Ransomfeed

CARD INFO

Dominio: ubu.ac.th
Registrar: THNIC
Motori AV recap
- Malevolo: 0
- Sospetto: 0
- Non rilevato: 30
- Innocuo: 64
Analisi Antivirus:

- Acronis: [harmless] clean
- 0xSI_f33d: [undetected] unrated
- Abusix: [harmless] clean
- ADMINUSLabs: [harmless] clean
- Axur: [undetected] unrated
- Criminal IP: [harmless] clean
- AILabs (MONITORAPP): [harmless] clean
- AlienVault: [harmless] clean
- alphaMountain.ai: [harmless] clean
- AlphaSOC: [undetected] unrated
- Antiy-AVL: [harmless] clean
- ArcSight Threat Intelligence: [undetected] unrated
- AutoShun: [undetected] unrated
- benkow.cc: [harmless] clean
- Bfore.Ai PreCrime: [undetected] unrated
- BitDefender: [harmless] clean
- Bkav: [undetected] unrated
- Blueliv: [harmless] clean
- Certego: [harmless] clean
- Chong Lua Dao: [harmless] clean
- CINS Army: [harmless] clean
- Cluster25: [undetected] unrated
- CRDF: [harmless] clean
- CSIS Security Group: [undetected] unrated
- Snort IP sample list: [harmless] clean
- CMC Threat Intelligence: [harmless] clean
- Cyan: [undetected] unrated
- Cyble: [harmless] clean
- CyRadar: [harmless] clean
- DNS8: [harmless] clean
- Dr.Web: [harmless] clean
- Ermes: [undetected] unrated
- ESET: [harmless] clean
- ESTsecurity: [harmless] clean
- EmergingThreats: [harmless] clean
- Emsisoft: [harmless] clean
- Forcepoint ThreatSeeker: [harmless] clean
- Fortinet: [harmless] clean
- G-Data: [harmless] clean
- GCP Abuse Intelligence: [undetected] unrated
- Google Safebrowsing: [harmless] clean
- GreenSnow: [harmless] clean
- Gridinsoft: [undetected] unrated
- Heimdal Security: [harmless] clean
- Hunt.io Intelligence: [undetected] unrated
- IPsum: [harmless] clean
- Juniper Networks: [harmless] clean
- Kaspersky: [harmless] clean
- Lionic: [harmless] clean
- Lumu: [undetected] unrated
- MalwarePatrol: [harmless] clean
- MalwareURL: [undetected] unrated
- Malwared: [harmless] clean
- Mimecast: [undetected] unrated
- Netcraft: [undetected] unrated
- OpenPhish: [harmless] clean
- Phishing Database: [harmless] clean
- PhishFort: [undetected] unrated
- PhishLabs: [undetected] unrated
- Phishtank: [harmless] clean
- PREBYTES: [harmless] clean
- PrecisionSec: [undetected] unrated
- Quick Heal: [harmless] clean
- Quttera: [harmless] clean
- SafeToOpen: [undetected] unrated
- Sansec eComscan: [undetected] unrated
- Scantitan: [harmless] clean
- SCUMWARE.org: [harmless] clean
- Seclookup: [harmless] clean
- SecureBrain: [undetected] unrated
- SOCRadar: [undetected] unrated
- Sophos: [harmless] clean
- Spam404: [harmless] clean
- StopForumSpam: [harmless] clean
- Sucuri SiteCheck: [harmless] clean
- ThreatHive: [harmless] clean
- Threatsourcing: [harmless] clean
- Trustwave: [harmless] clean
- Underworld: [undetected] unrated
- URLhaus: [harmless] clean
- URLQuery: [undetected] unrated
- Viettel Threat Intelligence: [harmless] clean
- VIPRE: [undetected] unrated
- VX Vault: [harmless] clean
- ViriBack: [harmless] clean
- Webroot: [harmless] clean
- Yandex Safebrowsing: [harmless] clean
- ZeroCERT: [harmless] clean
- desenmascara.me: [harmless] clean
- malwares.com URL checker: [harmless] clean
- securolytics: [harmless] clean
- Xcitium Verdict Cloud: [harmless] clean
- zvelo: [undetected] unrated
- ZeroFox: [undetected] unrated

