home

www.cycleheadtower.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
cycleheadtower.com

Scanner detections:
Detections  (88% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.AnchorFree.Installer.Meta (L), PUP.InstallCore.iLightMe.Installer (M), PUP.InstallCore.RE11 (M)
87.50%

NANO AntiVirus
Trojan.Win32.Click3.crnxzi
12.50%

Dr.Web
Trojan.Click3.1681
12.50%

The domain www.cycleheadtower.com has been seen to resolve to the following 16 IP addresses.

54.186.99.90
ec2-54-186-99-90.us-west-2.compute.amazonaws.com
July 7, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
July 7, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
July 7, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 2, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 2, 2016

52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
June 2, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 16, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 16, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 18, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 18, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 18, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 18, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 18, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 18, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 18, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 18, 2016

File downloads found at URLs served by www.cycleheadtower.com.

2 / 68      (inconclusive)
http://www.cycleheadtower.com/c?x=tp2Ng2 eM0L9TjuAxOVo2pioJQ52pMPBN770XqEn6hE=&c=VRuHSuo 4z8JiGqYGwsY4pvoTxlzB4cQAJFjDUxXYycwNyiIRC7ZFNRIfKcbd7Ujl5RWtxMFo0MksV 2dd ng94jg/MTaF3MOqjArO6PC7J8htQ8sIbyKheu3b9RSPF4 1WzEyy33jgNzIlrhGRJgA==&e=0&downloadAs=ProxifierSetup.exe&fallback_url=http://qpdownload.com/data/proxifier/.../ProxifierSetup.exe  (99f2b88de820fb14e5ce1445e2d3c0d7)

1 / 68      (PUP)
http://www.cycleheadtower.com/c?x=sZTB5Qr3vbFCNJ2APYk9hFQyOd1ilIyyBV8aXCPnQJo=&c=wpgLbj2DIPyqvIviB5HAhsAzUVZLHMIDGJXHtveG3IK2230aJ5nVRKcjlB1VhCZLVsPsQy4NZ bm0dHNlfdvBrxqtK19p04j0U5bkpZdZ4te5KuesxDr35 rrN4Gkxr7u4FXZJWGHFL5DPyEquyvXXeHX7lHPvyafORwNqAcnD88BdlK6R7RfsVVKlY3zbp8&e=0&downloadAs=PGRSetup.exe&fallback_url=http://qpdownload.com/data/pokemon-global-revolution/.../PGRSetup.exe  (5da7579fbe238d71efa3e2e7a2d09ada)

1 / 68      (PUP)
http://www.cycleheadtower.com/c?x=dYQbSOrWxrhtfApugTKRdrSrZe08aPsqn2l5 uOP8Vw=&c=1L1fefyL9rWK2T3iiCUiCaxX1v7GwBULHnokKY2kHMueXrhohjjfSQotDnPm3pz4Rb A7j fVs moJdtLCueep8Dkr3KjWczCvwcrpjuHyDNni1vq qCgxLqLQ3BqBxav7wM05G58/UOpKX 5KgMaoTQ0HkA2y39NSUzvYh5caoruyXpyKzJt/ijQP7klGNY&e=0&downloadAs=PGRSetup.exe&fallback_url=http://qpdownload.com/data/pokemon-global-revolution/.../PGRSetup.exe  (5da7579fbe238d71efa3e2e7a2d09ada)

