{ "type": "URL", "indicator": "https://www.adamsgaard.dk/au-eduroam.html", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://www.adamsgaard.dk/au-eduroam.html", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 4339108600, "indicator": "https://www.adamsgaard.dk/au-eduroam.html", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 2, "pulses": [ { "id": "69f5de64ecc6f91d2d08e667", "name": "Domains of research", "description": "[The full text of the certificate that led to the signing of a new SSL certificate, signed by Comcast Cable Communications, has been published on the website of www.comcastbusiness.net, the company's parent company]", "modified": "2026-06-01T17:28:42.749000", "created": "2026-05-02T11:22:12.429000", "tags": [ "comcast cable", "communications", "llc united", "statesunited", "boston", "ullage height", "water temp", "common name", "i20100 apr", "c127181 mobil", "encrypt", "supporte", "height water", "temp", "marshfield ssl", "certificate", "issued", "charter", "diesel" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 1, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 539, "domain": 452, "hostname": 701, "FileHash-MD5": 39, "FileHash-SHA256": 117, "FileHash-SHA1": 110, "email": 6, "CVE": 3, "URI": 2, "IPv4": 5 }, "indicator_count": 1974, "is_author": false, "is_subscribing": null, "subscriber_count": 67, "modified_text": "2 hours ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "69fd8916c718cee78b1d08d1", "name": "CAPE Sandbox - Borland Delphi + added other malic win [exe]", "description": "[Malware Analysis System Evasion (MZP) report has been generated by Yara, a community-based security firm.] Delphi and other win[exe] all malicious- sandboxed runs only.", "modified": "2026-05-08T10:32:41.135000", "created": "2026-05-08T06:56:22.767000", "tags": [ "url http", "ipv4", "strong", "library", "address virtual", "cname", "size", "file type", "mwdb", "bazaar", "sha3384", "ssdeep", "accept", "shutdown", "sandbox", "stack", "windows sandbox", "clear filters", "calls process", "pe file", "sample", "performs dns", "yara", "https", "urls", "mitre attack", "network info", "processes extra", "command", "malicious", "delphi", "defense evasion", "next" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/561f94715c481c0e616cf1907d86e522afe9186f8365ab3a35d7872b2653580b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1778223081&Signature=Hm63tZKeRZujdUn11Hi%2BwTAevMctFRDZDQ9GnFQsB%2BN1N%2FxQN3pkPwwuAScaiiliHBcXgCSUXI3gph1Bgmh%2BdMALu8FKmvwYRvuq4xYlXAZvyQFUN1xr4%2FxkpnRhr0tiskf4kWXDZvlBCW1H1K3mKSkT6vkjiEn6xDLVUO1Eo8ESJDnnsTshk3vIiXlAhodWtrJS8RTgA%2BjhGCgU3IruiA3O5nxWwIJSLMrM7pRI1zgAy%2BH0", "https://vtbehaviour.commondatastorage.googleapis.com/561f94715c481c0e616cf1907d86e522afe9186f8365ab3a35d7872b2653580b_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1778223201&Signature=UbPDmnyT2j%2B5gbsHnwxLwuxti6r6ukPXUh%2BIz3I0VhnZa%2FV0coDJPx%2FvqkOMdu%2F8UuONZpVTl28tlerH%2FsZNK6YpFPgUmrFXYJx6c%2B6W7%2FC1yC8TeC5lN4%2F0h19KcjvCdFGNFgLhigH62wxU2GkmZT5jz8ISZhkAzkReVhdaZA7vYQnLQZvpvEQGScnuZc0PZSANsAvfN2lyqBDH%2FpGFc%2BDpfNGnnFYsjJ", "https://vtbehaviour.commondatastorage.googleapis.com/9d9b74f13b0001184ea51257e446bd317e5180e0ed856e7dfb7d92d1fb7c9df9_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1778223336&Signature=avokLSiN2%2B14P94v4u5P%2FljfsWv2nqNJdQpMmRl88Esart7da%2BE4E1d0d7MXavOLWEHHt09QYchkV3iMo3Ia%2Fr49jeO5ZALtnuDrJMAvU6Js5MUrkqPT0R9LZ9b4vcG3hrHPF%2Fu9EiVhYII3bhmK5CjnHDF44L4qtE8vVkw03lOx1XpgUhdTK6rRzXALQ1tqKrDE5LUh7S9giv0VZz7aqV%2B9Ch%2Fb%2BGPU3mis2wnh", "https://vtbehaviour.commondatastorage.googleapis.com/9d9b74f13b0001184ea51257e446bd317e5180e0ed856e7dfb7d92d1fb7c9df9_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1778223386&Signature=0oCtLpyEmobttCQJza34xagBptN0LmmC7kxt51fgm7nEEyRcpEzZPo%2F9OF9ZpJJs%2FJTtDEqFP8FURlT79ioFjN8T2fu7lRrL2P5%2FDzcAfYlZJvnOu%2F4fFq%2FdqmL%2F6MWyaEcrew5K1Cn3RbD7cjqTe4M82GVyxYd9lWiO0ZQ2VTe9%2FLUCyFptCg7zsZk2cHhjDYTSW36tQUoEksDtMNaANFYM2mSxRPOXZ5XRzzF6WOvQjsjwrIqay2dk" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1112", "name": "Modify