{"report_id":"cbdd7f52-75c8-4877-9896-1091122a018e","version":6,"status":"done","tags":[],"date":"2026-02-11T00:41:59Z","url":{"schema":"http","addr":"intranet.universe.us","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":0,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"intranet.universe.us/","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"title":"Universe Technical Translation :: Intranet","dom":{"size":10193,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (4103)","md5":"5bce545354be193ea0949d1ade850458","sha1":"a52beff37c5a9b4efb6bf83776adb2c2f2ea5b18","sha256":"6cf7b6801395c02b3ed40a4dc7153c4fd8aee7def5aedbf0cc9406c66c3e099c","sha512":"87721fe0c026c45226672369e22a5c839d685105187bb6bcb671290fbe0d9ca437f8dac28d3ddff73b554d80805b81e5a15d1dd76b40a74cc41e24ce90cce4f4","ssdeep":"192:K60XOdW9Yzmoh0kWfo9GDJHK9P7P81Ug6EmObYcP6nQMQu/:w5jRBJHHO26nQA","tlshash":"4922a71076e04e1a583e5251d659afc529e74373c3830bd8ba2d58bb3fc5da6211b3bc","dom_hash":"domhash50678cad0c9679d841cbb91d89ca5590","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"intranet.universe.us","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":0,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-18T00:41:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"intranet.universe.us","ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"domain_registered":"2002-04-24","domain_rank":0,"first_seen":"2026-02-03T12:32:13.560915Z","last_seen":"2026-02-10T16:00:39.485072Z","alert_count":42,"request_count":14,"received_data":108746,"sent_data":8160,"comment":"","tags":null,"fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"intranet.universe.us/","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e0b6270680726c9f17693947ff76d13a","sha1":"a810482f263ddd716c7306316d73cca99488dc08","sha256":"6788ec223ed47cf71968976729bb612794b643cfc7c3d512b12123ac03f1ae31","sha512":"596c2c7617bcd9ac9a2bbb49b09284e716e8aaa529ce6449a028fd579a0b3b7fd60da20308e1e3d80adbc010f15b56a4b4ace3b9b4c134f4db213cc94ef5758d","ssdeep":"","tlshash":"2a9004140cf474c713001444701d1045c504175d0345c7101f0c705100c1440043d1f5","size":39,"data":"","first_seen":"2026-02-11T00:33:11.892543Z","last_seen":"2026-02-11T00:42:00.647162Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"27cb6bf7b94c8755b0d873d6948c91db","sha1":"d49dbc13ab47b024209031c0cdde736e407eb871","sha256":"78a1deef18145e3e97682713305bafdf724c0de013118796d46a8de183d2d985","sha512":"649af5a74e22b56edeca4efe78301c8db356fad33a1ca9d5d6c42632bd8f5403614aa533911e101fdc1455d57fecc7f75e5743009dfb5deef4d32833e246797b","ssdeep":"","tlshash":"d2b012b35e3924006b31ef83c00b11c61a332b91970ebcdb5e24547e5042f0e7309734","size":106,"data":"","first_seen":"2026-02-11T00:33:11.894353Z","last_seen":"2026-02-11T00:42:00.647703Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"44b528f8d470657303fffcd3fb793437","sha1":"ea06fd05ca7a5577c90dfa15494ef8c0a0734dd3","sha256":"8ddb69cc46403092a30219800551aaeae498ee8c67915fd152430c0e5fd54ae3","sha512":"439c985e2d3d1d5e9d7b0f9e04836e640626c457f9a244df257341af06ed8eb294a53eb4bccbb89961c25693e1827a9098adea9e639df13b48464133a5283ba0","ssdeep":"","tlshash":"ba112d91fa42c95e415116700d0f040e10a902731dce9d33e933d49934f0ebf23f6876","size":991,"data":"","first_seen":"2026-02-11T00:33:11.896269Z","last_seen":"2026-02-11T00:42:00.648229Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/common/scripts/popcalendar.js","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f052134ea53e1f4e73c63e78da7f4e73","sha1":"e8d73c234950a21bfc0c8a5bbfbf6c815fd85535","sha256":"ef2059a01d9c53dee52186e11fda9cdaa8b7e80afc9d8d20e6262207c1485a16","sha512":"43a5a841d2edd3e7321bbd62fe37d0d52a693400857968de0ae006f7bdda1bb1ee08f75a5b592d46e533d9da0caa9fde1693d26b8d3fda08088cfab07e592d7a","ssdeep":"192:++2QwraFDzbZMj9URnuKHQO3srtpl82IGi8vqex5qe7Q+5zliNWNcrnQrQHQPlUs:++/2gHQP82s8vFgNWNcrQ0gUIGwAQce","tlshash":"1092e94b720d043f07aa8397a0bc46c86db8d166229390e0b19daca974d4da7643dbfd","size":21121,"data":"","first_seen":"2026-02-11T00:33:11.876057Z","last