home

portable-firefox.soft32.com

I.T.N.T. SRL

Domain Information

The domain portable-firefox.soft32.com registered by I.T.N.T. SRL was initially registered in September of 2003 through ENOM, INC.. The domain hosts various software downloads. The hosted servers are located in Seattle, Washington within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).

This Soft32 domain (part of the Soft32.com site) displays information for the software program portable firefox as well as provides 'free' downloads managed through the Soft32's Download Manager (which might include potentially unwanted offers such as the AVG Toolbar).
Registrar:
ENOM, INC.

Server location:
Washington, United States (US)

Create date:
Monday, September 29, 2003

Expires date:
Sunday, September 29, 2024

Updated date:
Friday, December 11, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
soft32.com

Whois:
1 soft32.com record

Scanner detections:
Detections  (86% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Downloader.Bundler.Soft32.Installer, PUP.Downloader.Bundler.Soft32.Installer (M), PUP.Downloader.Bundler.Soft32 (M)
100.00%

nProtect
Adware/W32.Agent.1116952
16.67%

Malwarebytes
PUP.Soft32Downloader
16.67%

Agnitum Outpost
PUA.Soft32Downloader
16.67%

F-Prot
W32/Soft32Download.C.gen
16.67%

SUPERAntiSpyware
PUP.Downloader/Variant
16.67%

Comodo Security
Application.Win32.Soft32Downloader.S
16.67%

Dr.Web
Adware.Downware.971
16.67%

VIPRE Antivirus
Soft32Downloader
16.67%

Avira AntiVirus
APPL/Downloader.Gen
16.67%

Vba32 AntiVirus
AdWare.DownloadWare.mz
16.67%

ESET NOD32
Win32/Soft32Downloader.D potentially unwanted application
16.67%

Rising Antivirus
PE:PUF.Soft32Downloader!1.9C52
16.67%

Fortinet FortiGate
Adware/Softdownmgr
16.67%

Trend Micro House Call
TROJ_GEN.F47V1124
16.67%

The domain portable-firefox.soft32.com has been seen to resolve to the following 29 IP addresses.

52.84.127.236
server-52-84-127-236.iad16.r.cloudfront.net
September 17, 2016

52.84.127.224
server-52-84-127-224.iad16.r.cloudfront.net
September 17, 2016

52.84.127.205
server-52-84-127-205.iad16.r.cloudfront.net
September 17, 2016

52.84.127.182
server-52-84-127-182.iad16.r.cloudfront.net
September 17, 2016

52.84.127.96
server-52-84-127-96.iad16.r.cloudfront.net
September 17, 2016

52.84.127.87
server-52-84-127-87.iad16.r.cloudfront.net
September 17, 2016

52.84.127.85
server-52-84-127-85.iad16.r.cloudfront.net
September 17, 2016

52.84.127.68
server-52-84-127-68.iad16.r.cloudfront.net
September 17, 2016

52.84.127.157
server-52-84-127-157.iad16.r.cloudfront.net
September 1, 2016

52.84.127.146
server-52-84-127-146.iad16.r.cloudfront.net
September 1, 2016

52.84.127.95
server-52-84-127-95.iad16.r.cloudfront.net
September 1, 2016

52.84.127.80
server-52-84-127-80.iad16.r.cloudfront.net
September 1, 2016

52.84.127.49
server-52-84-127-49.iad16.r.cloudfront.net
September 1, 2016

52.84.127.238
server-52-84-127-238.iad16.r.cloudfront.net
September 1, 2016

52.84.127.171
server-52-84-127-171.iad16.r.cloudfront.net
September 1, 2016

52.84.127.161
server-52-84-127-161.iad16.r.cloudfront.net
September 1, 2016

52.84.127.193
server-52-84-127-193.iad16.r.cloudfront.net
August 13, 2016

52.84.127.150
server-52-84-127-150.iad16.r.cloudfront.net
August 13, 2016

52.84.127.112
server-52-84-127-112.iad16.r.cloudfront.net
August 13, 2016

52.84.127.100
server-52-84-127-100.iad16.r.cloudfront.net
August 13, 2016

52.84.127.72
server-52-84-127-72.iad16.r.cloudfront.net
August 13, 2016

52.84.127.248
server-52-84-127-248.iad16.r.cloudfront.net
August 13, 2016

52.84.127.235
server-52-84-127-235.iad16.r.cloudfront.net
August 13, 2016

52.84.127.214
server-52-84-127-214.iad16.r.cloudfront.net
August 13, 2016

23.235.39.249
June 22, 2016

23.235.46.249
March 31, 2016

199.27.76.249
March 31, 2016

23.235.46.184
February 10, 2015

23.235.39.185
February 10, 2015

File downloads found at URLs served by portable-firefox.soft32.com.

