199.101.28.20

search.dnsassist.verizon.net

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 199.101.28.20 is SKYE and located in California within the United States. The IP Address resolves to the DNS record of search.dnsassist.verizon.net. Currently there are 180 domain names that utilize this address. The primary domain hosted by this IP is downloader2.downloadinfo.co along with 179 other domains which are known adware distribution web sites. The address and domain is leased to Downloadinfo.
Scanner detections:
Detections  (62% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Kreapixel.J, PUP.ITRiver.G, PUP.ITRiver.J, PUP.ITRiver.CC, PUP.ITRiver.T, PUP.ITRiver.N, Adware.WebPick.Installer.G, Win32.Generic.MailRu.Meta, PUP.CJSCInve.Installer (M), PUP.ITRiver (M), PUP.installCore.ICSSetup.Installer (M), Adware.WebPick.Installer (M), PUP.Air Software.AirSoftw.Bundler (M), PUP (M)
93.55%

Antiy Labs AVL
Trojan/Win32.SGeneric, Spyware[AdWare:not-a-virus]/Win32.Agent
6.45%

Comodo Security
UnclassifiedMalware, Application.Win32.InstalleRex.KG
6.45%

Malwarebytes
PUP.Optional.KreaP, PUP.Optional.Installex
6.45%

Trend Micro House Call
TROJ_GEN.F47V0816, TROJ_GEN.R0CBH07LK13
6.45%

Jiangmin
WebToolbar.Toolbar.f
3.23%

Bkav FE
HW32.CDB
3.23%

nProtect
Trojan.Generic.9549828
3.23%

K7 AntiVirus
Trojan
3.23%

K7 Gateway Antivirus
Trojan
3.23%

The following domains resolved to the IP address 199.101.28.20.

Latest 50 of 180 domains

File URLs download from 199.101.28.20.

1 / 68      (Adware)

0 / 68
http://webplayerddl.com/WebPlayer.exe  (0b7c8d11afeb4c5fe00b8e8e4abc49cb)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68

0 / 68

0 / 68
http://download003.fshare.vn/dl/.../hjsplit.exe  (d89b5d0769d1beea2f622c61f2401e95)

0 / 68
http://download003.fshare.vn/dl/.../hjsplit.exe  (d89b5d0769d1beea2f622c61f2401e95)

1 / 68      (Adware)
http://www.generalfiles.pw/.../gs4cc01465h17i0  (utv330.380.driver.sp3.rar.exe)

0 / 68
http://download003.fshare.vn/dl/.../cpi.apk  (c8ad0dd355a5cb1f77aacd55a379ab00)

0 / 68
http://download003.fshare.vn/dl/.../1.NES.emu_1.5.20.apk  (6edf931cfcdad2355e736558ec3437a3)

 
Latest 30 of 3,672 download URLs

The following 46 files have been seen to comunicate with this IP address in live environments.

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

TCP port 80

 
Latest 20 of 46 files

The geographical location of this IP address.

Country:
United States (US)

Region:
California

City:
Redwood City

Coordinates:
37.4915, -122.204

The ARIN network assigned organization for IP address 199.101.28.20.

Org name:
SKYE

Org identifier:
NOMIN-4

Org country:
United States (US)

Org region:
California

Org city:
Redwood City

Org address:
2000 Seaport Blvd.

ARIN WHOIS:
NetRange: 199.101.28.0 - 199.101.31.255
CIDR: 199.101.28.0/22
OriginAS:
NetName: SKYE-1
NetHandle: NET-199-101-28-0-1
Parent: NET-199-0-0-0-0
NetType: Direct Assignment
RegDate: 2009-03-20
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-199-101-28-0-1

OrgName: SKYE
OrgId: NOMIN-4
Address: 2000 Seaport Blvd.
Address: Suite 400
City: Redwood City
StateProv: CA
PostalCode: 94063
Country: US
RegDate: 2009-03-11
Updated: 2009-03-11
Ref: http://whois.arin.net/rest/org/NOMIN-4

OrgNOCHandle: NETWO2987-ARIN
OrgNOCName: Network Operations
OrgNOCPhone: +1-610-772-4318
OrgNOCEmail: arin-ops@skyebynominum.com
OrgNOCRef: http://whois.arin.net/rest/poc/NETWO2987-ARIN

OrgAbuseHandle: NETWO2987-ARIN
OrgAbuseName: Network Operations
OrgAbusePhone: +1-610-772-4318
OrgAbuseEmail: arin-ops@skyebynominum.com
OrgAbuseRef: http://whois.arin.net/rest/poc/NETWO2987-ARIN

OrgTechHandle: NETWO2987-ARIN
OrgTechName: Network Operations
OrgTechPhone: +1-610-772-4318
OrgTechEmail: arin-ops@skyebynominum.com
OrgTechRef: http://whois.arin.net/rest/poc/NETWO2987-ARIN

RAbuseHandle: NETWO2987-ARIN
RAbuseName: Network Operations
RAbusePhone: +1-610-772-4318
RAbuseEmail: arin-ops@skyebynominum.com
RAbuseRef: http://whois.arin.net/rest/poc/NETWO2987-ARIN

RTechHandle: NETWO2987-ARIN
RTechName: Network Operations
RTechPhone: +1-610-772-4318
RTechEmail: arin-ops@skyebynominum.com
RTechRef: http://whois.arin.net/rest/poc/NETWO2987-ARIN

RNOCHandle: NETWO2987-ARIN
RNOCName: Network Operations
RNOCPhone: +1-610-772-4318
RNOCEmail: arin-ops@skyebynominum.com
RNOCRef: http://whois.arin.net/rest/poc/NETWO2987-ARIN


Autonomous System Assignment
ASNumber:
26008

ASName:
NOMINUM-SKYE1 - SKYE

ASHandle:
AS26008

Remove Malware from 199.101.28.20 - Powered by Reason Core Security