_seen":"2026-02-11T00:42:00.645932Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/common/scripts/comlib.js","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b11558e0788afb7c3d799dc0028cb0e9","sha1":"8f7ffa74fab46ed2f8520f723a797966398d72c6","sha256":"b5fee4738d470518770735c191003837e0a6eac8aeb2f3b8dd0103f6faf76701","sha512":"8560520a6255b16696a19c98b38eedc3e4c28c5c0f79bfaaaf2af1a8a7203c6c3abd3a50b16876849a69c028a3b3ae39b8bf04f80fc2c830ff19d8c917f6c67c","ssdeep":"192:zwFUUQBiPxtyRxK2Su6RcdBexyuzgPPi58D16SOAtIc16ITOtqf/Cf+fl1yf1nV:sRQBiPxty/n6RcD9Pi58D1h18","tlshash":"93221f41774e033e23ea11564e3e1548db38d2641966e4f1fd8e509a73b0a39d3abaf3","size":10071,"data":"","first_seen":"2026-02-11T00:33:11.862056Z","last_seen":"2026-02-11T00:42:00.642133Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"d126e0e5ecca05dcaa99fb058f3a91c8","sha1":"b7adbff85accb1ba6dcf7ec7943d5e34b49252d5","sha256":"6ce9f557fd330ff1d92c38f5fc547e0369dd43ec71a817ad602d156fd4ed766e","sha512":"4a13a08715947cc8ab29ea9ef7d34b8cb5262b3f69f8fc317532e7386d2897e42374c44a6bdf3b378adbe18ad7083579c0acbecdddd986d12630aa3e0b3276f2","ssdeep":"","tlshash":"49019c62c64c0264e5d28489f146fdf654c0bb1563a71964be1cd37aedca2b32600bce","size":714,"data":"","first_seen":"2026-02-11T00:33:11.898229Z","last_seen":"2026-02-11T00:42:00.648771Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"30592b08a4e3c76471091d09a8c5784b","sha1":"8fdf19d5bfc286e0f90e9505ef485bafea240751","sha256":"e8bb8c938213650e2098a00fe7b10de9bb3cfa1979b657a983ed4af2222645bc","sha512":"f71bf27ff8215cfdc750c94d710210ef1ca391f2f58165344f2f127b3339d345d08d6b89e4b9408cbe1dbf4f200ace9479e9431633001c733c0c058437d0a32e","ssdeep":"","tlshash":"d6b01202c4e20602042340d8d04a5fa092d4253017d41ea0be2c11ef124e0d06144159","size":94,"data":"","first_seen":"2023-08-12T12:16:44Z","last_seen":"2026-05-12T01:36:14.147087Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"ca2c8901640416482665cf5316024b0f","sha1":"877c40357befe92db3fee4577baa88fb3ce8da3e","sha256":"8cc1a8ae0f45b17e02c41784d077c96d30c90659182da8a03829a69a2aa37590","sha512":"62f34fc2ca872052ac2a446e4cc187897780ab7b5717376979435baa0dd0c9acc68d1560fd9fcf9396241a28cab2456b4b2438e0a9d38fa12da31c93403a6af0","ssdeep":"","tlshash":"e7c012a101982250815ff30278229bbd04b3875456130858022c47f81bc8517c50c8de","size":185,"data":"","first_seen":"2023-04-27T16:15:45Z","last_seen":"2026-05-20T02:10:08.246021Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"intranet.universe.us/common/images/right1.gif","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:39.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /common/images/right1.gif HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/gif\r\nLast-Modified: Thu, 20 May 2004 16:33:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0eec226883ec41:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:39 GMT\r\nContent-Length: 286\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":286,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 10 x 11","md5":"2bc0af3d47f5e6f88f7ac7c3b541e6f6","sha1":"76c35c7cdd2fac9f9ac190c863290ebdfc55b795","sha256":"a9cc5d58beb774cd4a8c5b6faedd96c73a72f9d606de8c5005e7bdd40f155da0","sha512":"f477162b46dd44ad5e5c78df3ad53d4f250e3402648064c925fb251e8244abdb67666c8ade1379980f2e91b6ceb66549125a27b3533b4713c125fa3e31447a28","ssdeep":"","tlshash":"88d02272dfb3e901ce8002ba488820100387de26027fb5675fb0aa0ceddb352052326b","first_seen":"2024-03-17T13:54:21Z","last_seen":"2026-05-13T10:34:36.283903Z","times_seen":9,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":108,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-11T00:41:38.