Report - henessg.univer.se/

Report Overview

Submitted URL
henessg.univer.se/
IP
76.76.21.142
ASN
#16509 AMAZON-02
Submitted
2024-04-25 16:05:42
Access
public
Website Title
Home
Final URL
henessg.univer.se/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
90

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
henessg.univer.se	unknown	unknown	No data	No data	11 kB	1.5 MB	76.76.21.142
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-25	439 B	102 kB	142.250.74.168
assets.univer.se	unknown	1996-09-09	2023-07-29	2024-04-21	492 B	173 kB	151.101.130.208

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail
2024-04-25	medium	henessg.univer.se/	ProtonMail

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed
2024-04-25	medium	univer.se	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	henessg.univer.se/_next/static/chunks/pages/_sites/%5BsiteId%5D/%5BcacheTag%5D/%5B%5B...slug%5D%5D-e2b21bcececab82c.js	4.3 kB	2024-04-25	2024-04-26
Pretty URL henessg.univer.se/_next/static/chunks/pages/_sites/%5BsiteId%5D/%5BcacheTag%5D/%5B%5B...slug%5D%5D-e2b21bcececab82c.js IP 76.76.21.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:05:49 Last Seen2024-04-26 12:37:25 Times Seen2 Hash a9fa48ba9325f219e4f03f8441085860 d95c90bb44a4b5fdf49c535acdd3c629373f2bb2 9a142fd532fb5ff026fe355c0e6b4c1ef54b87f6dc2673bc572b33107224b9e9 Loading...

	www.googletagmanager.com/gtag/js?id=G-CX6QWFXGS9&l=ga4DataLayer	302 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-CX6QWFXGS9&l=ga4DataLayer IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:05:49 Last Seen2024-04-25 18:05:50 Times Seen2 Hash d429945aec09edf11a88b9ccab1368e8 13c062752473d9f5ff2db6e21d0bfb652fa77f5d 1f5837ac0be2a450dac8b082c77c9d55de35929770a61be44bef17e1eeb1e298 Loading...

	henessg.univer.se/_next/static/chunks/webpack-e78b7538cf817cad.js	5.2 kB	2024-04-25	2024-04-26
Pretty URL henessg.univer.se/_next/static/chunks/webpack-e78b7538cf817cad.js IP 76.76.21.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:05:49 Last Seen2024-04-26 12:37:26 Times Seen4 Hash d671fbb44be6ad54477052c9d3ed57c0 b52db963c304e2543e41ce86536988eba31fd78e 1e3d11e896f5bbf58c446021de90de356af542312e17b3bad24b122251a50fc1 Loading...

	henessg.univer.se/_next/static/chunks/framework-9e03599dad7746cc.js	141 kB	2023-10-14	2024-05-04
Pretty URL henessg.univer.se/_next/static/chunks/framework-9e03599dad7746cc.js IP 76.76.21.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-14 06:21:41 Last Seen2024-05-04 01:17:00 Times Seen104 Hash a287e128aae49c7e52b137576fe83655 056dbc2956be28e897dcc4a6589c9e0041e1ee67 365722b88937784a58b6f5bb017c82aaf62b3f145b498232722efa17ecb7bb23 Loading...

	henessg.univer.se/_next/static/chunks/main-28618536b9d3b40a.js	125 kB	2024-04-18	2024-05-04
Pretty URL henessg.univer.se/_next/static/chunks/main-28618536b9d3b40a.js IP 76.76.21.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 09:44:56 Last Seen2024-05-04 01:17:00 Times Seen8 Hash 1ab85d5f20079dcb5da22c9db556e79c 77d35dc69306b87e19ce85699074f8d45f8d0b17 64c17fb2de314f47c7035925742d264bee0ca43329854aa637f386f13df2922f Loading...

