nym1.ib.adnxs.com

AppNexus Inc

Domain Information

The domain nym1.ib.adnxs.com registered by AppNexus Inc was initially registered in May of 2008 through MARKMONITOR INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Corona del Mar, California within the United States which resides on the AppNexus, Inc network.
Remove Malware from nym1.ib.adnxs.com - Powered by Reason Core Security
Registrar:
MARKMONITOR INC.

Server location:
California, United States (US)

Create date:
Tuesday, May 27, 2008

Expires date:
Friday, May 27, 2016

Updated date:
Saturday, April 26, 2014

ASN:
AS29990 ASN-APPNEXUS - AppNexus, Inc,US

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Amonetizeltd.g, PUP.Installer.SecureInstall.L, PUP.Installer.BundloreLimited.F, PUP.Installer.Wilmaonline.f, PUP.Optional.Installer.X, PUP.Adknowledge.BootCompute.Installer (M), PUP.Adknowledge.TigerDownload.Bundler (M), PUP.Adknowledge.FileMonarch.Bundler (M), PUP.Adknowledge.OverallMedia.Installer (M), Threat.Win.Reputation.IMP, PUP.Adknowledge.Liquidbuild.Installer (M), PUP.Outbrowse.Bundler (M), PUP.Adknowledge.Liquidbuild.Bundler (M), PUP.Adknowledge.INSTALLTHIS.Installer (M), PUP.Adknowledge.WARPINSTALL.Installer (M), PUP.Adknowledge.BuildInput.Bundler (M), PUP.Adknowledge.FUSIONINSTALLER.Installer (M), PUP.Amonetize.ShetefSolutionsConsulting1998.Bundler (M), PUP.Amonetize.Bundler, PUP.Outbrowse.StartNow.Bundler (M)
100.00%

VIPRE Antivirus
Amonetize, InstallIQ Installer, Bundlore, Trojan.Win32.Generic, Conduit, Threat.4778314, Threat.4798837, Threat.4150696
78.72%

McAfee
Artemis!70197CFE7AFD, Artemis!7FA7B38A12E2, Artemis!41A0CF71C007, Artemis!C4A8EECDA7F4, Adware-Amonetize!6CFB6828B682, Artemis!8A2ED863690C, Artemis!D2A55DBB13C5, Artemis!C4AF061E7EBA
76.60%

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious-BAY.K, Artemis!7FA7B38A12E2, Artemis!41A0CF71C007, Adware-Amonetize!6CFB6828B682
74.47%

Dr.Web
Adware.Downware.1655, Adware.Searcher.2593, Adware.Downware.1732, Adware.Downware.8012, Adware.Downware.5822, Adware.Downware.2083
68.09%

Kaspersky
not-a-virus:Downloader.NSIS.Agent, not-a-virus:Downloader.Win32.Agent, not-a-virus:AdWare.Win32.Amonetize, Trojan-Downloader.Win32.Genome
68.09%

Fortinet FortiGate
Riskware/InstallIQ, Riskware/Agent, W32/Malware_fam.NB, Riskware/Generic.AC.13751, W32/Generic.AC.1188117, Riskware/Amonetize
68.09%

avast!
Win32:PUP-gen [PUP], Win32:Amonetize-N [PUP], Win32:Dropper-gen [Drp], Win32:Amonetize-Q [PUP], Win32:Adware-gen [Adw], Win32:Rootkit-gen [Rtk]
68.09%

Malwarebytes
PUP.Optional.InstallMonetizer, PUP.Optional.SafeInstall.A, PUP.Optional.Bundlore, PUP.Optional.Amonetize.A, PUP.Optional.Ibryte
65.96%

Trend Micro House Call
TROJ_GEN.F47V1219, Suspicious_GEN.F47V0621, TROJ_GEN.F47V0311, TROJ_GEN.F47V0315, TROJ_GEN.F47V0116, Suspicious_GEN.F47V0620, Suspicious_GEN.F47V1219
65.96%

Sophos
Amonetize, DomainIQ pay-per install, Bundlore, Generic PUA OF, Mal/Generic-S, Mal/Inject-CEE, PUA 'iBryte Optimum Installer'
65.96%