Motori che NON classificano il dominio come harmless:

- 0xSI_f33d: undetected (unrated)
- Axur: undetected (unrated)
- AlphaSOC: undetected (unrated)
- ArcSight Threat Intelligence: undetected (unrated)
- AutoShun: undetected (unrated)
- Bfore.Ai PreCrime: undetected (unrated)
- Bkav: undetected (unrated)
- Cluster25: undetected (unrated)
- CSIS Security Group: undetected (unrated)
- Cyan: undetected (unrated)
- Ermes: undetected (unrated)
- GCP Abuse Intelligence: undetected (unrated)
- Gridinsoft: undetected (unrated)
- Hunt.io Intelligence: undetected (unrated)
- Lumu: undetected (unrated)
- MalwareURL: undetected (unrated)
- Mimecast: undetected (unrated)
- Netcraft: undetected (unrated)
- PhishFort: undetected (unrated)
- PhishLabs: undetected (unrated)
- PrecisionSec: undetected (unrated)
- SafeToOpen: undetected (unrated)
- Sansec eComscan: undetected (unrated)
- SecureBrain: undetected (unrated)
- SOCRadar: undetected (unrated)
- Underworld: undetected (unrated)
- URLQuery: undetected (unrated)
- VIPRE: undetected (unrated)
- zvelo: undetected (unrated)
- ZeroFox: undetected (unrated)

Analisi DNS

- Tipo: SOA, Valore: ns.ubu.ac.th
- Tipo: MX, Valore: ASPMX.L.GOOGLE.COM
- Tipo: TXT, Valore: v=spf1
- Tipo: MX, Valore: ALT2.ASPMX.L.GOOGLE.COM
- Tipo: NS, Valore: ns.ubu.ac.th
- Tipo: MX, Valore: ASPMX3.GOOGLEMAIL.COM
- Tipo: MX, Valore: ASPMX2.GOOGLEMAIL.COM
- Tipo: TXT, Valore: cisco-ci-domain-verification=439b87b9cc9b77a2ffb8414e8330c9fb98e431f37cb08b7512bfb2acfd33d821
- Tipo: TXT, Valore: google-site-verification=UDJqbOg1XIy-CmGtvXa_4kqqXqkl-VQ9Q2p5B8FCT-0.
- Tipo: TXT, Valore: MS=6AC9BE48CEEE894CC36ADE2AA3FB6C559117BE6B
- Tipo: MX, Valore: ALT1.ASPMX.L.GOOGLE.COM

Certificato HTTPS

Nessun certificato HTTPS disponibile.

LEAKS NOTI e MALWARE Raw data by HudsonRock
Summary
🧠 Dispositivi infetti: 2820
🌐 Utenti compromessi: 2673
🧑‍💼 Utenti aziendali compromessi: 147
🔑 Password aziendali esposte: 223
🔑 Password users esposte: 10000
🧬 Stealer family e conteggio

RedLine: 1245
Lumma: 559
Generic Stealer: 379
StealC: 241
Raccoon: 188
Vidar: 105
UNKNOWN: 38
Azorult: 31
CRYPTBOT: 12
Mystic: 8
DarkCrystal: 1
Atomic: 1
Taurus: 1

