home

www.vaultscontenthead.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
vaultscontenthead.com

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.AGORASA.Installer (M)
95.45%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
4.55%

F-Secure
Application:W32/Generic.70053c248f!Online
4.55%

The domain www.vaultscontenthead.com has been seen to resolve to the following 16 IP addresses.

52.10.159.134
ec2-52-10-159-134.us-west-2.compute.amazonaws.com
August 11, 2016

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
July 17, 2016

54.200.224.121
ec2-54-200-224-121.us-west-2.compute.amazonaws.com
July 17, 2016

54.149.195.20
ec2-54-149-195-20.us-west-2.compute.amazonaws.com
July 3, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
June 27, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
June 27, 2016

54.191.246.249
ec2-54-191-246-249.us-west-2.compute.amazonaws.com
June 27, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
May 29, 2016

52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
May 29, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
May 29, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 28, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
May 28, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
May 28, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
May 28, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
May 28, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 28, 2016

File downloads found at URLs served by www.vaultscontenthead.com.

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=jZAGnPWnbYQDAAy YBfa5RfUhWAFNbJjvYhvm9aQFkM=&c=xHjiLZmubDOhlJfHqRRCiLtlGiICfQriLpsOJJGePGt5u1v4zCnBKJ3FLEmUgTSe3bI0MfZZAXIWsRGLrLfpUnNTJ8E85zJbUB5rOhVrqHln4LCrPcIw qNTLbxm2JcN&fallback_url=http://bi.sciagnij.pl/0/.../liero.zip&downloadAs=installer_Liero_sciagnij.exe  (b3cb65108051bb9d8f4368c4cf0d8823)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=Qoe7Zpm411PUf3sSWe1hn2WwvUS766sgp4SpGqRuDPw=&c=iUQcPa3nED3/vh4mlShXImuWOIH2uPCrERSTETjHyLkbngPV m8cLDElqtRt3Tv3/ZD8VT8GYoiPzsT1xGY/pcjmJl63a25fFJsPbt25xBmSzVlR7zHlDuoMDZB94NjE&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Office_sciagnij.exe  (0e00a7aca78300266f8df488afd5aff6)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=2Oan2LpSimGkTY VlU4AShc9XDBjKD/hJpo4OJkcMOc=&c=hcT63CvMuwho3AWqnFovGvOF5g054fzkbYrIxOiOImTjzn YJM2tyWgPxe6ckRKm2O40w5 jw5mS9mXZ94LOM5mZVIvZHviwVVm/nOvbo5QGM2BDBD9mn lBfvoNzUpo&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe  (6768c83cfed1b2c06812c0c65ff47927)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=/0MazzctlEc ulG3kzcJxSmM1zKPuUSrkVgxMuBqg Y=&c=ivjWVZOxQh4KW2zNmbqRg LZ6C/JiU5zjaMtM4P93txb3dRvVa/E2dfK6lwS41x2ft8dZS70 tnNQq3up5ASLCW JjCyNiIwJV52FlqhvoJGEOl9yi8HXp/ZfWCMmOeY&fallback_url=http://bi.sciagnij.pl/0/.../SteamSetup.exe&downloadAs=installer_Steam_sciagnij.exe  (icreinstall_installer_steam_sciagnij.exe)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=s1lm4Z cNRBbWJrJdycRFa 1M8B37ZwEDcJzuekXbuA=&c=gOxJPXcWoNgBLsaZQjtH2TEtGcDt0cifSd5a3tM vacQkHvFNdn3k15bUQEjgXvvQK E6NPzCSptfL tyA9boHNXSOeABN/QZ6R3wYqQW6vjSTw3gjZNZRNlSqBJ5FRI&fallback_url=http://bi.sciagnij.pl/0/.../AutoMapa_6.17_1502_PL_demo.exe&downloadAs=installer_AutoMapa_sciagnij.exe  (b161a1eaea9838f1bb70d38b5fd1b2d6)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=8nXtRqktQShTtNhvHMl3zxSD6HP4oc9kHopop/pK6Gg=&c=CJLu0wumeJ 14Atr3zR6AcNgxdGIFTznw0O qUc57lPAzguIuitS21SrbKAZMU2TIjhFK U/ 9ytC/xjWOh6J0n3AtDgTWezRnzhWWmw/D7k1Px8Cv/vrf0WSQoCsYhV&fallback_url=http://bi.sciagnij.pl/0/gry/n/.../nfsmwdemo.zip&downloadAs=installer_Need_for_Speed:_Most_Wanted_sciagnij.exe  (installer_need_for_speed-_most_wanted_sciagnij.exe)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=XiLW4kisRxr2vU0xyGbKat/WtG8BJOrnKlScgeOnVA0=&c=gqw/hYsvB45beBZ8dSBMROnrgrlmAozZR4rn90lq79f9clPUp4zDjA9DQvE jSBFRh3g4MkROcUuBQ zGi/2R6CU4oAunBA1Lipo1LLhUflfrD9LAYfilJwl X 5THHAR447NhvJavzZcP7YLtNm5Q==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe  (04c10b3d52ba8fe3b4f402c5e18265c2)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=B1vqdfFVohuQmXVHfbL20M03yRxl21w6ekl1zsNaU38=&c=m6xulwj 3auz22mipCXHJZIBs1iY31aEP3SdnzvORCeYYykAz6GnWs/vmA5OnEqqh/X6zve5MXsN9DcbnGEg4W dM7rw1yC9DzLcIMNUn5C3e9T4v8Fq6XN8An1T9qx2&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe  (6768c83cfed1b2c06812c0c65ff47927)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=HyhgFcNMoTnr8ze2eG14H0SSe4Q43mJAh/kT/fx1f1U=&c=GJe4x501pl5X4oFuz1u2Ni8kH0lxQl72DaAcsKreuNKGUIL674GOLShFdUq8oT6Hph5yxs6PTKNmcxLg0pUXD8BJYtuTTDVQkGuMlZRTqN3c65FUwU7ha2UG7V4ricpH&fallback_url=http://bi.sciagnij.pl/0/.../minecraft_server_1.9.zip&downloadAs=installer_Minecraft_Multiplayer_Server_sciagnij.exe  (07818050d65b7edd61ac357b47268b02)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=J1gHXS4Ouz6Gx67vxMhepsnbVqdtAYrzqjR8KjSWSI0=&c=tu XTJrb3ziSQgndehRXi5R9VUTPRfc1L14Jb0pzj2cLiFjDat DH1j3pbZ3qzFLe//qQi1M2Ey7sg9kYRwToNtEh06iB3AoGucetrcpIWIEPZWPENin6K1y 6gXCyZu&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe  (04c10b3d52ba8fe3b4f402c5e18265c2)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=3tDkhQ/0KQ gUJZg89zdGBy8gQQbCJ4ZzDlZFNA6AL0=&c=LtDI4qtOn4NgGu0w1G4ckSW5w5s4nxQZPnR5tsrAzB0C8f2J/05ERLQQMSfml1152nETfJRr50anvkcJvgIf5M0NMkJ50M1yttj l0 sbOh4ROHkeWmTYbfkAuEpgxX&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe  (6768c83cfed1b2c06812c0c65ff47927)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=lBW0w8PJywbcO1/7ZkgiwMn/ASuXLm6py rNR/H/EBs=&c=G 47OpkUD7bIVQg7ANBPhmI8J3pxIkBd2QUq3R7Bj5CJzHa4J0bo9rrJqFjireL22T1hZQ4CdYmueQ1QcWFZie7ygHRdAkBvwKmL/L jtbUa5QbnSesVpM/M4AEIolLH&fallback_url=http://bi.sciagnij.pl/0/.../jpegtopdf_v1.0.zip&downloadAs=installer_JPG_to_PDF_Converter_sciagnij.exe  (c9226f88d914863589380b00c4ac49d0)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=B2m9lH4UoQMUGwl6 I ulZ9Oz79ALJ/5pF2JJS9JLc=&c=AxSnI7FRaGDMND8Ecy cuZ2/oY7yyDTAL83WF38KPpl8UwG8peJCbu9RM7MrrIK9BYhZ/Yu2v gT4N3ZQE3p8lAzSbmVlPfRcntosT6xUvnw5B/yZqjC/paFEdL/WAjA&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe  (6768c83cfed1b2c06812c0c65ff47927)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=e4IG73Vfpfw7P25WhK/yNY3WfLXn5WxQUTR6wHxcr9E=&c=d3wPQNLVHyC5xWOqjI5CXoD8XksYcNes5FNwcT1wuletTa7kKEnm4izNwz3aYhQywzMpZhbPVxLrigU8GYFb2fUn4RrFiaLYk5XdkN79XIrtIY rU9NFHeLjTUkdgjLy&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Outlook_sciagnij.exe  (icreinstall_installer_microsoft_outlook_sciagnij.exe)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=4jfiztsQ1kSNITBkyN8sZDAIh tIUffvgtTlRxIWgqU=&c=Qr VyeO71 /Ggnt157NOaaAlr4dP6tJ/n5q5wK/pmoMLY13NN8oRboPDckkHU1ecD9YQy5dHNEyRZSzLPgOwo1z oViqxqw2q nBriA0rCEeIwwVoHSjzoNQyTAWHNgs&fallback_url=http://bi.sciagnij.pl/0/.../dxwebsetup.exe&downloadAs=installer_DirectX_11_sciagnij.exe  (e7a49df9d989c4fbc310a2a76df72613)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=YVPBDQPPTiwcm4KqrQSpCYt0psVhi/q6w55btVPds9Q=&c=ekxA9SsGDeVAjkTQIXk2i5mrDmWoKAex35id1V6wcX9wFODlVUWwiRHJEQOxsD6Abpvsp/EhMXV5eQslXLFl/reF6Jc10lOik4yvwLiSbVJaXCQlqCgesmbddL4QToOT&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe  (6768c83cfed1b2c06812c0c65ff47927)

