52.220.18.138

ec2-52-220-18-138.ap-southeast-1.compute.amazonaws.com

IP Address Information

The IP Address resolves to the DNS record of ec2-52-220-18-138.ap-southeast-1.compute.amazonaws.com. Currently there are 2 domain names that utilize this address. The primary domain hosted by this IP is server.mobogenie.com along with 1 other domains which are known adware distribution web sites. This is an Amazon Web Services (AWS) Elastic IP Address and is hosted within the AWS cloud computing platform.
Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.X, PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.W, PUP.Optional.BeijingAmazGameAgeInternetTechnologyCo.T, PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.V, PUP.Optional.Installer.Y, PUP.Optional.Installer.W, PUP.Optional.BeijingAmazGameAgeInternetTechnologyCo.a, PUP.Optional.Installer.Z
100.00%

Dr.Web
Trojan.Siggen6.685, Adware.NextLive.2, Adware.Mobogenie.7
36.96%

ESET NOD32
Win32/NextLive, Win32/Mobogenie, Win32/Mobogenie (variant), Android/Mobserv (variant)
28.26%

IKARUS anti.virus
Virus.Win32.Heur, Win32.NextLive, Nsis, Virus.Win32.Dropper
23.91%

Trend Micro House Call
TROJ_GEN.F47V0109, TROJ_GEN.F47V0203, ADW_NEXTLIVE, TROJ_GE.45BAB8AA, TROJ_GEN.F47V0408, TROJ_GEN.F47V0315, TROJ_GEN.F47V0418, TROJ_GEN.F47V0414, Suspicious_GEN.F47V0626
21.74%

avast!
NSIS:NextLive-A [Adw], Win32:Mobogenie-J [Adw]
21.74%

NANO AntiVirus
Trojan.Win32.NextLive.csjhvj
15.22%

VIPRE Antivirus
Adware.Agent, Trojan.Win32.Generic!SB.0, Trojan.AndroidOS.Generic.A
15.22%

herdProtect (fuzzy)
a variant of 4d4d2fa435b608bc8ba316f6bcdda8e008864602, a variant of 7b0725338be22125bf23f78f677b4f9c3dca588f, a variant of 804c6346d80512cd49b742b26285f09bcb7cb4db
13.04%

McAfee
Artemis!579FB275EA7B, Artemis!9EEEA3B146EE, Artemis!9940667030F7, Artemis!D341AB4667FB
10.87%

The following domains resolved to the IP address 52.220.18.138.

File URLs download from 52.220.18.138.

5 / 68      (PUP)

23 / 68    (PUP)

1 / 68      (PUP)

2 / 68      (PUP)

1 / 68      (PUP)

7 / 68      (PUP)

6 / 68      (PUP)

4 / 68      (PUP)

10 / 68    (PUP)
http://server.mobogenie.com/.../downloadClient.htm?media=703  (d341ab4667fb635bd92ab74cae3930ee.exe)

1 / 68      (PUP)

9 / 68      (PUP)
http://server.mobogenie.com/.../downloadClient.htm?media=21  (9940667030f7c83be3dd8e38a637233b.exe)

1 / 68      (PUP)

7 / 68      (PUP)

1 / 68      (PUP)
http://server.mobogenie.com/.../downloadClient.htm?media=16  (abfc51bf5313b0fd737351a467f2a072.exe)

1 / 68      (PUP)

3 / 68      (PUP)

1 / 68      (PUP)

14 / 68    (PUP)

1 / 68      (PUP)

5 / 68      (PUP)

3 / 68      (PUP)

The geographical location of this IP address.

Country:
Singapore (SG)

Region:
Singapore

City:
Singapore

Coordinates:
1.28967, 103.85

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=52.220.18.138?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

Amazon Technologies Inc. AT-88-Z (NET-52-192-0-0-1) 52.192.0.0 - 52.223.255.255
Amazon Data Services Singapore AMAZON-SIN (NET-52-220-0-0-1) 52.220.0.0 - 52.221.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
38895

ASName:
AMAZON-AS-AP Amazon.com Tech Telecom, JP

ASHandle:
AS38895

Remove Malware from 52.220.18.138 - Powered by Reason Core Security