69.39.236.56

ip-69.39.236.56.hosted.by.gigenet.com

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 69.39.236.56 is GigeNET and located in Illinois within the United States. The IP Address resolves to the DNS record of ip-69.39.236.56.hosted.by.gigenet.com. Currently there are 149 domain names that utilize this address. The primary domain hosted by this IP is ftdownloads.com along with 148 other domains which are known adware distribution web sites.
Scanner detections:
Detections  (86% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.IgnitionInstaller.F, PUP.Installer.Adknowledge, PUP.Adknowledge.TINYINSTALLER.Installer (M), Threat.Win.Reputation.IMP, PUP.Adknowledge.FUSIONINSTALL.Installer (M), PUP.Adknowledge.TINYINST.Bundler (M)
86.67%

Dr.Web
Adware.OpenCandy.3, DLOADER.Trojan, Adware.Downware.1758, Trojan.Packed.24816, Trojan.Packed.25203, Adware.Downware.1563, Adware.Downware.1554, Trojan.Packed.24939
48.89%

Malwarebytes
PUP.Optional.OpenCandy, PUP.Optional.Ignition.A, PUP.Optional.iBryte, PUP.Optional.OptimumInstaller.A
44.44%

Vba32 AntiVirus
AdWare.OpenCandy, Downloader.MediaGet.a, SScope.Malware-Cryptor.iBryte, AdWare.iBryte
44.44%

avast!
IBryte-BY [PUP], Win32:IBryte-BY [PUP], Win32:IBryte-BT [PUP], Win32:IBryte-GJ [PUP], Malware-gen
44.44%

Agnitum Outpost
Adware.OpenCandy, Trojan.Buzus, Riskware.AdWare, PUA.Agent
42.22%

NANO AntiVirus
Trojan.Win32.Kryptik.cqhovd, Trojan.Win32.Buzus.cjxrvu, Trojan.Win32.Buzus.ckibss, Trojan.Win32.Downware.cssrny, Riskware.Win32.IBryte.csnugn
42.22%

F-Prot
W32/Symmi.O2.gen, W32/S-53fc0c37, W32/S-352b3331, W32/S-c1c511d2, W32/A-b6581ad9
42.22%

VIPRE Antivirus
Ignition Installer, Trojan.Win32.Generic, Optimum Installer
42.22%

Comodo Security
Application.Win32.Adware.iBryte.BAA, Application.Win32.Adware.iBryte.BC, TrojWare.Win32.Kryptik.BLXF, Application.Win32.iBryte.R
42.22%

The following domains resolved to the IP address 69.39.236.56.

Latest 50 of 149 domains

File URLs download from 69.39.236.56.

1 / 68      (Adware)

1 / 68      (Adware)

9 / 68      (Adware)

10 / 68    (PUP)

0 / 68
http://d7.innovativesys.co/.../SkypeSetup.exe  (82901d6179d63704b923b2ce1e8887c7)

1 / 68
http://www.slimbeacon.com/slimboat/.../sbtsetup_win.exe  (ddef80aa8285312054fe6e7df7914d14)

0 / 68
http://downar.hi-player.com/Hiplayer_ar.exe  (7ed4d8553f8ca69b71dc9bed9fff72ee)

0 / 68
http://www.slimbeacon.com/.../sbsetup.exe  (e11332dae131c3b46fcb253d468135cb)

6 / 68      (inconclusive)
http://download.coinbeez.com/CoinBeez.exe  (847f09d978a0a8a2f0d7bcc7e05b7fb9)

The following 313 files have been seen to comunicate with this IP address in live environments.

TCP port 80

TCP port 80

TCP port 80

 
Latest 20 of 322 files

The geographical location of this IP address.

Country:
United States (US)

Region:
Illinois

City:
Chicago

Coordinates:
41.85, -87.65

The ARIN network assigned organization for IP address 69.39.236.56.

Org name:
GigeNET

Org identifier:
DMPL

Org country:
United States (US)

Org region:
Illinois

Org city:
Arlington Heights

Org address:
545 E Algonquin Rd

Org website:
www.gigenet.com

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=69.39.236.56?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange: 69.39.224.0 - 69.39.239.255
CIDR: 69.39.224.0/20
NetName: IPNAP
NetHandle: NET-69-39-224-0-1
Parent: NET69 (NET-69-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS32181
Organization: GigeNET (DMPL)
RegDate: 2003-04-18
Updated: 2012-03-02
Comment: www.gigenet.com
Ref: https://whois.arin.net/rest/net/NET-69-39-224-0-1


OrgName: GigeNET
OrgId: DMPL
Address: 545 E Algonquin Rd
Address: Suite D
City: Arlington Heights
StateProv: IL
PostalCode: 60005
Country: US
RegDate: 2011-03-04
Updated: 2011-06-23
Comment: http://www.gigenet.com
Ref: https://whois.arin.net/rest/org/DMPL

ReferralServer: rwhois://rwhois.servernap.net:4321

OrgNOCHandle: IPADM152-ARIN
OrgNOCName: IP Administrator
OrgNOCPhone: +1-800-561-2656
OrgNOCEmail: ip-admin@coloquest.com
OrgNOCRef: https://whois.arin.net/rest/poc/IPADM152-ARIN

OrgTechHandle: IPADM152-ARIN
OrgTechName: IP Administrator
OrgTechPhone: +1-800-561-2656
OrgTechEmail: ip-admin@coloquest.com
OrgTechRef: https://whois.arin.net/rest/poc/IPADM152-ARIN

OrgAbuseHandle: ABUSE2935-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-800-561-2656
OrgAbuseEmail: abuse@gigenet.com
OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE2935-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Remove Malware from 69.39.236.56 - Powered by Reason Core Security