Registry", "display_name": "T1112 - Modify Registry" }, { "id": "T1553", "name": "Subvert Trust Controls", "display_name": "T1553 - Subvert Trust Controls" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1057", "name": "Process Discovery", "display_name": "T1057 - Process Discovery" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1573", "name": "Encrypted Channel", "display_name": "T1573 - Encrypted Channel" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 1, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 304, "FileHash-SHA1": 239, "FileHash-SHA256": 499, "IPv4": 95, "hostname": 326, "URL": 275, "domain": 84, "email": 3 }, "indicator_count": 1825, "is_author": false, "is_subscribing": null, "subscriber_count": 66, "modified_text": "24 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/561f94715c481c0e616cf1907d86e522afe9186f8365ab3a35d7872b2653580b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1778223081&Signature=Hm63tZKeRZujdUn11Hi%2BwTAevMctFRDZDQ9GnFQsB%2BN1N%2FxQN3pkPwwuAScaiiliHBcXgCSUXI3gph1Bgmh%2BdMALu8FKmvwYRvuq4xYlXAZvyQFUN1xr4%2FxkpnRhr0tiskf4kWXDZvlBCW1H1K3mKSkT6vkjiEn6xDLVUO1Eo8ESJDnnsTshk3vIiXlAhodWtrJS8RTgA%2BjhGCgU3IruiA3O5nxWwIJSLMrM7pRI1zgAy%2BH0", "https://vtbehaviour.commondatastorage.googleapis.com/561f94715c481c0e616cf1907d86e522afe9186f8365ab3a35d7872b2653580b_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1778223201&Signature=UbPDmnyT2j%2B5gbsHnwxLwuxti6r6ukPXUh%2BIz3I0VhnZa%2FV0coDJPx%2FvqkOMdu%2F8UuONZpVTl28tlerH%2FsZNK6YpFPgUmrFXYJx6c%2B6W7%2FC1yC8TeC5lN4%2F0h19KcjvCdFGNFgLhigH62wxU2GkmZT5jz8ISZhkAzkReVhdaZA7vYQnLQZvpvEQGScnuZc0PZSANsAvfN2lyqBDH%2FpGFc%2BDpfNGnnFYsjJ", "https://vtbehaviour.commondatastorage.googleapis.com/9d9b74f13b0001184ea51257e446bd317e5180e0ed856e7dfb7d92d1fb7c9df9_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1778223386&Signature=0oCtLpyEmobttCQJza34xagBptN0LmmC7kxt51fgm7nEEyRcpEzZPo%2F9OF9ZpJJs%2FJTtDEqFP8FURlT79ioFjN8T2fu7lRrL2P5%2FDzcAfYlZJvnOu%2F4fFq%2FdqmL%2F6MWyaEcrew5K1Cn3RbD7cjqTe4M82GVyxYd9lWiO0ZQ2VTe9%2FLUCyFptCg7zsZk2cHhjDYTSW36tQUoEksDtMNaANFYM2mSxRPOXZ5XRzzF6WOvQjsjwrIqay2dk", "https://vtbehaviour.commondatastorage.googleapis.com/9d9b74f13b0001184ea51257e446bd317e5180e0ed856e7dfb7d92d1fb7c9df9_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1778223336&Signature=avokLSiN2%2B14P94v4u5P%2FljfsWv2nqNJdQpMmRl88Esart7da%2BE4E1d0d7MXavOLWEHHt09QYchkV3iMo3Ia%2Fr49jeO5ZALtnuDrJMAvU6Js5MUrkqPT0R9LZ9b4vcG3hrHPF%2Fu9EiVhYII3bhmK5CjnHDF44L4qtE8vVkw03lOx1XpgUhdTK6rRzXALQ1tqKrDE5LUh7S9giv0VZz7aqV%2B9Ch%2Fb%2BGPU3mis2wnh" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 2553 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/adamsgaard.dk", "whois": "http://whois.domaintools.com/adamsgaard.dk", "domain": "adamsgaard.dk", "hostname": "www.adamsgaard.dk" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 2, "pulses": [ { "id": "69f5de64ecc6f91d2d08e667", "name": "Domains of research", "description": "[The full text of the certificate that led to the signing of a new SSL certificate, signed by Comcast Cable Communications, has been published on the website of www.comcastbusiness.net, the company's parent company]", "modified": "2026-06-01T17:28:42.749000", "created": "2026-05-02T11:22:12.429000", "tags": [ "comcast cable", "communications", "llc united", "statesunited", "boston", "ullage height", "water temp", "common name", "i20100 apr", "c127181 mobil", "encrypt", "supporte", "height water", "temp", "marshfield ssl", "certificate", "issued", "charter", "diesel" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 1, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 539, "domain": 452, "hostname": 701, "FileHash-MD5": 39, "FileHash-SHA256": 