home

www.cycletodaygrab.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
cycletodaygrab.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.Installer.Installer (M)
100.00%

The domain www.cycletodaygrab.com has been seen to resolve to the following 11 IP addresses.

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 18, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 18, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 19, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 19, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 19, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 12, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 12, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 12, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 12, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 12, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 12, 2016

File downloads found at URLs served by www.cycletodaygrab.com.

1 / 68      (Adware)
http://www.cycletodaygrab.com/c?x=yqg7hTjE3L0C2/Vn4pWXN2ZPrEsSpp/raOnXfdbBlFU=&c=vHWnVYaJWoUyxXNzxr3agkSCXX0W Vvge Awvkvv1 6qjIFJi7SFqGMqAt/DbKxuDKpQz2Tpily/FWuGLPXMzgjNpeWbcT/eldFpSNNzuLWB0FlOlWxa8e9yCJmvD4wf&downloadAs=FinalMediaPlayer2014U1Setup.exe&fallback_url=http://www.finalmediaplayer.com/.../newest.exe  (icreinstall_finalmediaplayer2014u1setup.exe)

1 / 68      (Adware)
http://www.cycletodaygrab.com/c?x=O2Z9vv3c9AcOmmmZMalPoYWfSgWT1Kagrao5QqLjs0o=&c= LyxWXjZtT/MwCghl9HmGOC8iQ 1bG/vK3/is0hK7UiLt4m1H22nWvV2 g26CgzictBbA0eG3PsLVQqn6RmbVDIzvw1La1gGlvSVQbXlyX4GM6Jf295cAFWfATVuGFQM&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe  (cd0e00612b527b30522b158b27ac9d49)

1 / 68      (Adware)
http://www.cycletodaygrab.com/c?x=nuIpkjmnQhd5ECq7T/HRsjzyNakzxWBk6UYAs4r4jSk=&c=bwcOvDtPYPc5S1tjzONAQajO2GDcPYEFKh/3Vg1WN2kprSqAJ2HC9uMTKf/s3RsthVoZQqPlDr6iSs6IMoGD EsVRUv0WpAOFqvwhomMy50yYFdXCdhzIAXyDPXe9htG&downloadAs=FinalMediaPlayer2014U1Setup.exe&fallback_url=http://www.finalmediaplayer.com/.../newest.exe  (icreinstall_finalmediaplayer2014u1setup.exe)

1 / 68      (Adware)
http://www.cycletodaygrab.com/c?x=1/nDDWgsOxkV0bWh0qJU/AtNek0N5tKAWRzvVw/fDpQ=&c=dcYSGT/L9XYQyNOvbHQurunt7mEXfUeUak4RYpmVz9PkDXuTCrDwITBfws1TmgASfOFg6S2VXWqMgJgMHDhf65Eb BzjDuY68hIJoKEs3AZQ2nHjUeJWiz7gt6Vsm/Wy&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe  (cd0e00612b527b30522b158b27ac9d49)

1 / 68      (Adware)
http://www.cycletodaygrab.com/c?x=MaSlj7DmtaFegtY050FN3uOoUxfevoWmIU/GSP5LOW0=&c=78o0LicTF36RXYzvpuq4rGfO6Eu3L7BN9Xaq0ECY40c0CtshdDJ8cE6K4jJWAXVSgdh7j74gwJDgscjXkjksIupwFNuMM74bpjBQCPhhKk2kSi5SsrKD Nc2iyIRKmfj&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe  (icreinstall_bitzipper2015setup.exe)

1 / 68      (Adware)
http://www.cycletodaygrab.com/c?x=ljpbcwmy6FpWV//cvzbz7JV7lWGp/0vfjEw0sb4VuvY=&c=ielbX8 u4W4TQjgwnGHSKoYXYzXqWDq ueX56WPqg3eg92qXgpaFA1 MSUgv52xV5NuLSCN0XXcDltGaaCMr/WvP5ejNr/1jw4z/FCEE S9tmFf2SYgANOnAX7IyRa4O&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe  (cd0e00612b527b30522b158b27ac9d49)