G Data
Win32.Application.InstallIQ, Win32.Trojan.Agent.4P134N, Gen:Variant.Application.Bundler.Amonetize.12, Gen:Variant.Application.Bundler.Amonetize.14
63.83%

Kingsoft AntiVirus
Win32.Troj.DownAgent.ba.(kcloud), Win32.Troj.Amonetize.c.(kcloud), Win32.Troj.Staser.y.(kcloud), Win32.Troj.iBryte.j.(kcloud)
63.83%

Panda Antivirus
Suspicious file, Trj/Chgt.A, Trj/Chgt.C, Trj/Chgt.F, Trj/Genetic.gen, Trj/CI.A
61.70%

AVG
MultiBundle, MalSign.Bundlo, MalSign.Wilmo, Generic_r, Adware AdPlugin, BundleApp_r.R
59.57%

The domain nym1.ib.adnxs.com has been seen to resolve to the following 404 IP addresses.

float.2913.bm-impbus.prod.nym2.adnexus.net
February 11, 2016

float.2911.bm-impbus.prod.nym2.adnexus.net
January 30, 2016

float.2244.bm-impbus.prod.nym2.adnexus.net
January 5, 2016

float.2481.bm-impbus.prod.nym2.adnexus.net
January 3, 2016

float.2470.bm-impbus.prod.nym2.adnexus.net
January 3, 2016

float.2295.bm-impbus.prod.nym2.adnexus.net
December 26, 2015

float.1197.bm-impbus.prod.sin1.adnexus.net
December 15, 2015

float.2918.bm-impbus.prod.nym2.adnexus.net
December 15, 2015

float.2773.bm-impbus.prod.nym2.adnexus.net
December 15, 2015

float.2762.bm-impbus.prod.nym2.adnexus.net
December 7, 2015

float.2471.bm-impbus.prod.nym2.adnexus.net
December 7, 2015

float.2782.bm-impbus.prod.nym2.adnexus.net
December 5, 2015

float.2269.bm-impbus.prod.nym2.adnexus.net
December 1, 2015

float.2274.bm-impbus.prod.nym2.adnexus.net
December 1, 2015

float.2238.bm-impbus.prod.nym2.adnexus.net
November 25, 2015

float.2917.bm-impbus.prod.nym2.adnexus.net
November 23, 2015

float.2482.bm-impbus.prod.nym2.adnexus.net
November 7, 2015

float.2280.bm-impbus.prod.nym2.adnexus.net
November 7, 2015

float.814.bm-impbus.prod.nym2.adnexus.net
November 7, 2015

float.697.bm-impbus.prod.nym2.adnexus.net
November 7, 2015

float.452.bm-impbus.prod.nym2.adnexus.net
November 7, 2015

float.2204.bm-impbus.prod.nym2.adnexus.net
November 7, 2015

float.2267.bm-impbus.prod.nym2.adnexus.net
October 29, 2015

float.2912.bm-impbus.prod.nym2.adnexus.net
October 29, 2015

float.2469.bm-impbus.prod.nym2.adnexus.net
October 29, 2015

float.696.bm-impbus.prod.nym2.adnexus.net
October 29, 2015

float.2910.bm-impbus.prod.nym2.adnexus.net
October 26, 2015

float.2272.bm-impbus.prod.nym2.adnexus.net
October 20, 2015

float.2291.bm-impbus.prod.nym2.adnexus.net
October 20, 2015

float.1178.bm-impbus.prod.sin1.adnexus.net
October 20, 2015

 
Showing 30 of 404 IP Addresses

File downloads found at URLs served by nym1.ib.adnxs.com.

 
Latest 30 of 306 download URLs

The following 120 files have been seen to comunicate with nym1.ib.adnxs.com in live environments.

 
Latest 20 of 387 files

URL:
http://nym1.ib.adnxs.com/

Google Analytics:
UA-4057742

Title:
“error page for redirects from product”

Web server:
Apache/2.2.22 (Ubuntu)

Remove Malware from nym1.ib.adnxs.com - Powered by Reason Core Security