209.172.59.10

iWeb Technologies Inc.

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 209.172.59.10 is iWeb Technologies Inc. and located in Quebec within Canada. Currently there are 15 domain names that utilize this address. The primary domain hosted by this IP is www.ziggygames.com along with 14 other domains which are known adware distribution web sites.
Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MP3Support.K, PUP.MP3Support.J, PUP.MP3Support.L, PUP.Installer.MP3Support.Q, Adware.MP3Support.N, PUP.Installer.MP3Support.N, PUP.MP3Support.N, PUP.MP3Support.Q, Win32.Generic, PUP.installCore.MP3TechSupport.Installer (M), PUP.OpenCandy.SCCE.Installer.Meta (M), PUP.installCore.MP3TechS.Installer (M), PUP.InstallCore.RE11 (M), Threat.Win.Reputation.IMP, PUP.OpenCandy (M)
100.00%

ESET NOD32
Win32/OpenCandy, Win32/Bundled.Toolbar.Ask (variant), Win32/Kryptik.BVVE (variant), Win32/OpenCandy (variant), Win32/InstallCore.QO (variant)
60.98%

Trend Micro House Call
TROJ_GEN.F47V1114, TROJ_GEN.F47V1119, TROJ_GEN.F47V0828, TROJ_GEN.F47V1122, TROJ_GEN.F47V1214, TROJ_GEN.F47V0324, TROJ_GEN.F47V1008
29.27%

Malwarebytes
PUP.Optional.Spigot.A, PUP.Optional.OpenCandy, PUP.Optional.InstallCore
26.83%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5, PE:Malware.XPACK/RDM!5.1, PE:Malware.XPACK-LNR/Heur!1.5594, PE:Malware.RDM.37!5.2B[F1], PE:Trojan.Win32.Generic.18E4C3AC!417645484
26.83%

Dr.Web
Adware.Downware.1417, Adware.OpenCandy.4, Trojan.MulDrop5.10078, Adware.OpenCandy.155, Adware.OpenCandy.163, Adware.OpenCandy.171
26.83%

Baidu Antivirus
Adware.Win32.InstallCore, Adware.Win32.OpenCandy
24.39%

McAfee
Artemis!3F416838F7ED, Artemis!4D68E3F49A97, Artemis!93D7ADC6E098, Artemis!EF317EE22806, Artemis!33F77ED82F2F, Artemis!AE79BA5BC881, Artemis!56EB24CE46BB
21.95%

McAfee Web Gateway
Artemis!3F416838F7ED, Artemis!4D68E3F49A97, Artemis!93D7ADC6E098, BehavesLike.Win32.AdwareAmonetize.tc, BehavesLike.Win32.Gupboot.tc
21.95%

K7 Gateway Antivirus
Unwanted-Program
21.95%

The following domains resolved to the IP address 209.172.59.10.

File URLs download from 209.172.59.10.

1 / 68      (PUP)

1 / 68      (PUP)

24 / 68    (Adware)
http://www.musicrocket.com/.../mp3rocket.exe  (2d698f2f380afba65cba4972f7fa6c89)

1 / 68      (PUP)

9 / 68      (PUP)

9 / 68      (PUP)

3 / 68      (PUP)
http://www.my-free-kazaa.com/.../mp3rocket.exe  (c226d01f905f3a2c2d40760aefba6b8e)

1 / 68      (PUP)

8 / 68      (PUP)

8 / 68      (PUP)

8 / 68      (PUP)
http://d5.mp3rocket.com/.../MP3Rocket-Win.exe  (210192501e358866a864a2202347ba25)

9 / 68      (PUP)
http://www.ziggygames.com/downloads/.../setup-ziggytv.exe  (3f416838f7ed522101294f0a48a03820)

The geographical location of this IP address.

Country:
Canada (CA)

Region:
Quebec

City:
Montreal

Coordinates:
45.5088, -73.5878

The ARIN network assigned organization for IP address 209.172.59.10.

Org name:
iWeb Technologies Inc.

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
iWeb Technologies Inc. IWEB-BLK-01 (NET-209-172-32-0-1) 209.172.32.0 - 209.172.63.255
Graham Alcorn IWEB-HD-T2335CL-479 (NET-209-172-59-8-1) 209.172.59.8 - 209.172.59.15



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
32613

ASName:
IWEB-AS - iWeb Technologies Inc.,CA

ASHandle:
AS32613

Remove Malware from 209.172.59.10 - Powered by Reason Core Security