52.220.18.138

ec2-52-220-18-138.ap-southeast-1.compute.amazonaws.com

IP Address Information

The IP Address resolves to the DNS record of ec2-52-220-18-138.ap-southeast-1.compute.amazonaws.com. Currently there are 2 domain names that utilize this address. The primary domain hosted by this IP is server.mobogenie.com along with 1 other domains which are known adware distribution web sites. This is an Amazon Web Services (AWS) Elastic IP Address and is hosted within the AWS cloud computing platform.
Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.W, PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.Y, PUP.Optional.BeijingAmazGameAgeInternetTechnologyCo.T, PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.V, PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.X, PUP.Optional.Installer.W, PUP.Optional.BeijingA.Installer, PUP.Optional.BeijingAmazGameAgeInternetTechnologyCo.Installer
93.88%

Dr.Web
Trojan.Siggen6.685, Adware.NextLive.2, Adware.Mobogenie.21, Adware.Mobogenie.41, Threat.Undefined
51.02%

IKARUS anti.virus
Virus.Win32.Heur, AndroidOS.Mobo.B, Nsis, Win32.NextLive, AndroidOS.AdWare.Mobserv, Win32.SuspectCrc, PUA.AndroidOS.Mobserv
34.69%

ESET NOD32
Win32/NextLive, Win32/Mobogenie, Win32/Mobogenie.B potentially unwanted
32.65%

NANO AntiVirus
Trojan.Win32.NextLive.csjhvj, Trojan.Win32.Click.cttoky
28.57%

Trend Micro House Call
TROJ_GEN.F47V0109, TROJ_GEN.F47V0203, TROJ_GE.0ADD1E3E, TROJ_GEN.F47V0313, TROJ_GEN.F47V0126, TROJ_GE.7301A69A, TROJ_GEN.F47V0414, TROJ_GEN.F47V0318
28.57%

Rising Antivirus
JS:Malware.OddJS!5.3E, NS:Malware.Install!1.9F62, PE:Trojan.Win32.Generic.16594EEF!374951663
26.53%

avast!
NSIS:NextLive-A [Adw], Win32:PUP-gen [PUP], Mobogenie-J [Adw]
24.49%

McAfee
Artemis!579FB275EA7B, Artemis!9EEEA3B146EE, Artemis!38F10675DB8B, Artemis!55CB320CF560, Artemis!C33BF22AA8FF, Artemis!C4194F33C84B
22.45%

Vba32 AntiVirus
AdWare.Agent, suspected of Trojan.Downloader.gen.h, AdWare.Agent.ahgx
22.45%

The following domains resolved to the IP address 52.220.18.138.

File URLs download from 52.220.18.138.

21 / 68    (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

6 / 68      (PUP)

3 / 68      (PUP)

1 / 68      (PUP)

24 / 68    (PUP)

21 / 68    (PUP)

3 / 68      (PUP)

5 / 68      (PUP)

5 / 68      (PUP)

4 / 68      (PUP)

2 / 68      (PUP)

1 / 68      (PUP)

24 / 68    (PUP)

20 / 68    (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

14 / 68    (PUP)

3 / 68      (PUP)

The geographical location of this IP address.

Country:
Singapore (SG)

Region:
Singapore

City:
Singapore

Coordinates:
1.28967, 103.85

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=52.220.18.138?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

Amazon Technologies Inc. AT-88-Z (NET-52-192-0-0-1) 52.192.0.0 - 52.223.255.255
Amazon Data Services Singapore AMAZON-SIN (NET-52-220-0-0-1) 52.220.0.0 - 52.221.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
38895

ASName:
AMAZON-AS-AP Amazon.com Tech Telecom, JP

ASHandle:
AS38895

Remove Malware from 52.220.18.138 - Powered by Reason Core Security