gom-player.soft32.com

I.T.N.T. SRL

Domain Information

The domain gom-player.soft32.com registered by I.T.N.T. SRL was initially registered in September of 2003 through ENOM, INC.. The domain hosts various software downloads. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).

This Soft32 domain (part of the Soft32.com site) displays information for the software program gom player as well as provides 'free' downloads managed through the Soft32's Download Manager (which might include potentially unwanted offers such as the AVG Toolbar).
Registrar:
ENOM, INC.

Server location:
Virginia, United States (US)

Create date:
Monday, September 29, 2003

Expires date:
Sunday, September 29, 2024

Updated date:
Monday, October 06, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ZuluSoftSRL.W, PUP.Win.Reputation, PUP.Installer.ITNTSRL.W, PUP.GRETECH.GretechC.Installer.Meta (L), PUP.Downloader.Bundler.Soft32.Installer (M), PUP.Downloader.Bundler.Soft32 (M)
91.67%

Malwarebytes
PUP.Optional.Soft32.A, PUP.Soft32Downloader, PUP.Optional.Zulu
33.33%

NANO AntiVirus
Riskware.Nsis.Downloader.cvxhzw, Riskware.Win32.Downloader.cvxhzw
33.33%

Dr.Web
Adware.Downware.2152, Adware.Downware.971, Adware.Downware.9012
33.33%

VIPRE Antivirus
Soft32Downloader, Threat.4783370
33.33%

ESET NOD32
MSIL/Soft32Downloader (variant), Win32/Soft32Downloader (variant)
25.00%

F-Secure
Application:W32/Generic.70053c248f!Online, Adware.Crossrider.CP
16.67%

Agnitum Outpost
PUA.Soft32Downloader, PUA.Downware
16.67%

Avira AntiVirus
APPL/Downloader.Gen
16.67%

Vba32 AntiVirus
AdWare.DownloadWare.mz, TScope.Trojan.MSIL
16.67%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
8.33%

nProtect
Adware/W32.Agent.1116952
8.33%

F-Prot
W32/Soft32Download.C.gen
8.33%

SUPERAntiSpyware
PUP.Downloader/Variant
8.33%

Comodo Security
Application.Win32.Soft32Downloader.S
8.33%

The domain gom-player.soft32.com has been seen to resolve to the following 18 IP addresses.

server-52-84-127-75.iad16.r.cloudfront.net
July 31, 2016

server-52-84-127-60.iad16.r.cloudfront.net
July 31, 2016

server-52-84-127-29.iad16.r.cloudfront.net
July 31, 2016

server-52-84-127-226.iad16.r.cloudfront.net
July 31, 2016

server-52-84-127-192.iad16.r.cloudfront.net
July 31, 2016

server-52-84-127-181.iad16.r.cloudfront.net
July 31, 2016

server-52-84-127-177.iad16.r.cloudfront.net
July 31, 2016

server-52-84-127-124.iad16.r.cloudfront.net
July 31, 2016

April 12, 2016

October 26, 2015

October 26, 2015

January 9, 2015

January 9, 2015

December 22, 2014

August 12, 2014

August 12, 2014

April 14, 2014

April 14, 2014

File downloads found at URLs served by gom-player.soft32.com.

1 / 68      (Adware)

1 / 68      (PUP)

The following 44 files have been seen to comunicate with gom-player.soft32.com in live environments.

 
Latest 20 of 44 files

URL:
http://gom-player.soft32.com/

Google Analytics:
UA-110868

Title:
“Download GOM Media Player 2.2.72.5234”

Title (4/14/2014):
“Download GOM Media Player 2.2.53.5169”

Title (8/12/2014):
“Download GOM Media Player 2.2.62.5207”

Description:
“GOM Media Player free download. Get the latest version now. GOM Player is a video/audio player with additional multimedia functions.”

Network:
Amazon Cloudfront

Web server:
nginx

Facebook:
Likes:  6
Shares:  4

Statistics are for the previous month.