	henessg.univer.se/_next/static/chunks/877-3fbb024cd5610308.js	189 kB	2024-04-25	2024-05-04
Pretty URL henessg.univer.se/_next/static/chunks/877-3fbb024cd5610308.js IP 76.76.21.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:05:49 Last Seen2024-05-04 01:16:59 Times Seen4 Hash c5975eb302f9d955c8836d032c4fc1a5 4e1acb5acc0066f4d67cb6be2dd330b13a449d4e 4b033f6abb71ee6a2f7417183772c00c5adc8592b7d9eb63ac1c3e751131b03e Loading...

	henessg.univer.se/_next/static/chunks/pages/_app-7d12f0a1914716ab.js	19 kB	2023-12-28	2024-05-04
Pretty URL henessg.univer.se/_next/static/chunks/pages/_app-7d12f0a1914716ab.js IP 76.76.21.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-28 19:55:55 Last Seen2024-05-04 01:17:00 Times Seen12 Hash 9b255d8629a0fdb4e57d72b3e67008cc b7c6e70c20fcd8e4e2b728b28be0c93fd01dfd65 d148febbedebffccd13e59bed8d24becfd660114e85d320e058c833919422b63 Loading...

	henessg.univer.se/_next/static/chunks/565-cb6d6a125273f7d2.js	238 kB	2024-04-25	2024-04-26
Pretty URL henessg.univer.se/_next/static/chunks/565-cb6d6a125273f7d2.js IP 76.76.21.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:05:49 Last Seen2024-04-26 12:37:26 Times Seen4 Hash 591028409f0194fd14394d872b0c6021 8b7e9011c4b96726648c1af8ff591fd792a6fa62 437e23ce02b1307ffa10503857e6f2b0b66cb6ab451cb9401bebc5f38a2819b3 Loading...

	henessg.univer.se/_next/static/FXIm3SfmA7SOnbKaF01cv/_buildManifest.js	1.5 kB	2024-04-25	2024-04-26
Pretty URL henessg.univer.se/_next/static/FXIm3SfmA7SOnbKaF01cv/_buildManifest.js IP 76.76.21.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:05:49 Last Seen2024-04-26 12:37:25 Times Seen2 Hash 806e49c93aa3f91cf01c49c23ce42ac3 87edf22809f2d395f2aad8350debf831bc963c7f c173b810156958582ba9c3983ccd413e4b211f311b0505abd52d7d551cb6e338 Loading...

	henessg.univer.se/_next/static/FXIm3SfmA7SOnbKaF01cv/_ssgManifest.js	80 B	2023-04-05	2024-05-04
Pretty URL henessg.univer.se/_next/static/FXIm3SfmA7SOnbKaF01cv/_ssgManifest.js IP 76.76.21.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:40:13 Last Seen2024-05-04 01:42:02 Times Seen581 Hash b404e23d62d95bafd03ad7747cc0e88b 011268d6627898dc2caac8b9678086cd9b9a7dfe 678f6ce2cb80b1fe72fc67e7412be6e2ab6ada083111b64f7c40d35e3cba5e00 Loading...

HTTP Transactions (24)

URL IP Response Size

henessg.univer.se/_next/static/FXIm3SfmA7SOnbKaF01cv/_ssgManifest.js

76.76.21.142

200 OK

80 B

URL GET HTTP/2
henessg.univer.se/_next/static/FXIm3SfmA7SOnbKaF01cv/_ssgManifest.js
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
ASCII text, with no line terminators
Size
80 B (80 bytes)
Hash
b404e23d62d95bafd03ad7747cc0e88b
011268d6627898dc2caac8b9678086cd9b9a7dfe
678f6ce2cb80b1fe72fc67e7412be6e2ab6ada083111b64f7c40d35e3cba5e00

