secure-ams.adnxs.com

AppNexus Inc

Domain Information

The domain secure-ams.adnxs.com registered by AppNexus Inc was initially registered in May of 2008 through MARKMONITOR INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted server (37.252.162.27) is located in Netherlands which resides on the RIPE Network Coordination Centre network.
Remove Malware from secure-ams.adnxs.com - Powered by Reason Core Security
Registrar:
MARKMONITOR INC.

Server location:
Netherlands (NL)

Create date:
Tuesday, May 27, 2008

Expires date:
Friday, May 27, 2016

Updated date:
Saturday, April 26, 2014

ASN:
AS29990 ASN-APPNEXUS - AppNexus, Inc,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Amonetizeltd.b, PUP.Wilmaonline.c, PUP.Installer.Stepitapp.F, PUP.Installer.KOMPANIYAR.f, PUP.OUTBROWSE.I, PUP.OUTBROWSE.M, PUP.Optional.Installer.Y, PUP.Installer.OUTBROWSE.F, PUP.Installer.OUTBROWSE.K, PUP.Bundler.Outbrowse
100.00%

Kaspersky
not-a-virus:Downloader.Win32.Agent, not-a-virus:AdWare.Win32.Amonetize, not-a-virus:AdWare.Win32.OutBrowse, HEUR:Trojan-Downloader.Win32.Generic
89.66%

McAfee
Adware-Amonetize!7AED241B817C, Artemis!8A2ED863690C, Artemis!F8699D1A4970, Artemis!EC6559E3952C, Adware-OutBrowse, Artemis!681A294031C4, Artemis!D3C491199326
86.21%

Malwarebytes
PUP.Optional.InstallMonetizer, PUP.Optional.Amonetize.A, PUP.Optional.Outbrowse, PUP.Optional.OutBrowse, PUP.Optional.Conduit
75.86%

Dr.Web
Adware.Downware.1655, Adware.Downware.5546, Adware.Downware.6169, Adware.Downware.2081, Adware.Downware.8012, Adware.Downware.8331
75.86%

VIPRE Antivirus
Amonetize, Conduit, Trojan.Win32.Generic, Threat.4784459, OutBrowse, Threat.4150696, Threat.4823950
75.86%

AVG
Generic_r, Win32/DH{gRKBE4EPICVXTg}
75.86%

G Data
Gen:Variant.Application.Bundler.Amonetize, Win32.Trojan.Agent.4P134N, Win32.Application.Outbrowse, Gen:Variant.Application.Bundler.Amonetize.12
75.86%

Avira AntiVirus
ADWARE/Adware.Gen2, Adware/Graftor.146078.139, APPL/Downloader.Gen, APPL/Amonetize.htzw, APPL/OutBrowse.lwasp
68.97%

Agnitum Outpost
PUA.Amonetize, PUA.OutBrowse
65.52%

Sophos
Amonetize, Generic PUA NH, OutBrowse Revenyou, Generic PUA JN, Generic PUA PH
62.07%

Antiy Labs AVL
Riskware[:not-a-virus]/Win32.OutBrowse.g, GrayWare[AdWare:not-a-virus]/Win32.Amonetize
62.07%

K7 Gateway Antivirus
Unwanted-Program , Trojan
58.62%

McAfee Web Gateway
Adware-Amonetize!7AED241B817C, Artemis!8A2ED863690C, Artemis!F8699D1A4970, Artemis!EC6559E3952C, BehavesLike.Win32.AdwareOutBrowse.jc
55.17%

K7 AntiVirus
Trojan , Unwanted-Program
55.17%

The domain secure-ams.adnxs.com has been seen to resolve to the following 26 IP addresses.

December 1, 2014

December 1, 2014

float.2410.bm-impbus.prod.ams1.adnexus.net
December 1, 2014

float.2302.bm-impbus.prod.ams1.adnexus.net
December 1, 2014

float.2303.bm-impbus.prod.ams1.adnexus.net
December 1, 2014

float.2304.bm-impbus.prod.ams1.adnexus.net
October 24, 2014

float.2301.bm-impbus.prod.ams1.adnexus.net
October 24, 2014

October 24, 2014

ip176232.ams1.adnexus.net
August 24, 2014

float.1473.bm-impbus.prod.ams1.adnexus.net
August 24, 2014

float.1469.bm-impbus.prod.ams1.adnexus.net
August 24, 2014

float.779.bm-impbus.prod.ams1.adnexus.net
August 24, 2014

float.781.bm-impbus.prod.ams1.adnexus.net
August 22, 2014

float.1466.bm-impbus.prod.ams1.adnexus.net
August 22, 2014

float.2040.bm-impbus.prod.ams1.adnexus.net
August 22, 2014

float.1467.bm-impbus.prod.ams1.adnexus.net
August 19, 2014

August 19, 2014

float.1470.bm-impbus.prod.ams1.adnexus.net
August 19, 2014

ip176222.ams1.adnexus.net
May 24, 2014

float.1472.bm-impbus.prod.ams1.adnexus.net
May 24, 2014

float.1098.bm-impbus.prod.ams1.adnexus.net
May 24, 2014

float.1471.bm-impbus.prod.ams1.adnexus.net
May 24, 2014

float.1097.bm-impbus.prod.ams1.adnexus.net
May 24, 2014

float.946.bm-impbus.prod.ams1.adnexus.net
May 24, 2014

ip176228.ams1.adnexus.net
May 24, 2014

float.1475.bm-impbus.prod.ams1.adnexus.net
May 24, 2014

File downloads found at URLs served by secure-ams.adnxs.com.

 
Latest 30 of 30 download URLs

The following 22 files have been seen to comunicate with secure-ams.adnxs.com in live environments.

 
Latest 20 of 25 files

URL:
http://secure-ams.adnxs.com/

Google Analytics:
UA-4057742

Title:
“AppNexus”

SSL certificate subject:
CN=*.adnxs.com, O="AppNexus, Inc.", L=New York, S=New York, C=US

SSL certificate issuer:
CN=GeoTrust SSL CA - G2, O=GeoTrust Inc., C=US

Web server:
nginx/1.2.9 (PHP/5.3.18)

Remove Malware from secure-ams.adnxs.com - Powered by Reason Core Security