home

s166.kumpulbagi.id

Domain Information

Server location:
Singapore, Singapore (SG)

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US

Root domain:
kumpulbagi.id

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bundler.Meta (M)
100.00%

The domain s166.kumpulbagi.id has been seen to resolve to the following 2 IP addresses.

119.81.2.142
8e.02.5177.ip4.static.sl-reverse.com
July 8, 2016

119.81.95.105
69.5f.5177.ip4.static.sl-reverse.com
April 18, 2016

File downloads found at URLs served by s166.kumpulbagi.id.

1 / 68      (PUP)
http://s166.kumpulbagi.id/download?e=LdBc_Fj_lfY4jJnR0jje0ss1SwA4c5Vnsgm2AeQOUM1SdJGv4reaJpeKkqvJ4ZZR8DVTF3cF-sAZdbsn4vU460A6QF6p3AYbdOmwyQbB_il2kkyvLrB0M76PXKS6UZ3k5RYA_ev-SZFIqYuN2HDmA4NJqiXNUZbgMyj5yXunOyl_I2Kh7FQGKTwRw-QudGR_fpWqADzzP1NTjkXrmPaLqQ  (ragnarokreturn.exe)

1 / 68      (PUP)
http://s166.kumpulbagi.id/download?e=AApYfS-e7jZltuM-RHqFBSzk9FfCleCrED6bQ-1JYwABVQDVrOFiIXgRJHg9El8Kh4zZJWt7v18Y8-5CqLh5quyx1cXNldJOOEjvPdHTBK7qtsEOohCNxc1yXYJFNiyWPPtd14WiuwBwvlMgod-ekImgMSexC4BYxTAbx7kHLG0Xp6DAIgKYVGSx0HWFgQ6LSgB3N2zNcVrwgtlSrC8e5w  (ragnarokreturn.exe)

1 / 68      (PUP)
http://s166.kumpulbagi.id/download?e=mPV6ijfUligpOja6-0Y3GyMec3xU-8qdN4nqH13VpfecgqNyVLU-LM3Ta3Z3ilhjOY9QhxEdRbx_-Sji7_gHwYqhiGz-Xe6fAL4Bzc38vwtQ96gyaXk6gnlzNDAEU7f2MB0Wtu2naAZYNXd2ZmArJfUqL7zqNHy4eFpFb1B6Wu3agP9rHIB6q97EHbpHNtHkzztNuqDMG3Z4IPavmxPQBA  (ragnarokreturn.exe)

1 / 68      (PUP)
http://s166.kumpulbagi.id/download?e=7Vmq4S3Pp9IG7LABATbtDivscY1Carvmg7I3CWZL0eLTGJN56C8XomVgMY_t11Ygm_7-VyqZ87kAnIqkk_B6Ponw8ivJSvyBHphlF26x1P9JFa6bn8Mm1SA6iRfYGwBn4k3XQFr5s0MQ68c0o6TCZxSHoRvcEdz7TD9fcQvx0g0UoEdJK-D8NgSP1Lmx4NoTgLGBC38HPBGNqycjCBA-uagSRz4WI4g5pN6_kP1btPs  (ragnarokreturn.exe)

The following 5 files have been seen to comunicate with s166.kumpulbagi.id in live environments.

TCP » 119.81.2.142:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 119.81.2.142:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 119.81.2.142:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 119.81.2.142:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 119.81.2.142:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

kumpulbagi.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.