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-cache, no-store, must-revalidate, max-age=0\r\nPragma: no-cache\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html;charset=UTF-8\r\nContent-Encoding: gzip\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/8.5\r\nSet-Cookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; Path=/; Secure; HttpOnly\nCFID=1322522; Expires=Fri, 04-Feb-2056 00:41:38 GMT; Path=/; HttpOnly\nCFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563; Expires=Fri, 04-Feb-2056 00:41:38 GMT; Path=/; HttpOnly\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:38 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":6899,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"daa9fdb9dc4fec8a03bb4b6cc609ed2b","sha1":"57e9b94d4c44a9e13e06370b4667512668243d0c","sha256":"678a36bb05d4f3bf9b10ef1e717d3aa0d624191cad036c9d196cff2ec48eb2fa","sha512":"6098089a1281b15b6f63e6a52241753e23f903899f88b7cb93ab54d6c8c194d1f8e7b6d471a58237c76c51e41b439e2350306d2a008a13b0390341341ded9c1c","ssdeep":"192:G9Fd6bj8os4Jw47ByNDCJPsE5oc2sBdwQrKJ:GkMosOr7dwQrO","tlshash":"6fe150117ac4de1858325252c2768e88fdeac53387520858ba6f24bf3fb1c5527273bd","first_seen":"2026-02-11T00:33:11.870479Z","last_seen":"2026-02-11T00:42:00.639862Z","times_seen":2,"resource_available":false,"data":null}},"time_used":846,"timings":{"blocked":360,"dns":5,"connect":115,"send":0,"wait":125,"receive":1,"ssl":237},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/common/images/right2.gif","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:39.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /common/images/right2.gif HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/gif\r\nLast-Modified: Thu, 20 May 2004 16:33:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0eec226883ec41:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:39 GMT\r\nContent-Length: 286\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":286,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 10 x 11","md5":"bec88ea312c7bc6c93efecc74e5fc8f6","sha1":"b901c5035c0a2b1d4d2a6b8fac886b78486792f4","sha256":"b6c09c0b58bf5e0bc45b4a5a02c9c528f7eabae244b265df63ca69fb0bb2bdec","sha512":"e9f67fc88c1c96f3de21f87a59eb567a327c3b516a0ce620b782fcca4876d0f91b08734acf59e8dda774845c97bbff9aeede41a26e36822faa6e0915757af163","ssdeep":"","tlshash":"36d022a5c1a74cf6cc9e007a80d82e847a595af3352f252c1be0c202a68e5189803e88","first_seen":"2024-05-29T09:50:59Z","last_seen":"2026-05-13T10:34:36.287059Z","times_seen":8,"resource_available":false,"data":null}},"time_used":825,"timings":{"blocked":348,"dns":1,"connect":117,"send":0,"wait":120,"receive":0,"ssl":234},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/favicon.ico","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:39.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nContent-Type: text/html\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:39 GMT\r\nContent-Length: 1245\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":1245,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"5343c1a8b203c162a3bf3870d9f50fd4","sha1":"04b5b886c20d88b57eea6d8ff882624a4ac1e51d","sha256":"dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f","sha512":"e0f50acb6061744e825a4051765cebf23e8c489b55b190739409d8a79bb08dac8f919247a4e5f65a015ea9c57d326bbef7ea045163915129e01f316c4958d949","ssdeep":"","tlshash":"7b21422992983814f69384a061f277c23f078286e66f1b68a023b263e4c26e281d33c4","first_seen":"2023-03-09T23:36:42Z","last_seen":"2026-06-14T05:26:05.085251Z","times_seen":60488,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/common/styles/default.css","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:38.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /common/styles/default.css HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nContent-Encoding: gzip\r\nLast-Modified: Tue, 26 Mar 2013 01:47:45 GMT\r\nAccept-Ranges: bytes\r\nETag: \"49d76e9c329ce1:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:38 GMT\r\nContent-Length: 16158\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":16135,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"b2fb0a4ac9ed2ab227ed79fb472020fc","sha1":"1321eb607e0fe8c959f79f52ee3e73ac377d28ae","sha256":"2e8f4fc9303e0316ebe7100a7ed5b72c9d1a28e621d3a561e06b4145972ee7a9","sha512":"2cd8de4ad1501506b06eb9712cf0073fc1b8ac0661ff1f24cd6e60b53071b2f2da021a06d90712b09279f58d835da0e0a7f5fc95a4ac9764db2a269d2d50cbb5","ssdeep":"192:0a9zkOiu4O4PmkUBbE3facBQ4HsFWv4VopR94wdsSJJ479a4b49T2dRF0nCjrf8M:hiv8FUeSj4wOnn","tlshash":"c6722416dd8d184f732be952f3323fe3ee0c44569a1a8b7870b93b29d4d54b83258398","first_seen":"2026-02-11T00:33:11.872794Z","last_seen":"2026-02-11T00:42:00.641546Z","times_seen":2,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/common/scripts/comlib.js","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:38.