🏢 Utenze aziendali compromesse (link/conteggio)

https://portal.ubu.ac.th/nidp/saml2/sso: 45
http://iot.ubu.ac.th/login: 10
http://www.iot.ubu.ac.th/signup: 10
https://portal.ubu.ac.th/nidp/app/login: 9
https://portal.ubu.ac.th/nidp/idff/sso: 9
https://•••.ubu.ac.th/,••••••••=•••.••••.ubu.ac.th+index_center.php: 8
https://•••.ubu.ac.th/•••_•••••••: 8
https://••••.ubu.ac.th/•••••••-••••••••: 8
https://•••.ubu.ac.th/•••/•••••: 7
http://•••••.•••.ubu.ac.th/••••/•••••.•••: 6
https://••••.ubu.ac.th: 6
https://••••.••••.ubu.ac.th/••••••••/•••••.•••: 6
https://••••••.ubu.ac.th: 6
http://•••••••••.•••.ubu.ac.th/•••••.•••: 5
http://••••.••••.ubu.ac.th: 5
https://•••.ubu.ac.th/••••••: 5
http://•••••••.ubu.ac.th/••••••/•••/•••••.•••: 5
https://•••.ubu.ac.th/••••••/•••••.•••: 4
http://•••••••••.•••.ubu.ac.th/•••••/••••_••: 4
http://•••.•••.ubu.ac.th/•••_•••••.••••: 4
https://•••••.ubu.ac.th/••••••••/•••••.•••: 4
http://•••.••••.ubu.ac.th/••••••••••••••/••-•••••••/•••••••••.•••: 4
https://•••.ubu.ac.th/••••-••/••••/•••_•/•••••••.•••: 3
https://•••.ubu.ac.th/••••-••/••••/•••_••/•••••••.•••: 3
https://•••.ubu.ac.th/••••••/: 2
http://•••••••.•••.ubu.ac.th/•••••.•••: 2
http://•••.•••••.•••.ubu.ac.th/•••••••••/•••••.•••: 2
https://•••.ubu.ac.th/,••••••••=•••.••••.ubu.ac.th+index_center.php: 2
http://•••.•••.ubu.ac.th/•••_•••••.••••: 2
https://•••.ubu.ac.th/•••/••••••/•••••.•••: 2
https://•••.ubu.ac.th/•••/•••••/•••••.•••: 2
https://•••.ubu.ac.th/,••••••••=•••.••••.ubu.ac.th,SSO=U+: 2
http://•••••••.ubu.ac.th/••••••/•••/•••••.•••: 1
http://•••••••.•••.ubu.ac.th/•••••.•••: 1
http://•••.•••.ubu.ac.th/•••••_••••••.•••: 1
http://•••.•••••••••.•••.ubu.ac.th/•••••/••••_••: 1
https://••••••••.ubu.ac.th/••-•••••/•••••••.•••: 1
https://•••.ubu.ac.th/,••••••••=•••.••••.ubu.ac.th+login_submit.php: 1
https://•••.ubu.ac.th/••••-••/••••/•••_••/•••••.•••: 1
https://•••.ubu.ac.th/•••/••••••: 1
http://•••.•••.ubu.ac.th: 1
https://•••.••••.ubu.ac.th/••/••-•••••/•••••••.•••: 1
http://••••.ubu.ac.th/~•••/••••/•••••.•••: 1
http://•••.••••.ubu.ac.th/••••: 1
https://••••.•••.ubu.ac.th: 1
https://••••.ubu.ac.th: 1
https://•••••••.•••.ubu.ac.th/•••••.•••: 1
http://•••.ubu.ac.th/••-•••••/••••••.•••: 1
http://•••.•••••••••.•••.ubu.ac.th/•••••.•••: 1
https://•••.ubu.ac.th: 1
https://••••.ubu.ac.th:••••: 1
https://••••••.ubu.ac.th: 1
https://•••••••.ubu.ac.th/••••••/•••/•••••.•••: 1
http://•••.•••.ubu.ac.th: 1
https://•••.•••.ubu.ac.th: 1
https://••••••••••••.ubu.ac.th/•••••.•••/••••••••••••/•••••: 1

🔐 Utenze users compromesse

🛡️ Antivirus rilevati

Windows Defender [ON]: 2
Sangfor aES Antivirus: 1
Not Found: 39
360 Total Security: 2
Norton Security Ultra [OFF]: 1
Malwarebytes: 1
Reason Cybersecurity: 1
Windows Defender: 42