home

www.presenttowertour.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
presenttowertour.com

Scanner detections:
Detections  (67% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore.BeijingQingchuanglianxiangTechnologyCo.Installer (M), PUP.InstallCore.AVSoftwa.Installer (M)
100.00%

ESET NOD32
Win32/InstallCore.ADX.gen potentially unwanted application
50.00%

The domain www.presenttowertour.com has been seen to resolve to the following 9 IP addresses.

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 18, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 16, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 16, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 16, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 16, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 16, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 16, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 16, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 16, 2016

File downloads found at URLs served by www.presenttowertour.com.

2 / 68      (PUP)
http://www.presenttowertour.com/c?x=Wirqe3DBXfs7B7RwGPYMhDk70i0FTT nUoXr7uYPfnY=&c=PMxITUyysOQ1QTxSwuFlfBroQQa9k6/UlGIZO hr9yDlHQ4/KHRuSofyC8/EFoE9TbJn/6meko2cwPMKvP8Zu5MULNT3X3xJLoeh nxq4nJmkD67XBSfE6DKm5 zo1pN&downloadAs=FreeOCRtoWord.exe&fallback_url=http://www.downloadonic.com/ocrtoword.com/.../FreeOCRtoWord_IS.exe  (d780558d8b5d9de35bd0c0c5269254df)

1 / 68      (PUP)
http://www.presenttowertour.com/c?x=pldz3R0/tdUU4QcD0v0CUteKvASJhOjMc9pjqpnj1l4=&c=MPhOBaCBtKoaUJ2dRxHLIzamF0en4jjKJd2v/ST8V2hQl0tECn4s34LzSkBojuFHBrMMzJW9jTOHxdXtkK5qV7n TWxxVNXbMFj2/Xu6I0OynIe5DUgsm5GItxUyg16h&downloadAs=Baduck_V1_2013vol1.exe&fallback_url=http://.../get.php?file=426e98c1&m3  (8dda6ddebb8bb3bd26c7f3113312859d)

0 / 68
http://www.presenttowertour.com/WVl6OTRQVWdsTWtaTWRtb3lZbGgwUm5CNVZrVkdkR0VsTWtKS2RXNVpkbkZpTVRJemQweEZNbmRoVTJneVIwZzFaRzQwSlRORUptTTlPRWRFYkhRNVptSlRkR3cyZFVKQ2NEQjVlWFpUTjJaSVluWlVPVEZOZW1aRVFsVXpTVFZKY1dKUVVubHZSbTlEZDFaVmJDVXlRamt4YW1WMmQzZHhhRlZQWVZsSlFVdzBaa1k1TVVFMldqbE9VRWMxVW1wRmVGQkxhM2xGZEhOS1ZVTlJiVE5SVkhFMGRtcFhWRkpWVkc1MlFXb3dlVE14YW1aTVVUTlpjSHA2Vnlaa2IzZHViRzloWkVGelBVWnlaV1ZQUTFKMGIxZHZjbVF1WlhobEptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTkJKVEpHSlRKR2QzZDNMbVJ2ZDI1c2IyRmtiMjVwWXk1amIyMGxNa1p2WTNKMGIzZHZjbVF1WTI5dEpUSkdabWxzWlhOa2IzZHViRzloWkNVeVJrWnlaV1ZQUTFKMGIxZHZjbVJmU1ZNdVpYaGw=  (freeocrtoword.zip)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.