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /common/scripts/comlib.js HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Encoding: gzip\r\nLast-Modified: Thu, 24 Jul 2008 15:47:58 GMT\r\nAccept-Ranges: bytes\r\nETag: \"13123ba5a4edc81:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:38 GMT\r\nContent-Length: 10094\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":10071,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"b11558e0788afb7c3d799dc0028cb0e9","sha1":"8f7ffa74fab46ed2f8520f723a797966398d72c6","sha256":"b5fee4738d470518770735c191003837e0a6eac8aeb2f3b8dd0103f6faf76701","sha512":"8560520a6255b16696a19c98b38eedc3e4c28c5c0f79bfaaaf2af1a8a7203c6c3abd3a50b16876849a69c028a3b3ae39b8bf04f80fc2c830ff19d8c917f6c67c","ssdeep":"192:zwFUUQBiPxtyRxK2Su6RcdBexyuzgPPi58D16SOAtIc16ITOtqf/Cf+fl1yf1nV:sRQBiPxty/n6RcD9Pi58D1h18","tlshash":"93221f41774e033e23ea11564e3e1548db38d2641966e4f1fd8e509a73b0a39d3abaf3","first_seen":"2026-02-11T00:33:11.862056Z","last_seen":"2026-02-11T00:42:00.642133Z","times_seen":2,"resource_available":true,"data":null}},"time_used":948,"timings":{"blocked":353,"dns":1,"connect":117,"send":0,"wait":233,"receive":1,"ssl":239},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/common/images/close.gif","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:39.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /common/images/close.gif HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/gif\r\nLast-Modified: Thu, 20 May 2004 16:33:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0eec226883ec41:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:39 GMT\r\nContent-Length: 106\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":106,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 15 x 13","md5":"1165821d29093fd6250e5e8adba493fa","sha1":"f7dcfd545cd5acd090d612ee5e1f89589dde464f","sha256":"2f3bed029725e6401fba365380ba8c6fa1afe47e6b0b6ceaee2aa2938701f2e5","sha512":"605345320cb8c0b8c139058a1f883627ff7b179dedc9dad79bb0705594616c5ad99baf52d8a43be54e23aca7a829016bc110fde467f155049f56ae4a6e84a7ef","ssdeep":"","tlshash":"3eb01251fa74234cc4006538107bc1712830de5011501405c46b18c4a4d430550bda08","first_seen":"2023-09-17T13:52:29Z","last_seen":"2026-05-13T10:34:36.249966Z","times_seen":13,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":103,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/utt.css","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:38.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /utt.css HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nContent-Encoding: gzip\r\nLast-Modified: Mon, 14 Feb 2022 09:20:44 GMT\r\nAccept-Ranges: bytes\r\nETag: \"34cdfe248421d81:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:38 GMT\r\nContent-Length: 4691\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":4668,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"9d24243adfd2804a2af0dd9434828e2e","sha1":"28c0af71a1211cc14587c056482c1dd173c183a1","sha256":"4533d67559e945ee32843540d6ee05cabfcc6022c42d7fbbc5675ec53e448d76","sha512":"43b9144573ac761dd2f722e55fec7832dfbc7d5c7da17b898d147ef0d37cc4b3bc77f52b387f81886d9e8bc802069faab65af1a8f6140dcbdc540c3c23acb9ae","ssdeep":"96:iwJRdBK5uCOyPGAJo7JCJmJ+ODquiryJowzOzy:7vCO4GsKK+Dm92H","tlshash":"95a13116ed99140af31bfad6f3721f62fa0d86774e59cbac7c682118d09217c148d3e8","first_seen":"2026-02-11T00:33:11.859095Z","last_seen":"2026-02-11T00:42:00.643166Z","times_seen":2,"resource_available":false,"data":null}},"time_used":832,"timings":{"blocked":350,"dns":1,"connect":116,"send":0,"wait":121,"receive":0,"ssl":240},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/images/logo_map.jpg","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:38.