149.56.9.70

IP Address Information

Currently there are 15 domain names that utilize this address. The primary domain hosted by this IP is app.pix-easy.com along with 14 other domains which are known adware distribution web sites.
Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.JumpyApps.O, PUP.Installer.FriedCookie.O, PUP.Conduit.W, PUP.Installer.ComboApps.O, PUP.Installer.ironSource, PUP.installCore.FriedCookie.Installer (M), PUP.SuperFunApplications.Installer (M), PUP.installCore.JumpyApps.Installer (M), PUP.installCore.ComboApps.Installer (M)
100.00%

VIPRE Antivirus
InstallCore, Conduit, Threat.4788237, Threat.4786018, InstallCore.b, Threat.4150696
92.00%

Dr.Web
Trojan.Packed.24524, Trojan.Packed.25903, Trojan.MulDrop5.10078, Adware.Conduit.3, Trojan.Packed.26328, Trojan.Packed.28348
88.00%

Comodo Security
Application.Win32.Installcore.IJU, UnclassifiedMalware, Application.Win32.InstallCore.BWAM
48.00%

Avira AntiVirus
ADWARE/InstallCore.Gen7, Adware/InstallCore.A.113, ADWARE/InstallCore.A.45, ADWARE/InstallCore.Gen9, Adware/InstallCore.A.950
46.00%

Vba32 AntiVirus
Downware.InstallCore
42.00%

Sophos
Install Core Click run software, PUA 'Install Core Click run software'
40.00%

Antiy Labs AVL
Trojan/Win32.SGeneric, Trojan/Win32.TSGeneric
36.00%

G Data
Win32.Application.InstallCore, Gen:Trojan.Heur.TP.OuZ@bieOaCii, Gen:Trojan.Heur2.GZ.OHZ@bqhNp9oG, Win32.Application.InstallCore.CZ
36.00%

McAfee Web Gateway
Artemis!FCF6DB1407DF, BehavesLike.Win32.StartPage.jc , Heuristic.BehavesLike.Win32.Suspicious.D, Artemis!586DD21646EB, CryptInno
36.00%

The following domains resolved to the IP address 149.56.9.70.

File URLs download from 149.56.9.70.

1 / 68      (Adware)

10 / 68    (PUP)
http://produtools.com/.../downloadmanuals_sp.php  (manualsearch_tsv363g0a.exe)

The geographical location of this IP address.

Country:
Canada (CA)

Region:
Quebec

City:
Montreal

Coordinates:
45.5088, -73.5878

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=149.56.9.70?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

Cogini Hong Kong Limited OVH-CUST-2382670 (NET-149-56-9-64-1) 149.56.9.64 - 149.56.9.79
OVH Hosting, Inc. HO-2 (NET-149-56-0-0-1) 149.56.0.0 - 149.56.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
16276

ASName:
OVH OVH SAS,FR

ASHandle:
AS16276

Remove Malware from 149.56.9.70 - Powered by Reason Core Security