98.138.49.44

mpr1.ngd.vip.ne1.yahoo.com

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 98.138.49.44 is Yahoo! Inc. and located in California within the United States. The IP Address resolves to the DNS record of mpr1.ngd.vip.ne1.yahoo.com. Currently there are 11 domain names that utilize this address. While the physical location of the server hosting the address is located in Nebraska, Yahoo! Inc. is registered in Sunnyvale, California. The primary domain hosted by this IP is ad.yieldmanager.com along with 10 other domains which are known adware distribution web sites.
Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.TUGUUSL.X, PUP.Installer.Amonetizeltd.d, PUP.Installer.FullSpectrumInteractive.Y, PUP.Optional.VisualSoftwareSystems.N, PUP.Installer.TuguuSLU.F, DownloadManager.AirSoftware.F, PUP.Adknowledge.OptimumInstaller.Installer (M), PUP.Jottix.JottixinternationalmediaGM2007.Installer (M), PUP.GadgetBox.saminves.Installer (M), PUP.Jottix.Jottixin.Installer (M), PUP.Adknowledge (M)
100.00%

Dr.Web
Adware.W3i.29, Adware.Downware.1528, Adware.DownloadAdmin.1, Trojan.PayInt.14, Adware.W3i.31, Adware.Downware.1167, Adware.Downware.1326
62.50%

VIPRE Antivirus
DomaIQ, Amonetize, DownloadAdmin, InstallIQ Installer, Threat.4782985, AirInstaller, Optimum Installer
62.50%

Avira AntiVirus
APPL/DomaIQ.Gen, ADWARE/Adware.Gen2, Adware/DownloadAdmin.AA.21, APPL/DomaIQ.G.2, Adware/AirInst.2556, ADWARE/Adware.Gen7
62.50%

Sophos
Generic PUA CF, Amonetize, Download Admin, DomainIQ pay-per install, AirInstaller, iBryte Optimum Installer
58.33%

Malwarebytes
PUP.FakeFlash.Domaiq, PUP.Optional.Amonetize.A, PUP.Optional.FullSpectrumAdmin, PUP.Optional.BundleInstaller.A, Adware.DomaIQ, MSIL.Solimba
54.17%

avast!
NSIS:DomaIQ-C [PUP], Win32:Amonetize-I [PUP], Win32:DomaIQ-BB [PUP], Win32:Amonetize-BJ [PUP], Win32:DomaIQ-M [PUP], Win32:PUP-gen [PUP]
54.17%

ESET NOD32
Win32/DomaIQ, Win32/Amonetize (variant), Win32/DownloadAdmin, Win32/DomaIQ.AU (variant), Win32/Amonetize.AS (variant), Win32/InstallIQ (variant)
54.17%

K7 AntiVirus
Trojan , Unwanted-Program , Adware
50.00%

Comodo Security
Application.Win32.DomaIQ.~qk, Application.Win32.DomaIQ.D, Application.Win32.DomaIQ.~A, UnclassifiedMalware, Application.Win32.DomaIq.~A
45.83%

The following domains resolved to the IP address 98.138.49.44.

File URLs download from 98.138.49.44.

 
Latest 30 of 392 download URLs

The following 78 files have been seen to comunicate with this IP address in live environments.

TCP port 80

TCP port 443

TCP port 443

TCP port 443

 
Latest 20 of 114 files

The geographical location of this IP address.

Country:
United States (US)

Region:
Nebraska

City:
Omaha

Coordinates:
41.2586, -95.9378

The ARIN network assigned organization for IP address 98.138.49.44.

Org name:
Yahoo! Inc.

Org identifier:
YHOO

Org country:
United States (US)

Org region:
California

Org city:
Sunnyvale

Org address:
701 First Ave

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=98.138.49.44?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange: 98.136.0.0 - 98.139.255.255
CIDR: 98.136.0.0/14
NetName: A-YAHOO-US9
NetHandle: NET-98-136-0-0-1
Parent: NET98 (NET-98-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Yahoo! Inc. (YHOO)
RegDate: 2007-12-07
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-98-136-0-0-1


OrgName: Yahoo! Inc.
OrgId: YHOO
Address: 701 First Ave
City: Sunnyvale
StateProv: CA
PostalCode: 94089
Country: US
RegDate: 2000-10-23
Updated: 2013-04-02
Ref: http://whois.arin.net/rest/org/YHOO


OrgTechHandle: NA258-ARIN
OrgTechName: Netblock Admin
OrgTechPhone: +1-408-349-3300
OrgTechEmail: netblockadmin@yahoo-inc.com
OrgTechRef: http://whois.arin.net/rest/poc/NA258-ARIN

OrgAbuseHandle: NETWO5978-ARIN
OrgAbuseName: Network Abuse
OrgAbusePhone: +1-408-349-3300
OrgAbuseEmail: abuse@yahoo-inc.com
OrgAbuseRef: http://whois.arin.net/rest/poc/NETWO5978-ARIN

RTechHandle: NA258-ARIN
RTechName: Netblock Admin
RTechPhone: +1-408-349-3300
RTechEmail: netblockadmin@yahoo-inc.com
RTechRef: http://whois.arin.net/rest/poc/NA258-ARIN

RAbuseHandle: NETWO857-ARIN
RAbuseName: Network Abuse
RAbusePhone: +1-408-349-3300
RAbuseEmail: network-abuse@cc.yahoo-inc.com
RAbuseRef: http://whois.arin.net/rest/poc/NETWO857-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
36646

ASName:
YAHOO-NE1 - Yahoo,US

ASHandle:
AS36646

Remove Malware from 98.138.49.44 - Powered by Reason Core Security