secure-lax.adnxs.com

AppNexus Inc

Domain Information

The domain secure-lax.adnxs.com registered by AppNexus Inc was initially registered in May of 2008 through MARKMONITOR INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Los Angeles, California within the United States which resides on the AppNexus, Inc network.
Registrar:
MARKMONITOR INC.

Server location:
California, United States (US)

Create date:
Tuesday, May 27, 2008

Expires date:
Friday, May 27, 2016

Updated date:
Saturday, April 26, 2014

ASN:
AS29990 ASN-APPNEXUS - AppNexus, Inc,US

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.X, PUP.Installer.Stepitapp.F, PUP.Optional.ReimageLimited.N, PUP.Installer.Wilmaonline.CC, PUP.Softpulse.SoftpulseSl.Bundler (M), PUP.Adknowledge.FileMonarch.Bundler (M), PUP.Adknowledge.INSTALLTHIS.Installer (M), PUP.Brightcircle.Wilmaonline.Bundler (M), PUP.Adknowledge.Liquidbu.Bundler (M), PUP.Outbrowse.Bundler (M), Threat.Win.Reputation.IMP, PUP.Adknowledge.FileMona.Bundler (M), PUP.Adknowledge.Liquidbu.Installer (M), PUP.Softpulse.Bundler (M), PUP.Adknowledge.WARPINST.Bundler (M), PUP.installCore.Compiler.Installer (M), PUP.Adknowledge.BootComp.Installer (M), PUP.Adknowledge.INSTALLT.Installer (M), PUP.Brightcircle.Wilmaonl.Bundler (M), PUP.Adknowledge.BuildInp.Bundler (M), PUP.Adknowledge.OverallM.Installer (M), PUP.Adknowledge (M), PUP.Softpulse (M)
97.92%

Panda Antivirus
Trj/Chgt.A, Suspicious file, Trj/Chgt.F, Trj/Genetic.gen, Trj/Chgt.I, PUP/iBryte
20.83%

Kaspersky
not-a-virus:Downloader.Win32.Agent, not-a-virus:AdWare.Win32.Amonetize, not-a-virus:AdWare.Win32.iBryte, HEUR:Trojan.Win32.Generic
18.75%

VIPRE Antivirus
Conduit, Trojan.Win32.Generic, Threat.4778314, Threat.4150696, Optimum Installer
18.75%

Kingsoft AntiVirus
Win32.Troj.DownAgent.ba.(kcloud), Win32.Troj.Amonetize.c.(kcloud), Win32.Troj.iBryte.j.(kcloud), Win32.Troj.Undef.(kcloud)
18.75%

Vba32 AntiVirus
Downloader.Agent, AdWare.Amonetize, AdWare.iBryte
18.75%

McAfee
Artemis!8A2ED863690C, Artemis!17FD46A07B73, PUP-Amonetize, Artemis!0FF2B0F7AD04, Trojan.Artemis!DF0CA657827D, Trojan.Artemis!D06D84983289
18.75%

Trend Micro House Call
Suspicious_GEN.F47V0620, TROJ_GEN.F47V0730, TROJ_GEN.F47V0516, TROJ_GEN.F0C2H00I314, TROJ_CLIKUG.A, Suspicious_GEN.F47V0717
18.75%

Fortinet FortiGate
Riskware/Agent, Adware/Amonetize, W32/Malware_fam.NB, Riskware/Generic.AC.13751, W32/Zbot.AAN!tr
18.75%

Qihoo 360 Security
HEUR/Malware.QVM03.Gen, Malware.Radar03.Gen, Win32/Virus.Downloader.8e5, Win32/Application.c7d, Malware.QVM10.Gen
18.75%

Dr.Web
Adware.Plugin.171, Adware.Downware.5822, Adware.Downware.8331, Trojan.DownLoader11.31105, Trojan.Packed.28222, Adware.Downware.6099, Adware.iBryte.473
18.75%

G Data
Win32.Application.VMDetect, Win32.Trojan.Agent.4P134N, Gen:Variant.Application.Bundler.Amonetize.12, Trojan.GenericKD.1618449
18.75%

avast!
Win32:Dropper-gen [Drp], Win32:Amonetize-DI [PUP], Win32:PUP-gen [PUP], Win32:IBryte-DQ [PUP], Win32:IBryte-DY [PUP]
16.67%

McAfee Web Gateway
Artemis!8A2ED863690C, Artemis!17FD46A07B73, PUP-Amonetize, GenericATG-FGI!746F50AE6DB0, BehavesLike.Win32.Downloader.dh
16.67%

Quick Heal
Downloader.Agent.r3 (Not a Virus), TrojanDownloader.Badur.A5, Adware.iBryte.DK4
14.58%

The domain secure-lax.adnxs.com has been seen to resolve to the following 175 IP addresses.

143.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
September 14, 2016

144.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
September 14, 2016

176.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
September 14, 2016

177.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
September 14, 2016

146.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
September 14, 2016

145.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
September 14, 2016

142.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
September 14, 2016

147.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
September 14, 2016

float.2891.bm-impbus.prod.lax1.adnexus.net
September 1, 2016

float.2181.bm-impbus.prod.lax1.adnexus.net
August 26, 2016

float.2881.bm-impbus.prod.lax1.adnexus.net
August 24, 2016

float.1420.bm-impbus.prod.lax1.adnexus.net
August 24, 2016

float.2880.bm-impbus.prod.lax1.adnexus.net
August 23, 2016

float.2165.bm-impbus.prod.lax1.adnexus.net
August 23, 2016

float.1604.bm-impbus.prod.lax1.adnexus.net
August 23, 2016

float.2493.bm-impbus.prod.lax1.adnexus.net
August 22, 2016

float.1663.bm-impbus.prod.lax1.adnexus.net
August 13, 2016

float.1426.bm-impbus.prod.lax1.adnexus.net
August 11, 2016

float.2892.bm-impbus.prod.lax1.adnexus.net
August 11, 2016

float.2506.bm-impbus.prod.lax1.adnexus.net
August 11, 2016

float.1568.bm-impbus.prod.lax1.adnexus.net
August 10, 2016

float.2865.bm-impbus.prod.lax1.adnexus.net
August 10, 2016

August 6, 2016

float.2871.bm-impbus.prod.lax1.adnexus.net
August 6, 2016

float.2309.bm-impbus.prod.lax1.adnexus.net
August 6, 2016

float.2505.bm-impbus.prod.lax1.adnexus.net
August 5, 2016

float.2181.bm-impbus.prod.lax1.adnexus.net
August 3, 2016

float.2495.bm-impbus.prod.lax1.adnexus.net
July 26, 2016

float.2866.bm-impbus.prod.lax1.adnexus.net
July 15, 2016

float.2393.bm-impbus.prod.lax1.adnexus.net
July 15, 2016

 
Showing 30 of 175 IP Addresses

File downloads found at URLs served by secure-lax.adnxs.com.

 
Latest 30 of 93 download URLs

The following 172 files have been seen to comunicate with secure-lax.adnxs.com in live environments.

 
Latest 20 of 592 files

URL:
http://secure-lax.adnxs.com/

Google Analytics:
UA-4057742

Title:
“error page for redirects from product”

SSL certificate subject:
CN=*.adnxs.com, O="AppNexus, Inc.", L=New York, S=New York, C=US

SSL certificate issuer:
CN=GeoTrust SSL CA - G3, O=GeoTrust Inc., C=US

Web server:
Apache/2.2.22 (Ubuntu)