1 / 68      (PUP)
http://www.cycleheadtower.com/WVl6OTRQV3BXYlV0eFUxTktVR0ZwSlRKQ04wWTBOM05xVkhwdlRuQlJXR0k1UlZFMk4xTXhkbFpoVFVJd2QzVjZVU1V6UkNaalBXa3hablZCT1Raek9YSkpTM2hTWkhCVVRFNTNRa3hUYzFWUlVrNXZRbUZTWkVOT1NuUm5UR3BJUTBSa1J6RjJiRXQzUVhoSlpVTkJOSFJSUjBsMGJWcEZXbTVOU0VoTGVteG9UM05SYVdSQllXTnlaVzAwY21VNEpUSkdRVmxWV2xSRk9Xb3phM0oxT1RVMmRYVnNNbU5LUkVKRVdqSnFSV1ZJVkRkaU5FY2xNa1p5UjJwdVp6WTJaMlk1U2s5eWMwWlVia1JaT0dabE9YY2xNMFFsTTBRbVpUMHdKbVJ2ZDI1c2IyRmtRWE05ZFZSdmNuSmxiblF1WlhobEptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTkJKVEpHSlRKR2QybHVaRzkzY3pFd2NHOXlkR0ZzTG1OdmJTVXlSbVJoZEdFbE1rWmtiM2R1Ykc5aFpDMTFkRzl5Y21WdWRDVXlSbWx1YzNSaGJHeGxjaVV5Um5WVWIzSnlaVzUwTG1WNFpRPT0=  (utorrent.exe)

1 / 68      (PUP)
http://www.cycleheadtower.com/WVl6OTRQWEJKVjNCcWRVdHJZVEJ5U0doTE1EZDBRMUlsTWtJd1pFOXRkR0ZwYVZaVlYySnlaRTVaTmsxek1GbzVRU1V6UkNaalBUWlRlakJPYkRJeWEzRnhRblZRZUdGM1duZzFlR052U25ONFF6SkxNVEYxWkhBM2RUSWxNa0pKWTI1dFRXMVBaMGgwYlU1RlJUZDBRbkZXYzNkYVdHcDFPQ1V5Um01TmVqTjFjMjA0VmlVeVJuZGljbVZxV21oc0pUSkNNV3RZVDJORVlXcFRjMlF5ZUcwMFFWcFpTbUpuU0VsVVQzTkNRalZrYzNreFFWRlpSWEEyWVV4aVVEaFFUMFYzYTJ4bU5GcHFTRXh3ZUVzeVVVVjRXQ1V5UW5jbE0wUWxNMFFtWlQwd0ptUnZkMjVzYjJGa1FYTTlTRk5UTFRNdU16SXRhVzV6ZEdGc2JDMWxMVFUxTUMxd2JHRnBiaTVsZUdVbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhBbE0wRWxNa1lsTWtaeGNHUnZkMjVzYjJGa0xtTnZiU1V5Um1SaGRHRWxNa1pvYjNSemNHOTBMWE5vYVdWc1pDVXlSbWx1YzNSaGJHeGxjaVV5UmtoVFV5MHpMak15TFdsdWMzUmhiR3d0WlMwMU5UQXRjR3hoYVc0dVpYaGw=  (hss-3.32-install-e-550-plain.exe)

1 / 68      (PUP)
http://www.cycleheadtower.com/WVl6OTRQWEJKVjNCcWRVdHJZVEJ5U0doTE1EZDBRMUlsTWtJd1pFOXRkR0ZwYVZaVlYySnlaRTVaTmsxek1GbzVRU1V6UkNaalBUWlRlakJPYkRJeWEzRnhRblZRZUdGM1duZzFlR052U25ONFF6SkxNVEYxWkhBM2RUSWxNa0pKWTI1dFRXMVBaMGgwYlU1RlJUZDBRbkZXYzNkYVdHcDFPQ1V5Um01TmVqTjFjMjA0VmlVeVJuZGljbVZxV21oc0pUSkNNV3RZVDJORVlXcFRjMlF5ZUcwMFFWcFpTbUpuU0VsVVQzTkNRalZrYzNreFFWRlpSWEEyWVV4aVVEaFFUMFYzYTJ4bU5GcHFTRXh3ZUVzeVVVVjRXQ1V5UW5jbE0wUWxNMFFtWlQwd0ptUnZkMjVzYjJGa1FYTTlTRk5UTFRNdU16SXRhVzV6ZEdGc2JDMWxMVFUxTUMxd2JHRnBiaTVsZUdVbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhBbE0wRWxNa1lsTWtaeGNHUnZkMjVzYjJGa0xtTnZiU1V5Um1SaGRHRWxNa1pvYjNSemNHOTBMWE5vYVdWc1pDVXlSbWx1YzNSaGJHeGxjaVV5UmtoVFV5MHpMak15TFdsdWMzUmhiR3d0WlMwMU5UQXRjR3hoYVc0dVpYaGw=  (hss-3.32-install-e-550-plain.exe)

