50.63.202.56

ip-50-63-202-56.ip.secureserver.net

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 50.63.202.56 is GoDaddy.com, LLC and located in Arizona within the United States. The IP Address resolves to the DNS record of ip-50-63-202-56.ip.secureserver.net. Currently there are 44 domain names that utilize this address. The primary domain hosted by this IP is dl01.faddmr.com along with 43 other domains which are known adware distribution web sites.
Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.InformationTechnologySystems.DD, PUP.Installer.InformationTechnologySystemsdoo.R, PUP.Installer.InstallManager.H, PUP.Installer.InstallManager.F, PUP.Installer.SavingsApps.F, PUP.Installer.Fileangels.F, PUP.GameZooks (M), PUP.50OnRed.SavingsApps.Installer (M), PUP.Outbrowse.Bundler (M), PUP.Solimba.AppsInstaller.Installer (M), PUP.Adknowledge.Fileangels.Bundler (M), PUP.50OnRed.SavingsA.Installer (M), Adware.Amonetize.Installer.Meta (M), Adware.Amonetize.Meta (M), PUP.Outbrowse.ClickYes.Bundler (M), PUP.installCore.Informat.Installer (M), PUP.Adknowledge.Fileprot.Installer (M), PUP.Adknowledge.Fileange.Bundler (M), PUP.Adknowledge.Seekinst.Bundler (M), PUP.50OnRed (M), PUP.Solimba (M)
93.48%

Malwarebytes
PUP.Optional.Downloader, PUP.Optional.InstallManager, PUP.Optional.AirAdInstaller, PUP.Optional.IBryte, PUP.Optional.Amonetize
21.74%

Avira AntiVirus
ADWARE/InstallCore.Gen9, ADWARE/Adware.Gen, TR/Dropper.Gen, ADWARE/iBryte.Gen7, ADWARE/Amonetize.Gen, APPL/Solimba.Gen, ADWARE/iBryte.Gen4
21.74%

AVG
Generic, Adware AdPlugin.BRN, Adware AdPlugin.BSY, BundleApp, Adware Skodna.Generic
21.74%

VIPRE Antivirus
Threat.4150696, Threat.4786018, Threat.4784938, Threat.4778314, Trojan.Win32.Generic, DownloadMR
21.74%

Dr.Web
Trojan.Packed.28409, Trojan.SMSSend.5407, Adware.iBryte.508, Trojan.DownLoader11.40640, infected with Trojan.Amonetize.2248
19.57%

McAfee
Trojan.Artemis!460ECEB35134, Trojan.Artemis!D5E91201901F, Adware-OutBrowse.a, IBryte-FSO, Program.IBryte-FSO, Trojan.Artemis!3E7A352A1C90
19.57%

ESET NOD32
Win32/InstallCore.PX potentially unwanted application, Win32/AirAdInstaller.A potentially unwanted application, Win32/Adware.iBryte.BQ application
17.39%

K7 Gateway Antivirus
Trojan , Unwanted-Program , Unwanted-File
17.39%

K7 AntiVirus
Trojan , Unwanted-Program , Adware
15.22%

The following domains resolved to the IP address 50.63.202.56.

File URLs download from 50.63.202.56.

1 / 68      (Adware)
http://dl01.faddmr.com/n/.../Setup.exe  (4573aac4102f148d27f890d505f9f062)

1 / 68      (Adware)

0 / 68
http://www.foxarc.com/en/.../PCardWorkshop15En.exe  (5d161f2a0ab1c32953031aafcfbad113)

1 / 68      (Adware)

1 / 68      (PUP)

1 / 68      (Adware)

1 / 68      (Adware)

44 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

31 / 68    (Adware)
http://dl01.faddmr.com/n/.../Setup.exe  (989987ef74afea2c2b2e8bee0de87298)

 
Latest 30 of 1,774 download URLs

The following 51 files have been seen to comunicate with this IP address in live environments.

TCP port 25

 
Latest 20 of 52 files

The geographical location of this IP address.

Country:
United States (US)

Region:
Arizona

City:
Scottsdale

Coordinates:
33.602, -111.888

The ARIN network assigned organization for IP address 50.63.202.56.

Org name:
GoDaddy.com, LLC

Org identifier:
GODAD

Org country:
United States (US)

Org region:
Arizona

Org city:
Scottsdale

Org address:
14455 N Hayden Road

ARIN WHOIS:
NetRange: 50.62.0.0 - 50.63.255.255
CIDR: 50.62.0.0/15
OriginAS: AS26496
NetName: GO-DADDY-COM-LLC
NetHandle: NET-50-62-0-0-1
Parent: NET-50-0-0-0-0
NetType: Direct Allocation
Comment: Please send abuse complaints to abuse@godaddy.com
RegDate: 2011-02-02
Updated: 2014-02-25
Ref: http://whois.arin.net/rest/net/NET-50-62-0-0-1


OrgName: GoDaddy.com, LLC
OrgId: GODAD
Address: 14455 N Hayden Road
Address: Suite 226
City: Scottsdale
StateProv: AZ
PostalCode: 85260
Country: US
RegDate: 2007-06-01
Updated: 2012-03-15
Comment: Please send abuse complaints to abuse@godaddy.com
Ref: http://whois.arin.net/rest/org/GODAD

OrgNOCHandle: NOC124-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-480-505-8809
OrgNOCEmail: noc@godaddy.com
OrgNOCRef: http://whois.arin.net/rest/poc/NOC124-ARIN

OrgTechHandle: NOC124-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-480-505-8809
OrgTechEmail: noc@godaddy.com
OrgTechRef: http://whois.arin.net/rest/poc/NOC124-ARIN

OrgAbuseHandle: ABUSE51-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-480-624-2505
OrgAbuseEmail: abuse@godaddy.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE51-ARIN

RTechHandle: NOC124-ARIN
RTechName: Network Operations Center
RTechPhone: +1-480-505-8809
RTechEmail: noc@godaddy.com
RTechRef: http://whois.arin.net/rest/poc/NOC124-ARIN

RAbuseHandle: ABUSE51-ARIN
RAbuseName: Abuse Department
RAbusePhone: +1-480-624-2505
RAbuseEmail: abuse@godaddy.com
RAbuseRef: http://whois.arin.net/rest/poc/ABUSE51-ARIN

RNOCHandle: NOC124-ARIN
RNOCName: Network Operations Center
RNOCPhone: +1-480-505-8809
RNOCEmail: noc@godaddy.com
RNOCRef: http://whois.arin.net/rest/poc/NOC124-ARIN


Autonomous System Assignment
ASNumber:
26496

ASName:
AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

ASHandle:
AS26496

Remove Malware from 50.63.202.56 - Powered by Reason Core Security