home

arabic-font-pack.soft32.com

I.T.N.T. SRL

Domain Information

The domain arabic-font-pack.soft32.com registered by I.T.N.T. SRL was initially registered in September of 2003 through ENOM, INC.. The domain hosts various software downloads. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).

This Soft32 domain (part of the Soft32.com site) displays information for the software program arabic font pack as well as provides 'free' downloads managed through the Soft32's Download Manager (which might include potentially unwanted offers such as the AVG Toolbar).
Registrar:
ENOM, INC.

Server location:
Virginia, United States (US)

Create date:
Monday, September 29, 2003

Expires date:
Sunday, September 29, 2024

Updated date:
Friday, December 11, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
soft32.com

Whois:
2 soft32.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ITNTSRL.W, PUP.Downloader.Bundler.Soft32.Installer (M), PUP.Downloader.Bundler.Soft32 (M)
75.00%

Malwarebytes
PUP.Optional.Soft32.A, PUP.Optional.OpenCandy
50.00%

ESET NOD32
MSIL/Soft32Downloader (variant), Win32/OpenCandy
50.00%

Trend Micro House Call
HV_ZYX_CI1948A5.RDXN
50.00%

G Data
NSIS.Application.OpenCandy
50.00%

Baidu Antivirus
Adware.Win32.OpenCandy
50.00%

avast!
Win32:PUP-gen [PUP]
25.00%

Dr.Web
Adware.Downware.971
25.00%

VIPRE Antivirus
Soft32Downloader
25.00%

K7 AntiVirus
Adware
25.00%

Qihoo 360 Security
Malware.QVM06.Gen
25.00%

Fortinet FortiGate
W32/OpenCandy
25.00%

The domain arabic-font-pack.soft32.com has been seen to resolve to the following 21 IP addresses.

52.84.127.80
server-52-84-127-80.iad16.r.cloudfront.net
September 4, 2016

52.84.127.49
server-52-84-127-49.iad16.r.cloudfront.net
September 4, 2016

52.84.127.238
server-52-84-127-238.iad16.r.cloudfront.net
September 4, 2016

52.84.127.171
server-52-84-127-171.iad16.r.cloudfront.net
September 4, 2016

52.84.127.161
server-52-84-127-161.iad16.r.cloudfront.net
September 4, 2016

52.84.127.157
server-52-84-127-157.iad16.r.cloudfront.net
September 4, 2016

52.84.127.146
server-52-84-127-146.iad16.r.cloudfront.net
September 4, 2016

52.84.127.95
server-52-84-127-95.iad16.r.cloudfront.net
September 4, 2016

52.85.147.169
server-52-85-147-169.iad12.r.cloudfront.net
August 25, 2016

52.85.147.155
server-52-85-147-155.iad12.r.cloudfront.net
August 25, 2016

52.85.147.98
server-52-85-147-98.iad12.r.cloudfront.net
August 25, 2016

52.85.147.85
server-52-85-147-85.iad12.r.cloudfront.net
August 25, 2016

52.85.147.51
server-52-85-147-51.iad12.r.cloudfront.net
August 25, 2016

52.85.147.47
server-52-85-147-47.iad12.r.cloudfront.net
August 25, 2016

52.85.147.208
server-52-85-147-208.iad12.r.cloudfront.net
August 25, 2016

52.85.147.182
server-52-85-147-182.iad12.r.cloudfront.net
August 25, 2016

151.101.20.249
July 5, 2016

23.235.39.249
March 2, 2016

23.235.46.249
March 2, 2016

63.88.100.155
April 11, 2014

63.88.100.139
April 11, 2014

File downloads found at URLs served by arabic-font-pack.soft32.com.

1 / 68      (Adware)
http://arabic-font-pack.soft32.com/get/file/id/.../?rel=center  (arabic font pack setup.exe)

1 / 68      (Adware)
http://arabic-font-pack.soft32.com/get/file/id/.../?lp=dsa&tg=in&kw=_cat:soft32.com&mt=b&ad=34630557643&pl=&ds=s&gclid=CjkKEQjwttWcBRCuhYjhouveusIBEiQAwjy8ID9WfA5XkK6IiOBevmzKgXrNgHe62HoR38H8HbGbje3w_wcB  (arabic font pack setup.exe)

9 / 68      (PUP)
http://arabic-font-pack.soft32.com/get/file/id/.../?no_download_manager=  (arabic.exe)

9 / 68      (PUP)
http://arabic-font-pack.soft32.com/get/file/id/.../?no_download_manager=true  (arabic.exe)

9 / 68      (PUP)
http://arabic-font-pack.soft32.com/get/file/id/.../?iframe=true&width=420&height=200&javascript=true&no_download_manager=1  (arabic.exe)

8 / 68      (Adware)
http://arabic-font-pack.soft32.com/get/file/id/.../  (arabic font pack setup.exe)

The following 47 files have been seen to comunicate with arabic-font-pack.soft32.com in live environments.

TCP » 52.85.147.208:443
online-guardian-v2.0.9.exe

TCP » 52.85.147.169:443
online-guardian-v2.0.9.exe

TCP » 52.85.147.208:443
online-guardian-v2.0.9.exe

TCP » 52.85.147.208:443
apptrailers.exe

TCP » 52.85.147.208:443
apptrailers.exe

TCP » 23.235.39.249:443
discountapp_1.0.0.0.crx

TCP » 23.235.39.249:443
savingsplugin_1.0.crx

TCP » 23.235.46.249:443
product support.crx

TCP » 23.235.46.249:443
product support.crx

TCP » 23.235.46.249:443
couponmatcher_1.0.0.0.crx

TCP » 52.85.147.169:443
apptrailers.exe

TCP » 63.88.100.139:80
toolbarcr.crx

TCP » 63.88.100.139:80
toolbar.crx

TCP » 63.88.100.139:80
pfhnkainfgebjkhaoadlkjgjhhgpbohg.crx

TCP » 63.88.100.139:80
bddliligffobaljnkoggdijkcobadcco.crx

TCP » 63.88.100.139:80
toolbar.crx

TCP » 63.88.100.139:80
toolbar.crx

TCP » 63.88.100.139:80
pmalhbifcdmjbmnnmfigkignpjdnefac.crx

TCP » 63.88.100.139:80
jcpllocnmehceenfbgcieemlipobmijb.crx

TCP » 63.88.100.139:80
djoppapjjnfooooimdanhmmjinkakdbk.crx

 
Latest 20 of 50 files

URL:
http://arabic-font-pack.soft32.com/

Google Analytics:
UA-110868

Title:
“Download Arabic Font Pack 1.2”

Description:
“Arabic Font Pack free download. Get the latest version now. This collection contains 14 free Arabic fonts.”

Network:
Amazon Cloudfront

Web server:
nginx

Facebook:
Likes:  3
Shares:  1

Statistics are for the previous month.

soft32.com.br

soft32.fr

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.