32.Troj.Generic.a.(kcloud), Win32.Troj.Staser.y.(kcloud)
41.67%

Vba32 AntiVirus
Downloader.Agent, AdWare.iBryte
41.67%

Panda Antivirus
Trj/Chgt.A, Trj/Genetic.gen
41.67%

Fortinet FortiGate
Riskware/Agent, W32/Zbot.AAN!tr, Riskware/Generic.AC.1188117, W32/Malware_fam.NB
41.67%

Qihoo 360 Security
HEUR/Malware.QVM03.Gen, Malware.QVM10.Gen, Win32/Trojan.Dropper.c9f
41.67%

avast!
Win32:Dropper-gen [Drp], Win32:Adware-gen [Adw], Win32:IBryte-CX [PUP]
41.67%

Trend Micro House Call
Suspicious_GEN.F47V0620, TROJ_CLIKUG.A
33.33%

Malwarebytes
PUP.Optional.OptimumInstaller.A, PUP.Optional.GigaClicks.A
33.33%

Agnitum Outpost
PUA.Agent, Riskware.Agent
33.33%

Sophos
iBryte Optimum Installer, PUA.iBryte Optimum Installer
33.33%

The domain nym1.b.adnxs.com has been seen to resolve to the following 3 IP addresses.

September 7, 2014

float.1867.bm-impbus.prod.nym2.adnexus.net
September 7, 2014

float.1866.bm-impbus.prod.nym2.adnexus.net
September 7, 2014

File downloads found at URLs served by nym1.b.adnxs.com.

The following 4 files have been seen to comunicate with nym1.b.adnxs.com in live environments.

URL:
http://nym1.b.adnxs.com/

Google Analytics:
UA-4057742

Title:
“error page for redirects from product”

Web server:
Apache/2.2.22 (Ubuntu)