home

i.softplanet.com

Secure Download Ltd

Domain Information

The domain i.softplanet.com registered by Secure Download Ltd was initially registered in August of 1996 through WILD WEST DOMAINS, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Seattle, Washington within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
WILD WEST DOMAINS, LLC

Server location:
Washington, United States (US)

Create date:
Thursday, August 29, 1996

Expires date:
Sunday, August 28, 2022

Updated date:
Friday, May 10, 2013

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
softplanet.com

Whois:
1 softplanet.com record

Scanner detections:
Detections  (62% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.AVSoftware EOOD, PUP.AVSoftware EOOD.SecureDownload, PUP.AVSoftware EOOD.SecureDownload (M), PUP.AVSoftware EOOD.SecureDownload.Installer (M), PUP.AVSoftware EOOD.SecureDo (M), PUP.AVSoftware EOOD.SecureDo.Installer (M), PUP.AVSoftware EOOD (M)
96.77%

Dr.Web
Adware.OpenCandy.39, Adware.Downware.11222, Trojan.Click3.11442, Trojan.Click3.11944
16.13%

AVG
Generic, Downloader
9.68%

avast!
Win32:Evo-gen [Susp], Win32:Rootkit-gen [Rtk]
6.45%

McAfee
Artemis!F19138054326, Artemis!DD62A6CDC508
6.45%

ESET NOD32
Win32/OpenCandy (variant)
3.23%

VIPRE Antivirus
Trojan.Win32.Generic
3.23%

NANO AntiVirus
Trojan.Win32.CheatEngine.ddqnic
3.23%

Avira AntiVirus
TR/Crypt.CFI.Gen
3.23%

Bkav FE
W32.Clod5a5.Trojan
3.23%

The domain i.softplanet.com has been seen to resolve to the following 501 IP addresses.

52.84.125.198
server-52-84-125-198.iad16.r.cloudfront.net
September 16, 2016

52.84.125.130
server-52-84-125-130.iad16.r.cloudfront.net
September 16, 2016

52.84.125.103
server-52-84-125-103.iad16.r.cloudfront.net
September 16, 2016

52.84.125.87
server-52-84-125-87.iad16.r.cloudfront.net
September 16, 2016

52.84.125.85
server-52-84-125-85.iad16.r.cloudfront.net
September 16, 2016

52.84.125.229
server-52-84-125-229.iad16.r.cloudfront.net
September 16, 2016

52.84.125.217
server-52-84-125-217.iad16.r.cloudfront.net
September 16, 2016

52.84.125.210
server-52-84-125-210.iad16.r.cloudfront.net
September 16, 2016

54.230.193.169
server-54-230-193-169.iad53.r.cloudfront.net
September 1, 2016

54.230.193.133
server-54-230-193-133.iad53.r.cloudfront.net
September 1, 2016

54.230.193.114
server-54-230-193-114.iad53.r.cloudfront.net
September 1, 2016

54.230.193.113
server-54-230-193-113.iad53.r.cloudfront.net
September 1, 2016

54.230.193.90
server-54-230-193-90.iad53.r.cloudfront.net
September 1, 2016

54.230.193.84
server-54-230-193-84.iad53.r.cloudfront.net
September 1, 2016

54.230.193.195
server-54-230-193-195.iad53.r.cloudfront.net
September 1, 2016

54.230.193.186
server-54-230-193-186.iad53.r.cloudfront.net
September 1, 2016

52.84.125.82
server-52-84-125-82.iad16.r.cloudfront.net
August 30, 2016

52.84.125.32
server-52-84-125-32.iad16.r.cloudfront.net
August 23, 2016

52.84.125.216
server-52-84-125-216.iad16.r.cloudfront.net
August 23, 2016

54.192.19.106
server-54-192-19-106.iad12.r.cloudfront.net
August 23, 2016

54.192.19.80
server-54-192-19-80.iad12.r.cloudfront.net
August 23, 2016

54.192.19.47
server-54-192-19-47.iad12.r.cloudfront.net
August 23, 2016

54.192.19.32
server-54-192-19-32.iad12.r.cloudfront.net
August 23, 2016

54.192.19.22
server-54-192-19-22.iad12.r.cloudfront.net
August 23, 2016

54.192.19.187
server-54-192-19-187.iad12.r.cloudfront.net
August 23, 2016

54.192.19.120
server-54-192-19-120.iad12.r.cloudfront.net
August 23, 2016

52.84.125.8
server-52-84-125-8.iad16.r.cloudfront.net
August 22, 2016

52.84.125.253
server-52-84-125-253.iad16.r.cloudfront.net
August 22, 2016

52.84.125.123
server-52-84-125-123.iad16.r.cloudfront.net
August 22, 2016

52.84.125.106
server-52-84-125-106.iad16.r.cloudfront.net
August 22, 2016

 
Showing 30 of 501 IP Addresses

File downloads found at URLs served by i.softplanet.com.

