The domain affportal-lb.bevomedia.com registered by Bevo Media was initially registered in February of 2008 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC
Server location:
Virginia, United States (US)
Create date:
Thursday, February 28, 2008
Expires date:
Sunday, February 28, 2016
Updated date:
Sunday, March 1, 2015
ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US
Scanner detections:
Detections (89% detected)
Scan engine
Details
Detections
Reason Heuristics
(M), PUP.Installer.SalyutemPlyus.F, PUP.Installer.Outbrowse, PUP.Installer.Outborwse, PUP.Installer.Adknowledge
100.00%
Avira AntiVirus
APPL/Outbrowse.Gen, ADWARE/Adware.Gen
87.50%
Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse, not-a-virus:AdWare.Win32.AirAdInstaller
75.00%
Dr.Web
Trojan.OutBrowse.55, Trojan.OutBrowse.68, infected with Trojan.OutBrowse.62, Trojan.SMSSend.5401
75.00%
ESET NOD32
Win32/OutBrowse.BQ potentially unwanted application, Win32/OutBrowse.BS potentially unwanted application, Win32/OutBrowse.BR potentially unwanted application
75.00%
AVG
Potentially harmful program Downloader.CZS, Potentially harmful program Downloader.CVZ, Generic
75.00%
McAfee
Adware-OutBrowse.d, Program.Adware-OutBrowse.e, Program.Adware-OutBrowse.d, Trojan.Artemis!D5E91201901F
75.00%
Malwarebytes
PUP.Optional.OutBrowse, PUP.Optional.AirAdInstaller
75.00%
VIPRE Antivirus
Threat.4657539, Threat.4150696, Threat.4784938
62.50%
K7 AntiVirus
Unwanted-Program , Riskware , Trojan
62.50%
NANO AntiVirus
Trojan.Win32.OutBrowse.dmiaid, Trojan.Win32.OutBrowse.dlunsw, Trojan.Win32.OutBrowse.dmihux, Trojan.Win32.OutBrowse.dmikii
62.50%
Vba32 AntiVirus
Downloader.OutBrowse, AdWare.AirAdInstaller
62.50%
Trend Micro House Call
Suspici.3E5BCE57, Suspici.572A0B99, Suspici.2F9E2453, Suspici.D7386B62
50.00%
AhnLab V3 Security
PUP/Win32.OutBrowse, PUP/Win32.AirAdInstaller
50.00%
Agnitum Outpost
PUA.Downloader, PUA.OutBrowse, PUA.AirAd
50.00%
The domain affportal-lb.bevomedia.com has been seen to resolve to the following 2 IP addresses.
ec2-54-152-88-244.compute-1.amazonaws.com
May 3, 2015
ec2-54-172-86-250.compute-1.amazonaws.com
May 3, 2015
File downloads found at URLs served by affportal-lb.bevomedia.com.
URL:
http://affportal-lb.bevomedia.com/
Google Analytics:
UA-6678573
Title:
“The Bevo Affiliate Portal - Keyword Tracking Platform and Next Generation Affiliate Network”
Network:
Amazon Web Services (AWS), running an EC2 instance
SSL certificate subject:
CN=*.bevomedia.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)15, OU=GT45767561
SSL certificate issuer:
CN=RapidSSL SHA256 CA - G3, O=GeoTrust Inc., C=US
Web server:
Apache/2.2.16 (Debian) (PHP/5.3.3-7+squeeze9)