209.59.148.50

host.smirk2bank.com

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 209.59.148.50 is Liquid Web, Inc. and located in Michigan within the United States. The IP Address resolves to the DNS record of host.smirk2bank.com. Currently there are 6 domain names that utilize this address. While the physical location of the server hosting the address is located in Idaho, Liquid Web, Inc. is registered in Lansing, Michigan. The primary domain hosted by this IP is www.softeclipse.com along with 5 other domains which are known adware distribution web sites. The address and domain is leased to Tuguu SL.
Scanner detections:
Detections  (91% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.TuguuSL.G, PUP.STMSetup.G, PUP.TUGUUSL.G, PUP.Tuguu.Bundler (M), PUP.Tuguu.Awimba.Bundler (M), PUP.Softpulse (M)
90.91%

McAfee
Artemis!3B9EB50F5766, Artemis!B51C51C2391A
18.18%

K7 Gateway Antivirus
Trojan
18.18%

K7 AntiVirus
Trojan
18.18%

Norman
Obfuscated.gen!r, Suspicious_Gen4.ERZRG
18.18%

avast!
NSIS:DomaIQ-C [PUP]
18.18%

Comodo Security
ApplicUnwnt
18.18%

Dr.Web
Adware.W3i.28, Adware.W3i.29
18.18%

VIPRE Antivirus
DomaIQ
18.18%

Avira AntiVirus
APPL/DomaIQ.Gen7
18.18%

The following domains resolved to the IP address 209.59.148.50.

File URLs download from 209.59.148.50.

1 / 68      (Adware)
http://softeclipse.com/.../skype.exe  (2c29029e781783b5384cb6c2bbd10cbf)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl.frostwlre.com/.../  (frostwire.exe)

1 / 68      (Adware)
http://dl.frostwlre.com/.../  (frostwire.exe)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl.frostwlre.com/.../  (frostwire.exe)

1 / 68      (Adware)
http://dl.frostwlre.com/.../  (frostwire.exe)

17 / 68    (Adware)

22 / 68    (Adware)

1 / 68      (Adware)

2 / 68      (false positives)

The geographical location of this IP address.

Country:
United States (US)

Region:
Idaho

City:
Idaho Falls

Coordinates:
43.4666, -112.034

The ARIN network assigned organization for IP address 209.59.148.50.

Org name:
Liquid Web, Inc.

Org identifier:
LQWB

Org country:
United States (US)

Org region:
Michigan

Org city:
Lansing

Org address:
4210 Creyts Rd.

ARIN WHOIS:
NetRange: 209.59.128.0 - 209.59.191.255
CIDR: 209.59.128.0/18
OriginAS: AS32244
NetName: LIQUIDWEB-2
NetHandle: NET-209-59-128-0-1
Parent: NET-209-0-0-0-0
NetType: Direct Allocation
Comment: rwhois://rwhois.liquidweb.com:4321/
RegDate: 2004-07-27
Updated: 2012-02-24
Ref: http://whois.arin.net/rest/net/NET-209-59-128-0-1

OrgName: Liquid Web, Inc.
OrgId: LQWB
Address: 4210 Creyts Rd.
City: Lansing
StateProv: MI
PostalCode: 48917
Country: US
RegDate: 2001-07-20
Updated: 2011-07-18
Ref: http://whois.arin.net/rest/org/LQWB

ReferralServer: rwhois://rwhois.liquidweb.com:4321

OrgTechHandle: IPADM47-ARIN
OrgTechName: IP Administrator
OrgTechPhone: +1-800-580-4985
OrgTechEmail: ipadmin@liquidweb.com
OrgTechRef: http://whois.arin.net/rest/poc/IPADM47-ARIN

OrgAbuseHandle: ABUSE551-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-800-580-4985
OrgAbuseEmail: abuse@liquidweb.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE551-ARIN

RTechHandle: IPADM47-ARIN
RTechName: IP Administrator
RTechPhone: +1-800-580-4985
RTechEmail: ipadmin@liquidweb.com
RTechRef: http://whois.arin.net/rest/poc/IPADM47-ARIN


Remove Malware from 209.59.148.50 - Powered by Reason Core Security