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/FXIm3SfmA7SOnbKaF01cv/_ssgManifest.js HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 119299
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: "b404e23d62d95bafd03ad7747cc0e88b"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/FXIm3SfmA7SOnbKaF01cv/_ssgManifest.js
x-vercel-cache: HIT
x-vercel-id: arn1::c49nh-1714061115481-da49e2b76bb9
content-length: 80
X-Firefox-Spdy: h2

henessg.univer.se/_next/static/chunks/webpack-e78b7538cf817cad.js

76.76.21.142

200 OK

261 kB

URL GET HTTP/2
henessg.univer.se/_next/static/chunks/webpack-e78b7538cf817cad.js
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
JavaScript source, ASCII text, with very long lines (5225), with no line terminators
Size
261 kB (260620 bytes)
Hash
d671fbb44be6ad54477052c9d3ed57c0
b52db963c304e2543e41ce86536988eba31fd78e
1e3d11e896f5bbf58c446021de90de356af542312e17b3bad24b122251a50fc1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/webpack-e78b7538cf817cad.js HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 154531
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-e78b7538cf817cad.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: W/"d671fbb44be6ad54477052c9d3ed57c0"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/webpack-e78b7538cf817cad.js
x-vercel-cache: HIT
x-vercel-id: arn1::t2499-1714061115470-7a485761af48
X-Firefox-Spdy: h2

henessg.univer.se/_next/static/chunks/main-28618536b9d3b40a.js

76.76.21.142

200 OK

211 kB

URL GET HTTP/2
henessg.univer.se/_next/static/chunks/main-28618536b9d3b40a.js
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
211 kB (210755 bytes)
Hash
1ab85d5f20079dcb5da22c9db556e79c
77d35dc69306b87e19ce85699074f8d45f8d0b17
64c17fb2de314f47c7035925742d264bee0ca43329854aa637f386f13df2922f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/main-28618536b9d3b40a.js HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 154531
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-28618536b9d3b40a.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: W/"1ab85d5f20079dcb5da22c9db556e79c"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/main-28618536b9d3b40a.js
x-vercel-cache: HIT
x-vercel-id: arn1::t2499-1714061115473-0eeefaca1b5d
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-CX6QWFXGS9&l=ga4DataLayer

142.250.74.168

200 OK

101 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-CX6QWFXGS9&l=ga4DataLayer
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://henessg.univer.se/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (9030)
Size
101 kB (101321 bytes)
Hash
d429945aec09edf11a88b9ccab1368e8
13c062752473d9f5ff2db6e21d0bfb652fa77f5d
1f5837ac0be2a450dac8b082c77c9d55de35929770a61be44bef17e1eeb1e298

HTTP Headers

GET /gtag/js?id=G-CX6QWFXGS9&l=ga4DataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 16:05:15 GMT
expires: Thu, 25 Apr 2024 16:05:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

henessg.univer.se/_next/static/css/85c6878a68462852.css

76.76.21.142

200 OK

5.5 kB

URL GET HTTP/2
henessg.univer.se/_next/static/css/85c6878a68462852.css
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
ASCII text, with very long lines (5938), with no line terminators
Size
5.5 kB (5452 bytes)
Hash
b1f226d732cbe3250e7b7e7f4ecf9d19
2b21ef68992f72ecaf171179af928753c787c3c0
264ee2755e715d8bccffd402853b4e9d470ba6281662f458b3194bd0c7484b39

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/85c6878a68462852.css HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 154217
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="85c6878a68462852.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: W/"b1f226d732cbe3250e7b7e7f4ecf9d19"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/css/85c6878a68462852.css
x-vercel-cache: HIT
x-vercel-id: arn1::t2499-1714061115467-8906a6b76278
X-Firefox-Spdy: h2

henessg.univer.se/static/favicons/universelogo/favicon-16x16.png

76.76.21.142

200 OK

335 B

URL GET HTTP/2
henessg.univer.se/static/favicons/universelogo/favicon-16x16.png
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
335 B (335 bytes)
Hash
061fc6f94d98e40bb91bd423988575b6
49925371578d47c6aab89db29c170ba3028bb0b9
7e6a6450605543d2956ae3953672b94f76e47bb07cf96f3c5c54f4610afda825

