home

w21.am15.net

AD Solution Media Associates

Domain Information

The domain w21.am15.net registered by AD Solution Media Associates was initially registered in November of 2012 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Berlin, Berlin within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Berlin, Germany (DE)

Create date:
Thursday, November 15, 2012

Expires date:
Tuesday, November 15, 2016

Updated date:
Monday, April 4, 2016

ASN:
AS24940 HETZNER-AS Hetzner Online GmbH, DE

Root domain:
am15.net

Whois:
1 am15.net record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

MicroWorld eScan
Trojan.Generic.11301802
100.00%

nProtect
Trojan.Generic.11301802
100.00%

McAfee
PUP-FBM!1B56BEACB4B6
100.00%

Malwarebytes
PUP.Optional.Amonetize.A
100.00%

K7 AntiVirus
Trojan
100.00%

Agnitum Outpost
PUA.Amonetize
100.00%

Trend Micro House Call
TROJ_GEN.R0CBH06EP14
100.00%

avast!
Win32:Amonetize-AX [PUP]
100.00%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize
100.00%

Bitdefender
Trojan.Generic.11301802
100.00%

NANO AntiVirus
Riskware.Win32.Amonetize.cxqmuo
100.00%

Lavasoft Ad-Aware
Trojan.Generic.11301802
100.00%

Sophos
Amonetize
100.00%

F-Secure
Trojan.Generic.11301802
100.00%

Dr.Web
Adware.Downware.3081
100.00%

The domain w21.am15.net has been seen to resolve to the following IP address.

136.243.81.58
static.58.81.243.136.clients.your-server.de
April 13, 2016

File downloads found at URLs served by w21.am15.net.

23 / 68    (PUP)
http://w21.am15.net/cu3.php?k=02aec473392c3571450fae0b2bfd1515  (downloadfilesetup__2299_i606105755_il3141480.exe)

URL:
http://w21.am15.net/

Title:
“Advmaker.net”

Description:
“Advmaker.net”

SSL certificate subject:
CN=*.am15.net, OU=EssentialSSL Wildcard, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
nginx (PHP/5.6.18-1+deb.sury.org~trusty+1)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.