2 / 68      (false positives)
http://www.vaultscontenthead.com/c?x=GPPTEBz7SEDQa0QD/bzFBzMqQtabyL8cCbNUjk2iPw0=&c=1wBmrxNZo0hkq7nQUsAH1Ykgs4AmMG8BGAsJSIKh4PW8Q7o/FAIDaOVAfLMTDSHfjveILc4ITjBwy0Uv6k0xD Sun5dxNcpFtx/zQZKbuv2kNIoHHgTTAP6RI7JCIQOi&fallback_url=http://bi.sciagnij.pl/0/.../zyczu-mc.zip&downloadAs=installer_Minecraft_Launcher_by_Zyczu_sciagnij.exe  (wrar420.exe)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=5VKCby5usleV e0ZPMQK Mj5ndImQJR/hqHNuVP8/MY=&c=dsih06V8sFOfogBaVu3ixc50LQXHsLD8urgh7UrdV9qyUXXfwr3if/ajr9DMgzHOTSzSj9NvWGFpoAMSwONlmDRLMuEyVA rfvQFiSbMLIiXRi5qbLcBARkjSGe2Rs1g&fallback_url=http://bi.sciagnij.pl/0/.../klcp_update_1205_20160322.exe&downloadAs=installer_K-Lite_Codec_Pack_Update_sciagnij.exe  (dc88d1bb1d3535951abf7f5213621a3e)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=SSdOtiuAfnOhUJC2DzSikn97/vqv1RBjQ744oMCGBMU=&c=aH8yQCCzabMCkIfNhNLIYsMAX3G6HDtvdH64TBZMHL52TBVcO3JxdaxR8sxmKBN6EJWnSM1AQGJPrThJwrNa5nVdz8dwGnRQ9oDd8Dv ugxPcXjw3oqiyA6wstRFmf2w&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Access_sciagnij.exe  (1a5636811825cc18b9ff8c064875a550)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=yWA 7qSImLJOJ7SPn93u2YKnFdrWXUkVOg0bVTTcy5c=&c=JU69ENnj54eeEbvuzkNVahhw8fSSsFtmsMGwnE/OpGL4iXDqwRAfe8 WyKGsS0dr0FPnduEJcTegxtEB/uUiW476yPDPoNkLXszcMTLLZseXtTQRZYnXbQMsv4k4jlw4&fallback_url=http://bi.sciagnij.pl/0/.../vso_downloader_setup.exe&downloadAs=installer_VSO_Downloader_sciagnij.exe  (b520e815c950b128f9765f0110161f60)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=tD3lYyLcRmeWGpTyRbSg9KCxsCwvXSiy mf8yTN4qt0=&c=oA3nxGL4VXCspg5g/ZtZASgUTcOYVSS99Byjz2hufrFiA0w z/F1oGiPGJny6KwJGyK86RAI4uW5E6tbSR8e3ExF7Nj8Pro76DCCs9Ma3mNokAtysqDcVnhpvoc4g17RZaXl/Qj1FfaoLEXGH3HMYA==&e=0&fallback_url=http://bi.sciagnij.pl/.../0/camtasia.msi&downloadAs=installer_Camtasia_Studio_sciagnij.exe  (36678b5e2cee184036f6add0b5a66ac8)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=q8JctMsGOV04PQSWyXsLbQnjp1K4zA0iM78Jd1hrtrU=&c=IDN83SEbT1kSmJnJzCuhx8PthESkTjTFNA eE/aDx5wc0qoAQR9H1A5xmhGwBWpZKlpmUo95i2CHSTqx0Wlj MghPzPMGsrowQxL1XV6Yka1K3gRaxhtoa2kt45WX80vmP6z5OusNjuZ17yk BNmrg==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../paint.net.4.0.9.install.zip&downloadAs=installer_Paint.NET_sciagnij.exe  (fb78911c091a09aa0c32bb29e746589a)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=MpNHZyvHkBpt6GDpGeM6s2FYfJthN