1 / 68      (Adware)
http://portable-firefox.soft32.com/get/file/id/.../?lp=dsa&tg=id&kw=_cat:soft32.com&mt=b&ad=33471869317&pl=&ds=s&uid=140707991951d2bfaa0a3e8d00ecf12883c189a9f0&_ga=746456028.1407079917&gclid=CLH79Zi3978CFdQXjgodXBAAoQ  (mozilla firefox portable setup.exe)

1 / 68      (Adware)
http://portable-firefox.soft32.com/get/file/id/.../?lp=dsa&tg=id&kw=_cat:soft32.com&mt=b&ad=33471869317&pl=&ds=s&uid=141112918470727025e05f7c43e8f2845786ea2990&_ga=810025639.1411129175&gclid=CIClguKh7cACFRWTjgodBVQAnw  (mozilla firefox portable setup.exe)

1 / 68      (Adware)
http://portable-firefox.soft32.com/get/file/id/.../?lp=dsa&tg=id&kw=_cat:soft32.com&mt=b&ad=33471869317&pl=&ds=s&gclid=CM6o-7KnnsACFU4mjgod4bMAhA&uid=1408417327246171d05294ee70428de9d9587fc882  (mozilla firefox portable setup.exe)

1 / 68      (Adware)
http://portable-firefox.soft32.com/get/file/id/.../?lp=dsa&tg=id&kw=_cat:soft32.com&mt=b&ad=33471869197&pl=&ds=s&gclid=CI2soZWV9L0CFUssjgodSU4AjQ  (mozilla firefox portable setup.exe)

1 / 68      (Adware)
http://portable-firefox.soft32.com/get/file/id/.../?lp=dsa&tg=ae&kw=_cat:soft32.com&mt=b&ad=31584371162&pl=&ds=s&gclid=CJmgsuXd3LoCFS_KtAodkB4Aog  (mozilla firefox portable setup.exe)

0 / 68
http://portable-firefox.soft32.com/get/file/id/.../?no_download_manager=true  (FirefoxPortable_40.0.2_English.paf.exe)

18 / 68    (Adware)
http://portable-firefox.soft32.com/get/file/id/.../?lp=dsa&tg=id&kw=_cat:soft32.com&mt=b&ad=31622707562&pl=&ds=s&gclid=CK_FjsK_3LoCFWgG4god0zMA4Q  (mozilla firefox portable setup.exe)

The following 8 files have been seen to comunicate with portable-firefox.soft32.com in live environments.

TCP » 52.84.127.87:443
browser.exe (speed browser by Smart Applications)

TCP » 52.84.127.87:80
browser.exe (speed browser by Smart Applications)

TCP » 199.27.76.249:443
product support.crx

TCP » 23.235.39.249:443
discountapp_1.0.0.0.crx

TCP » 23.235.39.249:443
savingsplugin_1.0.crx

TCP » 23.235.46.249:443
product support.crx

TCP » 23.235.46.249:443
product support.crx

TCP » 23.235.46.249:443
couponmatcher_1.0.0.0.crx

URL:
http://portable-firefox.soft32.com/

Google Analytics:
UA-110868

Title:
“Download Mozilla Firefox Portable 40.0.2”

Description:
“Mozilla Firefox Portable free download. Get the latest version now. Portable Firefox is a fully functional package of Firefox optimized for use on a USB key drive.”

Network:
Amazon Cloudfront

Web server:
nginx

Facebook:
Likes:  7
Shares:  1

Statistics are for the previous month.

soft32.com.br

soft32.fr

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.