1 / 68      (Adware)
http://i.softplanet.com/.../Leawo-Blu-Ray-Player.1.7.0.5.exe  (5fb50e81273979243e8f4ed5462ff49f)

1 / 68      (Adware)
http://i.softplanet.com/.../Microsoft-NET-Framework.3.51.exe  (0dd1273f3ace86e9d7605b543da5130d)

1 / 68      (Adware)
http://i.softplanet.com/.../Nero-Burning-ROM.15.0.04600.exe  (e236f47e35ba19f0e0e086248120518a)

1 / 68      (Adware)
http://i.softplanet.com/.../GIMP.2.8.14.exe  (91480da0f83b893b0aa32efb657487e2)

0 / 68
http://i.softplanet.com/.../Need-for-Speed-Underground-2.exe  (atomic-cannon-demo.exe)

0 / 68
http://i.softplanet.com/.../WinRAR5310.exe  (winrar-x64-531.exe)

1 / 68      (Adware)
http://i.softplanet.com/.../Hola-Unblocker.1.3.137.exe  (c9c6c31b530cf0050d4de69fb6b78826)

1 / 68      (Adware)
http://i.softplanet.com/.../Spotify.0.9.13.24.exe  (5a97a2537f895731973c5da28d849c01)

0 / 68
http://i.softplanet.com/.../Music-Download-Center07.exe  (mdc_0.7_win32.exe)

1 / 68      (Adware)
http://i.softplanet.com/.../Java.820.exe  (989560ed39163e8652c96e9c2b10dce7)

1 / 68      (Adware)
http://i.softplanet.com/.../Microsoft-Security-Essentials.4.5.216.0.exe  (9b5e2e72f80c73cb8cb9c0be2920d895)

1 / 68      (Adware)
http://i.softplanet.com/.../Panda-Internet-Security.201515.1.0.exe  (050aaa83e24815d86971e0335ed18ab7)

0 / 68
http://i.softplanet.com/.../Avast!-Internet-Security-20142014902013.exe  (avast_internet_security_setup.exe)

2 / 68      (Adware)
http://i.softplanet.com/.../iTunes.11.4.0.exe  (2db8ec6ed90627ec41d1a8ea1ac55fac)

0 / 68
http://i.softplanet.com/.../Virtual-DJ-Home-FREE741.exe  (install_virtualdj_home_v7.4.1-clean.exe)

0 / 68
http://i.softplanet.com/.../jetAudio8102000-Basic.exe  (jad8100_basic.exe)

0 / 68
http://i.softplanet.com/.../PDF-Document-Writer72.exe  (pdfdocumentwriter.exe)

3 / 68      (Adware)
http://i.softplanet.com/.../Dropbox.2.10.30.exe  (caa047dbeb4bdb05df84fe974be2165d)

0 / 68
http://i.softplanet.com/.../Mozilla-Firefox3601.exe  (firefox setup 36.0.1.exe)

1 / 68      (Adware)
http://i.softplanet.com/.../Need-for-Speed-Underground-2..exe  (d9bf6ef72906468b324cb9c391c7a436)

1 / 68      (Adware)
http://i.softplanet.com/.../Cheat-Engine.6.3.exe  (56635db7a6bc4cf0d0eef832c7414da4)

1 / 68      (Adware)
http://i.softplanet.com/.../VMware-Player.7.1.0.exe  (a900a875ff56752bd81f74bf758031f0)

1 / 68      (Adware)
http://i.softplanet.com/.../avgantivirusfree2014-2014.0.4744.exe  (0dca55bcad2ab97a5dda4654e17440f8)

1 / 68      (Adware)
http://i.softplanet.com/.../Opera.24.0.1558.61.exe  (84d7b2097f2bad27f46281777bb21b57)

1 / 68      (Adware)
http://i.softplanet.com/.../Cheat-Engine.6.4.exe  (c0b1c2aa962e8ae69c229c0b690b32c2)

5 / 68      (PUP)
http://i.softplanet.com/.../Cheat-Engine64.exe  (cheatengine64.exe)

0 / 68
http://i.softplanet.com/.../Skype62080104.exe  (SkypeSetup.exe)

0 / 68
http://i.softplanet.com/.../uTorrent343-Build-40097.exe  (uTorrent.exe)

6 / 68      (Adware)
http://i.softplanet.com/.../Skype.7.4.0.102.exe  (f19138054326ff3c299ac4c10dcf6f1c)

0 / 68
http://i.softplanet.com/.../Adobe-Audition-CC2014-700.exe  (creativecloudset-up.exe)

 
Latest 30 of 254 download URLs

The following 354 files have been seen to comunicate with i.softplanet.com in live environments.

TCP » 54.192.19.146:80
GoRadio.exe (RP by Resilion)

TCP » 54.230.50.4:443
online-guardian-v2.0.9.exe

TCP » 54.192.195.40:443
online-guardian-v2.0.9.exe

TCP » 54.192.195.118:443
online-guardian-v2.0.9.exe

TCP » 54.192.19.187:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 54.230.53.166:443
online-guardian-v2.0.9.exe

TCP » 54.192.19.148:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.192.195.231:443
online-guardian-v2.0.9.exe

TCP » 52.85.142.32:443
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.85.142.132:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.192.19.148:80
notification.exe

TCP » 54.230.53.166:443
online-guardian-v2.0.9.exe

TCP » 54.192.195.11:443
onlineguardian-v2.exe

TCP » 52.85.142.6:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 54.192.19.187:443
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 54.230.50.4:443
onlineguardian-v2.exe

TCP » 52.85.142.166:80
beamrise.exe (Beamrise by The Beamrise Authors)

TCP » 52.85.142.211:80
jingling.exe

TCP » 54.192.19.122:80
browser.exe (Browser)

TCP » 54.230.50.13:443
online-guardian-v2.0.9.exe

 
Latest 20 of 760 files

URL:
http://i.softplanet.com/

Network:
Amazon Cloudfront

Web server:
AmazonS3

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.