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/favicons/universelogo/favicon-16x16.png HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 153948
cache-control: max-age=604800
content-disposition: inline; filename="favicon-16x16.png"
content-type: image/png
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: "061fc6f94d98e40bb91bd423988575b6"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /static/favicons/universelogo/favicon-16x16.png
x-vercel-cache: HIT
x-vercel-id: arn1::rztks-1714061115946-31a0830a2f57
content-length: 335
X-Firefox-Spdy: h2

henessg.univer.se/_api/v1/values/anonymous

76.76.21.142

200 OK

4.5 kB

URL POST HTTP/2
henessg.univer.se/_api/v1/values/anonymous
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
JSON text data
Size
4.5 kB (4507 bytes)
Hash
7721f6bdfbfe6d8b83097f8c2ac9c515
77c92487c3ba6ac66c36c7b1d2d7108bb9163a39
f93de7986186b5ccafc64629504477b0a92f3da8feeb8914dd3b5a367729a915

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /_api/v1/values/anonymous HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://henessg.univer.se/
Content-Type: application/json
Origin: https://henessg.univer.se
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors https://tools.univer.se
content-type: application/json; charset=utf-8
date: Thu, 25 Apr 2024 16:05:16 GMT
etag: W/"4b25-d8kkh8O6asZsNsex0tcQi7kWOjk"
server: Vercel
strict-transport-security: max-age=63072000
universe-request-id: 50e85d7c
x-powered-by: Express
x-vercel-id: arn1::ml6lj-1714061115644-5499bbde8caa
X-Firefox-Spdy: h2

henessg.univer.se/static/fonts/SF-UI-Display-Semibold.woff2

76.76.21.142

200 OK

66 kB

URL GET HTTP/2
henessg.univer.se/static/fonts/SF-UI-Display-Semibold.woff2
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
Web Open Font Format (Version 2), CFF, length 66136, version 1.0
Size
66 kB (66136 bytes)
Hash
10be01df8f97cefe277ad6133463a0f6
5823adee3f2445e3b6c8d722b0ba8d27e9e39dec
133c64a4e319e151cf8987ef4351db32df8b0e1bfdc9652e2ee7abda05433130

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/SF-UI-Display-Semibold.woff2 HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/_next/static/css/3df0ddd732814165.css
Cookie: _ga_CX6QWFXGS9=GS1.1.1714061115.1.0.1714061115.0.0.0; _ga=GA1.1.944414596.1714061116
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 153959
cache-control: max-age=604800
content-disposition: inline; filename="SF-UI-Display-Semibold.woff2"
content-type: font/woff2
date: Thu, 25 Apr 2024 16:05:16 GMT
etag: "10be01df8f97cefe277ad6133463a0f6"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /static/fonts/SF-UI-Display-Semibold.woff2
x-vercel-cache: HIT
x-vercel-id: arn1::c49nh-1714061116442-5cf710c673a3
content-length: 66136
X-Firefox-Spdy: h2

henessg.univer.se/static/stickers/BrandSticker-Standard-Grey.svg

76.76.21.142

200 OK

9.4 kB

URL GET HTTP/2
henessg.univer.se/static/stickers/BrandSticker-Standard-Grey.svg
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
SVG Scalable Vector Graphics image
Size
9.4 kB (9420 bytes)
Hash
41fb49cabe4661f98fd9cfaf6b5be6a4
10d8be44c20ab8b9f33e498d4fe72b267d909c6b
3e5f681172bf8e2a7759fad3c4d53f08d6e8c290b173edaf4f0976343fd2c51c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/stickers/BrandSticker-Standard-Grey.svg HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/_next/static/css/3df0ddd732814165.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 153958
cache-control: max-age=604800
content-disposition: inline; filename="BrandSticker-Standard-Grey.svg"
content-encoding: br
content-type: image/svg+xml
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: W/"88835f5ee7f17882301cafcff3d68a14"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /static/stickers/BrandSticker-Standard-Grey.svg
x-vercel-cache: HIT
x-vercel-id: arn1::5tq79-1714061115545-45effcd4a7ea
X-Firefox-Spdy: h2

