home

www.bundlestoursafe.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
bundlestoursafe.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.AC.Installer (M), PUP.InstallCore.AC (M)
100.00%

The domain www.bundlestoursafe.com has been seen to resolve to the following 11 IP addresses.

52.34.184.36
ec2-52-34-184-36.us-west-2.compute.amazonaws.com
September 2, 2016

52.36.112.186
ec2-52-36-112-186.us-west-2.compute.amazonaws.com
August 27, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
July 27, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
July 27, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
July 27, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
July 27, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
July 27, 2016

52.10.159.134
ec2-52-10-159-134.us-west-2.compute.amazonaws.com
July 27, 2016

54.200.224.121
ec2-54-200-224-121.us-west-2.compute.amazonaws.com
July 27, 2016

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
July 27, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
July 27, 2016

File downloads found at URLs served by www.bundlestoursafe.com.

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=EDKwySr vngpQd6C0BO5tOXn2Cvjm5/EGsunHr3C9x4=&c= ol9XXfacX TJPB8gg24OPZ7kn8tMKwnvdPaYo4lrYuMPxuF5uNchf 51WcQ/me1aycUeJncuiZxSkJalPNl2SsPnnVpythhdM dc8SQbCMrbgC6HdTGABQ1qHyL7Apg&downloadAs=Frost_-_Do_Me_RightP.exe&fallback_url=http://.../get.php?file=fc0d7228&m3  (77641d78d903ef1c675fcc318a202ddb)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=Q13evSd5Ees8/49xy4QXk/c8l7Or8p5npbeeZe8RuQ0=&c=a1QHsBF U5dkGvLy2j71FMCJ/mPiv2ZCQrFkOtokeH35uRzXTyOMpHhywDTRho ykPdKehzm6Fn5DIuECsIVW0aNJvGw8O5H1mhp6k8 YzUMcWv6qm8O/qqEp9vqowXE&downloadAs=setup.exe&fallback_url=http://.../setup1.19.exe  (c74e946c1d3ee374702b16ec4ee1dd7d)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=HTlK7Gm7dNvr2tUSTU5sKoiLszY8H2wt Mayx4KRx/g=&c=VrVldhkvpjl/ATn3mQvR5gs0e C/Be606scxddYjj1cYyYhfz1XBwT/2EAj2P7aDb3WdS/Y qp/56WPkQkQbvCEhMWmwQfFGJsugjA8Lo0qaThBdMFDkTAz0JDq3fVZ&downloadAs=Driver_Toolkit_85_Cr.exe&fallback_url=http://.../get.php?file=03c74bea&m3  (bfaf0fe10a02fc5e4250ad1b6766e086)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=BElod4Di0e5OZxk7cKJQK5uJLJI0WtNYJAK9eTvslVE=&c=0R8CTPvjyTvm2ie oeg/6E6kf8dCXxxy1lRPSUHZ/X0N9b4hbyhRlUWMTM/H/uUrejtdY4c3NHiAPpnYxdEWoiLBOEa5QR47k5lTmGaLIzZnJb8GtW4YJQvdSSoY7Jro&downloadAs=Amazulu.exe&fallback_url=http://.../get.php?file=7efa0602&m3  (50dd1ccdf024e6afe3c13ec2441d80cb)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=iv093OGSTyRmigGJeGhTFz3oEm0Kn/X/UCnG8A6r7Bo=&c=tOPoz/Xdst7O/SvoXKY6Lp73WUO6JLgumxVghV5ZJZnHxqKWi2X7/4VmVMBjXZ3XpafeRdk1/7gC7g6UNVGiE0i9TGS7HPNlm1XxdUdizgqMgHdWczM 