sub2.bubblesmedia.ru

Beta, LLC

Domain Information

The domain sub2.bubblesmedia.ru registered by Beta, LLC was initially registered in March of 2010 through REGRU-REG-RIPN. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Moscow, Moskva within Russia which resides on the RIPE Network Coordination Centre network.
Registrar:
REGRU-RU

Server location:
Moskva, Russia (RU)

Create date:
Wednesday, March 17, 2010

Expires date:
Friday, March 17, 2017

ASN:
AS14576 HOSTING-SOLUTIONS - Hosting Solution Ltd., US

Root domain:

Scanner detections:
Detections  (75% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.MediaGet.k, PUP.Installer.Banner, PUP.MediaGet.Banner.Installer (M), PUP.MediaGet.Inbox.Installer (M), PUP.MediaGet (M), PUP.MediaGet.Optional (L), PUP (M)
100.00%

Kaspersky
not-a-virus:HEUR:Downloader.Win32.MediaGet, not-a-virus:Downloader.Win32.MediaGet
27.78%

Sophos
MediaGet, MediaGet (PUA), PUA 'MediaGet' (of type Hacktool)
27.78%

Bkav FE
W32.Clod5ed.Trojan, W32.HfsAdware
22.22%

Malwarebytes
PUP.Adware.MediaGet, PUP.Optional.MediaGet
22.22%

Comodo Security
Application.Win32.MediaGet.H, Application.Win32.MediaGet.G
22.22%

G Data
Win32.Adware.MediaGet
22.22%

ESET NOD32
Win32/MediaGet (variant), Win32/MediaGet.AF potentially unwanted (variant), Win32/MediaGet.AE potentially unwanted (variant)
22.22%

AVG
Luhe.MediaGet.B, Banne
22.22%

Dr.Web
Program.MediaGet.120, Program.MediaGet.133, riskware program Program.MediaGet.142
22.22%

Baidu Antivirus
Adware.Win32.MediaGet
16.67%

Trend Micro House Call
TROJ_GEN.R0CBH0AHV13, Suspicious_GEN.F47V0422
11.11%

Avira AntiVirus
APPL/MediaGet.Gen5, PUA/MediaGet.Gen5
11.11%

Fortinet FortiGate
Adware/MediaGet, Riskware/MediaGet
11.11%

K7 AntiVirus
Unwanted-Program
11.11%

The domain sub2.bubblesmedia.ru has been seen to resolve to the following 2 IP addresses.

August 2, 2016

December 27, 2013

File downloads found at URLs served by sub2.bubblesmedia.ru.

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
http://sub2.bubblesmedia.ru/sb/clk/s/3164/h/8231c4/o/145/.../0?a=1&f={Pes 2013 Indir}  (cyberlink-powerdvd-16-ultra-full-160151060-indir_id4597610ids1s.exe)

1 / 68      (PUP)
http://sub2.bubblesmedia.ru/sb/clk/s/1204/h/9515b3/o/145/.../0?a=1&f= Minecraft Indir – Full  (cyberlink-powerdvd-16-ultra-full-160151060-indir_id4597610ids1s.exe)

1 / 68      (PUP)
http://sub2.bubblesmedia.ru/sb/clk/s/3164/h/8231c4/o/145/.../0?a=1&f={Gang Beasts Indir}  (wolfenstein-the-old-blood-2015-pc-repack-ot-xatab_id2260452ids2s.exe)

1 / 68      (PUP)

1 / 68      (PUP)
http://sub2.bubblesmedia.ru/sb/clk/s/1556/h/b8dba2/o/145/.../0?a=1&f=Spiderman 3 Full indir - Tek Link  (cyberlink-powerdvd-16-ultra-full-160151060-indir_id4597610ids1s.exe)

1 / 68      (PUP)

5 / 68      (PUP)

 
Latest 30 of 4,862 download URLs

URL:
http://sub2.bubblesmedia.ru/

Title:
“BubblesMedia”

SSL certificate subject:
CN=sub2.bubblesmedia.ru, OU=PositiveSSL, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
nginx/1.6.0 (PHP/5.3.28)