henessg.univer.se/static/favicons/universelogo/apple-touch-icon.png

76.76.21.142

200 OK

3.7 kB

URL GET HTTP/2
henessg.univer.se/static/favicons/universelogo/apple-touch-icon.png
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
3.7 kB (3740 bytes)
Hash
c0fcfea00054327fd4e70458cab1e6a6
7220ae369a3a1349449c7fe08ec5d5af49b94860
d3581ee22ee9a828dbf1432cb9817614222d0f80426244a8243caa163bef9afc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/favicons/universelogo/apple-touch-icon.png HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 154348
cache-control: max-age=604800
content-disposition: inline; filename="apple-touch-icon.png"
content-type: image/png
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: "c0fcfea00054327fd4e70458cab1e6a6"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /static/favicons/universelogo/apple-touch-icon.png
x-vercel-cache: HIT
x-vercel-id: arn1::r655s-1714061115945-6c3f64b4e3f4
content-length: 3740
X-Firefox-Spdy: h2

henessg.univer.se/static/banner/arrow.svg

0.0.0.0

0 B

URL GET
henessg.univer.se/static/banner/arrow.svg
IP
0.0.0.0:0
ASN
#0

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/banner/arrow.svg HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Cookie: _ga_CX6QWFXGS9=GS1.1.1714061115.1.0.1714061115.0.0.0; _ga=GA1.1.944414596.1714061116
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

henessg.univer.se/

76.76.21.142

200 OK

16 kB

URL User Request GET HTTP/2
henessg.univer.se/
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
HTML document, ASCII text, with very long lines (15564), with no line terminators
Size
16 kB (15564 bytes)
Hash
2588da234d6800af577f83ac58c18926
8d18a7637e30448f0d1acd5315299d742de7f7d2
2ede9b48d4eb4b878625314c4302b4fa48b2fa58ec2d7f41de11f3caca708068

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
age: 554
cache-control: max-age=10
content-encoding: br
content-security-policy: frame-ancestors https://tools.univer.se
content-type: text/html; charset=utf-8
date: Thu, 25 Apr 2024 15:56:00 GMT
etag: W/"v5bze5e74qc0c"
server: Vercel
strict-transport-security: max-age=63072000
universe-request-id: 4c198c89
x-matched-path: /_sites/[siteId]/[cacheTag]/[[...slug]]
x-powered-by: Next.js
x-vercel-cache: HIT
x-vercel-id: arn1::iad1::ml6lj-1714061114858-b1dcc3fbbe02
X-Firefox-Spdy: h2

henessg.univer.se/_next/static/chunks/877-3fbb024cd5610308.js

76.76.21.142

200 OK

189 kB

URL GET HTTP/2
henessg.univer.se/_next/static/chunks/877-3fbb024cd5610308.js
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type

Size
189 kB (189373 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/877-3fbb024cd5610308.js HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 120687
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="877-3fbb024cd5610308.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: W/"c5975eb302f9d955c8836d032c4fc1a5"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/877-3fbb024cd5610308.js
x-vercel-cache: HIT
x-vercel-id: arn1::t2499-1714061115476-7c8c565e1756
X-Firefox-Spdy: h2