1 / 68      (Adware)
http://www.cycletodaygrab.com/c?x=vnA3FjY7AtC/edZJNy UBveYfDTx4vGEBqAIukTPfLI=&c=cyxxTL7j8ldQQNAUU6pM24TObA1oR84KDAbGASRtzsYWn O1fQvgxFXRZJg4agjBlgEoz93Tu12F2NKKlIyBTvcCcwVUPnpfSyVhipTYgTcqqHJjsEFxKPEdU9b1ENgp&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe  (cd0e00612b527b30522b158b27ac9d49)

1 / 68      (Adware)
http://www.cycletodaygrab.com/c?x= p/kG4iXYMZAna4cnIq9i9dDav/jMimNd/y7XHDebo8=&c=qWCv5xKWrT6umtzT3PPsaVdyDk U2Xtct6gAkdaYfooU/a8Z1q2goJW IjIrZVyH9YYXq37RByd56uRfeRGkV5idgMaX371noB0MjKgxAbAfU5YDegzbfR vk0eablrE&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe  (cd0e00612b527b30522b158b27ac9d49)

1 / 68      (Adware)
http://www.cycletodaygrab.com/c?x=IHIQsbHTEkhQp76HlPJjmebapqjoPQHhWLqG5oNBHAo=&c=jWKn4ih7s71WIWQ42u0tpyV5ot10KSwCDjgFAEqak5kka303iJTxDf5mJa761erCZqzt3WSafVVbc4M7a2qdpk9HY/5bPWRBpOFFTZZeu3SzpA3I1JWPLBn4TUw8XUcM&downloadAs=FinalMediaPlayer2014U1Setup.exe&fallback_url=http://www.finalmediaplayer.com/.../newest.exe  (icreinstall_finalmediaplayer2014u1setup.exe)

1 / 68      (Adware)
http://www.cycletodaygrab.com/c?x=WMnwUDyOQaMyrKcaS3e7dPhgmWD8q9hjW4vDStE/EgM=&c=xE70XzGC8a1itXJ3sD1ZOQyNkt3/LsUIvCZXrft N7o PUHmwCtLetbyDB/zcpIkQrfYqK Rq/yD4c3eOBe1HG1W74rv3BdU5Y6McbkOdX6/Q6UTdrnYs2YccfRQRmpJ&downloadAs=FinalMediaPlayer2014U1Setup.exe&fallback_url=http://www.finalmediaplayer.com/.../newest.exe  (icreinstall_finalmediaplayer2014u1setup.exe)

1 / 68      (Adware)
http://www.cycletodaygrab.com/c?x=zoqwmn75JV1E QcywylR4liaR/d5FUTQQ/0lqBYFVBY=&c=47hon/5WeNu1WQUrzaSpOocTBgZq w7JL btWdymF/dWgBQ In5uHjAy399vr8Hn99r4bbI3ewBNo56EXDD1qwpX6RzqsVcT6j8SSSuQhlnqQhe3h77G22tkxgY7N06L&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe  (cd0e00612b527b30522b158b27ac9d49)

1 / 68      (Adware)
http://www.cycletodaygrab.com/c?x=BtzhUihKwNk90TgkZAWd3QcI//33CaH0LuyRC3FDmtE=&c=yDO5tGtGksxkl8rfAS7am g3PiI86k0qpQkTvPX1xWQVQsnQ3EXqa5FzvZvBVGtLqpWiJ40iLfw6rC/UGCC1nfFeYSQy77cQ1yN1jKCgLUOg7YxQmFw6IGCKFlw3JegZ&downloadAs=FinalMediaPlayer2014U1Setup.exe&fallback_url=http://www.finalmediaplayer.com/.../newest.exe  (icreinstall_finalmediaplayer2014u1setup.exe)

The following 6 files have been seen to comunicate with www.cycletodaygrab.com in live environments.

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.