dm6nuvXyEybKM=&c=lmd/wSIOo1PCMDcHf63jB7uPkefDNhxXzMfZLpbg/gEvMWBB8LxXRFXksrd4A10IFaInJmg1AWjI6syglJo6SOgvXZTRRz7ZU0k1Lz sHE9pzoQ0qw7 r7v4uX13JKsi&fallback_url=http://bi.sciagnij.pl/0/.../midi2mp3.zip&downloadAs=installer_Direct_MIDI_to_MP3_Converter_sciagnij.exe  (a4f0b874accb990b0899cb5dd91ad6d6)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=63rUzxtSGRs048URI81B1PDn4VdNvyAGolEARzpCEps=&c=Mpr3hsxIVhyueEgPraEOG77e2CDeh4f7xAnfFGgZTXuX2YzpHB47CAIwEmmiGF3X2Eg4fn/JWBZfvccQHOe8fMK168WCF0qVklxhlmrP0/0VG5ts3PQNkDwrP/1xVKcI&fallback_url=http://www.ivs.it/public/ivsEdits_Folder/.../Setup_ivsEdits2014LE_b491.exe&downloadAs=installer_ivsEdits_sciagnij.exe  (16a501bbd2f55615598941002f8c5050)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=JMp8O3w5b/E7ocq5i0W9GjLj9kOOALlEJdwBlMedrvg=&c=GgoRC97QZTfI407WM3tJEtvUGqYv9RC01ZrYsA8zYlitgCKADlOFTcEc8Syg1RU2G0Du lb9oshrnMOM6t/iEMBVUFC0k8dtY9c6Zl9sic8TSEgD5MkCFtgXhmOcsN3F&fallback_url=http://www.download.cenega.pl/.../?ID=1013&downloadAs=installer_Faces_of_War_sciagnij.exe  (94b8db110da09335fd6dd55a43e4d853)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=KCkUzPYGtIX5pnXiZ3 1zExqXUrEM4KF/W4SGaFf4IA=&c=IOsLLyOk94gOitho4ZvEDHuZidgdeFfmqjqLZzLDTusJ8qmdrrvd9G6l2Cfqi/jvEkSEltxDGViun2bHqiMRde/xoikO9qtlHk9zIKWpBeQQoY3U0lJWumv8ANGw6eUV&fallback_url=http://office.microsoft.com/pl-pl/.../microsoft-exchange-server-2013-poczta-e-mail-dla-firm-serwer-e-mail-FX103765014.aspx&downloadAs=installer_Microsoft_Exchange_Server_sciagnij.exe  (95496ba5f52a1efa812b57d58bdaceeb)

1 / 68      (PUP)
http://www.vaultscontenthead.com/c?x=LJkMx7ctX x82goUnw/CicOFXgZfalQ4cZCJtPMzOfY=&c=fbHSxFXpVI9kWDeRa68YOQrJ0l1MiOGW/kV7rdX6bd80gHeI3r0mI6qgJdkn4v35UduSYMe4BYQV5zlIiTyuoSuEggQQfSJOVP0awlusO7/wKf9YYW2xYm7W/it9k1YT&fallback_url=http://store.steampowered.com/app/.../?snr=1_7_15__13&downloadAs=installer_Napoleon:_Total_War_sciagnij.exe  (installer_napoleon-_total_war_sciagnij.exe)

The following 36 files have been seen to comunicate with www.vaultscontenthead.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 54.200.224.121:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 54.200.224.121:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.33.46.229:80
Client.exe

TCP » 54.200.224.121:80
kmplayer_3.8.0.123.exe.exe (The KMPlayer by PandoraTV)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

 
Latest 20 of 77 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.