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /images/logo_map.jpg HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/jpeg\r\nLast-Modified: Mon, 14 Feb 2022 09:20:14 GMT\r\nAccept-Ranges: bytes\r\nETag: \"254eb3128421d81:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:38 GMT\r\nContent-Length: 42818\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":42818,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 270x170, components 3","md5":"54838dd9e083f2fc28924faa1b50643e","sha1":"0764b6776ffb51fc3440bec7ac598694cb54755e","sha256":"3b0cf725117f68903df5e54ae3a02f2160185c09c905a6b9574a63b358f4bf8e","sha512":"86b47083a25ac3a4795b65081833869ed22d43f95a34c2e4c3b02fcaf52d1daed77f03546f7e4857142e44a5d13903bf164cc9c153a694f298f5588886b272c2","ssdeep":"768:Mha7dJF6sxjYcOF61auVGczaUJvjaThZ8RuGcM0yLF/2WH:Rdr3p1a2GcfChtSd5H","tlshash":"6f13e10636615e62dad12e72675ff726a3144f392fab86171c013b0df071fc26a449b6","first_seen":"2026-02-11T00:33:11.885097Z","last_seen":"2026-02-11T00:42:00.643732Z","times_seen":2,"resource_available":false,"data":null}},"time_used":835,"timings":{"blocked":586,"dns":0,"connect":0,"send":0,"wait":121,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/common/images/drop2.gif","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:39.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /common/images/drop2.gif HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/gif\r\nLast-Modified: Thu, 20 May 2004 16:33:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0eec226883ec41:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:38 GMT\r\nContent-Length: 289\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":289,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 12 x 10","md5":"a5fbed04360037261f9c25a68d2fa545","sha1":"b6c9e193408504a263aa53962118f6d86434bf9d","sha256":"6e6b885d4b2d3b7218862b49daa1fe80cb5c800d4b21e1524b751443cf005b0f","sha512":"2e04586384d68ce26d339e51f0e510bd2b585c4fec692ab3a91b29ff1218b6bcab8f95fb1ab2a787081c8bf1b37dc0b8c243cc1343b6cbafe5c134a3874637ee","ssdeep":"","tlshash":"6fd022a8d5230df5cd55163a988c78847e8246a3b43f282cafe8d003e6be074a807485","first_seen":"2024-05-29T09:50:58Z","last_seen":"2026-05-13T10:34:36.249107Z","times_seen":8,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/common/images/left1.gif","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:39.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /common/images/left1.gif HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/gif\r\nLast-Modified: Thu, 20 May 2004 16:33:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0eec226883ec41:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:38 GMT\r\nContent-Length: 288\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":288,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 10 x 11","md5":"7e513bacbce1c5aed855711f740f54ae","sha1":"01cc6b78e58da0020f537a711ac2dfd99bac8034","sha256":"ee083fcfe61e8542bd44fca820ef8a1ed5d69e4ed586271928db22ed00eea7fd","sha512":"f8c63e30bc1c9f07640cb292348243b3f1af6ca4bb4a57c35260f51aaae4a54148803e37940a1e6ae020bc5796483d53288ebe455b8c45d1883e3632283fe55f","ssdeep":"","tlshash":"ded02335ef729505cb8001b988c170002707cfb4407a25470f946c08ddc7211043b0d7","first_seen":"2024-03-17T13:54:21Z","last_seen":"2026-05-13T10:34:36.233312Z","times_seen":9,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/common/images/left2.gif","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:39.