The domain sub2.bubblesmedia.ru registered by Beta, LLC was initially registered in March of 2010 through REGRU-REG-RIPN. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Moscow, Moskva within Russia which resides on the RIPE Network Coordination Centre network.
Server location:
Moskva, Russia (RU)
Create date:
Wednesday, March 17, 2010
Expires date:
Friday, March 17, 2017
ASN:
AS14576 HOSTING-SOLUTIONS - Hosting Solution Ltd., US
Scanner detections:
Detections (75% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Optional.Installer.MediaGet.k, PUP.Installer.Banner, PUP.MediaGet.Banner.Installer (M), PUP.MediaGet.Inbox.Installer (M), PUP.MediaGet (M), PUP.MediaGet.Optional (L), PUP (M)
100.00%
Kaspersky
not-a-virus:HEUR:Downloader.Win32.MediaGet, not-a-virus:Downloader.Win32.MediaGet
27.78%
Sophos
MediaGet, MediaGet (PUA), PUA 'MediaGet' (of type Hacktool)
27.78%
Bkav FE
W32.Clod5ed.Trojan, W32.HfsAdware
22.22%
Malwarebytes
PUP.Adware.MediaGet, PUP.Optional.MediaGet
22.22%
Comodo Security
Application.Win32.MediaGet.H, Application.Win32.MediaGet.G
22.22%
G Data
Win32.Adware.MediaGet
22.22%
ESET NOD32
Win32/MediaGet (variant), Win32/MediaGet.AF potentially unwanted (variant), Win32/MediaGet.AE potentially unwanted (variant)
22.22%
AVG
Luhe.MediaGet.B, Banne
22.22%
Dr.Web
Program.MediaGet.120, Program.MediaGet.133, riskware program Program.MediaGet.142
22.22%
Baidu Antivirus
Adware.Win32.MediaGet
16.67%
Trend Micro House Call
TROJ_GEN.R0CBH0AHV13, Suspicious_GEN.F47V0422
11.11%
Avira AntiVirus
APPL/MediaGet.Gen5, PUA/MediaGet.Gen5
11.11%
Fortinet FortiGate
Adware/MediaGet, Riskware/MediaGet
11.11%
K7 AntiVirus
Unwanted-Program
11.11%
The domain sub2.bubblesmedia.ru has been seen to resolve to the following 2 IP addresses.
File downloads found at URLs served by sub2.bubblesmedia.ru.
Latest 30 of 4,862 download URLs
URL:
http://sub2.bubblesmedia.ru/
SSL certificate subject:
CN=sub2.bubblesmedia.ru, OU=PositiveSSL, OU=Domain Control Validated
SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
Web server:
nginx/1.6.0 (PHP/5.3.28)
Related Domains