henessg.univer.se/_next/static/chunks/565-cb6d6a125273f7d2.js

76.76.21.142

200 OK

238 kB

URL GET HTTP/2
henessg.univer.se/_next/static/chunks/565-cb6d6a125273f7d2.js
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
238 kB (238404 bytes)
Hash
591028409f0194fd14394d872b0c6021
8b7e9011c4b96726648c1af8ff591fd792a6fa62
437e23ce02b1307ffa10503857e6f2b0b66cb6ab451cb9401bebc5f38a2819b3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/565-cb6d6a125273f7d2.js HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 147208
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="565-cb6d6a125273f7d2.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: W/"591028409f0194fd14394d872b0c6021"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/565-cb6d6a125273f7d2.js
x-vercel-cache: HIT
x-vercel-id: arn1::r655s-1714061115478-ad9b63e93c87
X-Firefox-Spdy: h2

henessg.univer.se/_next/static/chunks/pages/_sites/%5BsiteId%5D/%5BcacheTag%5D/%5B%5B...slug%5D%5D-e2b21bcececab82c.js

76.76.21.142

200 OK

4.3 kB

URL GET HTTP/2
henessg.univer.se/_next/static/chunks/pages/_sites/%5BsiteId%5D/%5BcacheTag%5D/%5B%5B...slug%5D%5D-e2b21bcececab82c.js
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
ASCII text, with very long lines (4497), with no line terminators
Size
4.3 kB (4285 bytes)
Hash
cdd8616a5591c85c5c7ac0f4b832b21a
0fa9cbaa19919a805a3343ee6f880932879fc5c0
790dccda213779f32c0829e157a8f5b29c837636d7fa4bf0a6d78fb5785a1837

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/_sites/%5BsiteId%5D/%5BcacheTag%5D/%5B%5B...slug%5D%5D-e2b21bcececab82c.js HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 115542
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="[[...slug]]-e2b21bcececab82c.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: W/"a9fa48ba9325f219e4f03f8441085860"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/pages/_sites/%5BsiteId%5D/%5BcacheTag%5D/%5B%5B...slug%5D%5D-e2b21bcececab82c.js
x-vercel-cache: HIT
x-vercel-id: arn1::kmrm2-1714061115479-ce8259cfa962
X-Firefox-Spdy: h2

assets.univer.se/9d579350-4ead-454a-bf7f-99c74c50abfb?dpr=2&auto=compress,format&lossless=true

151.101.130.208

200 OK

172 kB

URL GET HTTP/2
assets.univer.se/9d579350-4ead-454a-bf7f-99c74c50abfb?dpr=2&auto=compress,format&lossless=true
IP
151.101.130.208:443
ASN
#54113 FASTLY

Requested by
https://henessg.univer.se/
Certificate
IssuerCertainly
Subjectassets.univer.se
FingerprintBF:1F:12:DF:F9:CD:EE:29:0E:69:C8:7A:6F:1F:6F:CD:4E:61:FE:5F
ValidityTue, 09 Apr 2024 19:27:14 GMT - Thu, 09 May 2024 19:27:13 GMT

File type
ISO Media, AVIF Image
Size
172 kB (172485 bytes)
Hash
de5fdc4881a083231701a1d01c8b20fa
8e62ef6fd570274fb0fabbcc7a482e3c78375a6a
427ebc92ef63be46cb33e19e1c3a61ac3e4c1fa8c3067fe3d4b79a829fb1c241

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9d579350-4ead-454a-bf7f-99c74c50abfb?dpr=2&auto=compress,format&lossless=true HTTP/1.1
Host: assets.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-imgix-id: 852be43a3805c84f170b50003e3154e7c1aa87ec
cache-control: public, max-age=31536000
last-modified: Wed, 17 Apr 2024 18:27:57 GMT
server: Google Frontend
date: Thu, 25 Apr 2024 16:05:15 GMT
age: 682638
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc1000098-SJC, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept, User-Agent
content-length: 172485
X-Firefox-Spdy: h2

henessg.univer.se/static/banner/arrow.svg

76.76.21.142

200 OK

670 B

URL GET HTTP/2
henessg.univer.se/static/banner/arrow.svg
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
SVG Scalable Vector Graphics image
Size
670 B (670 bytes)
Hash
8a0f0a949b54de17c9bfe2ec552dd704
62dfeaaf59acc5d632e1ecf4376037b33217b3cc
a163158d6acbfe3334cbc949a94a90c240d301ba79389efd97005df9a9ea1576

