home

dangerous-dave.soft32.com

I.T.N.T. SRL

Domain Information

The domain dangerous-dave.soft32.com registered by I.T.N.T. SRL was initially registered in September of 2003 through ENOM, INC.. The domain hosts various software downloads. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).

This Soft32 domain (part of the Soft32.com site) displays information for the software program dangerous dave as well as provides 'free' downloads managed through the Soft32's Download Manager (which might include potentially unwanted offers such as the AVG Toolbar).
Registrar:
ENOM, INC.

Server location:
Virginia, United States (US)

Create date:
Monday, September 29, 2003

Expires date:
Sunday, September 29, 2024

Updated date:
Friday, December 11, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
soft32.com

Whois:
2 soft32.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ITNTSRL.U, PUP.Downloader.Bundler.Soft32, PUP.Downloader.Bundler.Soft32.Installer (M), PUP.Downloader.Bundler.Soft32 (M)
100.00%

VIPRE Antivirus
Threat.4783370
25.00%

Dr.Web
Adware.Downware.971, Threat.Undefined
25.00%

ESET NOD32
Win32/Soft32Downloader.C potentially unwanted application, Detection.Undefined
25.00%

Malwarebytes
PUP.Optional.AdBundle
25.00%

NANO AntiVirus
Riskware.Win32.Downloader.cvxhzw, Riskware.Html.SoftDownload.cvvset
25.00%

F-Prot
W32/Soft32Download.A.gen
12.50%

McAfee
Downloader-FMA
12.50%

K7 AntiVirus
Trojan
12.50%

Agnitum Outpost
PUA.Soft32Downloader
12.50%

Comodo Security
Application.Win32.Agent.S
12.50%

Zillya! Antivirus
Trojan.Skillis.Win32.1940
12.50%

Vba32 AntiVirus
Trojan.Skillis
12.50%

Rising Antivirus
PE:PUF.Soft32Downloader!1.9C52
12.50%

Fortinet FortiGate
Riskware/Soft32Downloader
12.50%

The domain dangerous-dave.soft32.com has been seen to resolve to the following 14 IP addresses.

52.84.127.161
server-52-84-127-161.iad16.r.cloudfront.net
September 1, 2016

52.84.127.157
server-52-84-127-157.iad16.r.cloudfront.net
September 1, 2016

52.84.127.146
server-52-84-127-146.iad16.r.cloudfront.net
September 1, 2016

52.84.127.95
server-52-84-127-95.iad16.r.cloudfront.net
September 1, 2016

52.84.127.80
server-52-84-127-80.iad16.r.cloudfront.net
September 1, 2016

52.84.127.49
server-52-84-127-49.iad16.r.cloudfront.net
September 1, 2016

52.84.127.238
server-52-84-127-238.iad16.r.cloudfront.net
September 1, 2016

52.84.127.171
server-52-84-127-171.iad16.r.cloudfront.net
September 1, 2016

23.235.46.249
June 5, 2016

23.235.39.249
February 15, 2016

199.27.76.249
February 15, 2016

23.235.46.184
March 8, 2015

199.27.76.184
September 11, 2014

23.235.46.185
September 11, 2014

File downloads found at URLs served by dangerous-dave.soft32.com.

1 / 68      (Adware)
http://dangerous-dave.soft32.com/get/file/id/.../?lp=dsa&tg=in&kw=_cat:soft32.com&mt=b&ad=37216311643&pl=&ds=s&uid=1414136435096e29a2b70338be6505b9b73b8186a9&_ga=972943706.1414136431&gclid=Cj0KEQjw8aeiBRCknPXk-u_V_4gBEiQAD2-mgX5f5hYhSv0VSeBjHgI5Vt-TPKPcErCIWngMZZ8sPpYaAhI98P8HAQ  (dangerous dave setup.exe)

1 / 68      (Adware)
http://dangerous-dave.soft32.com/get/file/id/.../  (dangerous dave setup.exe)

1 / 68      (Adware)
http://dangerous-dave.soft32.com/get/file/id/.../?lp=dsa&tg=in&kw=_cat:soft32.com&mt=b&ad=40672318603&pl=&ds=s&uid=14059885084e21cf1c53648ea3580355e8fd72be25&_ga=330454112.1405988508&gclid=CLL45uX02L8CFReSjgodjykApQ  (dangerous dave setup.exe)

1 / 68      (Adware)
http://dangerous-dave.soft32.com/get/file/id/.../?lp=dsa&tg=in&kw=_cat:soft32.com&mt=b&ad=40672318603&pl=&ds=s&uid=14059885084e21cf1c53648ea3580355e8fd72be25&_ga=330454112.1405988508&gclid=CLL45uX02L8CFReSjgodjykApQ  (dangerous dave setup.exe)

1 / 68      (Adware)
http://dangerous-dave.soft32.com/get/file/id/.../?lp=dsa&tg=in&kw=_cat:soft32.com&mt=b&ad=40672318603&pl=&ds=s&uid=14059885084e21cf1c53648ea3580355e8fd72be25&_ga=330454112.1405988508&gclid=CLL45uX02L8CFReSjgodjykApQ  (dangerous dave setup.exe)

1 / 68      (Adware)
http://dangerous-dave.soft32.com/get/file/id/.../?rel=center  (dangerous dave setup.exe)

10 / 68    (Adware)
http://dangerous-dave.soft32.com/get/file/id/.../  (dangerous-dave.exe)

17 / 68    (Adware)
http://dangerous-dave.soft32.com/get/file/.../811267?s=NLD9NQpGokDtAgfh-Z1Pvw&t=1362651582&ext=.zip  (dangerous dave setup.exe)

The following 6 files have been seen to comunicate with dangerous-dave.soft32.com in live environments.

TCP » 199.27.76.249:443
product support.crx

TCP » 23.235.39.249:443
discountapp_1.0.0.0.crx

TCP » 23.235.39.249:443
savingsplugin_1.0.crx

TCP » 23.235.46.249:443
product support.crx

TCP » 23.235.46.249:443
product support.crx

TCP » 23.235.46.249:443
couponmatcher_1.0.0.0.crx

URL:
http://dangerous-dave.soft32.com/

Google Analytics:
UA-110868

Title:
“Download Dangerous Dave 1.0”

Description:
“Dangerous Dave free download. Get the latest version now. Collect as many points as possible and manage to get to the last level.”

Network:
Amazon Cloudfront

Web server:
nginx

Facebook:
Likes:  22
Shares:  15
Comments:  1

Statistics are for the previous month.

soft32.com.br

soft32.fr

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.