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /common/images/left2.gif HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/gif\r\nLast-Modified: Thu, 20 May 2004 16:33:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0eec226883ec41:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:38 GMT\r\nContent-Length: 287\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":287,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 10 x 11","md5":"0a2768556615fae9d809314626da5165","sha1":"ffa117a10c8f0f45f90246dc4e8b9cc7dc0f80be","sha256":"dcf87851044459cc0d8a4a42a6f362ac17309e3fd3d16a3043b84cc1d36df687","sha512":"8c06b8923e35aadece79e467861ceb0500ae5ea9fc05e8d9e1a7ed1a6f8fe396b570299b26eba7b305ab8d32f8377975fc5abee3ac146c8062a467ab5fee6eba","ssdeep":"","tlshash":"65d02390e18218f1cc674433c0c1154079435bf3302f64684f92d117d58f11468476c1","first_seen":"2024-05-29T09:50:58Z","last_seen":"2026-05-13T10:34:36.253154Z","times_seen":8,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/common/scripts/popcalendar.js","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:38.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /common/scripts/popcalendar.js HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Encoding: gzip\r\nLast-Modified: Wed, 28 Jun 2006 00:11:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0cd3f71479ac61:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:38 GMT\r\nContent-Length: 21144\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":21121,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text, with very long lines (787), with CRLF line terminators","md5":"f052134ea53e1f4e73c63e78da7f4e73","sha1":"e8d73c234950a21bfc0c8a5bbfbf6c815fd85535","sha256":"ef2059a01d9c53dee52186e11fda9cdaa8b7e80afc9d8d20e6262207c1485a16","sha512":"43a5a841d2edd3e7321bbd62fe37d0d52a693400857968de0ae006f7bdda1bb1ee08f75a5b592d46e533d9da0caa9fde1693d26b8d3fda08088cfab07e592d7a","ssdeep":"192:++2QwraFDzbZMj9URnuKHQO3srtpl82IGi8vqex5qe7Q+5zliNWNcrnQrQHQPlUs:++/2gHQP82s8vFgNWNcrQ0gUIGwAQce","tlshash":"1092e94b720d043f07aa8397a0bc46c86db8d166229390e0b19daca974d4da7643dbfd","first_seen":"2026-02-11T00:33:11.876057Z","last_seen":"2026-02-11T00:42:00.645932Z","times_seen":2,"resource_available":true,"data":null}},"time_used":951,"timings":{"blocked":353,"dns":1,"connect":115,"send":0,"wait":236,"receive":1,"ssl":241},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intranet.universe.us/common/images/drop1.gif","fqdn":"intranet.universe.us","domain":"universe.us","tld":"us"},"ip":{"addr":"74.208.252.249","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intranet.universe.us/","date":"2026-02-11T00:41:39.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intranet.universe.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 07:05:10 GMT","end":"Sat, 25 Apr 2026 07:05:09 GMT"},"fingerprint":{"sha1":"F1:2B:7E:65:62:37:D4:94:E0:AD:74:E0:96:EA:2C:0D:0E:D9:75:69","sha256":"75:48:0C:2B:E6:D0:F4:90:CE:B1:8B:81:C2:AB:4A:B3:39:50:1A:90:6F:CB:97:71:38:87:6E:15:10:CD:89:F9"}}},"request":{"raw":"GET /common/images/drop1.gif HTTP/1.1\r\nHost: intranet.universe.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intranet.universe.us/\r\nCookie: JSESSIONID=6B506D0B3D2EE8CDB26603EB771ECCD6.cfusion; CFID=1322522; CFTOKEN=ddc530a3968585fd-E5787DF7-F339-4BAA-55ED6C1AAF976563\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/gif\r\nLast-Modified: Thu, 20 May 2004 16:33:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0eec226883ec41:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 11 Feb 2026 00:41:38 GMT\r\nContent-Length: 290\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":290,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 12 x 10","md5":"fe3cee9423e60765caa4d108e918f5a6","sha1":"01d8f129900b7137e6c0029cd3408fdf3351d8e7","sha256":"bf3a30c69efd872eb03590423df16c2e278615d6b5d3a9e97ad0278dfaca40af","sha512":"f570ffa8ea887a6401234adc78474832a7e898afc9b0a1b8b6fd00d5e3e2e8110ab597114bf17d129f186a3ae93c49d8d54db14c096f4dbb7737efbc1e91f690","ssdeep":"","tlshash":"bad022b9c3b32a11cacd0bba9940201407878b2e407a72a30fd16818fd9b324082e163","first_seen":"2024-05-29T09:50:58Z","last_seen":"2026-05-13T10:34:36.28969Z","times_seen":8,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"intranet.universe.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"intranet.universe.us","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}