1 / 68      (PUP)
http://www.cycleheadtower.com/WVl6OTRQVXRqYVRaaU9ESkNWMWxwTUhGMWEwTnpiak5qV1dORE0yeE9PVTVQYkZOWFdXTk5VRmxpZVdkdFdFRWxNMFFtWXoxMlFUTkRUMUJ2Vmt0bVZsUnFhamtsTWtJNVVrZE9RM1JvTm1aQ2RrOVNaazgxY0ZsTGRsRTVheVV5Um5seFFUTWxNa1o0ZDFrNGFFc3pjRTl3ZEZGeWVsRkVWazkxU0ZCUFlVSXlaRzFJUzB4NFdXRlhVMlJNUmt0dFFuUWxNa0psYzNBNGRUaHNTSFp4Ym5OUFpFSkZNbmQxU0dWSFZEQnlSVlJIV1hWT05rVm9aMjlCYVZrNFFsUlBVR0Y1V1ZSb2NDVXlSa3RxWjBWdGRqVjFXakJSSlRORUpUTkVKbVU5TUNaa2IzZHViRzloWkVGelBWTmxjbUYwYjE5RVNsOHhMall1TVM1bGVHVW1abUZzYkdKaFkydGZkWEpzUFdoMGRIQWxNMEVsTWtZbE1rWnhjR1J2ZDI1c2IyRmtMbU52YlNVeVJtUmhkR0VsTWtaelpYSmhkRzh0WkdvbE1rWnBibk4wWVd4c1pYSWxNa1pUWlhKaGRHOWZSRXBmTVM0MkxqRXVaWGhs  (serato_dj_1.6.1.exe)

1 / 68      (PUP)
http://www.cycleheadtower.com/c?x=e031hsJ4PYR7HVT3w1sNJhDxjPf/KjMesPVX vgmztQ=&c=GSMygEiXNwWLsHoND6MHTkCfPE3h FmMo0zcIOADShme4xEEvxvpK TUgoSf/uPSHNOCfJFlAbo85NRnkDg4jTvWbU37qDiX8PT0WlOzRT2v/6nFbVzRDrrVQZgwzEulycMW4NTWZlqKuDZemI9XEf68rRKFfDifB7dX7fHw7Zc=&e=0&downloadAs=hideman-install.exe&fallback_url=http://qpdownload.com/data/hideman/.../hideman-install.exe  (3964d3f43e9b632f84a92d38626ddbb7)

1 / 68      (PUP)
http://www.cycleheadtower.com/c?x=mbjlyStj4nocaxiSuBBqOEzQee8NowdG4dISIXpErNc=&c=T/LKUJ9/6Fj1XrPirnASJ7datw07dn3Vkr83U7OfXJEqJcw/kln4Yi7KQS1EZdYVLKKNjHK5 sysz4apZOidLATB wWmdhOXra3vdJFmcJ5dHnIPWN3YkmWznkcUrJ015USZk6aKavRvx8GknP4dgS8I/T3ZCRD3YLA2ZNWqC64=&e=0&downloadAs=uTorrent-win10&fallback_url=http://.../uTorrent.exe  (utorrent-win10.exe)

The following 23 files have been seen to comunicate with www.cycleheadtower.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.33.46.229:80
Client.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
browserair.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
e5be.tmp

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 52.38.209.219:80
client.exe

 
Latest 20 of 59 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.