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/banner/arrow.svg HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Cookie: _ga_CX6QWFXGS9=GS1.1.1714061115.1.0.1714061115.0.0.0; _ga=GA1.1.944414596.1714061116
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 153959
cache-control: max-age=604800
content-disposition: inline; filename="arrow.svg"
content-type: image/svg+xml
date: Thu, 25 Apr 2024 16:05:16 GMT
etag: "feea7a2ae4250ea9e332dbc19d3d733f"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /static/banner/arrow.svg
x-vercel-cache: HIT
x-vercel-id: arn1::kmrm2-1714061116436-dda5a8d40e93
content-length: 670
X-Firefox-Spdy: h2

henessg.univer.se/_next/static/chunks/framework-9e03599dad7746cc.js

76.76.21.142

200 OK

141 kB

URL GET HTTP/2
henessg.univer.se/_next/static/chunks/framework-9e03599dad7746cc.js
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65202)
Size
141 kB (140988 bytes)
Hash
a287e128aae49c7e52b137576fe83655
056dbc2956be28e897dcc4a6589c9e0041e1ee67
365722b88937784a58b6f5bb017c82aaf62b3f145b498232722efa17ecb7bb23

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/framework-9e03599dad7746cc.js HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 115542
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-9e03599dad7746cc.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: W/"a287e128aae49c7e52b137576fe83655"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/framework-9e03599dad7746cc.js
x-vercel-cache: HIT
x-vercel-id: arn1::r655s-1714061115470-3335b2ca9b26
X-Firefox-Spdy: h2

henessg.univer.se/static/banner/universe.svg

76.76.21.142

200 OK

2.7 kB

URL GET HTTP/2
henessg.univer.se/static/banner/universe.svg
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
SVG Scalable Vector Graphics image
Size
2.7 kB (2703 bytes)
Hash
1520362fc869d07a207de7e7442eb824
0da7ff78a484a7560c6eff5affcbe8589a9c05ad
b909b718e43512531fa061cd1eaa2f609e068eb00a0f3de0c79d173521b8b890

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/banner/universe.svg HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Cookie: _ga_CX6QWFXGS9=GS1.1.1714061115.1.0.1714061115.0.0.0; _ga=GA1.1.944414596.1714061116
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 153959
cache-control: max-age=604800
content-disposition: inline; filename="universe.svg"
content-encoding: br
content-type: image/svg+xml
date: Thu, 25 Apr 2024 16:05:16 GMT
etag: W/"d5686c050f33f7f2445d225433437584"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /static/banner/universe.svg
x-vercel-cache: HIT
x-vercel-id: arn1::c49nh-1714061116436-1e18344c2d19
X-Firefox-Spdy: h2

henessg.univer.se/_next/static/FXIm3SfmA7SOnbKaF01cv/_buildManifest.js

76.76.21.142

200 OK

1.5 kB

URL GET HTTP/2
henessg.univer.se/_next/static/FXIm3SfmA7SOnbKaF01cv/_buildManifest.js
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
ASCII text, with very long lines (1589), with no line terminators
Size
1.5 kB (1523 bytes)
Hash
363ac688cd9d1df5d489e415ae654356
5cb8f0627a432fb9fafb78a60397f9e69e0057b2
700d8a3ab6df45db2268029ead773723bfe2e6743db301fd2ffd2c59d735519f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/FXIm3SfmA7SOnbKaF01cv/_buildManifest.js HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 102587
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: W/"806e49c93aa3f91cf01c49c23ce42ac3"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/FXIm3SfmA7SOnbKaF01cv/_buildManifest.js
x-vercel-cache: HIT
x-vercel-id: arn1::t2499-1714061115480-a95139af8bc9
X-Firefox-Spdy: h2

henessg.univer.se/_next/static/css/3df0ddd732814165.css

76.76.21.142

200 OK

80 kB

URL GET HTTP/2
henessg.univer.se/_next/static/css/3df0ddd732814165.css
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
80 kB (79454 bytes)
Hash
c71ff21aaf25c6fd8b34c6bd2535dbaf
f7de03370487cc75abe6c7df448eed4dc2c5ab2c
f57eedac8f172a22c5eb84560cc1cec19e8641fcaf57a8140e0c4070c339f710