117, "FileHash-SHA1": 110, "email": 6, "CVE": 3, "URI": 2, "IPv4": 5 }, "indicator_count": 1974, "is_author": false, "is_subscribing": null, "subscriber_count": 67, "modified_text": "2 hours ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "69fd8916c718cee78b1d08d1", "name": "CAPE Sandbox - Borland Delphi + added other malic win [exe]", "description": "[Malware Analysis System Evasion (MZP) report has been generated by Yara, a community-based security firm.] Delphi and other win[exe] all malicious- sandboxed runs only.", "modified": "2026-05-08T10:32:41.135000", "created": "2026-05-08T06:56:22.767000", "tags": [ "url http", "ipv4", "strong", "library", "address virtual", "cname", "size", "file type", "mwdb", "bazaar", "sha3384", "ssdeep", "accept", "shutdown", "sandbox", "stack", "windows sandbox", "clear filters", "calls process", "pe file", "sample", "performs dns", "yara", "https", "urls", "mitre attack", "network info", "processes extra", "command", "malicious", "delphi", "defense evasion", "next" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/561f94715c481c0e616cf1907d86e522afe9186f8365ab3a35d7872b2653580b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1778223081&Signature=Hm63tZKeRZujdUn11Hi%2BwTAevMctFRDZDQ9GnFQsB%2BN1N%2FxQN3pkPwwuAScaiiliHBcXgCSUXI3gph1Bgmh%2BdMALu8FKmvwYRvuq4xYlXAZvyQFUN1xr4%2FxkpnRhr0tiskf4kWXDZvlBCW1H1K3mKSkT6vkjiEn6xDLVUO1Eo8ESJDnnsTshk3vIiXlAhodWtrJS8RTgA%2BjhGCgU3IruiA3O5nxWwIJSLMrM7pRI1zgAy%2BH0", "https://vtbehaviour.commondatastorage.googleapis.com/561f94715c481c0e616cf1907d86e522afe9186f8365ab3a35d7872b2653580b_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1778223201&Signature=UbPDmnyT2j%2B5gbsHnwxLwuxti6r6ukPXUh%2BIz3I0VhnZa%2FV0coDJPx%2FvqkOMdu%2F8UuONZpVTl28tlerH%2FsZNK6YpFPgUmrFXYJx6c%2B6W7%2FC1yC8TeC5lN4%2F0h19KcjvCdFGNFgLhigH62wxU2GkmZT5jz8ISZhkAzkReVhdaZA7vYQnLQZvpvEQGScnuZc0PZSANsAvfN2lyqBDH%2FpGFc%2BDpfNGnnFYsjJ", "https://vtbehaviour.commondatastorage.googleapis.com/9d9b74f13b0001184ea51257e446bd317e5180e0ed856e7dfb7d92d1fb7c9df9_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1778223336&Signature=avokLSiN2%2B14P94v4u5P%2FljfsWv2nqNJdQpMmRl88Esart7da%2BE4E1d0d7MXavOLWEHHt09QYchkV3iMo3Ia%2Fr49jeO5ZALtnuDrJMAvU6Js5MUrkqPT0R9LZ9b4vcG3hrHPF%2Fu9EiVhYII3bhmK5CjnHDF44L4qtE8vVkw03lOx1XpgUhdTK6rRzXALQ1tqKrDE5LUh7S9giv0VZz7aqV%2B9Ch%2Fb%2BGPU3mis2wnh", "https://vtbehaviour.commondatastorage.googleapis.com/9d9b74f13b0001184ea51257e446bd317e5180e0ed856e7dfb7d92d1fb7c9df9_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1778223386&Signature=0oCtLpyEmobttCQJza34xagBptN0LmmC7kxt51fgm7nEEyRcpEzZPo%2F9OF9ZpJJs%2FJTtDEqFP8FURlT79ioFjN8T2fu7lRrL2P5%2FDzcAfYlZJvnOu%2F4fFq%2FdqmL%2F6MWyaEcrew5K1Cn3RbD7cjqTe4M82GVyxYd9lWiO0ZQ2VTe9%2FLUCyFptCg7zsZk2cHhjDYTSW36tQUoEksDtMNaANFYM2mSxRPOXZ5XRzzF6WOvQjsjwrIqay2dk" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1112", "name": "Modify Registry", "display_name": "T1112 - Modify Registry" }, { "id": "T1553", "name": "Subvert Trust Controls", "display_name": "T1553 - Subvert Trust Controls" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1057", "name": "Process Discovery", "display_name": "T1057 - Process Discovery" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1573", "name": "Encrypted Channel", "display_name": "T1573 - Encrypted Channel" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 1, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 304, "FileHash-SHA1": 239, "FileHash-SHA256": 499, "IPv4": 95, "hostname": 326, "URL": 275, "domain": 84, "email": 3 }, "indicator_count": 1825, "is_author": false, "is_subscribing": null, "subscriber_count": 66, "modified_text": "24 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://www.adamsgaard.dk/au-eduroam.html", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://www.adamsgaard.dk/au-eduroam.html", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780342276.2627158 }