cdn.bubbledock.us

Nosibay

Domain Information

The domain cdn.bubbledock.us registered by Nosibay was initially registered in October of 2014 through OVH SARL. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
OVH SARL

Server location:
Virginia, United States (US)

Create date:
Tuesday, October 21, 2014

Expires date:
Thursday, October 20, 2016

Updated date:
Tuesday, December 1, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (80% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.NOSIBAY, PUP.Installer.NOSIBAY, PUP.NOSIBAY.Installer (M)
88.89%

Dr.Web
Adware.Downware.9155, Adware.Downware.10519, Adware.Downware.10519, Adware.Downware.9155
44.44%

VIPRE Antivirus
BubbleDock, Threat.4791953
44.44%

AVG
Generic
44.44%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
33.33%

Bkav FE
W32.HfsAdware
33.33%

McAfee
Artemis!B80241F8D24A, Artemis!F752197F17B9, Trojan.Artemis!484039B92DF4
33.33%

Trend Micro House Call
Suspicious_GEN.F47V0320, Suspicious_GEN.F47V0331, Suspicious_GEN.F47V0514
33.33%

herdProtect (fuzzy)
a variant of e5f582616edd6afaebba63cf45489ac60cdf855b, a variant of 25bb8f30a453504e14586428beba718818f27324
22.22%

K7 AntiVirus
Trojan , Riskware
22.22%

Panda Antivirus
PUP/Nosibay
22.22%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
11.11%

F-Secure
Application:W32/Generic.70053c248f!Online
11.11%

ESET NOD32
Win32/BubbleDock.A potentially unwanted
11.11%

Baidu Antivirus
PUA.Win32.BubbleDock
11.11%

The domain cdn.bubbledock.us has been seen to resolve to the following 54 IP addresses.

server-52-84-125-100.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-87.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-30.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-242.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-222.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-214.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-148.iad16.r.cloudfront.net
August 22, 2016

server-52-84-125-140.iad16.r.cloudfront.net
August 22, 2016

server-52-85-131-175.iad53.r.cloudfront.net
July 19, 2016

server-52-85-131-165.iad53.r.cloudfront.net
July 19, 2016

server-52-85-131-158.iad53.r.cloudfront.net
July 19, 2016

server-52-85-131-101.iad53.r.cloudfront.net
July 19, 2016

server-52-85-131-93.iad53.r.cloudfront.net
July 19, 2016

server-52-85-131-91.iad53.r.cloudfront.net
July 19, 2016

server-52-85-131-44.iad53.r.cloudfront.net
July 19, 2016

server-52-85-131-12.iad53.r.cloudfront.net
July 19, 2016

server-52-85-131-77.iad53.r.cloudfront.net
May 24, 2016

server-52-85-131-58.iad53.r.cloudfront.net
May 24, 2016

server-52-85-131-194.iad53.r.cloudfront.net
May 24, 2016

server-52-85-131-173.iad53.r.cloudfront.net
May 24, 2016

server-52-85-131-159.iad53.r.cloudfront.net
May 24, 2016

server-52-85-131-115.iad53.r.cloudfront.net
May 24, 2016

server-52-85-131-103.iad53.r.cloudfront.net
May 24, 2016

server-52-85-131-87.iad53.r.cloudfront.net
May 24, 2016

server-52-85-131-28.iad53.r.cloudfront.net
April 7, 2016

server-52-85-131-7.iad53.r.cloudfront.net
April 7, 2016

server-52-85-131-132.iad53.r.cloudfront.net
April 7, 2016

server-52-85-131-120.iad53.r.cloudfront.net
April 7, 2016

server-52-85-131-110.iad53.r.cloudfront.net
April 7, 2016

server-52-85-131-90.iad53.r.cloudfront.net
April 7, 2016

 
Showing 30 of 54 IP Addresses

File downloads found at URLs served by cdn.bubbledock.us.

1 / 68      (PUP)

9 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (false positives)

5 / 68      (PUP)

16 / 68    (PUP)

The following 14 files have been seen to comunicate with cdn.bubbledock.us in live environments.

URL:
http://cdn.bubbledock.us/

Network:
Amazon Cloudfront

Web server:
AmazonS3