5gs ARGupQJD&downloadAs=setup.exe&fallback_url=http://.../setup1.19.exe  (c74e946c1d3ee374702b16ec4ee1dd7d)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=paHXVVBbpg0nIO7CaM4FxzbNe BrVfbT9oeu0LH944=&c=0qw6qGwo H9x/b5SAOdgbx7kQQHRXBn2HtE4BsQkuGetGenqJXi70qSJUYjBkW83nuTBtODWJKiX4gB98t T47ge7HxQi9g/qUOQXegdykGBrYukAfAvwiI6VD3Dc Y8&downloadAs=FacebookHackerPro_By.exe&fallback_url=http://.../get.php?file=5404fb37&m3  (d8eeb6d8b8c32e14fe64ce6cf042fca9)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=9MT6E0AP Aj rlhxI50U2JTqFeEJN3sg3lgCm/Xh/U=&c=RcRqPoDzjp ZPjtBoKAKsKApX03RJG9UfB rSEXGmkoaW11iDoPMdi8BTOVM4aUhc8Qma0pNmZ2OUpv3Lxl3uTNUdRuB59rT3ZfHrqzd6bJ6qAfVhTXDSX46PgmVxxd&downloadAs=AUD-20160630-WA00021.exe&fallback_url=http://.../get.php?file=279186ed&m3  (10fca16d08b25bc6d0e0ec79ad30186d)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=e/arLuNBKb7W2IlxNA6AW763aHy3qcOPP6K9ANAfkzc=&c=fXE3IThUBRduyNEm5u92GXuSqvH Gq8Vf TaH9o2Cn/uTZTzKHSjFYhiVLyxjZqzjhfT6E2JX7fsrj87UKojHMQ4n5UBUyWcBWTiayQzmvpa0V23rsXGVBLajfS65rDD&downloadAs=Tinashe_Ft_Iggy_Azal.exe&fallback_url=http://.../get.php?file=851a1d2f&m3  (65bece50732d8e521ea20e20022679a0)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=aZwtfGEwJS/uF5TI0c83ZsY/suJczQc07TVY8sZa FU=&c=7kWwtEkiwVSre88zsjhumHGAMnoGtEmyelSpwGt7h45pV1pVnJtfCb3YSmE 2Hn/sVry8EDUSjOH71Han 1QO5MpQoo8L13n/Xl7xLbJpAKLMQ3bCDLNB8jUanqfmhLL&downloadAs=install-214.exe&fallback_url=http://.../get.php?file=db5fa923&m3  (ef683b4cecb96aae9e90444fce39477c)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=Ku0Aw8mFtW8ez7tbu udriZ93QirOnp8FZ5oRpYqiGM=&c=PB0klrCDwKBwfwUsp 0o gPPXa2vp5fgWHhKXZPSS646t6SbTkVuXIMeWhncZN3vbFPHMQOM6x4CoZ0nP eVJU9wwUaZBdrfiY7kWDHFUkyVXzoNM3rOkPUHZE0vJRgA&downloadAs=Tally_9_Patch.exe&fallback_url=http://.../get.php?file=c21b540a&m3  (fb09466a8d68b4fcaf9cd3ab12c78132)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=hldaLL6PMvSgEA1B2EZD59XcdtM Srr4E fcE5HpHqk=&c=jjg1sYabmYOOg5i8z22dQ3qTLjsYhgHGUVH6nKFNfn 7EU8zfXWiEixQJFls5XtIiwJ520EK6mXfILuyGfPxbZbboE1yLWEqI/oYZ oLOY51oIiFoZ0d Br8hjddroN&downloadAs=Dj_Cleo_-_Down_Dj_Gu.exe&fallback_url=http://.../get.php?file=0ae6ab99&m3  (2f1116b0f90dfe7ca4a17bb873e24a3e)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=XNPj/oMqn9Us8/elgHT99UULNpdcVAZCXwMT1NbPlCM=&c=r39ivhQ5aL5qBhMN6GTenSQekcYfNy3Ik/V5f/u17pXROl BVv4z2Xx5nBMRetcCcSXiUuob8Os65QRjGhA6b0/Q EB2YhYgSC8b9Ckha5ST5UHEVviTdyHmYjXYmzMt&downloadAs=wwwMuhammadNiazNet_P.exe&fallback_url=http://.../get.php?file=77d82802&m3  (9a0efac59a970d8aa3a6eecd32b681b5)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=YtcN08DvlXd5w6q2BaRnLGd2YYXZ/UmrCcTXrvpFXcA=&c=EdWYbsiiDUosHfNiHOmitvPup7LJoav3pu1Bn9oNadtTC53NscgbU0Fc6OzB8n3GaSWKuxERfnqrl0uqdlEO/T5L3eSC0XqfVnCBAonr9Vo5aIPx6nG uUpjxLMEpyRt&downloadAs=ManyCam_Universal_Cr.exe&fallback_url=http://.../get.php?file=f56828b7&m3  (b69b7a1e80f62069c9c212351fe08692)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=sjwJ2oZ09nGcCV93tGF67Jh61F8SZwB1D1otweTL15M=&c=kAdTtjjcZsSFufoHOWd0wTr4hkmLIeEBPp8szb HDc89vm5SKFJQYOcM7U4flY35eDZalE6GijxiZwjFYVY1k1vA/UrbMx7RuibFGWKRFFIkFFyvSNmwQO2ZZG1HzdJL&downloadAs=DGM-SsN.exe&fallback_url=http://.../get.php?file=e5a0a913&m3  (dd7ed7f72c569218ba90452de22dac83)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=qB0LKeLN78rds 1zOe7Rr6IJpXFnzBETLI9wR0Ci2ek=&c=LCojPDJUwr21w3W9wtuPwqY7SRbUJ5UPgtKbuJ90D4GvfXs vQ06WtIWCcC7m1y5WTb sHT8uo5rwneDWFLdq3z7gMLspLW3YCDzJHLKduk0JCexyDl//2Qd/feQu5Fz&downloadAs=MXPP-v1715a-appzzang.exe&fallback_url=http://.../get.php?file=03fd4154&m3  (48070d93d9e0cc85154d3baacae22362)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=NDDaVi4ENANLQFm0c85d4dneMC3CfWu49p2zvrAhp6E=&c=lX9UKO3uuiUUtgBdA1JtwdSSQ1TdPBHh5Yy7zVv0abSvd8C9FgXkyAFCL0sfAv8kjIN62QY kAsr8RpSHpnbMCzLxO9qPn9GC2gogpZpLiqqj6VPwXjBqfb8cnUAvEu2&downloadAs=split4G.exe&fallback_url=http://.../get.php?file=6b3de98a&m3  (b352dd605a6d32e1a7bde215802ea3a5)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=3Y2b0dPhrLKQptFk7PUd3wvDKgvSH3qProxl16UwVWc=&c= OS39wX2iNcWF6NaF6GJqQYfSfR1/0hQ4SayN601ZR5 dRGu30YQD71VFMqFuBpuCMa6nr0GMsfnYhgrc/IfdJZioeHBm6il06/HOPG7s/kLodaA8nJtnjlP5xxH5PpS&downloadAs=GK_MyGreatPredecesso.exe&fallback_url=https://s04.solidfilesusercontent.com/Mzg5MzRjN2U1MDk5NmU0NDgzNGY0ZWI4YTQ5YzcyZWQ4ZWRmN2RhYjoxYkl4MWc6MEtYMmVZdjd5dFBoZFVSSTdReHNaWXE0UGRr/.../GK_MyGreatPredecessors_1-5cbv.7z  (cc74b80b3124791648f80a3e4fa3ad33)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=EgqAVO1A2pxOuLiCq2fjCpZBWgOCHELWbggQfXyy4mQ=&c=PgzW/IsS1EYKoTWZkWa/WstzoNv1yYGuYbYJtM/n8qB4fbc9LS6aJJ9jRXz4zPg/YE3K7oHE52M/qIPw3xU87U4X6Plo8XQai82FckbjFhdLB7fgt4vG8vDiQHfBcJuU&downloadAs=Blood_Blue_Hoogte.exe&fallback_url=http://.../get.php?file=50dff6b9&m3  (4bb0f12e5fa3418327090c3c2563ad5f)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=mOJHQZxNlu4y/XcCTacODQSg4MQbwL/v7L8k1O/2TDI=&c=zPQ8bJvv/OsAwAlqFbp6yZUNwV XoLkSJ4dbVjFD61ItP5DtKGwdPxz5r7oVKxxbzww5ZXk0Q2XReXVp8U4XiuSVeELM1gR 2CjN2Z6qzy7Ms7C 2lIOlPXJP/fWGKZC&downloadAs=Mr_Luu_-_Coco_Remix_.exe&fallback_url=http://.../get.php?file=bcf04f59&m3  (4d4436427883df3c2c59736270a4a901)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=vqhoHhvsbd9ryit1/LbHRuB6qZr9hW2VfadCBcWjYN8=&c=iDDTcUGomIckExY1/3QkzmXNRFzDpISdEzNtotsnTGEIINO8pdTbteVPzbqHDXcFtHBuLPf5jTEOkhGIqSvadB9j0ZsTnKoKrztDjK8s071aNHhOvQi6S8NmOdSCsxt7&downloadAs=FFSetup3350.exe&fallback_url=https://s01.solidfilesusercontent.com/MjE0M2I5MGFiNzE4ZDBjNjEyYTc5ZjI3MmMwZTExOWVjNWE1YzhmYToxYkoxUE86cTBVWmVKX1M5ekNrWC1qTHVDTEMwMnBBU3Rv/.../FFSetup3.3.5.0.rar  (1df63e4262831a179a53bc3eb0b3fb17)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=PUEtHJ 6DhL2UUtxoAzd9YdlnCFLUbHsvSA/UFRXrBg=&c=Ju5yqwOGu4Q0x5DCqLoOpGFhreuDyCWHbfkeb3xEC1yI14fkY065VBX FvpBp4JSRN8NDk19/eBCVsuS4g39aQbUkr qTIp3iWqHPy1aDmge5cjEUPHfnbj3o9zNSpTU&downloadAs=King_Slovo_-_Phola_S.exe&fallback_url=http://.../get.php?file=4624021d&m3  (b43382143eada8c140480ee1df492d25)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=i4eXC81SEZTQ8peqsNhmGirLZ0d/txyzIAXtHYDfSs0=&c=e8iOIu0j70ltSdPj44DOV9GO diwvNwZ3XVqeFKll6dpNtHjBA3sngTUYIzqLMJbbACE6YTFMDSC1ooBGUEiB1WGQDUOjmTbOh4sTqoP1qigwdyhpQUxvFstfuAvwYiv&downloadAs=TEAM_COFFEE_NA_CREMO.exe&fallback_url=http://.../get.php?file=ceaadd87&m3  (059b7230ae8e25ea3600a5bbb7361bf4)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=KTyyl7xXMOVSOoJz2EE/FS2eL8dJxlfgt6v2US/zHME=&c=fDDmRgzDiLMJ5E01/3hauRe4ze87yR0am876WfGDE87j2ylKOaz3u29hlGbQGrODrlOIXb8R5myvCzuO1HYs80X/WWGiOMd0uEuEYdDrc8nMQtti1j7XGKYYDJDeBi7a&downloadAs=Baby_Uyababa.exe&fallback_url=http://.../get.php?file=1c110a67&m3  (42eb449bc4fd560b9751abca7a436b33)

1 / 68      (Adware)
http://www.bundlestoursafe.com/c?x=q7QJmDzIfS2PzOlZgoR6KYlRm3XqFkoaw6ozW 43b4M=&c=SLMucr0uGGCbJCLH9ZOt4XtrpZ0p2fQkl55qkGzK4lJRTydyT55YLPt2QR7IIsA1lp7H3 sD1/d Z/wybD9q50Ft8s/df2hBFSElZOMEYhna4FyHoTzlID5xdSIgupjU&downloadAs=72016301.exe&fallback_url=http://.../get.php?file=23f774e7&m3  (a66956a84cea9b0600c55517ebc79e5e)

The following 50 files have been seen to comunicate with www.bundlestoursafe.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.34.184.36:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.34.184.36:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.34.184.36:80
browser.exe (Browser)

TCP » 54.200.224.121:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.34.184.36:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.34.184.36:80
BrowserSafer.exe (BrowserSafer by Installer Technology Co)

TCP » 54.200.224.121:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.34.184.36:80
Client.exe

 
Latest 20 of 100 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.