Domain > krp.unud.ac.id

More information on this domain is in AlienVault OTX

Reports

http://malware-traffic-analysis.net/2016/01/04/ind...

https://otx.alienvault.com/pulse/5684588967db8c057...

https://otx.alienvault.com/pulse/568855fb67db8c057...

https://otx.alienvault.com/pulse/568af8f24637f2624...

https://twitter.com/Techhelplistcom/status/6822872...

https://www.hybrid-analysis.com/sample/18525e8fb7c...

Files that talk to krp.unud.ac.id

MD5	A/V
e86daca8abdaf5915d5b93283b62e954	[BehavesLike.Win32.PWSZbot.fc]
d6a270728a9d3541063d36922051b64a
7a397113a85253e104987c230fb89ee4	[Ransom-CWall.b] [Ransom.FileCryptor] [Trojan.Win32.DownLoader18.dzmzzu] [Trojan.Cryptodefense] [Win32/Filecoder.FJ] [TROJ_FRS.0NA003A716] [Trojan-Ransom.Win32.Cryptodef.acfo] [Trojan.Cryptodef!] [Troj/Ransom-BWP] [UnclassifiedMalware] [Trojan.DownLoader18.44072] [Trojan.Cryptodef.Win32.2250] [TROJ_FRS.0NA003A716] [Ransom-CWall.b] [W32/Trojan.PEHP-6865] [Trojan.Cryptodef.qd] [TR/Crypt.ZPACK.194937] [Ransom:Win32/Crowti.A] [Trj/CryptoWall.C] [Trojan.Win32.Filecoder] [W32/Filecoder.FJ!tr]
eac3832f2d57139695ca29e01509c088	[Ransom.CryptoWall] [Trojan.Cryptodef.Win32.2319] [Troj.Ad.Cryptowall!c] [Ransom_.8F9ACDB4] [Win32.Trojan.WisdomEyes.16070401.9500.9900] [Ransom_.8F9ACDB4] [BC.Win.Packer.Troll-14] [Trojan-Ransom.Win32.Cryptodef.acdr] [Trojan.Win32.DownLoader18.dznaxv] [Trojan.DownLoader18.39796] [virus.win32.sality.am] [BehavesLike.Virut.dc] [W32/Trojan.CKGA-3018] [TR/AD.Cryptowall.Y.83] [Trojan[Ransom]/Win32.Cryptodef] [Ransom:Win32/Crowti.A] [Trojan/Win32.Crowti.R175754] [RDN/Suspicious.bfr] [BScope.Malware-Cryptor.Trash] [Trojan.Cryptodef!] [Ransom.Win32.Crowti] [W32/Kryptik.EJXP!tr] [Crypt5.ZLU] [Trj/GdSda.A]

DNS Resolutions

Date	IP Address
2015-10-01	180.250.210.23 (ClassC)
2016-02-14	103.29.196.236 (ClassC)
2018-10-11	103.29.196.176 (ClassC)
2025-05-28	103.29.196.181 (ClassC)

HTTP/1.1 200 OKServer: nginxDate: Mon, 17 Jun 2019 06:17:48 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveSet-Cookie: qtrans_front_languageID; expiresTue, 16-

!doctype html>html langid-ID>head>	meta charsetUTF-8>	meta nameviewport contentwidthdevice-width, initial-scale1, maximum-scale1.0, user-scalableno>	link relprofile hrefhttp://gmpg.org/xfn/11>	title>Pusat Unggulan Pariwisata – Universitas Udayana/title>link reldns-prefetch href//maxcdn.bootstrapcdn.com />link reldns-prefetch href//s.w.org />link relalternate typeapplication/rss+xml titlePusat Unggulan Pariwisata » Feed hrefhttps://pupar.unud.ac.id/?feedrss2 />link relalternate typeapplication/rss+xml titlePusat Unggulan Pariwisata » Umpan Komentar hrefhttps://pupar.unud.ac.id/?feedcomments-rss2 />		script typetext/javascript>			window._wpemojiSettings  {baseUrl:https://s.w.org/images/core/emoji/2.3/72x72/,ext:.png,svgUrl:https://s.w.org/images/core/emoji/2.3/svg/,svgExt:.svg,source:{concatemoji:https://pupar.unud.ac.id/wp-includes/js/wp-emoji-release.min.js?ver4.8.9}};			!function(a,b,c){function d(a){var b,c,d,e,fString.fromCharCode;if(!k||!k.fillText)return!1;switch(k.clearRect(0,0,j.width,j.height),k.textBaselinetop,k.font600 32px Arial,a){caseflag:return k.fillText(f(55356,56826,55356,56819),0,0),bj.toDataURL(),k.clearRect(0,0,j.width,j.height),k.fillText(f(55356,56826,8203,55356,56819),0,0),cj.toDataURL(),b!c&&(k.clearRect(0,0,j.width,j.height),k.fillText(f(55356,57332,56128,56423,56128,56418,56128,56421,56128,56430,56128,56423,56128,56447),0,0),bj.toDataURL(),k.clearRect(0,0,j.width,j.height),k.fillText(f(55356,57332,8203,56128,56423,8203,56128,56418,8203,56128,56421,8203,56128,56430,8203,56128,56423,8203,56128,56447),0,0),cj.toDataURL(),b!c);caseemoji4:return k.fillText(f(55358,56794,8205,9794,65039),0,0),dj.toDataURL(),k.clearRect(0,0,j.width,j.height),k.fillText(f(55358,56794,8203,9794,65039),0,0),ej.toDataURL(),d!e}return!1}function e(a){var cb.createElement(script);c.srca,c.deferc.typetext/javascript,b.getElementsByTagName(head)0.appendChild(c)}var f,g,h,i,jb.createElement(canvas),kj.getContext&&j.getContext(2d);for(iArray(flag,emoji4),c.supports{everything:!0,everythingExceptFlag:!0}

Subdomains

Date	Domain	IP
ns2.unud.ac.id	2025-05-11	103.29.196.228
ns3.unud.ac.id	2025-05-14	103.29.196.231
bem.unud.ac.id	2025-05-23	103.69.197.39
fp.unud.ac.id	2025-05-26	103.29.196.180
krp.unud.ac.id	2018-10-11	103.29.196.176
ar.unud.ac.id	2025-05-27	103.29.196.180
www.ar.unud.ac.id	2016-06-28	103.29.196.236
git.cs.unud.ac.id	2025-05-23	103.29.196.134
www.git.cs.unud.ac.id	2025-05-23	103.29.196.134
cresos.unud.ac.id	2025-05-28	103.29.196.103
pps.unud.ac.id	2025-05-25	103.69.197.39
www.unud.ac.id	2025-05-22	103.29.196.156

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > krp.unud.ac.id

Is this malicious?

Reports

Files that talk to krp.unud.ac.id

DNS Resolutions

Port 80

Port 443

Subdomains