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/3df0ddd732814165.css HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 139428
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="3df0ddd732814165.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: W/"c71ff21aaf25c6fd8b34c6bd2535dbaf"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/css/3df0ddd732814165.css
x-vercel-cache: HIT
x-vercel-id: arn1::r655s-1714061115466-0494ebeb6ffa
X-Firefox-Spdy: h2

henessg.univer.se/_next/static/chunks/pages/_app-7d12f0a1914716ab.js

76.76.21.142

200 OK

19 kB

URL GET HTTP/2
henessg.univer.se/_next/static/chunks/pages/_app-7d12f0a1914716ab.js
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
JavaScript source, ASCII text, with very long lines (16380)
Size
19 kB (18876 bytes)
Hash
9b255d8629a0fdb4e57d72b3e67008cc
b7c6e70c20fcd8e4e2b728b28be0c93fd01dfd65
d148febbedebffccd13e59bed8d24becfd660114e85d320e058c833919422b63

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/_app-7d12f0a1914716ab.js HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 133348
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-7d12f0a1914716ab.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: W/"9b255d8629a0fdb4e57d72b3e67008cc"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/pages/_app-7d12f0a1914716ab.js
x-vercel-cache: HIT
x-vercel-id: arn1::r655s-1714061115474-1d92bb1d8873
X-Firefox-Spdy: h2

henessg.univer.se/static/banner/universe.svg

0.0.0.0

0 B

URL GET
henessg.univer.se/static/banner/universe.svg
IP
0.0.0.0:0
ASN
#0

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/banner/universe.svg HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/
Cookie: _ga_CX6QWFXGS9=GS1.1.1714061115.1.0.1714061115.0.0.0; _ga=GA1.1.944414596.1714061116
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

henessg.univer.se/static/fonts/Junicode-Regular.woff2

76.76.21.142

200 OK

258 kB

URL GET HTTP/2
henessg.univer.se/static/fonts/Junicode-Regular.woff2
IP
76.76.21.142:443
ASN
#16509 AMAZON-02

Requested by
https://henessg.univer.se/
Certificate
IssuerLet's Encrypt
Subject*.univer.se
FingerprintD9:9D:66:29:D6:36:58:32:F1:35:D0:A8:AF:1F:85:66:B9:C1:01:10
ValidityTue, 05 Mar 2024 18:50:26 GMT - Mon, 03 Jun 2024 18:50:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 258156, version 1.0
Size
258 kB (258156 bytes)
Hash
8bdbe7abc19e834452cb4920aeb11c4b
8163919576d8c2e4a5f316905d0d8e93fc9154b0
f63074e190b99b06994f05c04c51fd8a20105b6de7842df8466d45b2b6ea7b53

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ProtonMail
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/Junicode-Regular.woff2 HTTP/1.1
Host: henessg.univer.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://henessg.univer.se/_next/static/css/3df0ddd732814165.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 153211
cache-control: max-age=604800
content-disposition: inline; filename="Junicode-Regular.woff2"
content-type: font/woff2
date: Thu, 25 Apr 2024 16:05:15 GMT
etag: "8bdbe7abc19e834452cb4920aeb11c4b"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /static/fonts/Junicode-Regular.woff2
x-vercel-cache: HIT
x-vercel-id: arn1::c49nh-1714061115546-8d511a4da802
content-length: 258156
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML