home

www.tourslaboratorycenter.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
tourslaboratorycenter.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.Installer.Installer (M), PUP.InstallCore.FC.Installer (M)
100.00%

The domain www.tourslaboratorycenter.com has been seen to resolve to the following 11 IP addresses.

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 16, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 16, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 16, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 16, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 16, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 10, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 10, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 10, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 10, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 10, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 10, 2016

File downloads found at URLs served by www.tourslaboratorycenter.com.

1 / 68      (Adware)
http://www.tourslaboratorycenter.com/c?x=CjzJ0MPqVsEBn6xTh1WBDUF/pa1dYpaJTsKIy3H1y98=&c=yz5N5nw1iCa3OZ16BCgWUeiAorx00vnq7oXu66a1bGmXRD9xZXjjud4wXoqPliXhXDKpH7OAArzkwWnoZaoosJvBeDmp4RmqERHt0hlZPB5rqUF9cbIeTi3eshZWw0UK&fallback_url=http://storage.dobreprogramy.pl/.../MPC_XPVist_6.4.9.1_(12.06.08)_PL(dobreprogramy.pl).zip&downloadAs=Media-Player-Classic-12273-dp.exe  (c28c54d46b34fd4afbc2e137b4d5d510)

1 / 68      (Adware)
http://www.tourslaboratorycenter.com/c?x=NQu sxQlV5no4vUGAwWVQxxC80xRy3iWjiM8inDc5og=&c=O7cGFHtqq15efD0w3rJ9DUt0aBUWCCILZMSJaSQIJ8lKEdHXndM7TAvN91tw8LhXTG/NPJ 8oduebvRuTFwwjn564zZg2JISRMQC1GgIImEoZzaMmFrA7XpozLlaK4X &fallback_url=http://www.allplayer.org/.../ALLPlayerPL.exe&downloadAs=ALLPlayer-13217-dp.exe  (38b2959e3f79c3fa200dc58acc2a8ebf)

1 / 68      (Adware)
http://www.tourslaboratorycenter.com/c?x=ttBrl/IFl cb0QEewFxc14wujqAsz8H3P CXKwsxU4E=&c=Vqwd90f6R/YcF eyj38ZtinNEnkNQPDGU3WlxKDbEMVuvgf/mznsAN/C/b6j8j85LWB9M/gdN/Wx4I1H/eRmNp8DxcUKkVodqYXrIg6/sVwMlsVOMyFs l gv65OrGfP&fallback_url=http://www.7-zip.org/.../7z1514-x64.exe&downloadAs=7Zip-12559-dp.exe  (cd1af9d60d2a8c21ea6a6613be5c1328)

1 / 68      (Adware)
http://www.tourslaboratorycenter.com/c?x=yNNH4GYlfPsUvdnhqupd0IyoJpD3YVfP7dxt20CRwz8=&c=ClGUyuwUtbM8fSsb9fbRlpNs1pTEXkEJu5SsnC1MzujApjckUT73VUSvXmUPzIS4hNsV9PYdh9gRn8X4LIU h TtVWkTIaWgo3Kd4He2dVykkBZjDUrNr32JyIiEyLlo&fallback_url=https://ftp.mozilla.org/pub/firefox/releases/44.0.2/win64/.../Firefox Setup 44.0.2.exe&downloadAs=Firefox-13108-dp.exe  (571677c5d0799e9d5f20ae99943e2074)

1 / 68      (Adware)
http://www.tourslaboratorycenter.com/c?x=Fxc MGnK IDhHlpHrdH5e2is1ISkvwe3Ci4cJ4y8IfE=&c=xa5XMEv2hPMSI4vlDXUTtER5ANs7CaiIxOeq6gKXXlW3WtSRqwlzX3oQje3c3oSA7tURUQVGoxwDp/xQmucFRuNdQvFQzGOoIyAcIPlaut4zpUF6AJVtx5eqH4wjJtus&fallback_url=http://.../winzip200-64.msi&downloadAs=WinZip-12854-dp.exe  (86139fa5419bf1280fd838db9491d1dc)

1 / 68      (Adware)
http://www.tourslaboratorycenter.com/c?x=hkWP7E/ahZMwUh01/HTW7TMwMPyPglFYkz2JL6yg7qY=&c=jp/bz0d8xZfYGBcRDnvDn0tWxu7OTEGpjvEYnY1xEsvE1Tc/AHQeMcF0kFBxIbYzBFHxXegsDSwpF1cWHkjDvSS06FEYH5hIRW6/yfqTUW66LqIuQDx9LIie01cg2dRY&fallback_url=http://www.rarlab.com/.../wrar531pl.exe&downloadAs=WinRAR-12398-dp.exe  (41d36784197e9fa439869422a1b6ad03)

The following 6 files have been seen to comunicate with www.tourslaboratorycenter.com in live environments.

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.